my.americares.org Open in urlscan Pro
2606:4700::6812:7c49 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.hello.americares.org/?qs=3149f90880a6532477c349fd689a924732e30f589bacebc12a2c44ab524cdb1403120ba2523d1c40b744e2317780...
Effective URL:
https://my.americares.org/give/527690/
Submission: On March 11 via api (March 11th 2024, 10:09:54 pm UTC) from US — Scanned from DE

Summary HTTP 109 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 23 IPs in 4 countries across 17 domains to perform 109 HTTP transactions. The main IP is 2606:4700::6812:7c49, located in United States and belongs to CLOUDFLARENET, US. The main domain is my.americares.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 2nd 2024. Valid for: a year.

This is the only time my.americares.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.110.221.60 13.110.221.60	14340 (SALESFORCE) (SALESFORCE)
15	2606:4700::68... 2606:4700::6812:7c49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2606:4700::68... 2606:4700::6812:c55f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
4	2600:9000:225... 2600:9000:2250:200:2:8531:afc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:5049	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	52.143.247.24 52.143.247.24	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6810:7daf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.173.154.89 18.173.154.89	16509 (AMAZON-02) (AMAZON-02)
16	151.101.192.176 151.101.192.176	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
4	2a02:26f0:480... 2a02:26f0:480:22::1726:62f0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	34.68.9.145 34.68.9.145	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	104.22.55.118 104.22.55.118	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c02::5c	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:200... 2a04:4e42:200::649	54113 (FASTLY) (FASTLY)
7	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
5	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
1	198.202.176.81 198.202.176.81	16509 (AMAZON-02) (AMAZON-02)
4	44.239.187.210 44.239.187.210	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
109	23

1 13.110.221.60 (United States) 1 redirects

ASN14340 (SALESFORCE, US)
PTR: click.hello.americares.org

click.hello.americares.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700::6812:7c49 (United States)

ASN13335 (CLOUDFLARENET, US)

my.americares.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700::6812:c55f (United States)

ASN13335 (CLOUDFLARENET, US)

prod-frs.content.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

files.doublethedonation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2250:200:2:8531:afc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.transcend.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.143.247.24 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

htp.tokenex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7daf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.154.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-154-89.muc50.r.cloudfront.net

cdn.plaid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 151.101.192.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:480:22::1726:62f0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

image.hello.americares.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.68.9.145 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 145.9.68.34.bc.googleusercontent.com

www.americares.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.55.118 (None, )

ASN13335 (CLOUDFLARENET, US)

widgets.guidestar.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c02::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.202.176.81 (United States)

ASN16509 (AMAZON-02, US)

merchant-ui-api.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 44.239.187.210 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-187-210.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	americares.org 1 redirects click.hello.americares.org my.americares.org image.hello.americares.org www.americares.org	497 KB
24	stripe.com js.stripe.com — Cisco Umbrella Rank: 1155 r.stripe.com — Cisco Umbrella Rank: 2301 merchant-ui-api.stripe.com — Cisco Umbrella Rank: 5082 m.stripe.com — Cisco Umbrella Rank: 1134	767 KB
16	classy.org prod-frs.content.classy.org — Cisco Umbrella Rank: 49665 assets.classy.org — Cisco Umbrella Rank: 59656	1 MB
15	google.com pay.google.com — Cisco Umbrella Rank: 2753 play.google.com — Cisco Umbrella Rank: 33	422 KB
11	gstatic.com fonts.gstatic.com www.gstatic.com	314 KB
4	transcend.io cdn.transcend.io — Cisco Umbrella Rank: 6078	129 KB
3	doublethedonation.com files.doublethedonation.com — Cisco Umbrella Rank: 70473	131 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1243	16 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 66	69 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 760	88 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	1 KB
1	guidestar.org widgets.guidestar.org — Cisco Umbrella Rank: 31340	5 KB
1	plaid.com cdn.plaid.com — Cisco Umbrella Rank: 14533	41 KB
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 709	3 KB
1	tokenex.com htp.tokenex.com — Cisco Umbrella Rank: 32829	5 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 124	18 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 788	7 KB
109	17

	Domain	Requested by
15	my.americares.org	my.americares.org cdn.transcend.io
14	js.stripe.com	cdn.transcend.io js.stripe.com
12	play.google.com	www.gstatic.com
10	prod-frs.content.classy.org	my.americares.org cdn.transcend.io prod-frs.content.classy.org
7	fonts.gstatic.com	fonts.googleapis.com
6	assets.classy.org
5	r.stripe.com	js.stripe.com
5	www.americares.org
4	www.gstatic.com	pay.google.com www.gstatic.com
4	m.stripe.com	m.stripe.network
4	image.hello.americares.org
4	cdn.transcend.io	my.americares.org cdn.transcend.io
3	pay.google.com	js.stripe.com pay.google.com www.gstatic.com
3	files.doublethedonation.com	my.americares.org files.doublethedonation.com cdn.transcend.io
2	m.stripe.network	js.stripe.com m.stripe.network
2	www.youtube.com	cdn.transcend.io
1	merchant-ui-api.stripe.com	js.stripe.com
1	code.jquery.com	cdn.transcend.io
1	fonts.googleapis.com	cdn.transcend.io
1	widgets.guidestar.org
1	cdn.plaid.com	cdn.transcend.io
1	unpkg.com	cdn.transcend.io
1	htp.tokenex.com	cdn.transcend.io
1	www.googleadservices.com	cdn.transcend.io
1	static.cloudflareinsights.com	my.americares.org
1	click.hello.americares.org	1 redirects
109	26

This site contains links to these domains. Also see Links.

Domain
www.classy.org
charitynavigator.org
www.give.org
www.guidestar.org
www.forbes.com
www.americares.org

Subject Issuer	Validity	Valid
my.americares.org Cloudflare Inc ECC CA-3	`2024-01-02` - `2024-12-31`	a year	crt.sh
classy.org Cloudflare Inc ECC CA-3	`2024-03-03` - `2024-12-31`	10 months	crt.sh
snie5b5gl.wpc.edgecastcdn.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-17` - `2024-05-17`	a year	crt.sh
transcend.io Amazon RSA 2048 M02	`2023-06-20` - `2024-07-18`	a year	crt.sh
cloudflareinsights.com GTS CA 1P5	`2024-03-10` - `2024-06-08`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
api.tokenex.com Go Daddy Secure Certificate Authority - G2	`2024-01-08` - `2024-12-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
secure.plaid.com DigiCert EV RSA CA G2	`2023-03-09` - `2024-04-08`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-02-07` - `2024-05-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
san-13-s12.tlsprovisioning.exacttarget.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-01` - `2025-01-31`	a year	crt.sh
americaresindia.amcares.materiellcloud.com R3	`2024-03-03` - `2024-06-01`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2024-03-06` - `2024-06-06`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2024-02-26` - `2024-05-23`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://my.americares.org/give/527690/
Frame ID: 944194267D2F540A5E00ABF55FF8BDDF
Requests: 65 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 019A50367F0AA1AD2EF28B83FC2F9639
Requests: 2 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-ed6b13f72106b486064dabd723a34e01.html
Frame ID: 237D42DFCEC8511C324E66B7BDFE8599
Requests: 11 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-efad77a536f50b02df7c64c17ae993e5.html
Frame ID: E4D8B231DC52C6E61B9D2EF60B7C9DF2
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-cdc0f8f66398c4206aea80d732b2ebe5.html
Frame ID: BC1A09B8B38ABDD36E6FF7582CA3BA1A
Requests: 3 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 99CF258DAB94176ABD3B9BF47BF70034
Requests: 6 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 943590C544DC27A2791872F526A5002F
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Donate to Emergency Relief for Israel-Gaza & more

Page URL History Show full URLs

https://click.hello.americares.org/?qs=3149f90880a6532477c349fd689a924732e30f589bacebc12a2c44ab524cdb1403120ba2... HTTP 302
https://my.americares.org/give/527690/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

109
Requests

100 %
HTTPS

58 %
IPv6

17
Domains

26
Subdomains

23
IPs

4
Countries

3910 kB
Transfer

12405 kB
Size

18
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.classy.org/terms/
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.classy.org/terms/privacy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.classy.org/terms
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.classy.org/terms/privacy
Title: Classy Privacy Policy

Search URL Search Domain Scan URL

URL: https://charitynavigator.org/ein/061008595

Search URL Search Domain Scan URL

URL: http://www.give.org/charity-reviews/national/health/americares-foundation-inc-in-stamford-ct-1739

Search URL Search Domain Scan URL

URL: https://www.guidestar.org/profile/shared/7f4b78f5-0139-475a-8e23-6c9732ce1989

Search URL Search Domain Scan URL

URL: https://www.forbes.com/lists/top-charities/?sh=6b7f83c25f50

Search URL Search Domain Scan URL

URL: https://www.americares.org/our-privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.americares.org/terms-of-use/
Title: Terms of Use

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.hello.americares.org/?qs=3149f90880a6532477c349fd689a924732e30f589bacebc12a2c44ab524cdb1403120ba2523d1c40b744e23177807fce8e5d3ce051b564eaba97e27b4f91a1b9 HTTP 302
https://my.americares.org/give/527690/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

109 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
my.americares.org/give/527690/
Redirect Chain

https://click.hello.americares.org/?qs=3149f90880a6532477c349fd689a924732e30f589bacebc12a2c44ab524cdb1403120ba2523d1c40b744e23177807fce8e5d3ce051b564eaba97e27b4f91a1b9
https://my.americares.org/give/527690/

492 KB
78 KB

909ms
883ms

Document
text/html

2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.americares.org/give/527690/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2afd55f62879369a45f03e83dd29d47de2c6a39fc56e694d2fdbd2c790f274a8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 862edeed3c7e71a9-FRA
content-encoding: br
content-security-policy: frame-ancestors 'self';
content-type: text/html; charset=utf-8
date: Mon, 11 Mar 2024 22:09:47 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

Cache-Control: private
Connection: close
Content-Length: 284
Content-Type: text/html; charset=utf-8
Date: Mon, 11 Mar 2024 22:09:46 GMT
Location: https://my.americares.org/give/527690/#!/donation/checkout?utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl&amount=500

GET
H2 200 main.css
prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/frs/ 1 MB
147 KB 64ms
37ms Stylesheet
text/css 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/frs/main.css

Requested by

Host: my.americares.org
URL: https://my.americares.org/give/527690/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13c9eba319b411d9711a1c997322107310af7f7938aac1ec8f9cdc7c662bb9e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:09:48 GMT
via: 1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront)
content-encoding: br
x-amz-version-id: E6FKWDx6ckzg_hHt5xQv543iTPKpIdtc
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains
age: 77710
x-amz-cf-pop: FRA60-P1
cf-polished: origSize=1157383
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cf-bgj: minify
last-modified: Mon, 26 Feb 2024 22:01:37 GMT
server: cloudflare
etag: W/"11b98414c1291ac908504e9bb0606e37"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
cf-ray: 862edef40ba09bb0-FRA
x-amz-cf-id: ofNIiroCz0er8lcBkGoFONV98w1RueDPnWuV3ERjVm_e5KHNRbraNQ==

GET
H2 200 ddplugin.css
files.doublethedonation.com/app/ 141 KB
17 KB 58ms
14ms Stylesheet
text/css 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://files.doublethedonation.com/app/ddplugin.css
Requested by: Host: my.americares.org
URL: https://my.americares.org/give/527690/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48D9) /
Resource Hash: 60891a54df49aac87f56b67ebcd37582eae4b01e7b20b35b5b141a5ddd7e66c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 11 Mar 2024 22:09:48 GMT
content-encoding: gzip
content-md5: ZRi6wreqb8lyrsIdYQAn/Q==
age: 3406
x-cache: HIT
content-length: 16794
x-ms-lease-status: unlocked
last-modified: Thu, 07 Mar 2024 20:53:52 GMT
server: ECAcc (ama/48D9)
etag: 0x8DC3EE8B234D8BB
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
x-ms-request-id: 584dde2e-901e-0025-7af8-73ec7b000000
cache-control: public, max-age=3600;
x-ms-version: 2009-09-19
expires: Mon, 11 Mar 2024 23:09:48 GMT

GET
H2 200 airgap.js Show response
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ 131 KB
45 KB 25ms
8ms Script
application/javascript 2600:9000:2250:200:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Requested by

Host: my.americares.org
URL: https://my.americares.org/give/527690/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:200:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

76164d9d399c8baca4656cd791982fdbd043413f39cf1a56c2d36c12ceb0b7b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:09:48 GMT
content-encoding: br
via: 1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P2
x-content-type-options: nosniff
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=60,s-maxage=86400
x-amz-cf-id: IQL40wD_k1G1wBvv4M3z6ENBrbK5Svx8ghtFuGiwh8UFy8Tpyv5oqQ==
x-xss-protection: 1; mode=block

GET
H2 404 fontello.css
files.doublethedonation.com/fontello/css/ 0
0 351ms
351ms Stylesheet
application/xml 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://files.doublethedonation.com/fontello/css/fontello.css
Requested by: Host: files.doublethedonation.com
URL: https://files.doublethedonation.com/app/ddplugin.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Blob Service Version 1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://files.doublethedonation.com/app/ddplugin.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

expires: Mon, 11 Mar 2024 23:09:48 GMT
x-ms-request-id: aab03796-b01e-006f-0200-744ff4000000
date: Mon, 11 Mar 2024 22:09:47 GMT
cache-control: max-age=3600
server: Blob Service Version 1.0 Microsoft-HTTPAPI/2.0
content-length: 223
content-type: application/xml

GET
H2 200 rocket-loader.min.js Show response
my.americares.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 9ms
9ms Script
application/javascript 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.americares.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: my.americares.org
URL: https://my.americares.org/give/527690/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/give/527690/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:09:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 05 Mar 2024 17:52:43 GMT
server: cloudflare
content-encoding: gzip
etag: W/"65e75beb-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 862edef59d7c71a9-FRA
expires: Wed, 13 Mar 2024 22:09:48 GMT

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 84ms
59ms Script
text/javascript 2606:4700::6810:5049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: my.americares.org
URL: https://my.americares.org/give/527690/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://my.americares.org/
Origin: https://my.americares.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:09:48 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 862edef5c81c35f0-FRA

GET
H2 200 ui.js Show response
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ 267 KB
77 KB 22ms
7ms Script
text/javascript 2600:9000:2250:200:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ui.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:200:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a77f5e7aa207c37450c588a74a423e46b0bf14e0f1c4b49ae6c567368d46f46f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://my.americares.org/
Origin: https://my.americares.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id: pGLiXkBTZEwR1GE0xA6XjctsUE08zxMZ
content-encoding: gzip
via: 1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
date: Mon, 11 Mar 2024 07:14:31 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P2
age: 55117
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 20 Sep 2023 22:16:07 GMT
server: AmazonS3
etag: W/"fc84468acd1aa46963b34967f73979cb-1"
x-frame-options: SAMEORIGIN
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=60,s-maxage=86400
vary: Accept-Encoding
x-amz-cf-id: dPdNGU-sP8nTMns3RvfGwph98MrAkyfK0Y6Nk__Ff5HnEqny1NJVkw==

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 48 KB
18 KB 69ms
43ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

62ab2ab3a16c6d4f96e5ae538005ca6be5bb97d46affaac9ed79f8e2e163a808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:09:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17881
x-xss-protection: 0
server: cafe
etag: 12382634757272263151
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 11 Mar 2024 22:09:48 GMT

GET
H2 200 iframe-v3.min.js Show response
htp.tokenex.com/iframe/ 19 KB
5 KB 553ms
130ms Script
application/javascript 52.143.247.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://htp.tokenex.com/iframe/iframe-v3.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.143.247.24 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

27230c5af91b76c15e054c4d88048027c9045d2f1411fdbf082d074173ffcadb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 11 Mar 2024 22:09:48 GMT
last-modified: Tue, 23 Jan 2024 18:13:09 GMT
etag: "8068b7d1274eda1:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 4905
x-xss-protection: 1; mode=block

GET
H2 200 paypal-js.legacy.min.js Show response
unpkg.com/@paypal/paypal-js@4.0.8/dist/iife/ 7 KB
3 KB 36ms
19ms Script
application/javascript 2606:4700::6810:7daf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@paypal/paypal-js@4.0.8/dist/iife/paypal-js.legacy.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62f42276dddf470e795cc1b1bdcb8fe73a0354188bcfa80e0600e8b8d2a21dcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:09:48 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 8869651
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HGFE8V93AKXXPZHBBRY97DSM-fra
server: cloudflare
etag: W/"1b81-IpiDV5HCNI7yT2mRdGuH3F1n0RQ"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 862edef77ed49016-FRA

GET
H2 200 module.min.js Show response
prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/frs/donation/ 184 KB
38 KB 35ms
34ms Script
application/javascript 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/frs/donation/module.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b76d55ce69f335df0f011ca7ad04fa9cc9f34d3e0ffc6ee347d1019140b43e88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:09:48 GMT
x-amz-version-id: Y.XEaIyspRD.m.USeOqAMDWriqxOEzQO
via: 1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P1
age: 77485
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 26 Feb 2024 22:01:37 GMT
server: cloudflare
etag: W/"3d2baa7d6c5e50df0435a559f0b0c380"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 862edef76f3c9bb0-FRA
x-amz-cf-id: k8bKDKxmpm2fg7T0NlhnNvx4oYj4XRAQ5HPPyqIL5KWMjzgSRbdDQA==

GET
H2 200 module.min.js Show response
prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/global/ 2 MB
392 KB 37ms
37ms Script
application/javascript 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/global/module.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87d48af85ba0878ccd67abaaf1caf5067d42f34bbc72a711aa1c550c25a3d122

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:09:48 GMT
x-amz-version-id: hceFC_Q1R1Z9e8_yQ5iWTpVl3ZDCH5zx
via: 1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P1
age: 77796
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 26 Feb 2024 22:01:38 GMT
server: cloudflare
etag: W/"9a358576b39eaffd421fcaa961ab4a2e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 862edef76f3f9bb0-FRA
x-amz-cf-id: 7jImw1qAEscKIaQVYfDL4_vDDKUSsHH9yPKUaG4m_GKxXTDvdF_bww==

GET
H2 200 libs.min.js Show response
prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/global/ 1 MB
429 KB 49ms
48ms Script
application/javascript 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/global/libs.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ac2455757fbb14a9fa21a8afce49055f48f28e20e4e41a8f5eee9c5a2dc3f3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:09:48 GMT
x-amz-version-id: BFymUfF8wIpfaElebO0fQT8R66GzYb.Q
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P1
age: 77796
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 26 Feb 2024 22:01:38 GMT
server: cloudflare
etag: W/"89ff3b468454fac32729fc74e3c9be17"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 862edef76f419bb0-FRA
x-amz-cf-id: Q0OJnL1A4RyOvfyBM2bMw5zF6wQY1zFo6g6qk33TAEniPdRsfQsrbA==

GET
H2 200 link-initialize.js Show response
cdn.plaid.com/link/v2/stable/ 147 KB
41 KB 87ms
43ms Script
text/javascript 18.173.154.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.154.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-154-89.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5741070c37508c4455f704f7f190f8dec4773f62d91e6b83a9907f04381b2d88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id: UKXAub3lZBZME5VoY9hzM62OKsjngz6U
content-encoding: br
via: 1.1 a29f8f45a0707c5c9e054636ff51dce8.cloudfront.net (CloudFront)
date: Mon, 11 Mar 2024 19:54:39 GMT
x-amz-request-id: 66PCPJQW03EHQ1GM
x-amz-cf-pop: MUC50-P3
x-amz-server-side-encryption: AES256
age: 8122
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-id-2: BQR36OA6NLyK8ilEIsDNoRBcP0mSUDOS8Pfm2/Avs/vAhmIKREjGd6kcfmVm8G2vljxT/fad9gzT0Ce9O2LSug==
last-modified: Fri, 08 Mar 2024 16:30:48 GMT
server: AmazonS3
etag: W/"2667f0b537c405c80048804a82a6f567"
vary: Accept-Encoding
content-type: text/javascript
cache-control: no-cache,must-revalidate,max-age=0
x-amz-cf-id: g4z2n9n4krlMQiuL0leQkYJnXhoCGoDKKD8KefE9hW3nHsvX4oVOGg==

GET
H2 200 / Show response
js.stripe.com/v3/ 605 KB
168 KB 39ms
7ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

c91fcb89871b3af47fd3a4f5e17d40ac582ed9a6046963ab48caa4baa7c3dfe2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 11 Mar 2024 22:09:48 GMT
via: 1.1 varnish
age: 50
x-cache: HIT
content-length: 171172
x-request-id: 79dfc454-57fc-4b41-aa48-246b6777fee5
x-served-by: cache-fra-eddf8230134-FRA
last-modified: Mon, 11 Mar 2024 20:42:57 GMT
server: Fastly
etag: "f3a39aae23abf21e515d4ae7b8044ae7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 34

GET
H2 200 ddplugin.js Show response
files.doublethedonation.com/app/ 444 KB
114 KB 14ms
14ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://files.doublethedonation.com/app/ddplugin.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48C3) /
Resource Hash: 0666278516505182592bacc1b82e6603d0f33ebf8c43f2b51b89e712a94e151a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 11 Mar 2024 22:09:48 GMT
content-encoding: gzip
content-md5: W91qcon5N5JN1iY0uqgdDw==
age: 3405
x-cache: HIT
content-length: 116459
x-ms-lease-status: unlocked
last-modified: Thu, 07 Mar 2024 20:53:52 GMT
server: ECAcc (ama/48C3)
etag: 0x8DC3EE8B24159FE
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-ms-request-id: 0070f27b-301e-0071-27f8-73a32c000000
cache-control: public, max-age=3600;
x-ms-version: 2009-09-19
expires: Mon, 11 Mar 2024 23:09:48 GMT

GET
H2 200 cm.css
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ 15 KB
4 KB 9ms
6ms Stylesheet
text/css 2600:9000:2250:200:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/cm.css

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:200:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1da2ece3369af4c663f11daa62f4e591806f0c1ce17e17f0a4162d0d09455c5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id: JWSMp_NTaRFeSeqpmxFPkel0LiL4cMwY
content-encoding: gzip
via: 1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
date: Mon, 11 Mar 2024 01:56:56 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P2
age: 72773
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 20 Sep 2023 22:16:07 GMT
server: AmazonS3
etag: W/"fb3f2afd9f46893bb196329ab90276a6-1"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=60,s-maxage=86400
x-amz-cf-id: PTocl6ELGS-ql2qPaCUYU1Z_wPdia_oPVTw_tOjely7Nro80qsbAjA==

GET
H2 200 en.json Show response
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/translations/ 8 KB
2 KB 9ms
8ms Fetch
application/json 2600:9000:2250:200:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/translations/en.json

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:200:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

29cfebbdf0a9801764f1c5bec42a56fd773d4290821ecb6b5553f511c200815c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id: Pw3hE5sAYQ0kvHESktDQjUKbfeKteOb6
content-encoding: gzip
via: 1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
date: Mon, 11 Mar 2024 10:01:43 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P2
age: 57023
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 20 Sep 2023 22:16:07 GMT
server: AmazonS3
etag: W/"ecabc5423541bd640b7f7a45cb696671-1"
x-frame-options: SAMEORIGIN
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=60,s-maxage=86400
vary: Accept-Encoding
x-amz-cf-id: EtRW89E5fJtVgAAXD4aMaCwpMUSRRSWJXDNPH31Ja8M6vGdIvCfuPg==

GET
H2 200 sdk.js Show response
my.americares.org/sso/ 27 KB
7 KB 521ms
521ms Script
application/javascript 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.americares.org/sso/sdk.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfd7b9d1a802acafdc8f9334d69406b7db612b94559c16fa684f5dab315a5aa9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/give/527690/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:09:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Mon, 11 Mar 2024 20:49:16 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=1200
cf-ray: 862edef8d8b871a9-FRA
expires: Mon, 11 Mar 2024 22:29:49 GMT

GET
H2 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html Show response
js.stripe.com/v3/ Frame 019A 200 B
840 B 7ms
6ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.americares.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 3618709
cache-control: max-age=31536000
content-encoding: br
content-length: 154
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 11 Mar 2024 22:09:49 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Fri, 11 Nov 2022 20:25:37 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 764743
x-content-type-options: nosniff
x-request-id: 672d7462-9f49-4992-ad86-8a156bda0c68
x-served-by: cache-fra-eddf8230134-FRA

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 55ms
35ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dc055917bb20b6042962d6e972655061a178db6b161b02c217406b62fd85c0e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:09:49 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
content-security-policy-report-only: base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';report-uri /cspreport/common;script-src 'report-sample' 'nonce-PtKJlK6SffphuR16LZK1Gg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline'
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Mon, 11 Mar 2024 22:09:49 GMT

POST
H2 204 rum Show response
my.americares.org/cdn-cgi/ 0
166 B 11ms
11ms XHR
text/plain 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.americares.org/cdn-cgi/rum?

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-f8ac5aa4fe5d44f3----1710194989423
traceparent: 00-7b37b6c1939ad328b2c81e5e6438ca3e-f8ac5aa4fe5d44f3-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJmOGFjNWFhNGZlNWQ0NGYzIiwidHIiOiI3YjM3YjZjMTkzOWFkMzI4YjJjODFlNWU2NDM4Y2EzZSIsInRpIjoxNzEwMTk0OTg5NDIzfX0=
content-type: application/json
Referer: https://my.americares.org/give/527690/

Response headers

date: Mon, 11 Mar 2024 22:09:49 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://my.americares.org
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 862edefbebb871a9-FRA

GET
H2 200 market-data Show response
my.americares.org/frs-api/crypto-giving/BTC/USD/ 36 B
216 B 423ms
422ms XHR
application/json 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.americares.org/frs-api/crypto-giving/BTC/USD/market-data

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

494e26123449fbca028f9476a75934fac68fa29fddc737c73239245d8be08e04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: fKnJhHkk-1ix0SCWJ1csKzyluemozzrCbkxc
tracestate: 423787@nr=0-1-423787-363751183-f55f5c74d4780333----1710194989517
traceparent: 00-7889082acb37694c3b7c4f71a061d749-f55f5c74d4780333-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJmNTVmNWM3NGQ0NzgwMzMzIiwidHIiOiI3ODg5MDgyYWNiMzc2OTRjM2I3YzRmNzFhMDYxZDc0OSIsInRpIjoxNzEwMTk0OTg5NTE3fX0=
Accept: application/json, text/plain, */*
csrf-token: fKnJhHkk-1ix0SCWJ1csKzyluemozzrCbkxc
Referer: https://my.americares.org/give/527690/

Response headers

date: Mon, 11 Mar 2024 22:09:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"24-bzt47bfaE1vMAy2udRxGulNvtiU"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cf-ray: 862edefc8c6f71a9-FRA
content-length: 36

GET
H2 200 tax-entities Show response
my.americares.org/frs-api/organizations/29423/ 629 B
391 B 472ms
472ms XHR
application/json 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.americares.org/frs-api/organizations/29423/tax-entities

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4c26dfde09ed6e458fd1d42c13169455ea98d479d85d3242a61cb0d15bdd00f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: fKnJhHkk-1ix0SCWJ1csKzyluemozzrCbkxc
tracestate: 423787@nr=0-1-423787-363751183-1b72bb1207b82fcf----1710194989518
traceparent: 00-4a2740337355fd2aed69fe58ea217133-1b72bb1207b82fcf-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIxYjcyYmIxMjA3YjgyZmNmIiwidHIiOiI0YTI3NDAzMzczNTVmZDJhZWQ2OWZlNThlYTIxNzEzMyIsInRpIjoxNzEwMTk0OTg5NTE4fX0=
Accept: application/json, text/plain, */*
csrf-token: fKnJhHkk-1ix0SCWJ1csKzyluemozzrCbkxc
Referer: https://my.americares.org/give/527690/

Response headers

date: Mon, 11 Mar 2024 22:09:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"275-Ivi7ty8PNvuBrAmy7h5YtGEe6KI"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 862edefc8c7471a9-FRA

GET
H2 200 channels Show response
my.americares.org/frs-api/campaigns/527690/ 1 KB
624 B 450ms
450ms XHR
application/json 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.americares.org/frs-api/campaigns/527690/channels?filter=channel_name%3DDoubletheDonation

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1dd6bb8d66c1bb0277c1276dc14abf028f9c634d592dbf8b0594d25fb6fb7590

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: fKnJhHkk-1ix0SCWJ1csKzyluemozzrCbkxc
tracestate: 423787@nr=0-1-423787-363751183-75de5b5cdcd8804a----1710194989519
traceparent: 00-e7dd56ad225a1abfbe255a1e2e85655d-75de5b5cdcd8804a-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI3NWRlNWI1Y2RjZDg4MDRhIiwidHIiOiJlN2RkNTZhZDIyNWExYWJmYmUyNTVhMWUyZTg1NjU1ZCIsInRpIjoxNzEwMTk0OTg5NTE5fX0=
Accept: application/json, text/plain, */*
csrf-token: fKnJhHkk-1ix0SCWJ1csKzyluemozzrCbkxc
Referer: https://my.americares.org/give/527690/

Response headers

date: Mon, 11 Mar 2024 22:09:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"40f-3+UDgcNJ5g10KUT1TcjFlPEvi1I"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 862edefc8c7571a9-FRA

GET
H2 200 designations Show response
my.americares.org/frs-api/campaign/527690/ 1 KB
712 B 447ms
446ms XHR
application/json 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.americares.org/frs-api/campaign/527690/designations?per_page=100

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50c6a67b9d511e280ce6a13e8dfdde8211c655cf6d03eb45b455f2df014f2e1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: fKnJhHkk-1ix0SCWJ1csKzyluemozzrCbkxc
tracestate: 423787@nr=0-1-423787-363751183-64b06e8b2e7c3bcd----1710194989575
traceparent: 00-b34b04746aea73740294945b3f1dd15d-64b06e8b2e7c3bcd-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI2NGIwNmU4YjJlN2MzYmNkIiwidHIiOiJiMzRiMDQ3NDZhZWE3Mzc0MDI5NDk0NWIzZjFkZDE1ZCIsInRpIjoxNzEwMTk0OTg5NTc1fX0=
Accept: application/json, text/plain, */*
csrf-token: fKnJhHkk-1ix0SCWJ1csKzyluemozzrCbkxc
Referer: https://my.americares.org/give/527690/

Response headers

date: Mon, 11 Mar 2024 22:09:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"529-7q1Bh4E7Y3MBN7mp0/62JCTemXM"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 862edefcdcdf71a9-FRA

GET
H2 200 designations Show response
my.americares.org/frs-api/campaigns/527690/ 1 KB
684 B 467ms
467ms XHR
application/json 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.americares.org/frs-api/campaigns/527690/designations?filter=id%3D181085

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b1f43a81eb74758bdd53016dfc5578645564bd16d083631c12d98f0de675041

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: fKnJhHkk-1ix0SCWJ1csKzyluemozzrCbkxc
tracestate: 423787@nr=0-1-423787-363751183-1fe636743b342c04----1710194989576
traceparent: 00-e78b2a79b6973e87f3da8672f578595f-1fe636743b342c04-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIxZmU2MzY3NDNiMzQyYzA0IiwidHIiOiJlNzhiMmE3OWI2OTczZTg3ZjNkYTg2NzJmNTc4NTk1ZiIsInRpIjoxNzEwMTk0OTg5NTc2fX0=
Accept: application/json, text/plain, */*
csrf-token: fKnJhHkk-1ix0SCWJ1csKzyluemozzrCbkxc
Referer: https://my.americares.org/give/527690/

Response headers

date: Mon, 11 Mar 2024 22:09:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"522-pftk1U89/XsSxeDz/beAZqGveMI"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 862edefcdce171a9-FRA

GET
H2 200 currency-conversions Show response
my.americares.org/frs-api/i18n/ 75 B
200 B 437ms
437ms XHR
application/json 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.americares.org/frs-api/i18n/currency-conversions?amount=1&from=USD&to=EUR

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2f4ea788543cf0dc7e1149c87d86548511aa75fcd53412526f0969701fd5f00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: fKnJhHkk-1ix0SCWJ1csKzyluemozzrCbkxc
tracestate: 423787@nr=0-1-423787-363751183-30a52d6092336c13----1710194989616
traceparent: 00-00e9cf57e6c162298089ed3a1b519914-30a52d6092336c13-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIzMGE1MmQ2MDkyMzM2YzEzIiwidHIiOiIwMGU5Y2Y1N2U2YzE2MjI5ODA4OWVkM2ExYjUxOTkxNCIsInRpIjoxNzEwMTk0OTg5NjE2fX0=
Accept: application/json, text/plain, */*
csrf-token: fKnJhHkk-1ix0SCWJ1csKzyluemozzrCbkxc
Referer: https://my.americares.org/give/527690/

Response headers

date: Mon, 11 Mar 2024 22:09:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"4b-41zxCMqvgaxGUVIZfMrBphruMv4"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 862edefd1d2f71a9-FRA

GET
H2 200 user-icon.png
my.americares.org/static/global/images/ 2 KB
2 KB 47ms
44ms Image
image/webp 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.americares.org/static/global/images/user-icon.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c751fe2e3ebe19205c4845af55a79608fcc55109648115357e673bf5dc161b49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/give/527690/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:09:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
age: 98012
cf-polished: origFmt=png, origSize=4588
content-disposition: inline; filename="user-icon.webp"
content-length: 2024
last-modified: Mon, 26 Feb 2024 21:58:44 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "65dd0994-11ec"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 862edefd3d5471a9-FRA
expires: Mon, 10 Mar 2025 18:56:17 GMT

GET
H2 200 27763abc-91e0-11ed-82c8-0a1c832b3407.png
assets.classy.org/24215585/ 7 KB
7 KB 80ms
70ms Image
image/png 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/24215585/27763abc-91e0-11ed-82c8-0a1c832b3407.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd97943fa4d183d52dd43684240fdfd2eeb354f3b00a3dc8a84dba438977191e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:09:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 24df21f8156a0df29febdf6c3e09e32c.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-version-id: XFWZWjllSQ52fmP8b0jl0LGYDwLVxYgE
x-amz-cf-pop: FRA56-P12
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
content-length: 7029
last-modified: Wed, 11 Jan 2023 18:45:46 GMT
server: cloudflare
etag: "7fbc9a50831c7f95cf4d65bb5c421abc"
vary: Accept-Encoding
content-type: image/png
cache-control: public,max-age=31536000
accept-ranges: bytes
cf-ray: 862edefd3d4b9bb0-FRA
x-amz-cf-id: GXAg4owN2Y3HtGs_5P4XeTxrg9ZdoRrIfx3XgKd2mLokStFoifTcLA==

GET
H/1.1 200
OK 4e8d558d-d158-43b1-a317-266932758ead.png
image.hello.americares.org/lib/fe2c11737164047c7c1c75/m/1/ 1 KB
1 KB 891ms
861ms Image
image/png 2a02:26f0:480:22::1726:62f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.hello.americares.org/lib/fe2c11737164047c7c1c75/m/1/4e8d558d-d158-43b1-a317-266932758ead.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:22::1726:62f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 2168cb44a41a5cf43ef8b6e87aee8e3b9178685755df6ad1a5c0dd4cccd52c7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Mon, 11 Mar 2024 22:09:50 GMT
Last-Modified: Fri, 27 Jan 2023 17:43:47 GMT
Server: AkamaiNetStorage
ETag: "deabd0b1be3e70c4e17dca4fca1d5ab2:1674841427.00453"
Content-Type: image/png
Cache-Control: max-age=600, s-maxage=600, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1095

GET
H2 200 Artboard-%E2%80%93-4-2048x112white.png
www.americares.org/wp-content/uploads/ 2 KB
3 KB 609ms
349ms Image
image/png 34.68.9.145
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.americares.org/wp-content/uploads/Artboard-%E2%80%93-4-2048x112white.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.68.9.145 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

145.9.68.34.bc.googleusercontent.com

Software

nginx/1.25.2 /

Resource Hash

061906633f249332d25115dd606fdd22d30006b25cc45039ad67c6d2008814f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:09:49 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 28 Feb 2023 07:14:49 GMT
server: nginx/1.25.2
etag: "63fda9e9-9b3"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 2483
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 donate-page-footer1b-sm.png
www.americares.org/wp-content/uploads/ 3 KB
3 KB 609ms
349ms Image
image/png 34.68.9.145
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.americares.org/wp-content/uploads/donate-page-footer1b-sm.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.68.9.145 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

145.9.68.34.bc.googleusercontent.com

Software

nginx/1.25.2 /

Resource Hash

3022c8a32d41b95a1a8ed9066c3fcb396cdef772f01a6df1179db516973023f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:09:49 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 09 Feb 2023 18:49:41 GMT
server: nginx/1.25.2
etag: "63e54045-bda"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 3034
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 donate-page-footer2b-sm.png
www.americares.org/wp-content/uploads/ 271 KB
272 KB 491ms
231ms Image
image/png 34.68.9.145
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.americares.org/wp-content/uploads/donate-page-footer2b-sm.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.68.9.145 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

145.9.68.34.bc.googleusercontent.com

Software

nginx/1.25.2 /

Resource Hash

3761950f8159320bb209f23d8f2d4cabe130bd774fec107d62a6eec6fb005bb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:09:49 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 09 Feb 2023 15:28:09 GMT
server: nginx/1.25.2
etag: "63e51109-43c83"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 277635
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 donate-page-footer3b-sm.png
www.americares.org/wp-content/uploads/ 3 KB
3 KB 377ms
118ms Image
image/png 34.68.9.145
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.americares.org/wp-content/uploads/donate-page-footer3b-sm.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.68.9.145 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

145.9.68.34.bc.googleusercontent.com

Software

nginx/1.25.2 /

Resource Hash

3022c8a32d41b95a1a8ed9066c3fcb396cdef772f01a6df1179db516973023f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:09:49 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 09 Feb 2023 18:49:31 GMT
server: nginx/1.25.2
etag: "63e5403b-bda"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 3034
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK dd978b61-f7f9-41b2-9e6a-566ab1fa0d33.png
image.hello.americares.org/lib/fe2c11737164047c7c1c75/m/1/ 23 KB
23 KB 500ms
471ms Image
image/png 2a02:26f0:480:22::1726:62f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.hello.americares.org/lib/fe2c11737164047c7c1c75/m/1/dd978b61-f7f9-41b2-9e6a-566ab1fa0d33.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:22::1726:62f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 22cedcbd981cbe7498e7d9f64a5ef04a3052f8826b95b3838ade989d9102240d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Mon, 11 Mar 2024 22:09:50 GMT
Last-Modified: Wed, 15 Mar 2023 21:22:34 GMT
Server: AkamaiNetStorage
ETag: "72d9fdb8f8ad18b6afff74b8ef17ffbc:1678915354.901111"
Content-Type: image/png
Cache-Control: max-age=600, s-maxage=600, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 23384

GET
H/1.1 200
OK eadd29f9-a01f-4b84-a2c1-149be8016a5e.png
image.hello.americares.org/lib/fe2c11737164047c7c1c75/m/1/ 10 KB
11 KB 760ms
731ms Image
image/png 2a02:26f0:480:22::1726:62f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.hello.americares.org/lib/fe2c11737164047c7c1c75/m/1/eadd29f9-a01f-4b84-a2c1-149be8016a5e.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:22::1726:62f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 14699735f336f6c852f63359232ce256d1f0c20a1d430cdea3adbb55b809e520

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Mon, 11 Mar 2024 22:09:50 GMT
Last-Modified: Wed, 15 Mar 2023 21:43:43 GMT
Server: AkamaiNetStorage
ETag: "dc00e903512679efec8aa9a9788074b2:1678916623.00379"
Content-Type: image/png
Cache-Control: max-age=600, s-maxage=600, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10585

GET
H2 200 6867435
widgets.guidestar.org/TransparencySeal/ 13 KB
5 KB 441ms
401ms Image
image/svg+xml 104.22.55.118
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.guidestar.org/TransparencySeal/6867435
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.55.118 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5ee4dbeb415263a1bd1ff3f3903cac7f086f10d596e250c6fb68194e284f11fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Mar 2024 22:09:50 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/svg+xml
cache-control: no-cache
cf-ray: 862edefd6ed70497-FRA
expires: -1

GET
H/1.1 200
OK 785d976d-d6e0-419c-8089-cc96d15ef577.png
image.hello.americares.org/lib/fe2c11737164047c7c1c75/m/1/ 15 KB
16 KB 671ms
642ms Image
image/png 2a02:26f0:480:22::1726:62f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.hello.americares.org/lib/fe2c11737164047c7c1c75/m/1/785d976d-d6e0-419c-8089-cc96d15ef577.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:22::1726:62f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: ef453c16da45d31acaaf053b4c361c28af20f85edb5037ba02d82c88cc14314b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Mon, 11 Mar 2024 22:09:50 GMT
Last-Modified: Sat, 03 Feb 2024 06:38:30 GMT
Server: AkamaiNetStorage
ETag: "aca2dee6dbbd41902aed5aa1f1d3e485:1706942310.392824"
Content-Type: image/png
Cache-Control: max-age=600, s-maxage=600, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15754

GET
H2 200 cd17b4c0-866c-11ed-8ec2-0a58a9feac02.png
assets.classy.org/24215585/ 22 KB
22 KB 64ms
64ms Image
image/png 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/24215585/cd17b4c0-866c-11ed-8ec2-0a58a9feac02.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce14c9c50ec633603b6a1e130678a447128b803ec5a03f26f020ef2b8db623d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:09:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 58afb490a7c8c45de5813dbf9e713c0c.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-version-id: SWi79NcgxjYqMRE8UYaj0veWLSzzbsgw
x-amz-cf-pop: FRA56-P12
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
content-length: 22246
last-modified: Wed, 28 Dec 2022 05:02:19 GMT
server: cloudflare
etag: "c0e3fc8201856f6eee4bef44e2aa4333"
vary: Accept-Encoding
content-type: image/png
cache-control: public,max-age=31536000
accept-ranges: bytes
cf-ray: 862edefd3d4f9bb0-FRA
x-amz-cf-id: E3Oj41N63IRPoRmwN2cEeAB2jIxNZ0ulBFnEW1dcGyUGTE6-fEsabw==

GET
H2 200 crypto-giving-coin-bitcoin.svg
prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/global/images/crypto-giving/ 1 KB
954 B 33ms
32ms Image
image/svg+xml 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/global/images/crypto-giving/crypto-giving-coin-bitcoin.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cf649422c31e519b480124ba4b46d71fd6b668888cb9d6aed84fdaa4b620493

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:09:49 GMT
x-amz-version-id: 9S9PL2t4gbXgzR9cqiY9bFk62XEuGB0r
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P1
age: 76702
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 26 Feb 2024 22:01:37 GMT
server: cloudflare
etag: W/"2861fb7a07b041686ba6360cf7908e28"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 862edefd3d3a9bb0-FRA
x-amz-cf-id: MJszYbEELVvth2Rv9YI_RH05BldmfA9ccP1wJPuC4e1HFiryYJSStw==

GET
H2 200 crypto-giving-coin-ethereum.svg
prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/global/images/crypto-giving/ 545 B
556 B 35ms
34ms Image
image/svg+xml 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/global/images/crypto-giving/crypto-giving-coin-ethereum.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ce16945b50c0161739c74c68b6c9ff3c897a8bdf2e3bb64853f86dd43ee7c11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:09:49 GMT
x-amz-version-id: 28ZUJ8_Y3FjF8WYl8aFED76CT2IUgFZH
via: 1.1 ec85113c6ed859938b3fcfa19bc035f8.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P1
age: 76702
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 26 Feb 2024 22:01:37 GMT
server: cloudflare
etag: W/"c8896ba26efa2a5d9aa1659b4aef1f00"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 862edefd3d3e9bb0-FRA
x-amz-cf-id: V9c_5NDMfvp2PJOn6Ddi3kFZ6x7SSu5nIwCaGUcPb3uZcVz_KtZZgw==

GET
H2 200 crypto-giving-coin-usdc.svg
prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/global/images/crypto-giving/ 2 KB
1 KB 25ms
24ms Image
image/svg+xml 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/global/images/crypto-giving/crypto-giving-coin-usdc.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f489b11ac44efc0a827c33ce148de36e37030002176e09c2a3bdaf9efdcff3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:09:49 GMT
x-amz-version-id: B1nfzjSw5UUmO0meGUw9cVFwlqbsZdlq
via: 1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P1
age: 76702
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 26 Feb 2024 22:01:37 GMT
server: cloudflare
etag: W/"120e9a5c0d8ae8e313213cbb2284cafe"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 862edefd3d3f9bb0-FRA
x-amz-cf-id: K5fx6-UD06WiualQCOBqFvIPhvGim_o0te5WKb5efzMUDvdAU-sKQQ==

GET
H2 200 crypto-giving-arrows.svg
prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/global/images/crypto-giving/ 453 B
492 B 34ms
33ms Image
image/svg+xml 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/global/images/crypto-giving/crypto-giving-arrows.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3d0f31cdbd4af414bab8b29ecf3e33dfe3bf69692bb229cba2b1a146cf79ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:09:49 GMT
x-amz-version-id: JiKUIGjok2JTUp4EtIdhw2ICK.sib.R4
via: 1.1 fd38301adb0ceb6cf6c42567f371a2f4.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P1
age: 76702
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 26 Feb 2024 22:01:37 GMT
server: cloudflare
etag: W/"332ba480e7dc5a9687ededc7c4333e80"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 862edefd3d419bb0-FRA
x-amz-cf-id: iEnB5yIIJWS2GvHGzcF5W7VTTYDPooS-5Z0sqDUkZS6tsKy5yClW9A==

GET
H2 200 2bac2a5e-a0ab-11ed-9f4f-0ed900daea43.png
assets.classy.org/7412683/ 48 KB
48 KB 59ms
59ms Image
image/png 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/7412683/2bac2a5e-a0ab-11ed-9f4f-0ed900daea43.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a897ffca6047abd2c709c51acd7ffe5feed7f9cbd18e1afd159fce990433b11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:09:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 20ce720be9c31a6a95223700ba5f8724.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: u9Mu_K9A.ykMlHvEnwb0g7VP5ydJZacM
age: 112293
x-amz-cf-pop: FRA56-P12
cf-polished: origSize=51167, status=webp_bigger
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 48779
last-modified: Mon, 30 Jan 2023 14:34:17 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "a01ceaf6fcd93718be756e08c33636f0"
vary: Accept-Encoding
content-type: image/png
cache-control: public,max-age=31536000
accept-ranges: bytes
cf-ray: 862edefd3d509bb0-FRA
x-amz-cf-id: QRIxuQkdtR4SOm1c1I4fB19CRWthruc0oFtgiYejfr-vbh9frQ1vuA==

GET
H2 200 31165e9c-a0ab-11ed-b67f-0a70ce78b5ed.png
assets.classy.org/7412683/ 43 KB
43 KB 39ms
38ms Image
image/png 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/7412683/31165e9c-a0ab-11ed-b67f-0a70ce78b5ed.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21c848d60a657f4084ef5968c3466d5c73f0fcbcac905c6fcc7b5acc4d053820

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:09:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 e77ae8cfd42b65dd9027fa08596c6f2a.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: qlNdQxYrgVUOQ5yZBZPxYl7fqng4sfmo
age: 112293
x-amz-cf-pop: VIE50-C2
cf-polished: origSize=46147, status=webp_bigger
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43937
last-modified: Mon, 30 Jan 2023 14:34:26 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "653267ced53f9a7b55e2851dc70e90e9"
vary: Accept-Encoding
content-type: image/png
cache-control: public,max-age=31536000
accept-ranges: bytes
cf-ray: 862edefdada59bb0-FRA
x-amz-cf-id: Q2L51UJHLh2HGV6gtMgztcgsrwJxR3vc4GveqPyDKB6UieJJOOYK8w==

GET
H2 200 37e7fac8-a0ab-11ed-9708-0a58a9feac02.png
assets.classy.org/7412683/ 39 KB
39 KB 50ms
47ms Image
image/webp 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/7412683/37e7fac8-a0ab-11ed-9708-0a58a9feac02.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef96eb757139a3f442f1912339d427c4190f8702c7ef62d7878b60e878c6d0ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:09:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 639dd5dd68d7e7193120d95480cd44ca.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: Kiw59BrWDeocqpmIjlo_BoXcd7oVprfV
age: 112292
x-amz-cf-pop: VIE50-C2
cf-polished: qual=85, origFmt=jpeg, origSize=42539
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="37e7fac8-a0ab-11ed-9708-0a58a9feac02.webp"
content-length: 39518
last-modified: Mon, 30 Jan 2023 14:34:37 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "30907fec3ac57d49f49b012b6ba6844f"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public,max-age=31536000
accept-ranges: bytes
cf-ray: 862edefdadaf9bb0-FRA
x-amz-cf-id: _zWDsdYT8Lx-9_JZl5siuv4BALMw3IfVBb7grDQ1MGM6L0N-fOzo5A==

GET
H2 200 8523a588-a0ad-11ed-9930-0e27e020f08b.png
assets.classy.org/7412683/ 121 KB
121 KB 65ms
65ms Image
image/png 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/7412683/8523a588-a0ad-11ed-9930-0e27e020f08b.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9ea176aae876360c1933a6dde1400b0554961ab8eb7331e5939b5e1a3c30e95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:09:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 f41688bac877227b82b3347b2428d266.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-version-id: v3oLYufLUlOb2z0i22SZDyUGw6vS0_5s
x-amz-cf-pop: FRA56-P12
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 123624
last-modified: Mon, 30 Jan 2023 14:51:06 GMT
server: cloudflare
etag: "5a51a1f10cff006f3765faed5497db9f"
vary: Accept-Encoding
content-type: image/png
cache-control: public,max-age=31536000
accept-ranges: bytes
cf-ray: 862edefd3d4d9bb0-FRA
x-amz-cf-id: 7JV5XCTTGdfPZxloR1lTmYOwEaZChTFhon4JVicWQHysyhCUXxJz6A==

GET
H2 200 amca-tapestrybg-grey.jpg
www.americares.org/wp-content/uploads/ 62 KB
62 KB 496ms
349ms Image
image/jpeg 34.68.9.145
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.americares.org/wp-content/uploads/amca-tapestrybg-grey.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.68.9.145 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

145.9.68.34.bc.googleusercontent.com

Software

nginx/1.25.2 /

Resource Hash

7df2f591cb5998cbf6e24dcb7489cb13cfc5303bb30716bd4e9c7eeda053ea10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:09:49 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 25 Feb 2022 16:29:27 GMT
server: nginx/1.25.2
etag: "621903e7-f77f"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 63359
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ClassyIcons.woff
prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/global/fonts/ 42 KB
43 KB 83ms
66ms Font
application/x-font-woff 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/global/fonts/ClassyIcons.woff

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d917abfaa0f30f974778481aa03a81efbe439f4b379ae1d9c4b91d462f2c1064

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/frs/main.css
Origin: https://my.americares.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:09:49 GMT
x-amz-version-id: uDW5ahJqoiGrmGVkww8GaXKkX0auG8Rt
via: 1.1 965181b6d91907befd5a0165af38daf0.cloudfront.net (CloudFront)
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P10
age: 10061
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 43184
last-modified: Mon, 26 Feb 2024 22:01:37 GMT
server: cloudflare
etag: "d9e1c3869cbc736ad91800ec9427f5d7"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: application/x-font-woff
access-control-allow-origin: *
cache-control: max-age=86400
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
cf-ray: 862edefd5939bbd9-FRA
x-amz-cf-id: D4CZSGTnVUaHVnVGaxbS5Axz3LozagUDQV_IzCmYlnCV5-JN-z-Kzg==

GET
H2 200 fontawesome-webfont.woff2
prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/fonts/ 65 KB
66 KB 62ms
45ms Font
binary/octet-stream 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/fonts/fontawesome-webfont.woff2?v=4.5.0

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/frs/main.css
Origin: https://my.americares.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:09:49 GMT
x-amz-version-id: EtmuhTQE2Z2ofepA2IEIXY_YXR5.tKRS
via: 1.1 432282689bafd802e8ec9636c256a3b0.cloudfront.net (CloudFront)
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: AMS58-P1
age: 16854
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 66624
last-modified: Mon, 26 Feb 2024 22:01:37 GMT
server: cloudflare
etag: "db812d8a70a4e88e888744c1c9a27e89"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
cf-ray: 862edefd593bbbd9-FRA
x-amz-cf-id: fyLcuXASiDJRCTt5I_nt71NgC44WkEamBeHcCa-hcETG9AUqp6a18g==

POST
H2 204 rum Show response
my.americares.org/cdn-cgi/ 0
37 B 12ms
11ms XHR
text/plain 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.americares.org/cdn-cgi/rum?

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-28eb3e7341df5ab9----1710194989640
traceparent: 00-49749254eb400cb62caf70de7f784b59-28eb3e7341df5ab9-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIyOGViM2U3MzQxZGY1YWI5IiwidHIiOiI0OTc0OTI1NGViNDAwY2I2MmNhZjcwZGU3Zjc4NGI1OSIsInRpIjoxNzEwMTk0OTg5NjQwfX0=
content-type: application/json
Referer: https://my.americares.org/give/527690/

Response headers

date: Mon, 11 Mar 2024 22:09:49 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://my.americares.org
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 862edefd4d7571a9-FRA

GET
H2 200 m-outer-15a2b40a058ddff1cffdb63779fe3de1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 019A 526 B
450 B 7ms
6ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 11 Mar 2024 22:09:49 GMT
via: 1.1 varnish
age: 3606618
x-cache: HIT
content-length: 315
x-request-id: b59fb2c3-3ab4-4e0f-aeec-2996af4f5a0b
x-served-by: cache-fra-eddf8230134-FRA
last-modified: Fri, 11 Nov 2022 20:25:36 GMT
server: Fastly
etag: "d96c709017743c0759cf3853d1806ba5"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 729152

GET
H2 200 controller-ed6b13f72106b486064dabd723a34e01.html Show response
js.stripe.com/v3/ Frame 237D 325 B
886 B 9ms
8ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-ed6b13f72106b486064dabd723a34e01.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

daf6c010e1371f312df60aa5b9041f2571f0b0f32be661fe8546f7f8772966cd

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.americares.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 22
cache-control: max-age=60, stale-while-revalidate=900
content-encoding: br
content-length: 190
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 11 Mar 2024 22:09:49 GMT
etag: "ed6b13f72106b486064dabd723a34e01"
last-modified: Mon, 11 Mar 2024 20:05:03 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 17
x-content-type-options: nosniff
x-request-id: c34491a0-9c40-49e8-9bc6-57f9bee63414
x-served-by: cache-fra-eddf8230134-FRA

GET
H2 200 payment-request-inner-google-pay-efad77a536f50b02df7c64c17ae993e5.html Show response
js.stripe.com/v3/ Frame E4D8 408 B
988 B 7ms
7ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-efad77a536f50b02df7c64c17ae993e5.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

71afb008c8b3406257f101d95a4f69b97e6a331a293a5ed4ddcdd6501ffdc4ee

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.americares.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 7308
cache-control: max-age=31536000
content-encoding: br
content-length: 221
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 11 Mar 2024 22:09:49 GMT
etag: "efad77a536f50b02df7c64c17ae993e5"
last-modified: Mon, 11 Mar 2024 20:05:17 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 106
x-content-type-options: nosniff
x-request-id: 14771a35-6324-45f9-a994-920e1f7fc53d
x-served-by: cache-fra-eddf8230134-FRA

GET
H2 200 payment-request-inner-browser-cdc0f8f66398c4206aea80d732b2ebe5.html Show response
js.stripe.com/v3/ Frame BC1A 344 B
1006 B 7ms
7ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-cdc0f8f66398c4206aea80d732b2ebe5.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

3294667fb626223067e6245c0826ce87efac71b478c53798cceb81f55d85f88a

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.americares.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 21
cache-control: max-age=60, stale-while-revalidate=900
content-encoding: br
content-length: 202
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 11 Mar 2024 22:09:49 GMT
etag: "cdc0f8f66398c4206aea80d732b2ebe5"
last-modified: Mon, 11 Mar 2024 20:05:17 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 3
x-content-type-options: nosniff
x-request-id: 044cb2a6-7d64-41e6-969c-4b496a7c624e
x-served-by: cache-fra-eddf8230134-FRA

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 39ms
15ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

20b8f82923f15420d50977d8efde324e462ddde5affcdfafa9ac126660838127

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 11 Mar 2024 22:09:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 11 Mar 2024 22:09:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Mar 2024 22:09:49 GMT

GET
H2 200 shared-2f29bbf0a97dd10e59083fe4a34abcda.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 237D 538 KB
131 KB 7ms
7ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-2f29bbf0a97dd10e59083fe4a34abcda.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-ed6b13f72106b486064dabd723a34e01.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

00a29bda2b26174ec4d6181a9341f76fc37ea2d0245f5c760f032c109e917cbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-ed6b13f72106b486064dabd723a34e01.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 11 Mar 2024 22:09:49 GMT
via: 1.1 varnish
age: 7400
x-cache: HIT
content-length: 133552
x-request-id: ab553af8-c5c3-41a0-ac39-dac2259d50c4
x-served-by: cache-fra-eddf8230134-FRA
last-modified: Mon, 11 Mar 2024 20:05:16 GMT
server: Fastly
etag: "59c93107e96e9c6fb44ae18e319303ad"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1729

GET
H2 200 controller-eb2d34a94a7bc3e7866b6b2ce9053481.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 237D 703 KB
185 KB 7ms
7ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-eb2d34a94a7bc3e7866b6b2ce9053481.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-ed6b13f72106b486064dabd723a34e01.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e248a69e9e24cbf5258c27257fb132fbbae4a85d58d9f46c718c22d56f30f6bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-ed6b13f72106b486064dabd723a34e01.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 11 Mar 2024 22:09:49 GMT
via: 1.1 varnish
age: 7399
x-cache: HIT
content-length: 188578
x-request-id: fb1235ed-b9d1-42ef-8016-3f4ac0e85dfb
x-served-by: cache-fra-eddf8230134-FRA
last-modified: Mon, 11 Mar 2024 20:05:14 GMT
server: Fastly
etag: "fc3d4f0d7a2d0dd9389f84f945b5f134"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1436

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame E4D8 117 KB
36 KB 104ms
67ms Script
application/javascript 2a00:1450:400c:c02::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-efad77a536f50b02df7c64c17ae993e5.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c02::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9efb3c3c478916f95dd26b4d6c664a5ff18cbb3df8da939c88b55a5abf0fc81e

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-My6F68W2H-f_qzKxZGwy_Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:09:49 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-My6F68W2H-f_qzKxZGwy_Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/gp/p/_/InstantbuyFrontendHttp/web-reports?context=eJzjKtDikmJw05BiWF4qxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-ZBN88Z3r35SUTz9eXTBJArAHE2308WMR8prMeiZ7OyrduOqsKEOuun84aCsRO6TNYg4DYp34GawwQC_FwrG3at55NYMbpHS-ZAO8PMSI"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 11 Mar 2024 22:09:49 GMT

GET
H2 200 shared-2f29bbf0a97dd10e59083fe4a34abcda.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame E4D8 538 KB
131 KB 14ms
14ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-2f29bbf0a97dd10e59083fe4a34abcda.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-efad77a536f50b02df7c64c17ae993e5.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

00a29bda2b26174ec4d6181a9341f76fc37ea2d0245f5c760f032c109e917cbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-efad77a536f50b02df7c64c17ae993e5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 11 Mar 2024 22:09:49 GMT
via: 1.1 varnish
age: 7400
x-cache: HIT
content-length: 133552
x-request-id: 147f122c-9538-4c67-9f55-652e331108ca
x-served-by: cache-fra-eddf8230134-FRA
last-modified: Mon, 11 Mar 2024 20:05:16 GMT
server: Fastly
etag: "59c93107e96e9c6fb44ae18e319303ad"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1730

GET
H2 200 payment-request-inner-google-pay-c83e5fd7cbd25a878b3ffc70ebb53333.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame E4D8 12 KB
5 KB 7ms
6ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-c83e5fd7cbd25a878b3ffc70ebb53333.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-efad77a536f50b02df7c64c17ae993e5.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

06e9cfa1e2fb5b8269f55ebb7dc5ced06737bc1e3faec047ca535265a9d7ac85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-efad77a536f50b02df7c64c17ae993e5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 11 Mar 2024 22:09:49 GMT
via: 1.1 varnish
age: 953935
x-cache: HIT
content-length: 5124
x-request-id: 77a46d7d-8c75-4e95-8127-8f70c38c7695
x-served-by: cache-fra-eddf8230134-FRA
last-modified: Thu, 29 Feb 2024 21:07:03 GMT
server: Fastly
etag: "7946a1d9a17729b6659d22b18a313c0e"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 12333

GET
H2 200 shared-2f29bbf0a97dd10e59083fe4a34abcda.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame BC1A 538 KB
131 KB 15ms
15ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-2f29bbf0a97dd10e59083fe4a34abcda.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-cdc0f8f66398c4206aea80d732b2ebe5.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

00a29bda2b26174ec4d6181a9341f76fc37ea2d0245f5c760f032c109e917cbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-cdc0f8f66398c4206aea80d732b2ebe5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 11 Mar 2024 22:09:49 GMT
via: 1.1 varnish
age: 7400
x-cache: HIT
content-length: 133552
x-request-id: cfa0650f-3331-44b0-b2ab-b39c11dedcdf
x-served-by: cache-fra-eddf8230134-FRA
last-modified: Mon, 11 Mar 2024 20:05:16 GMT
server: Fastly
etag: "59c93107e96e9c6fb44ae18e319303ad"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1731

GET
H2 200 payment-request-inner-browser-792795e2c4e2210721d96228540c4e06.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame BC1A 13 KB
6 KB 19ms
19ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-792795e2c4e2210721d96228540c4e06.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-cdc0f8f66398c4206aea80d732b2ebe5.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

fedfc64728beee4dcdf576abb2dd3c44b462afc3b5db8c53704629a1ee6dd14c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-cdc0f8f66398c4206aea80d732b2ebe5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 11 Mar 2024 22:09:49 GMT
via: 1.1 varnish
age: 1687008
x-cache: HIT
content-length: 5631
x-request-id: 6129f072-9ce5-40b2-b575-7afe3b36bed5
x-served-by: cache-fra-eddf8230134-FRA
last-modified: Fri, 09 Feb 2024 18:11:55 GMT
server: Fastly
etag: "32dba56f50e599b5cc53a055305f8c45"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 32628

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 99CF 930 B
1 KB 29ms
7ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 301
cache-control: max-age=300, public
content-encoding: br
content-length: 540
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 11 Mar 2024 22:09:49 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 2
x-content-type-options: nosniff
x-request-id: 6e03b531-0d5a-4bed-89cc-c0789aacdc65
x-served-by: cache-fra-eddf8230134-FRA
x-timer: S1710194990.726131,VS0,VE0

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/c48a9559/www-widgetapi.vflset/ 215 KB
67 KB 9ms
5ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c48a9559/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e407fb5bd2b9e460b37f6acc3ad65c5fb753f1ea6aecbaef61f534309e493be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 19:29:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9607
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68253
x-xss-protection: 0
last-modified: Wed, 06 Mar 2024 05:21:30 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 11 Mar 2025 19:29:42 GMT

GET
H2 200 jquery-3.6.1.min.js Show response
code.jquery.com/ 88 KB
88 KB 30ms
6ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.1.min.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Request headers

Referer: https://my.americares.org/
Origin: https://my.americares.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:09:49 GMT
via: 1.1 varnish, 1.1 varnish
age: 3501282
x-cache: HIT, HIT
content-length: 89664
x-served-by: cache-lga13629-LGA, cache-fra-eddf8230122-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1710194990.782231,VS0,VE0
etag: "28feccc0-15e40"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 19, 142296

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ 29 KB
29 KB 37ms
15ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://my.americares.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 20:54:32 GMT
x-content-type-options: nosniff
age: 4517
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30096
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Mar 2025 20:54:32 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ 29 KB
30 KB 30ms
8ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://my.americares.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 20:54:32 GMT
x-content-type-options: nosniff
age: 4517
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30096
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Mar 2025 20:54:32 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ 29 KB
29 KB 40ms
19ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://my.americares.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 20:54:32 GMT
x-content-type-options: nosniff
age: 4517
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30096
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Mar 2025 20:54:32 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ 29 KB
29 KB 41ms
21ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://my.americares.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 20:54:32 GMT
x-content-type-options: nosniff
age: 4517
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30096
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Mar 2025 20:54:32 GMT

GET
H2 200 1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v13/ 32 KB
32 KB 32ms
27ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Pttg83HX_SGhgqk2jovaqQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b479610778cef415158ef2deef872c0bdc85bd63f339ecdc1382fabef4da407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://my.americares.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 08:52:43 GMT
x-content-type-options: nosniff
age: 566226
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32492
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:20:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Mar 2025 08:52:43 GMT

GET
H2 200 1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v13/ 32 KB
32 KB 31ms
25ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Pttg83HX_SGhgqk2jovaqQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b479610778cef415158ef2deef872c0bdc85bd63f339ecdc1382fabef4da407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://my.americares.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 08:52:43 GMT
x-content-type-options: nosniff
age: 566226
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32492
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:20:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Mar 2025 08:52:43 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ 29 KB
29 KB 28ms
23ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://my.americares.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 20:54:32 GMT
x-content-type-options: nosniff
age: 4517
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30096
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Mar 2025 20:54:32 GMT

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 237D 474 B
613 B 20ms
6ms Fetch
application/json 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2f29bbf0a97dd10e59083fe4a34abcda.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a5e05d6875025ae160951988d1dbe109a254794f158b1210a8311bdc7070b91e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-ed6b13f72106b486064dabd723a34e01.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 11 Mar 2024 22:09:49 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 44
x-cache: HIT
content-length: 297
x-request-id: 48245eda-6d58-4607-9ea6-2db6de00f5db
x-served-by: cache-fra-eddf8230085-FRA
last-modified: Mon, 11 Mar 2024 20:42:57 GMT
server: Fastly
etag: "5f41bcd011468561b95d7615b20047b9"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 37

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 237D 474 B
371 B 14ms
7ms Fetch
application/json 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2f29bbf0a97dd10e59083fe4a34abcda.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a5e05d6875025ae160951988d1dbe109a254794f158b1210a8311bdc7070b91e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-ed6b13f72106b486064dabd723a34e01.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 11 Mar 2024 22:09:49 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 44
x-cache: HIT
content-length: 297
x-request-id: 1d160533-f2c2-427a-a409-b2eaf02f22db
x-served-by: cache-fra-eddf8230085-FRA
last-modified: Mon, 11 Mar 2024 20:42:57 GMT
server: Fastly
etag: "5f41bcd011468561b95d7615b20047b9"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 38

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame 99CF 87 KB
15 KB 6ms
6ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Mon, 11 Mar 2024 22:09:49 GMT
x-content-type-options: nosniff
content-encoding: br
via: 1.1 varnish
age: 167
x-cache: HIT
content-length: 15509
x-request-id: 926b9b98-b31e-4c2b-bd67-87f929466ec1
x-served-by: cache-fra-eddf8230134-FRA
server: Fastly
x-timer: S1710194990.787065,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 88

GET
H2 200 iframeResizer.17b3e8f66abcbf803ee0eb0adc771137.js Show response
my.americares.org/sso/ssobuild/js/ 12 KB
5 KB 46ms
46ms XHR
application/javascript 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.americares.org/sso/ssobuild/js/iframeResizer.17b3e8f66abcbf803ee0eb0adc771137.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8913290a4db258fa9e0d3fd267fb61666aa81f82b1a459ba098352c427a57c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-bfb88ff9d3139db5----1710194989850
traceparent: 00-adf0d24990e92d7c778f96e90395c410-bfb88ff9d3139db5-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJiZmI4OGZmOWQzMTM5ZGI1IiwidHIiOiJhZGYwZDI0OTkwZTkyZDdjNzc4Zjk2ZTkwMzk1YzQxMCIsInRpIjoxNzEwMTk0OTg5ODUwfX0=
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://my.americares.org/give/527690/
X-Requested-With: XMLHttpRequest

Response headers

date: Mon, 11 Mar 2024 22:09:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 26 Feb 2024 21:53:00 GMT
cf-bgj: minify
server: cloudflare
age: 55977
etag: W/"65dd083c-316e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-ray: 862edefe9f0071a9-FRA
expires: Tue, 11 Mar 2025 06:36:52 GMT

POST
H2 200 b Show response
r.stripe.com/ Frame 237D 0
275 B 612ms
179ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2f29bbf0a97dd10e59083fe4a34abcda.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 11 Mar 2024 22:09:50 GMT
x-stripe-server-envoy-start-time-us: 1710194990372898
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1710194990372258
access-control-allow-credentials: true
content-length: 0

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 9435 19 KB
8 KB 66ms
65ms Document
text/html 2a00:1450:400c:c02::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c02::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f5a1c581815d0af412c61040d4113e3a4cec9fcf025be287f7ebc38d0babe745

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wLZHqEHjCKSXmxhAuJJJgQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-wLZHqEHjCKSXmxhAuJJJgQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Mon, 11 Mar 2024 22:09:49 GMT
expires: Mon, 11 Mar 2024 22:09:49 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
reporting-endpoints: default="/gp/p/_/InstantbuyFrontendBuyflowPayframeUi/web-reports?context=eJzjKtDikmJw05BiWF4qxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-ZBN88Z3r35SUTz9eXTBJArAHE2308WMR8prMeiZ7OyrduOqsKEOuun84aCsRO6TNYg4DYp34GawwQC_FwrG3at55NYMPFn5uZAe_3MUw"
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

POST
H2 200 wallet-config Show response
merchant-ui-api.stripe.com/elements/ Frame 237D 2 KB
3 KB 311ms
225ms Fetch
application/json 198.202.176.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://merchant-ui-api.stripe.com/elements/wallet-config

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2f29bbf0a97dd10e59083fe4a34abcda.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.202.176.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

777c14d9544f90d0e19e10409146da1a7180fbecfc9c7aab349261ebcc382d2e

Security Headers

Name	Value
Content-Security-Policy	report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 11 Mar 2024 22:09:50 GMT
content-security-policy: report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
strict-transport-security: max-age=63072000; includeSubDomains; preload
cross-origin-resource-policy: same-site
content-length: 2536
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
access-control-max-age: 300
access-control-allow-methods: GET, POST
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://js.stripe.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin
access-control-allow-headers: x-stripe-csrf-token
cross-origin-opener-policy-report-only: same-origin; report-to=https://q.stripe.com/coop-report
expires: 0

POST
H2 200 6 Show response
m.stripe.com/ Frame 99CF 156 B
670 B 575ms
177ms XHR
application/json 44.239.187.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.239.187.210 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-239-187-210.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

a51d73b2a29fb8bc35a0f2864d6c1219d05faa5b0172a5a5c87c0e9d13e3a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 11 Mar 2024 22:09:50 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1710194990373119
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1710194990372594
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 status Show response
my.americares.org/sso/ 90 B
1 KB 432ms
431ms XHR
application/javascript 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.americares.org/sso/status?client_id=hkDllBPffAW7sKhdYbpNc5PrwMIVbh&callback=jQuery361029422225204210584_1710194989848&_=1710194989849

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41d267d2a8ac41e56f4e2a94a8b109790540956a5ae74b9924674f38fd65bb45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.classy.org;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-af483ed6d6ff0af1----1710194989903
traceparent: 00-287992f1a505db37372caeac7570f691-af483ed6d6ff0af1-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJhZjQ4M2VkNmQ2ZmYwYWYxIiwidHIiOiIyODc5OTJmMWE1MDVkYjM3MzcyY2FlYWM3NTcwZjY5MSIsInRpIjoxNzEwMTk0OTg5OTAzfX0=
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://my.americares.org/give/527690/
X-Requested-With: XMLHttpRequest

Response headers

date: Mon, 11 Mar 2024 22:09:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
content-security-policy: frame-ancestors 'self' https://*.classy.org;
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
p3p: CP="Classy does not have a P3P policy."
cache-control: no-cache, private
cf-ray: 862edefeef7371a9-FRA
x-xss-protection: 1; mode=block

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.aqX7pkxgOnY.es5.O/am=gEEy/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfr... Frame 9435 160 KB
57 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.aqX7pkxgOnY.es5.O/am=gEEy/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhKyIL4arCjTfnkGMbuWONEQTvXqw/m=_b,_tp

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29142282807f543b36899836ab87938c76744364bfa1888bdbadff146330a196

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:07:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 273733
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57824
x-xss-protection: 0
last-modified: Fri, 08 Mar 2024 02:34:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Mar 2025 18:07:36 GMT

GET
H2 200 m=Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.aqX7pkxgOnY.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ekWB2n... Frame 9435 75 KB
27 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.aqX7pkxgOnY.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ekWB2nw5o-4.L.B1.O/am=gEEy/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrhl8XGQSkBsMrzECWGPn78xLLseVA/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.aqX7pkxgOnY.es5.O/am=gEEy/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhKyIL4arCjTfnkGMbuWONEQTvXqw/m=_b,_tp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26262bf301b196a97779adbdea9ca974c356801ae712d5864b5bb0d6a90b775b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 20:34:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 264908
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27547
x-xss-protection: 0
last-modified: Wed, 06 Mar 2024 04:06:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Mar 2025 20:34:42 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 9435 1 MB
378 KB 88ms
88ms XHR
text/html 2a00:1450:400c:c02::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c02::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b68cc270ece516512f96e88df5e5c3782e5740f19348eb2b4ee17f14d056c83d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xgcZlZ2wDMjgos9qzLb4bQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:09:50 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-xgcZlZ2wDMjgos9qzLb4bQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/gp/p/_/InstantbuyFrontendBuyflowPayUi/web-reports?context=eJzjKtDikmJw05BiWF4qxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-ZBN88Z3r35SUTz9eXTBJArAHE2308WMR8prMeiZ7OyrduOqsKEOuun84aCsRO6TNYg4DYp34GawwQC3FzrGvat55NoGHTBiUAvGkwIA"
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 11 Mar 2024 22:09:50 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.aqX7pkxgOnY.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ekWB2n... Frame 9435 10 KB
4 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.aqX7pkxgOnY.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ekWB2nw5o-4.L.B1.O/am=gEEy/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrhl8XGQSkBsMrzECWGPn78xLLseVA/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdfda2d14f2de164f14d95ad0b9b0fd5effbf51850fffd4bb3ee8e01674cf292

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 20:34:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 264906
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4170
x-xss-protection: 0
last-modified: Wed, 06 Mar 2024 04:06:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Mar 2025 20:34:44 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.aqX7pkxgOnY.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ekWB2n... Frame 9435 37 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.aqX7pkxgOnY.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ekWB2nw5o-4.L.B1.O/am=gEEy/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrhl8XGQSkBsMrzECWGPn78xLLseVA/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9b31c557888de5a5ba74cab90820cfb4118a541f29a322e21bfd2e84fbfc436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 20:34:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 264906
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14259
x-xss-protection: 0
last-modified: Wed, 06 Mar 2024 04:06:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Mar 2025 20:34:44 GMT

POST
H3 200 log Show response
play.google.com/ Frame 9435 131 B
155 B 55ms
43ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 11 Mar 2024 22:09:50 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 11 Mar 2024 22:09:50 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 43ms
15ms Preflight
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 11 Mar 2024 22:09:50 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 9435 131 B
155 B 54ms
40ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 11 Mar 2024 22:09:50 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 11 Mar 2024 22:09:50 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 41ms
14ms Preflight
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 11 Mar 2024 22:09:50 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 9435 131 B
155 B 61ms
47ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 11 Mar 2024 22:09:50 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 11 Mar 2024 22:09:50 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 40ms
13ms Preflight
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 11 Mar 2024 22:09:50 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 9435 131 B
155 B 52ms
39ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 11 Mar 2024 22:09:50 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 11 Mar 2024 22:09:50 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 41ms
15ms Preflight
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 11 Mar 2024 22:09:50 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 9435 131 B
155 B 54ms
41ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 11 Mar 2024 22:09:50 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 11 Mar 2024 22:09:50 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 40ms
14ms Preflight
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 11 Mar 2024 22:09:50 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 9435 131 B
155 B 61ms
48ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 11 Mar 2024 22:09:50 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 11 Mar 2024 22:09:50 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 39ms
14ms Preflight
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 11 Mar 2024 22:09:50 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 b Show response
r.stripe.com/ Frame 237D 0
274 B 600ms
348ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2f29bbf0a97dd10e59083fe4a34abcda.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 11 Mar 2024 22:09:50 GMT
x-stripe-server-envoy-start-time-us: 1710194990543771
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1710194990543492
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame 237D 0
274 B 433ms
349ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2f29bbf0a97dd10e59083fe4a34abcda.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 11 Mar 2024 22:09:50 GMT
x-stripe-server-envoy-start-time-us: 1710194990544154
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1710194990543575
access-control-allow-credentials: true
content-length: 0

GET
H2 200 GooglePay-logo.svg
my.americares.org/static/global/images/digitalWallets/ 3 KB
1 KB 36ms
36ms Image
image/svg+xml 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.americares.org/static/global/images/digitalWallets/GooglePay-logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee8b513e01e58127f81cb40ae5909a16a8eb0f8185efa32fd0a9104a7deb2c78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/give/527690/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:09:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 26 Feb 2024 21:58:44 GMT
server: cloudflare
age: 4833
etag: W/"65dd0994-b41"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 862edf00c93371a9-FRA
expires: Tue, 11 Mar 2025 20:49:17 GMT

POST
H2 200 6 Show response
m.stripe.com/ Frame 99CF 156 B
669 B 177ms
177ms XHR
application/json 44.239.187.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.239.187.210 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-239-187-210.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

a51d73b2a29fb8bc35a0f2864d6c1219d05faa5b0172a5a5c87c0e9d13e3a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 11 Mar 2024 22:09:50 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1710194990563036
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1710194990562334
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 6 Show response
m.stripe.com/ Frame 99CF 156 B
667 B 226ms
226ms XHR
application/json 44.239.187.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.239.187.210 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-239-187-210.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

a51d73b2a29fb8bc35a0f2864d6c1219d05faa5b0172a5a5c87c0e9d13e3a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 11 Mar 2024 22:09:50 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1710194990612330
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1710194990611741
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 b Show response
r.stripe.com/ Frame 237D 0
273 B 177ms
177ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2f29bbf0a97dd10e59083fe4a34abcda.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 11 Mar 2024 22:09:50 GMT
x-stripe-server-envoy-start-time-us: 1710194990941202
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1710194990940624
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame 237D 0
272 B 178ms
177ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2f29bbf0a97dd10e59083fe4a34abcda.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 11 Mar 2024 22:09:51 GMT
x-stripe-server-envoy-start-time-us: 1710194991290518
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1710194991290007
access-control-allow-credentials: true
content-length: 0

POST
H2 200 6 Show response
m.stripe.com/ Frame 99CF 156 B
669 B 176ms
176ms XHR
application/json 44.239.187.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.239.187.210 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-239-187-210.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

a51d73b2a29fb8bc35a0f2864d6c1219d05faa5b0172a5a5c87c0e9d13e3a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 11 Mar 2024 22:09:53 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1710194993880060
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1710194993879592
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

Verdicts & Comments Add Verdict or Comment

156 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
my.americares.org/	1970-01-21 04:39:14	Name: connect.sid Value: s%3AP2d2-LO3Aqz6IYfUUBIai5TObVmtPHsM.ka1sKgl8gnb2tAnp6z%2BJeBExTZM0fbNWcgOviL9kcwY
.my.americares.org/	1970-01-20 19:03:16	Name: __cf_bm Value: oXG_EzrbF4bXFqkPDGeXgt8c7v2DwgLlYD8gPszjXHA-1710194987-1.0.1.1-ouiOr3veTQBko8k5EjMhb4LNf8f_gtk_4nxrJFD0WTNqXzgN_Dv8qWxVosLPDIBeltQiPUlCNEYPFyD6I13ASQ
.my.americares.org/	1969-12-31 23:59:59	Name: __cfruid Value: 4726bd8a0d1541abbcbd6083e479da66d15f3667-1710194987
.my.americares.org/	1969-12-31 23:59:59	Name: _cfuvid Value: i0Lfipschi6dqWL3B6sax5XzKgpbUlTBIjhk5_THrT8-1710194987947-0.0.1.1-604800000
.classy.org/	1970-01-20 19:03:16	Name: __cf_bm Value: _t01Koa2dC7EYlAC.CpCsgKVpG1B30WZLJ.pmBt_XNg-1710194988-1.0.1.1-eedn08iBnMirlhCpuiyiAbd2Hu19rjNqSZsxzZ2ha7cfYmGCuvR1lsby46EtNle36iaZEqe5dUhqijGG06b8aQ
.classy.org/	1969-12-31 23:59:59	Name: _cfuvid Value: asFK_QuCkmUDrLLVvPSo72rui_kQ4es9aUPmFXWCPPY-1710194988186-0.0.1.1-604800000
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: Iw8fGVzKIR4
.youtube.com/	1970-01-20 23:22:26	Name: VISITOR_INFO1_LIVE Value: GcFdof3zmr8
.youtube.com/	1970-01-20 23:22:26	Name: VISITOR_PRIVACY_METADATA Value: CgJERRIEEgAgPA%3D%3D
my.americares.org/	1969-12-31 23:59:59	Name: CSRF-TOKEN Value: umvi44L6-79Ugc5i7SY83h5OfrdrfdL3DsUA
widgets.guidestar.org/	1970-01-20 19:13:19	Name: AWSALBCORS Value: QGosjSNTXXYWS7G9jAiUuFYtwKXM9ejUc1vpeqwJJfx7yno/eLMSFYOkpMkCDsqajb+0VNN0c0DhvuyLjDi2KQC9VcIWk2bApSD/mfNIEUdyjzDiHIY5dIjzujSU
.google.com/	1970-01-20 23:26:46	Name: NID Value: 512=Q8H8NTwBc_ffEPovAHeAYqCmTt_wmpeZd8eZqwnm2ykrXD7Z02ybx5eBtTL8qHlEB_KlQN_NxDVle5s5XtZ34lL4-mCiQePWH6fFcBXRsWQVXIBRUYLhonPNqetgo4st-QLg68-VTX0zDpIiKUamm47ChQzdcewhS7HYAPEYP8I
www.americares.org/	1970-01-20 19:04:41	Name: _uid Value: CgEAJGXvgS2xkQB6DNEnAg==
my.americares.org/	1970-01-20 19:03:15	Name: XSRF-TOKEN Value: eyJpdiI6ImFDN2RSekhkRWlrZEtDWDhmM0hBUHc9PSIsInZhbHVlIjoialdNanNTYSswQUt6LzUxTEwvN1V4NkpwWi9pa2lwcDFzaGlJMEFYWXJUV29PUytNeDBUcDVjbHQ0My83Y2tMQjNVeDJkdjRJOUdwMi9pRTZpa2thVGtZanU0V0hFWDE0TkhRTWJDREFjU0RFd1NjbWFQTTEya0hkWTg1VW42Y0EiLCJtYWMiOiJhYjhjZWQ1OTJiYzE5YmQwZmY1NmI3ZjBlZGRkOWY2ODM5YjQ1YWMzYzRkN2ExNjZhZGI4ZDE3ODljOGI2NDFmIiwidGFnIjoiIn0%3D
my.americares.org/	1969-12-31 23:59:59	Name: sid Value: eyJpdiI6Ikc3NjdTKy9LNXlqYVAva2ZiUFFVcWc9PSIsInZhbHVlIjoiWmVaWDArN1dBVDUrMmlyRndadG5WNUxzaXJzR3k2VmVaTW8zdkFXZjRSdkd4RGdFVDFPcmlleHRVN291dDlTdUl4MXZQUzhnRFhtUmJyVlV4SG91WHZ6ckVzMkpsbjVyUFpkRjdPdzkxbmVtMmxPN0NSeS85RktLTXpsYStTazMiLCJtYWMiOiIyM2JkNGZjNDZmNmU1MjMyZmY1MWI3MmIwOTlkYzFjODgwODU2ODU2MTc3YjNiOWQwNmFkYTc2MGFkOGFkZDVkIiwidGFnIjoiIn0%3D
m.stripe.com/	1970-01-21 04:39:14	Name: m Value: 8907dbfd-51ca-4e75-8c96-8f4146f6a40713abf1
.my.americares.org/	1970-01-21 03:48:50	Name: __stripe_mid Value: 7f6e9dbd-3643-4e1f-bb64-801c1192f20c1d89e5
.my.americares.org/	1970-01-20 19:03:16	Name: __stripe_sid Value: 335c607e-96bd-4a07-aec0-163e3dfa2b5a0b94d0

58 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl&amount=500(Line 1132) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl&amount=500(Line 1132) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://files.doublethedonation.com/fontello/css/fontello.css Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl&amount=500 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl&amount=500 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl&amount=500 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl&amount=500 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl&amount=500 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl&amount=500 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=500&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=500&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=500&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=500&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=500&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=500&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=500&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=500&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=500&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=500&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=500&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=500&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=500&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=500&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=500&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=500&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=500&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=500&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=500&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=500&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=500&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=500&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=500&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=500&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=500&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=500&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=500&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=500&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=500&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=500&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=500&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=500&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=500&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=500&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=500&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=500&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=500&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=500&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=500&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=500&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=500&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=500&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=500&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=500&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=500&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=500&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=500&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=500&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=500&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.classy.org
cdn.plaid.com
cdn.transcend.io
click.hello.americares.org
code.jquery.com
files.doublethedonation.com
fonts.googleapis.com
fonts.gstatic.com
htp.tokenex.com
image.hello.americares.org
js.stripe.com
m.stripe.com
m.stripe.network
merchant-ui-api.stripe.com
my.americares.org
pay.google.com
play.google.com
prod-frs.content.classy.org
r.stripe.com
static.cloudflareinsights.com
unpkg.com
widgets.guidestar.org
www.americares.org
www.googleadservices.com
www.gstatic.com
www.youtube.com
104.22.55.118
13.110.221.60
142.250.181.226
151.101.192.176
18.173.154.89
198.202.176.81
2600:9000:2250:200:2:8531:afc0:93a1
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700::6810:5049
2606:4700::6810:7daf
2606:4700::6812:7c49
2606:4700::6812:c55f
2a00:1450:4001:81c::200a
2a00:1450:4001:828::200e
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2003
2a00:1450:400c:c02::5c
2a02:26f0:480:22::1726:62f0
2a04:4e42:200::649
34.68.9.145
44.239.187.210
52.143.247.24
54.187.119.242
00a29bda2b26174ec4d6181a9341f76fc37ea2d0245f5c760f032c109e917cbb
061906633f249332d25115dd606fdd22d30006b25cc45039ad67c6d2008814f8
0666278516505182592bacc1b82e6603d0f33ebf8c43f2b51b89e712a94e151a
06e9cfa1e2fb5b8269f55ebb7dc5ced06737bc1e3faec047ca535265a9d7ac85
13c9eba319b411d9711a1c997322107310af7f7938aac1ec8f9cdc7c662bb9e5
14699735f336f6c852f63359232ce256d1f0c20a1d430cdea3adbb55b809e520
1da2ece3369af4c663f11daa62f4e591806f0c1ce17e17f0a4162d0d09455c5a
1dd6bb8d66c1bb0277c1276dc14abf028f9c634d592dbf8b0594d25fb6fb7590
20b8f82923f15420d50977d8efde324e462ddde5affcdfafa9ac126660838127
2168cb44a41a5cf43ef8b6e87aee8e3b9178685755df6ad1a5c0dd4cccd52c7e
21c848d60a657f4084ef5968c3466d5c73f0fcbcac905c6fcc7b5acc4d053820
22cedcbd981cbe7498e7d9f64a5ef04a3052f8826b95b3838ade989d9102240d
26262bf301b196a97779adbdea9ca974c356801ae712d5864b5bb0d6a90b775b
27230c5af91b76c15e054c4d88048027c9045d2f1411fdbf082d074173ffcadb
29142282807f543b36899836ab87938c76744364bfa1888bdbadff146330a196
29cfebbdf0a9801764f1c5bec42a56fd773d4290821ecb6b5553f511c200815c
2afd55f62879369a45f03e83dd29d47de2c6a39fc56e694d2fdbd2c790f274a8
3022c8a32d41b95a1a8ed9066c3fcb396cdef772f01a6df1179db516973023f7
3294667fb626223067e6245c0826ce87efac71b478c53798cceb81f55d85f88a
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
3761950f8159320bb209f23d8f2d4cabe130bd774fec107d62a6eec6fb005bb5
3b1f43a81eb74758bdd53016dfc5578645564bd16d083631c12d98f0de675041
3ce16945b50c0161739c74c68b6c9ff3c897a8bdf2e3bb64853f86dd43ee7c11
3f489b11ac44efc0a827c33ce148de36e37030002176e09c2a3bdaf9efdcff3b
41d267d2a8ac41e56f4e2a94a8b109790540956a5ae74b9924674f38fd65bb45
494e26123449fbca028f9476a75934fac68fa29fddc737c73239245d8be08e04
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
50c6a67b9d511e280ce6a13e8dfdde8211c655cf6d03eb45b455f2df014f2e1d
5741070c37508c4455f704f7f190f8dec4773f62d91e6b83a9907f04381b2d88
5a897ffca6047abd2c709c51acd7ffe5feed7f9cbd18e1afd159fce990433b11
5ac2455757fbb14a9fa21a8afce49055f48f28e20e4e41a8f5eee9c5a2dc3f3a
5ee4dbeb415263a1bd1ff3f3903cac7f086f10d596e250c6fb68194e284f11fb
60891a54df49aac87f56b67ebcd37582eae4b01e7b20b35b5b141a5ddd7e66c5
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
62ab2ab3a16c6d4f96e5ae538005ca6be5bb97d46affaac9ed79f8e2e163a808
62f42276dddf470e795cc1b1bdcb8fe73a0354188bcfa80e0600e8b8d2a21dcb
71afb008c8b3406257f101d95a4f69b97e6a331a293a5ed4ddcdd6501ffdc4ee
76164d9d399c8baca4656cd791982fdbd043413f39cf1a56c2d36c12ceb0b7b2
777c14d9544f90d0e19e10409146da1a7180fbecfc9c7aab349261ebcc382d2e
7cf649422c31e519b480124ba4b46d71fd6b668888cb9d6aed84fdaa4b620493
7df2f591cb5998cbf6e24dcb7489cb13cfc5303bb30716bd4e9c7eeda053ea10
7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d
87d48af85ba0878ccd67abaaf1caf5067d42f34bbc72a711aa1c550c25a3d122
8913290a4db258fa9e0d3fd267fb61666aa81f82b1a459ba098352c427a57c37
8b479610778cef415158ef2deef872c0bdc85bd63f339ecdc1382fabef4da407
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
9e407fb5bd2b9e460b37f6acc3ad65c5fb753f1ea6aecbaef61f534309e493be
9efb3c3c478916f95dd26b4d6c664a5ff18cbb3df8da939c88b55a5abf0fc81e
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a51d73b2a29fb8bc35a0f2864d6c1219d05faa5b0172a5a5c87c0e9d13e3a214
a5e05d6875025ae160951988d1dbe109a254794f158b1210a8311bdc7070b91e
a77f5e7aa207c37450c588a74a423e46b0bf14e0f1c4b49ae6c567368d46f46f
b68cc270ece516512f96e88df5e5c3782e5740f19348eb2b4ee17f14d056c83d
b76d55ce69f335df0f011ca7ad04fa9cc9f34d3e0ffc6ee347d1019140b43e88
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
bdfda2d14f2de164f14d95ad0b9b0fd5effbf51850fffd4bb3ee8e01674cf292
c3d0f31cdbd4af414bab8b29ecf3e33dfe3bf69692bb229cba2b1a146cf79ce4
c4c26dfde09ed6e458fd1d42c13169455ea98d479d85d3242a61cb0d15bdd00f
c751fe2e3ebe19205c4845af55a79608fcc55109648115357e673bf5dc161b49
c91fcb89871b3af47fd3a4f5e17d40ac582ed9a6046963ab48caa4baa7c3dfe2
c9b31c557888de5a5ba74cab90820cfb4118a541f29a322e21bfd2e84fbfc436
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ce14c9c50ec633603b6a1e130678a447128b803ec5a03f26f020ef2b8db623d1
d2f4ea788543cf0dc7e1149c87d86548511aa75fcd53412526f0969701fd5f00
d917abfaa0f30f974778481aa03a81efbe439f4b379ae1d9c4b91d462f2c1064
daf6c010e1371f312df60aa5b9041f2571f0b0f32be661fe8546f7f8772966cd
dc055917bb20b6042962d6e972655061a178db6b161b02c217406b62fd85c0e4
dfd7b9d1a802acafdc8f9334d69406b7db612b94559c16fa684f5dab315a5aa9
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e248a69e9e24cbf5258c27257fb132fbbae4a85d58d9f46c718c22d56f30f6bb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee8b513e01e58127f81cb40ae5909a16a8eb0f8185efa32fd0a9104a7deb2c78
ef453c16da45d31acaaf053b4c361c28af20f85edb5037ba02d82c88cc14314b
ef96eb757139a3f442f1912339d427c4190f8702c7ef62d7878b60e878c6d0ea
f5a1c581815d0af412c61040d4113e3a4cec9fcf025be287f7ebc38d0babe745
f9ea176aae876360c1933a6dde1400b0554961ab8eb7331e5939b5e1a3c30e95
fd97943fa4d183d52dd43684240fdfd2eeb354f3b00a3dc8a84dba438977191e
fedfc64728beee4dcdf576abb2dd3c44b462afc3b5db8c53704629a1ee6dd14c
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

my.americares.org Open in urlscan Pro 2606:4700::6812:7c49 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

109 Requests

100 %HTTPS

58 %IPv6

17 Domains

26 Subdomains

23 IPs

4 Countries

3910 kBTransfer

12405 kBSize

18 Cookies

10 Outgoing links

Page URL History

Redirected requests

109 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

my.americares.org Open in urlscan Pro
2606:4700::6812:7c49 Public Scan

Screenshot
Live screenshot

Full Image

109
Requests

100 %
HTTPS

58 %
IPv6

17
Domains

26
Subdomains

23
IPs

4
Countries

3910 kB
Transfer

12405 kB
Size

18
Cookies

109 HTTP transactions
0 data transactions