urlscan.io logo urlscan.io
SecurityTrails logo

donate.wfp.org Open in urlscan Pro
34.117.85.67  Public Scan

Go To Rescan Add Verdict Report
URL: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=238521455...
Submission: On September 23 via api from CZ — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 57 IPs in 8 countries across 43 domains to perform 290 HTTP transactions. The main IP is 34.117.85.67, located in United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is donate.wfp.org.
TLS certificate: Issued by GTS CA 1D4 on August 31st 2023. Valid for: 3 months.
This is the only time donate.wfp.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
33 34.117.85.67 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 5 216.58.206.38 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2a03:2880:f08... 32934 (FACEBOOK)
2 54.77.117.191 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
3 2001:4860:480... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f17... 32934 (FACEBOOK)
46 99.86.4.9 16509 (AMAZON-02)
2 172.217.16.194 15169 (GOOGLE)
1 2600:9000:214... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 18.239.36.47 16509 (AMAZON-02)
2 2400:52e0:1e0... 200325 (BUNNYCDN)
7 2600:9000:20a... 16509 (AMAZON-02)
4 6 193.0.160.130 54312 (ROCKETFUEL)
8 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
10 151.101.1.21 54113 (FASTLY)
1 13.227.219.3 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
4 4 13.225.78.123 16509 (AMAZON-02)
3 35.244.174.68 15169 (GOOGLE)
1 1 142.250.186.130 15169 (GOOGLE)
1 2 185.89.211.12 29990 (ASN-APPNEX)
1 2 34.255.45.168 16509 (AMAZON-02)
1 185.64.191.210 62713 (AS-PUBMATIC)
1 35.244.159.8 15169 (GOOGLE)
1 3.127.178.105 16509 (AMAZON-02)
1 95.101.148.20 16625 (AKAMAI-AS)
1 34.238.22.106 14618 (AMAZON-AES)
1 2 104.18.26.193 13335 (CLOUDFLAR...)
1 104.76.200.221 16625 (AKAMAI-AS)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 108.129.25.174 16509 (AMAZON-02)
1 34.250.62.135 16509 (AMAZON-02)
1 18.198.19.227 16509 (AMAZON-02)
2 2 151.101.130.49 54113 (FASTLY)
1 2400:52e0:1e0... 200325 (BUNNYCDN)
4 192.229.221.25 15133 (EDGECAST)
77 54.186.23.98 16509 (AMAZON-02)
1 18.165.183.16 16509 (AMAZON-02)
2 18.202.131.124 16509 (AMAZON-02)
2 151.101.1.35 54113 (FASTLY)
1 34.235.255.200 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
2 151.101.128.176 54113 (FASTLY)
2 172.64.154.227 13335 (CLOUDFLAR...)
3 34.208.135.88 16509 (AMAZON-02)
1 18.238.243.32 16509 (AMAZON-02)
1 2001:4860:480... 15169 (GOOGLE)
290 57
33    34.117.85.67 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 67.85.117.34.bc.googleusercontent.com
donate.wfp.org
1    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googleoptimize.com
6    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    216.58.206.38 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f6.1e100.net
5499309.fls.doubleclick.net
10390555.fls.doubleclick.net
5    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    2a03:2880:f083:9:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    54.77.117.191 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-117-191.eu-west-1.compute.amazonaws.com
c5.adalyser.com
4    2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
region1.google-analytics.com
5    2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
4    2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a03:2880:f177:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
46    99.86.4.9 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-9.fra6.r.cloudfront.net
js.stripe.com
2    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net
www.googleadservices.com
1    2600:9000:214f:de00:1:76cf:fe80:93a1 (United States)

ASN16509 (AMAZON-02, US)
c1.rfihub.net
3    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.recaptcha.net
1    18.239.36.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-36-47.ams58.r.cloudfront.net
static.hotjar.com
2    2400:52e0:1e00::1080:1 (None, )

ASN200325 (BUNNYCDN, SI)
l.getsitecontrol.com
7    2600:9000:20a0:c200:14:56a0:4680:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.sparkcentral.com
6    193.0.160.130 (Netherlands)

ASN54312 (ROCKETFUEL, US)
20777079p.rfihub.com
p.rfihub.com
a.rfihub.com
8    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2606:4700:10::6814:8b22 (United States)

ASN13335 (CLOUDFLARENET, US)
pay.gocardless.com
10    151.101.1.21 (United States)

ASN54113 (FASTLY, US)
www.paypal.com
1    13.227.219.3 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-3.ams54.r.cloudfront.net
script.hotjar.com
4    2a00:1450:400c:c0c::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
pay.google.com
4    13.225.78.123 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-123.fra2.r.cloudfront.net
live.rezync.com
3    35.244.174.68 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
cm.g.doubleclick.net
2    185.89.211.12 (Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
2    34.255.45.168 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-45-168.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    35.244.159.8 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
1    3.127.178.105 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-178-105.eu-central-1.compute.amazonaws.com
ps.eyeota.net
1    95.101.148.20 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-20.deploy.static.akamaitechnologies.com
contextual.media.net
1    34.238.22.106 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-238-22-106.compute-1.amazonaws.com
bpi.rtactivate.com
2    104.18.26.193 (United States)

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
1    104.76.200.221 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-76-200-221.deploy.static.akamaitechnologies.com
x.dlx.addthis.com
1    2600:1f18:612b:4232:333c:fbab:e531:2e93 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
partners.tremorhub.com
1    108.129.25.174 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-129-25-174.eu-west-1.compute.amazonaws.com
aa.agkn.com
1    34.250.62.135 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-62-135.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    18.198.19.227 (United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-19-227.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    2400:52e0:1e00::1075:1 (None, )

ASN200325 (BUNNYCDN, SI)
s2.getsitecontrol.com
4    192.229.221.25 (United States)

ASN15133 (EDGECAST, US)
www.paypalobjects.com
77    54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com
q.stripe.com
r.stripe.com
1    18.165.183.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-183-16.zrh55.r.cloudfront.net
vc.hotjar.io
2    18.202.131.124 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-131-124.eu-west-1.compute.amazonaws.com
merchant-ui-api.stripe.com
2    151.101.1.35 (United States)

ASN54113 (FASTLY, US)
t.paypal.com
1    34.235.255.200 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-255-200.compute-1.amazonaws.com
events.getsitectrl.com
2    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
12    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
play.google.com
2    151.101.128.176 (United States)

ASN54113 (FASTLY, US)
m.stripe.network
2    172.64.154.227 (United States)

ASN13335 (CLOUDFLARENET, US)
5f3157de284bd6000cc5b1eb.config.eu-1.smooch.io
3    34.208.135.88 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-208-135-88.us-west-2.compute.amazonaws.com
m.stripe.com
1    18.238.243.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-243-32.ams58.r.cloudfront.net
media.eu-1.smooch.io
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
Apex Domain
Subdomains		 Transfer
128 stripe.com
js.stripe.com — Cisco Umbrella Rank: 2793
q.stripe.com — Cisco Umbrella Rank: 24792
merchant-ui-api.stripe.com — Cisco Umbrella Rank: 13791
r.stripe.com — Cisco Umbrella Rank: 8828
m.stripe.com — Cisco Umbrella Rank: 2449
2 MB
33 wfp.org
donate.wfp.org
1 MB
24 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2225
www.google.com — Cisco Umbrella Rank: 11
adservice.google.com — Cisco Umbrella Rank: 182
pay.google.com — Cisco Umbrella Rank: 3915
play.google.com — Cisco Umbrella Rank: 85
417 KB
12 paypal.com
www.paypal.com — Cisco Umbrella Rank: 2955
t.paypal.com — Cisco Umbrella Rank: 3796
264 KB
12 doubleclick.net
5499309.fls.doubleclick.net — Cisco Umbrella Rank: 689304
stats.g.doubleclick.net — Cisco Umbrella Rank: 175
googleads.g.doubleclick.net — Cisco Umbrella Rank: 66
10390555.fls.doubleclick.net — Cisco Umbrella Rank: 697389
cm.g.doubleclick.net — Cisco Umbrella Rank: 329
7 KB
10 gstatic.com
www.gstatic.com
fonts.gstatic.com
523 KB
7 sparkcentral.com
cdn.sparkcentral.com — Cisco Umbrella Rank: 933090
277 KB
7 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 96
region1.google-analytics.com — Cisco Umbrella Rank: 1878
21 KB
6 rfihub.com
20777079p.rfihub.com — Cisco Umbrella Rank: 721485
p.rfihub.com — Cisco Umbrella Rank: 1417
a.rfihub.com — Cisco Umbrella Rank: 4633
9 KB
6 google.de
www.google.de — Cisco Umbrella Rank: 3974
adservice.google.de — Cisco Umbrella Rank: 9064
2 KB
6 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 111
494 KB
4 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2603
35 KB
4 rezync.com
live.rezync.com — Cisco Umbrella Rank: 2356
3 KB
3 smooch.io
5f3157de284bd6000cc5b1eb.config.eu-1.smooch.io
media.eu-1.smooch.io
15 KB
3 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 719
149 B
3 getsitecontrol.com
l.getsitecontrol.com — Cisco Umbrella Rank: 24196
s2.getsitecontrol.com — Cisco Umbrella Rank: 39192
59 KB
3 recaptcha.net
www.recaptcha.net — Cisco Umbrella Rank: 2014
30 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 691
14 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 2971
16 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 1237
619 B
2 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1026
1 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 319
2 KB
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 360
2 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 1261
script.hotjar.com — Cisco Umbrella Rank: 1629
61 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 178
20 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 109
239 B
2 adalyser.com
c5.adalyser.com — Cisco Umbrella Rank: 27238
11 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 229
168 KB
1 getsitectrl.com
events.getsitectrl.com — Cisco Umbrella Rank: 28090
891 B
1 hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 3977
259 B
1 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 614
146 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 1035
338 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 936
377 B
1 tremorhub.com
partners.tremorhub.com — Cisco Umbrella Rank: 2071
175 B
1 addthis.com
x.dlx.addthis.com — Cisco Umbrella Rank: 2843
182 B
1 rtactivate.com
bpi.rtactivate.com — Cisco Umbrella Rank: 2888
109 B
1 media.net
contextual.media.net — Cisco Umbrella Rank: 1062
616 B
1 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1620
344 B
1 openx.net
us-u.openx.net — Cisco Umbrella Rank: 863
273 B
1 pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 1547
425 B
1 gocardless.com
pay.gocardless.com — Cisco Umbrella Rank: 564097
2 KB
1 rfihub.net
c1.rfihub.net — Cisco Umbrella Rank: 7912
6 KB
1 googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 1780
66 KB
290 43
Domain Requested by
60 r.stripe.com js.stripe.com
46 js.stripe.com donate.wfp.org
js.stripe.com
33 donate.wfp.org donate.wfp.org
17 q.stripe.com donate.wfp.org
12 play.google.com www.gstatic.com
10 www.paypal.com donate.wfp.org
www.paypal.com
www.paypalobjects.com
8 www.gstatic.com www.recaptcha.net
www.gstatic.com
pay.google.com
7 cdn.sparkcentral.com donate.wfp.org
cdn.sparkcentral.com
6 www.googletagmanager.com donate.wfp.org
www.googletagmanager.com
www.google-analytics.com
5 www.google.de donate.wfp.org
10390555.fls.doubleclick.net
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 www.paypalobjects.com donate.wfp.org
www.paypal.com
www.paypalobjects.com
4 p.rfihub.com 3 redirects donate.wfp.org
4 live.rezync.com 4 redirects
4 pay.google.com js.stripe.com
pay.google.com
donate.wfp.org
www.gstatic.com
4 www.google.com 1 redirects donate.wfp.org
4 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
3 m.stripe.com m.stripe.network
3 idsync.rlcdn.com donate.wfp.org
5499309.fls.doubleclick.net
3 www.recaptcha.net donate.wfp.org
www.gstatic.com
www.recaptcha.net
3 bat.bing.com www.googletagmanager.com
bat.bing.com
donate.wfp.org
3 5499309.fls.doubleclick.net 1 redirects www.googletagmanager.com
adservice.google.com
2 5f3157de284bd6000cc5b1eb.config.eu-1.smooch.io cdn.sparkcentral.com
2 m.stripe.network js.stripe.com
m.stripe.network
2 fonts.gstatic.com www.recaptcha.net
2 t.paypal.com donate.wfp.org
2 merchant-ui-api.stripe.com js.stripe.com
2 sync-tm.everesttech.net 2 redirects
2 dsum-sec.casalemedia.com 1 redirects donate.wfp.org
2 dpm.demdex.net 1 redirects donate.wfp.org
2 ib.adnxs.com 1 redirects donate.wfp.org
2 l.getsitecontrol.com www.googletagmanager.com
l.getsitecontrol.com
2 www.googleadservices.com 10390555.fls.doubleclick.net
www.googleadservices.com
2 www.facebook.com donate.wfp.org
2 10390555.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 adservice.google.com 5499309.fls.doubleclick.net
10390555.fls.doubleclick.net
2 region1.google-analytics.com www.googletagmanager.com
2 region1.analytics.google.com www.googletagmanager.com
2 googleads.g.doubleclick.net 1 redirects www.googletagmanager.com
2 c5.adalyser.com donate.wfp.org
2 connect.facebook.net donate.wfp.org
connect.facebook.net
1 media.eu-1.smooch.io donate.wfp.org
1 events.getsitectrl.com s2.getsitecontrol.com
1 vc.hotjar.io script.hotjar.com
1 s2.getsitecontrol.com l.getsitecontrol.com
1 x.bidswitch.net 5499309.fls.doubleclick.net
1 beacon.krxd.net 5499309.fls.doubleclick.net
1 aa.agkn.com 5499309.fls.doubleclick.net
1 partners.tremorhub.com 5499309.fls.doubleclick.net
1 x.dlx.addthis.com 5499309.fls.doubleclick.net
1 bpi.rtactivate.com 5499309.fls.doubleclick.net
1 contextual.media.net 5499309.fls.doubleclick.net
1 ps.eyeota.net donate.wfp.org
1 us-u.openx.net 5499309.fls.doubleclick.net
1 image2.pubmatic.com 5499309.fls.doubleclick.net
1 a.rfihub.com 1 redirects
1 cm.g.doubleclick.net 1 redirects
1 script.hotjar.com static.hotjar.com
1 pay.gocardless.com donate.wfp.org
1 20777079p.rfihub.com c1.rfihub.net
1 static.hotjar.com www.googletagmanager.com
1 c1.rfihub.net 5499309.fls.doubleclick.net
1 adservice.google.de 1 redirects
1 www.googleoptimize.com donate.wfp.org
290 64
Subject Issuer Validity Valid
wfp.prod.go-donate.uk
GTS CA 1D4		 2023-08-31 -
2023-11-29		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 05		 2023-07-26 -
2024-01-22		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-07-07 -
2023-09-30		 3 months crt.sh
*.adalyser.com
Thawte TLS RSA CA G1		 2023-06-13 -
2024-07-13		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2023-07-31 -
2023-11-30		 4 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.rfihub.net
Amazon RSA 2048 M01		 2023-02-24 -
2023-12-29		 10 months crt.sh
misc.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.hotjar.com
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
*.getsitecontrol.com
Go Daddy Secure Certificate Authority - G2		 2023-03-07 -
2024-04-07		 a year crt.sh
sparkcentral.com
Amazon RSA 2048 M01		 2023-06-30 -
2024-07-28		 a year crt.sh
*.rfihub.com
Sectigo RSA Domain Validation Secure Server CA		 2023-04-27 -
2024-04-27		 a year crt.sh
*.google.de
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
gocardless.com
Cloudflare Inc ECC CA-3		 2023-03-29 -
2024-03-28		 a year crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2023-07-21 -
2024-08-20		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
rtactivate.com
Amazon RSA 2048 M01		 2023-03-14 -
2024-04-11		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-08		 a year crt.sh
*.tremorhub.com
Amazon RSA 2048 M01		 2023-02-22 -
2024-03-23		 a year crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-09-07 -
2024-09-29		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-14 -
2024-04-12		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-08-01 -
2023-11-02		 3 months crt.sh
*.hotjar.io
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2022-10-19 -
2023-11-19		 a year crt.sh
*.getsitectrl.com
Amazon RSA 2048 M02		 2023-02-22 -
2024-01-13		 a year crt.sh
*.config.eu-1.smooch.io
E1		 2023-08-22 -
2023-11-20		 3 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-07-31 -
2023-10-26		 3 months crt.sh
*.eu-1.smooch.io
Amazon RSA 2048 M01		 2023-01-30 -
2024-02-28		 a year crt.sh

This page contains 22 frames:

Primary Page: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Frame ID: B6F3682F1120136B980E830F4595BAB2
Requests: 91 HTTP requests in this frame

Frame: https://5499309.fls.doubleclick.net/activityi;dc_pre=COeKirqLwYEDFYTDmgodtycKhg;src=5499309;type=sitev00;cat=wfpor0;ord=1529841533682;auiddc=1868754821.1695484364;gtm=45He39k2;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2FAR%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3287%26utm_source%3Dfacebook%26utm_medium%3Dcpm%26utm_campaign%3D23852145504580086%26utm_content%3D1%26utm_ad%3D23859899314510086%26utm_adset%3D23859898890210086%26utm_cid%3D7014y000001RTPKAA4%26fbclid%3DIwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Frame ID: 6826A190D1D4776ADCDE29C61B5D1699
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=COeKirqLwYEDFYTDmgodtycKhg;src=5499309;type=sitev00;cat=wfpor0;ord=1529841533682;auiddc=1868754821.1695484364;gtm=45He39k2;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2FAR%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3287%26utm_source%3Dfacebook%26utm_medium%3Dcpm%26utm_campaign%3D23852145504580086%26utm_content%3D1%26utm_ad%3D23859899314510086%26utm_adset%3D23859898890210086%26utm_cid%3D7014y000001RTPKAA4%26fbclid%3DIwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Frame ID: A066D0D46D71D0F966D94A06B3F7D4C5
Requests: 1 HTTP requests in this frame

Frame: https://10390555.fls.doubleclick.net/activityi;dc_pre=CMWnpLqLwYEDFVLhmgodj7UBZA;src=10390555;type=rem0;cat=allp;ord=2577884222483;auiddc=1868754821.1695484364;gtm=45fe39k2;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2FAR%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3287%26utm_source%3Dfacebook%26utm_medium%3Dcpm%26utm_campaign%3D23852145504580086%26utm_content%3D1%26utm_ad%3D23859899314510086%26utm_adset%3D23859898890210086%26utm_cid%3D7014y000001RTPKAA4%26fbclid%3DIwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Frame ID: C997A04BAE4B541CF7E99C867846BF7E
Requests: 5 HTTP requests in this frame

Frame: https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=COeKirqLwYEDFYTDmgodtycKhg;src=5499309;type=sitev00;cat=wfpor0;ord=1529841533682;auiddc=1868754821.1695484364;gtm=45He39k2;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2FAR%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3287%26utm_source%3Dfacebook%26utm_medium%3Dcpm%26utm_campaign%3D23852145504580086%26utm_content%3D1%26utm_ad%3D23859899314510086%26utm_adset%3D23859898890210086%26utm_cid%3D7014y000001RTPKAA4%26fbclid%3DIwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Frame ID: E86F1DFE66F2515247638553B1CBA20A
Requests: 2 HTTP requests in this frame

Frame: https://20777079p.rfihub.com/ca.html?ver=9&rb=27244&ca=20777079&_o=27244&_t=20777079&pe=https%3A%2F%2F5499309.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCOeKirqLwYEDFYTDmgodtycKhg%3Bsrc%3D5499309%3Btype%3Dsitev00%3Bcat%3Dwfpor0%3Bord%3D1529841533682%3Bauiddc%3D1868754821.1695484364%3Bgtm%3D45He39k2%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B%7Eoref%3Dhttps%253A%252F%252Fdonate.wfp.org%252FAR%252F1244%252Fdonation%252Fsingle%252F%253Fcampaign%253D3287%2526utm_source%253Dfacebook%2526utm_medium%253Dcpm%2526utm_campaign%253D23852145504580086%2526utm_content%253D1%2526utm_ad%253D23859899314510086%2526utm_adset%253D23859898890210086%2526utm_cid%253D7014y000001RTPKAA4%2526fbclid%253DIwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL&pf=https%3A%2F%2Fadservice.google.com%2F&ra=13626788430058467
Frame ID: 89F974CE597A54C6E0F32EBE3DF9B297
Requests: 18 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-9239195964f74ac7d035010429fa6fc6.html
Frame ID: 5D23BE04DBAA3CC04799B38314ECAF96
Requests: 38 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-20c2cf4f5b9ea242870672367f48a2a6.html
Frame ID: F90FD458DAA9DD3287B8DE5EC63789D5
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-80846e8472702b473a692422b9cb8fc1.html
Frame ID: 5C1035D937CB6CECC0DA7BF478EEAABF
Requests: 5 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-9239195964f74ac7d035010429fa6fc6.html
Frame ID: 509D96DCB0D2EC768A6E398832A49E53
Requests: 34 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-c8839c7149dc8c999077f46486575853.html
Frame ID: 993238338F20E3990928548F7D62F60B
Requests: 9 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-c8839c7149dc8c999077f46486575853.html
Frame ID: 23E70062F4692C7E6C6EE69162F0AA13
Requests: 9 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-c8839c7149dc8c999077f46486575853.html
Frame ID: 70C4690FC1160965A962A6CE20D7EDD4
Requests: 9 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=blue&style.shape=rect&style.tagline=false&style.height=45&style.menuPlacement=below&sdkVersion=5.0.398&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJ5cnFFcF9NVzFuRGVHSXVVN3BHWVVOaTg1QjdhOUdkY2Y4dHBXZ2NIcm42bXRJTVBOcnVjMzFCMDZVSnc3REhEZE9kMTBaQ0doMmJBdGgmZGlzYWJsZS1mdW5kaW5nPWNhcmQsY3JlZGl0LGJhbmNvbnRhY3QsYmxpayxlcHMsZ2lyb3BheSxpZGVhbCxtZXJjYWRvcGFnbyxteWJhbmsscDI0LHNlcGEsc29mb3J0LHZlbm1vJmN1cnJlbmN5PUVVUiIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX2xxa3h0cWthaWZyamZnd2lzYXVnZWJqdWlvbWJqayJ9fQ&clientID=AbyrqEp_MW1nDeGIuU7pGYUNi85B7a9Gdcf8tpWgcHrn6mtIMPNruc31B06UJw7DHDdOd10ZCGh2bAth&sdkCorrelationID=f3406705dd00f&storageID=uid_11a8c1b610_mtu6nti6ndy&sessionID=uid_4d154020c6_mtu6nti6ndy&buttonSessionID=uid_3f61aba13a_mtu6nti6ndy&env=production&buttonSize=medium&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=EUR&intent=capture&commit=true&vault=false&disableFunding.0=card&disableFunding.1=credit&disableFunding.2=bancontact&disableFunding.3=blik&disableFunding.4=eps&disableFunding.5=giropay&disableFunding.6=ideal&disableFunding.7=mercadopago&disableFunding.8=mybank&disableFunding.9=p24&disableFunding.10=sepa&disableFunding.11=sofort&disableFunding.12=venmo&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true&experimentation.experience=107634&experimentation.treatment=135612
Frame ID: D617BDC9C6CD88D1E095A70D18E8AC2D
Requests: 5 HTTP requests in this frame

Frame: https://www.paypalobjects.com/js-sdk-logos/2.2.7/paypal-white.svg
Frame ID: 5A264A7DF74EC16B5089A6B7549FA2A5
Requests: 1 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcW0K4kAAAAAIvAD4LnnB0XoYSHPXpH6MuedSFw&co=aHR0cHM6Ly9kb25hdGUud2ZwLm9yZzo0NDM.&hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=invisible&cb=z73d89umgvnw
Frame ID: 3C80FAF55A581ECB209BB294A6D1A417
Requests: 7 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 59CDA23A06555660C86E8B118954874E
Requests: 13 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: 971CB3BA1EA959811805FD61D0205E7B
Requests: 3 HTTP requests in this frame

Frame: https://cdn.sparkcentral.com/rtm/web/1.25.7/frame.1.25.7.css
Frame ID: EDDC758B44750F8B2820B2A5137D4E95
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Frame ID: AAF4FC4EAAD482E9B514E6A4DBFA71E8
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: DCBF384BD5C41EE81CFCD78FA22522A5
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-payment-request-d941fc8a641c9910c13047d0182f6c0a.html
Frame ID: 435AD93EEB8E309B54D5E960A1EAABA7
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

UN World Food Programme

Detected technologies

Overall confidence: 100%
Detected patterns
  • pay\.google\.com/([a-z/]+)/pay\.js
Overall confidence: 100%
Detected patterns
  • paypalobjects\.com
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

290
Requests

97 %
HTTPS

42 %
IPv6

43
Domains

64
Subdomains

57
IPs

8
Countries

5496 kB
Transfer

19279 kB
Size

52
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://5499309.fls.doubleclick.net/activityi;src=5499309;type=sitev00;cat=wfpor0;ord=1529841533682;auiddc=1868754821.1695484364;gtm=45He39k2;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2FAR%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3287%26utm_source%3Dfacebook%26utm_medium%3Dcpm%26utm_campaign%3D23852145504580086%26utm_content%3D1%26utm_ad%3D23859899314510086%26utm_adset%3D23859898890210086%26utm_cid%3D7014y000001RTPKAA4%26fbclid%3DIwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL HTTP 302
  • https://5499309.fls.doubleclick.net/activityi;dc_pre=COeKirqLwYEDFYTDmgodtycKhg;src=5499309;type=sitev00;cat=wfpor0;ord=1529841533682;auiddc=1868754821.1695484364;gtm=45He39k2;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2FAR%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3287%26utm_source%3Dfacebook%26utm_medium%3Dcpm%26utm_campaign%3D23852145504580086%26utm_content%3D1%26utm_ad%3D23859899314510086%26utm_adset%3D23859898890210086%26utm_cid%3D7014y000001RTPKAA4%26fbclid%3DIwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Request Chain 37
  • https://10390555.fls.doubleclick.net/activityi;src=10390555;type=rem0;cat=allp;ord=2577884222483;auiddc=1868754821.1695484364;gtm=45fe39k2;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2FAR%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3287%26utm_source%3Dfacebook%26utm_medium%3Dcpm%26utm_campaign%3D23852145504580086%26utm_content%3D1%26utm_ad%3D23859899314510086%26utm_adset%3D23859898890210086%26utm_cid%3D7014y000001RTPKAA4%26fbclid%3DIwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL HTTP 302
  • https://10390555.fls.doubleclick.net/activityi;dc_pre=CMWnpLqLwYEDFVLhmgodj7UBZA;src=10390555;type=rem0;cat=allp;ord=2577884222483;auiddc=1868754821.1695484364;gtm=45fe39k2;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2FAR%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3287%26utm_source%3Dfacebook%26utm_medium%3Dcpm%26utm_campaign%3D23852145504580086%26utm_content%3D1%26utm_ad%3D23859899314510086%26utm_adset%3D23859898890210086%26utm_cid%3D7014y000001RTPKAA4%26fbclid%3DIwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Request Chain 38
  • https://adservice.google.de/ddm/fls/i/dc_pre=COeKirqLwYEDFYTDmgodtycKhg;src=5499309;type=sitev00;cat=wfpor0;ord=1529841533682;auiddc=1868754821.1695484364;gtm=45He39k2;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2FAR%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3287%26utm_source%3Dfacebook%26utm_medium%3Dcpm%26utm_campaign%3D23852145504580086%26utm_content%3D1%26utm_ad%3D23859899314510086%26utm_adset%3D23859898890210086%26utm_cid%3D7014y000001RTPKAA4%26fbclid%3DIwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL HTTP 302
  • https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=COeKirqLwYEDFYTDmgodtycKhg;src=5499309;type=sitev00;cat=wfpor0;ord=1529841533682;auiddc=1868754821.1695484364;gtm=45He39k2;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2FAR%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3287%26utm_source%3Dfacebook%26utm_medium%3Dcpm%26utm_campaign%3D23852145504580086%26utm_content%3D1%26utm_ad%3D23859899314510086%26utm_adset%3D23859898890210086%26utm_cid%3D7014y000001RTPKAA4%26fbclid%3DIwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Request Chain 119
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/481751819/?random=2080456396&cv=9&fst=1695484365471&num=1&npa=1&label=5IJhCIaT_O0BEIvm2-UB&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F10390555.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCMWnpLqLwYEDFVLhmgodj7UBZA%3Bsrc%3D10390555%3Btype%3Drem0%3Bcat%3Dallp%3Bord%3D2577884222483%3Bauiddc%3D1868754821.1695484364%3Bgtm%3D45fe39k2%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fdonate.wfp.org%252FAR%252F1244%252Fdonation%252Fsingle%252F%253Fcampaign%253D3287%2526utm_source%253Dfacebook%2526utm_medium%253Dcpm%2526utm_campaign%253D23852145504580086%2526utm_content%253D1%2526utm_ad%253D23859899314510086%2526utm_adset%253D23859898890210086%2526utm_cid%253D7014y000001RTPKAA4%2526fbclid%25&ref=https%3A%2F%2Fdonate.wfp.org%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=zQkPZb7THIWG7_UP4qKekAI&sscte=1&crd=&pscrd=IhMI_u3NuovBgQMVBcO7CB1ikQci HTTP 302
  • https://www.google.com/pagead/1p-conversion/481751819/?random=2080456396&cv=9&fst=1695484365471&num=1&npa=1&label=5IJhCIaT_O0BEIvm2-UB&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F10390555.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCMWnpLqLwYEDFVLhmgodj7UBZA%3Bsrc%3D10390555%3Btype%3Drem0%3Bcat%3Dallp%3Bord%3D2577884222483%3Bauiddc%3D1868754821.1695484364%3Bgtm%3D45fe39k2%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fdonate.wfp.org%252FAR%252F1244%252Fdonation%252Fsingle%252F%253Fcampaign%253D3287%2526utm_source%253Dfacebook%2526utm_medium%253Dcpm%2526utm_campaign%253D23852145504580086%2526utm_content%253D1%2526utm_ad%253D23859899314510086%2526utm_adset%253D23859898890210086%2526utm_cid%253D7014y000001RTPKAA4%2526fbclid%25&ref=https%3A%2F%2Fdonate.wfp.org%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI_u3NuovBgQMVBcO7CB1ikQci&is_vtc=1&ocp_id=zQkPZb7THIWG7_UP4qKekAI&cid=CAQSKQBpAlJW8aq8aOycVvVMutjzCP91t7ixeq0x0nwnOAcQk2C_5ZUaNjrA&random=1404994862&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/481751819/?random=2080456396&cv=9&fst=1695484365471&num=1&npa=1&label=5IJhCIaT_O0BEIvm2-UB&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F10390555.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCMWnpLqLwYEDFVLhmgodj7UBZA%3Bsrc%3D10390555%3Btype%3Drem0%3Bcat%3Dallp%3Bord%3D2577884222483%3Bauiddc%3D1868754821.1695484364%3Bgtm%3D45fe39k2%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fdonate.wfp.org%252FAR%252F1244%252Fdonation%252Fsingle%252F%253Fcampaign%253D3287%2526utm_source%253Dfacebook%2526utm_medium%253Dcpm%2526utm_campaign%253D23852145504580086%2526utm_content%253D1%2526utm_ad%253D23859899314510086%2526utm_adset%253D23859898890210086%2526utm_cid%253D7014y000001RTPKAA4%2526fbclid%25&ref=https%3A%2F%2Fdonate.wfp.org%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI_u3NuovBgQMVBcO7CB1ikQci&is_vtc=1&ocp_id=zQkPZb7THIWG7_UP4qKekAI&cid=CAQSKQBpAlJW8aq8aOycVvVMutjzCP91t7ixeq0x0nwnOAcQk2C_5ZUaNjrA&random=1404994862&resp=GooglemKTybQhCsO&ipr=y
Request Chain 120
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5140084927356606379&referrer=https%3A%2F%2Fadservice.google.com%2F&forward= HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=0&userid=775470fd-cecc-4bb8-b69a-7dc339c3bb36%3A1695484366.1072783&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D775470fd-cecc-4bb8-b69a-7dc339c3bb36%253A1695484366.1072783%26_%3D1695484366.1084116&cb=1695484366.10844 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5140084927356606379&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D775470fd-cecc-4bb8-b69a-7dc339c3bb36%253A1695484366.1072783%26_%3D1695484366.1084116 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=775470fd-cecc-4bb8-b69a-7dc339c3bb36%3A1695484366.1072783&_=1695484366.1084116
Request Chain 121
  • https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTE0MDA4NDkyNzM1NjYwNjM3OQ==&forward= HTTP 302
  • https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEIHejr_RNM1ZAJm9eJtYZ8Q&google_cver=1 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5140084927356606379&referrer={encSite}&forward= HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=0&userid=775470fd-cecc-4bb8-b69a-7dc339c3bb36%3A1695484366.1072783&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D775470fd-cecc-4bb8-b69a-7dc339c3bb36%253A1695484366.1072783%26_%3D1695484366.4074845&cb=1695484366.4075098 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5140084927356606379&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D775470fd-cecc-4bb8-b69a-7dc339c3bb36%253A1695484366.1072783%26_%3D1695484366.4074845 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=775470fd-cecc-4bb8-b69a-7dc339c3bb36%3A1695484366.1072783&_=1695484366.4074845
Request Chain 122
  • https://ib.adnxs.com/setuid?entity=18&code=5140084927356606379 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5140084927356606379
Request Chain 123
  • https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5140084927356606379&redir= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5140084927356606379&redir=
Request Chain 126
  • https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
  • https://ps.eyeota.net/match?uid=5140084927356606379&bid=omt9pi0
Request Chain 129
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5140084927356606379&forward= HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5140084927356606379&forward=&C=1
Request Chain 136
  • https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=ZQ8JzgASgUvVrgA_ HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=21653&userid=ZQ8JzgASgUvVrgA_&_test=ZQ8JzgASgUvVrgA_

290 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
donate.wfp.org/AR/1244/donation/single/ 		2 MB
163 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.85.67 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.85.117.34.bc.googleusercontent.com
Software
Google Frontend / Express
Resource Hash
0cd32b897f2e019ff24b16e2447472ba490b053e9683a136af5cbfc6b418d47c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
none
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
max-age=5,stale-when-revalidate=5
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 23 Sep 2023 15:52:44 GMT
etag
"1bbae2-bclhOrWVf3/cvHCMQC/BpHY0qAo"
server
Google Frontend
vary
User-Agent, Accept-Encoding
via
1.1 google
x-powered-by
Express
optimize.js
www.googleoptimize.com/ 		183 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleoptimize.com/optimize.js?id=OPT-P2GL7X7
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9e50a0993ae124034102ab9516b7d3a257c80141a8caf1e769405a22d4591fe6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://donate.wfp.org/
Origin
https://donate.wfp.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 15:52:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://donate.wfp.org
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
67326
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 23 Sep 2023 15:52:44 GMT
ad8a60b.modern.js
donate.wfp.org/_wfp/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://donate.wfp.org/_wfp/ad8a60b.modern.js
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.85.67 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.85.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
41d1b8f8141f92ca18368fff1a1caf9f18ea12dcb8c527e738f6199017f67914

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 13:06:20 GMT
content-encoding
gzip
via
1.1 google
last-modified
Wed, 20 Sep 2023 09:42:47 GMT
server
Google Frontend
age
182784
etag
W/"a24-18ab1f87dd8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1314
13bb4f0.modern.js
donate.wfp.org/_wfp/ 		232 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://donate.wfp.org/_wfp/13bb4f0.modern.js
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.85.67 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.85.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
f3cb3c087377fcd1ff6696de65730b49d301d4f18c962818b4e353f4f304295b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 13:06:20 GMT
content-encoding
br
via
1.1 google
last-modified
Wed, 20 Sep 2023 09:42:47 GMT
server
Google Frontend
age
182784
etag
W/"10954-18ab1f87dd8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
x-cloud-trace-context
7ea5f74771f5d32f1f775fd3b2d6bca7
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67924
f176ef8.css
donate.wfp.org/_wfp/css/ 		25 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://donate.wfp.org/_wfp/css/f176ef8.css
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.85.67 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.85.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
394067024ff2b1dd2f08d513866d56ef03fc67b8f735c7570edca5262fa11fa6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 02:44:02 GMT
content-encoding
br
via
1.1 google
last-modified
Tue, 22 Aug 2023 11:48:57 GMT
server
Google Frontend
age
2293722
etag
W/"8cf-18a1d139428"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
x-cloud-trace-context
67e08c22d03703b43078d3d9aa0d08fc
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2255
dfe388b.modern.js
donate.wfp.org/_wfp/ 		160 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://donate.wfp.org/_wfp/dfe388b.modern.js
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.85.67 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.85.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
5c6d244d5e0bf7f0f94b501174e30fe722e60c9ccae3168c5f82ae33c7050896

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 13:06:21 GMT
content-encoding
br
via
1.1 google
last-modified
Wed, 20 Sep 2023 09:42:47 GMT
server
Google Frontend
age
182783
etag
W/"7280-18ab1f87dd8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
x-cloud-trace-context
ecae4feb460bc8b19907b22cf7abbfd7
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29312
e5c9029.css
donate.wfp.org/_wfp/css/ 		335 KB
42 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://donate.wfp.org/_wfp/css/e5c9029.css
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.85.67 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.85.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
85e0445d24cfa83afcc9f008f279842a3f908626f8526de2dfff8830a82d7968

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 13:06:20 GMT
content-encoding
br
via
1.1 google
last-modified
Wed, 20 Sep 2023 09:42:47 GMT
server
Google Frontend
age
182784
etag
W/"a804-18ab1f87dd8"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
x-cloud-trace-context
5678e95231b412b4d14f2d495ea7c46f
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43012
d2318a9.modern.js
donate.wfp.org/_wfp/ 		536 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://donate.wfp.org/_wfp/d2318a9.modern.js
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.85.67 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.85.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
899647c02bcb30ef459018cf80669be142adf7dd5d5b8a5e8d037518b42cb108

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 13:06:20 GMT
content-encoding
br
via
1.1 google
last-modified
Wed, 20 Sep 2023 09:42:47 GMT
server
Google Frontend
age
182784
etag
W/"1efa0-18ab1f87dd8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
x-cloud-trace-context
e40f795b8a293c92d71463078dd490f0
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126880
gtm.js
www.googletagmanager.com/ 		338 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KN3K8D
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0eaf9e043fd46f73db527b8babaae23d889ddcdb78430b7008eef5991ecec768
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://donate.wfp.org/
Origin
https://donate.wfp.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 15:52:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
105712
x-xss-protection
0
last-modified
Sat, 23 Sep 2023 15:00:00 GMT
server
Google Tag Manager
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://donate.wfp.org
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 23 Sep 2023 15:52:44 GMT
Open_Sans-400-latin48.a09c41f.woff2
donate.wfp.org/_wfp/fonts/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://donate.wfp.org/_wfp/fonts/Open_Sans-400-latin48.a09c41f.woff2
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/_wfp/css/f176ef8.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.85.67 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.85.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Request headers

Referer
https://donate.wfp.org/_wfp/css/f176ef8.css
Origin
https://donate.wfp.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 06:04:54 GMT
via
1.1 google
last-modified
Tue, 22 Aug 2023 11:48:57 GMT
server
Google Frontend
age
2540870
etag
W/"af00-18a1d139428"
content-type
font/woff2
x-cloud-trace-context
995a8b834254908d0f55a5b7c017ecd2
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44800
activityi;dc_pre=COeKirqLwYEDFYTDmgodtycKhg;src=5499309;type=sitev00;cat=wfpor0;ord=1529841533682;auiddc=1868754821.1695484364;gtm=45He39k2;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~or...
5499309.fls.doubleclick.net/ Frame 6826
Redirect Chain
  • https://5499309.fls.doubleclick.net/activityi;src=5499309;type=sitev00;cat=wfpor0;ord=1529841533682;auiddc=1868754821.1695484364;gtm=45He39k2;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~...
  • https://5499309.fls.doubleclick.net/activityi;dc_pre=COeKirqLwYEDFYTDmgodtycKhg;src=5499309;type=sitev00;cat=wfpor0;ord=1529841533682;auiddc=1868754821.1695484364;gtm=45He39k2;uaa=;uab=;uafvl=;uamb...
940 B
752 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5499309.fls.doubleclick.net/activityi;dc_pre=COeKirqLwYEDFYTDmgodtycKhg;src=5499309;type=sitev00;cat=wfpor0;ord=1529841533682;auiddc=1868754821.1695484364;gtm=45He39k2;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2FAR%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3287%26utm_source%3Dfacebook%26utm_medium%3Dcpm%26utm_campaign%3D23852145504580086%26utm_content%3D1%26utm_ad%3D23859899314510086%26utm_adset%3D23859898890210086%26utm_cid%3D7014y000001RTPKAA4%26fbclid%3DIwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KN3K8D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.38 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f6.1e100.net
Software
cafe /
Resource Hash
c0c1c13bd546f6a934f9b4fbd5e9100064b82ad2bfb3bc46e00208a0480fbfb1
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://donate.wfp.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
576
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 23 Sep 2023 15:52:44 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 23 Sep 2023 15:52:44 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://5499309.fls.doubleclick.net/activityi;dc_pre=COeKirqLwYEDFYTDmgodtycKhg;src=5499309;type=sitev00;cat=wfpor0;ord=1529841533682;auiddc=1868754821.1695484364;gtm=45He39k2;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2FAR%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3287%26utm_source%3Dfacebook%26utm_medium%3Dcpm%26utm_campaign%3D23852145504580086%26utm_content%3D1%26utm_ad%3D23859899314510086%26utm_adset%3D23859898890210086%26utm_cid%3D7014y000001RTPKAA4%26fbclid%3DIwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KN3K8D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 23 Sep 2023 15:49:43 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
181
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 23 Sep 2023 17:49:43 GMT
bat.js
bat.bing.com/ 		44 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KN3K8D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a236aed5086b9c24d3cc94944d4349e9ce469f325ac23bafcaa5fe3659b15fd1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Sat, 23 Sep 2023 15:52:43 GMT
last-modified
Wed, 06 Sep 2023 22:41:28 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 9FCA30155E854C3DA0F7B098D0A3305D Ref B: FRA31EDGE0710 Ref C: 2023-09-23T15:52:44Z
etag
"09cc4613e1d91:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
12981
fbevents.js
connect.facebook.net/en_US/ 		197 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b02d00f123297597d6e4b02dfbee910cfe211687b2d454309d5dd9b1b39fd0e4
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 23 Sep 2023 15:52:44 GMT
document-policy
force-load-at-top
content-security-policy-report-only
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
53243
x-xss-protection
0
pragma
public
x-fb-debug
fbz/MUpHYtOAToNDiInDb/s8Fuuc/RQE9PwbJlVIlNXtcYJwo1prEZh4dwY6mDRNCSxMIHI5EMOLE+5ur0zutQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		192 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-597680250
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KN3K8D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
84bce8bf76a804edc832ab0e6e9c3f378df3318a80fda3bcdd9801ec2d312f1d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 15:52:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71920
x-xss-protection
0
last-modified
Sat, 23 Sep 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 23 Sep 2023 15:52:44 GMT
adalyser.js
c5.adalyser.com/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c5.adalyser.com/adalyser.js?cid=wfp
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.117.191 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-117-191.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
e51fc1d194ae40ce2db4ba6abce427ad95cc98d505a4e7346c0c6f6eae33b1c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 15:52:44 GMT
content-encoding
gzip
x-powered-by
Express
etag
"c45b12ad070ae9f57c6c09ebf86fe40d82a75110"
p3p
CP="ADMa OUR IND DSP NON COR"
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=21600
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
10207
js
www.googletagmanager.com/gtag/ 		277 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-TL7TXTVCYL&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KN3K8D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
17a38e8efb248441ec95b0e1266d94c8bb9f1e275d68d36e8dc29d0c11ab1d2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 15:52:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94079
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 23 Sep 2023 15:52:44 GMT
collect
www.google-analytics.com/j/ 		16 B
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1082732900&t=pageview&_s=1&dl=https%3A%2F%2Fdonate.wfp.org%2FAR%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3287%26utm_source%3Dfacebook%26utm_medium%3Dcpm%26utm_campaign%3D23852145504580086%26utm_content%3D1%26utm_ad%3D23859899314510086%26utm_adset%3D23859898890210086%26utm_cid%3D7014y000001RTPKAA4%26fbclid%3DIwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL&ul=en-us&de=UTF-8&dt=UN%20World%20Food%20Programme&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=426484390&gjid=2072871236&cid=1932176568.1695484364&tid=UA-127155074-1&_gid=25339099.1695484364&_r=1&_slc=1&gtm=45He39k2n71KN3K8D&z=1557054827
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
523ccc05bf563e4086b1e1ffbf44fa63b0777f85d40b0119e8739a3aaeec900b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://donate.wfp.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 23 Sep 2023 15:52:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://donate.wfp.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		3 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1082732900&t=pageview&_s=1&dl=https%3A%2F%2Fdonate.wfp.org%2FAR%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3287%26utm_source%3Dfacebook%26utm_medium%3Dcpm%26utm_campaign%3D23852145504580086%26utm_content%3D1%26utm_ad%3D23859899314510086%26utm_adset%3D23859898890210086%26utm_cid%3D7014y000001RTPKAA4%26fbclid%3DIwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL&ul=en-us&de=UTF-8&dt=UN%20World%20Food%20Programme&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAiEABBAAAACAAI~&jid=941898549&gjid=1117749394&cid=1932176568.1695484364&tid=UA-2556524-1&_gid=25339099.1695484364&_slc=1&gtm=45He39k2n71KN3K8D&z=1217056677
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://donate.wfp.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 23 Sep 2023 15:52:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://donate.wfp.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-2556524-1&cid=1932176568.1695484364&jid=941898549&gjid=1117749394&_gid=25339099.1695484364&_u=YGDAiEABBAAAAGAAI~&z=2032634886
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://donate.wfp.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 23 Sep 2023 15:52:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://donate.wfp.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		15 B
83 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1082732900&t=pageview&_s=1&dl=https%3A%2F%2Fdonate.wfp.org%2FAR%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3287%26utm_source%3Dfacebook%26utm_medium%3Dcpm%26utm_campaign%3D23852145504580086%26utm_content%3D1%26utm_ad%3D23859899314510086%26utm_adset%3D23859898890210086%26utm_cid%3D7014y000001RTPKAA4%26fbclid%3DIwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL&ul=en-us&de=UTF-8&dt=UN%20World%20Food%20Programme&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACEABBAAAAGAAI~&jid=1406461014&gjid=612640493&cid=1932176568.1695484364&tid=UA-2556524-57&_gid=25339099.1695484364&_r=1&_slc=1&gtm=45He39k2n71KN3K8D&z=1034306545
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
9ee1bc4923dc7344b0c712352a782fcadcd1bbeda8b3a7059f60944a7e1305b0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://donate.wfp.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 23 Sep 2023 15:52:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://donate.wfp.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
69 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-127155074-1&cid=1932176568.1695484364&jid=426484390&gjid=2072871236&_gid=25339099.1695484364&_u=YEBAAEAAAAAAACAAI~&z=2107095102
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://donate.wfp.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 23 Sep 2023 15:52:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://donate.wfp.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		227 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-7B8MHJ3Q6W&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f99e3ac5aa5269b1ab7f6d3ca7ff5c9524d2d6620df5d0599db234d48de30201
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 15:52:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
82997
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 23 Sep 2023 15:52:44 GMT
1877519415676647
connect.facebook.net/signals/config/ 		421 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1877519415676647?v=2.9.128&r=stable&domain=donate.wfp.org
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7548c3055914d349aaa855ee361c41615fa20296859a58eb6e4325a70c78d361
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 23 Sep 2023 15:52:44 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
xbJ/BFSP/DfNXrtQdDv9ipz6QXgtMIm38VmbePxQLcJnAqzKmB4r9ZCoHcrx3fL8WtRyrb29M+g2OixusVcE7Q==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		227 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-C9S5DE8LYK&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e674d27949af42b9cb83b2914b36b3f910dbeeddd2167ffefb047d23484d76be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 15:52:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
82933
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 23 Sep 2023 15:52:44 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/597680250/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/597680250/?random=1695484364372&cv=11&fst=1695484364372&bg=ffffff&guid=ON&async=1&gtm=45be39k2&u_w=1600&u_h=1200&url=https%3A%2F%2Fdonate.wfp.org%2FAR%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3287%26utm_source%3Dfacebook%26utm_medium%3Dcpm%26utm_campaign%3D23852145504580086%26utm_content%3D1%26utm_ad%3D23859899314510086%26utm_adset%3D23859898890210086%26utm_cid%3D7014y000001RTPKAA4%26fbclid%3DIwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL&hn=www.googleadservices.com&frm=0&tiba=UN%20World%20Food%20Programme&auid=1868754821.1695484364&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-597680250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
93b51d67b4da221405622961990c92328b9bd2790278bad7db3fc8c175bd6c98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Sep 2023 15:52:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1614
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-TL7TXTVCYL&gtm=45je39k2&_p=1082732900&_gaz=1&cid=1932176568.1695484364&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1695484364&sct=1&seg=0&dl=https%3A%2F%2Fdonate.wfp.org%2FAR%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3287%26utm_source%3Dfacebook%26utm_medium%3Dcpm%26utm_campaign%3D23852145504580086%26utm_content%3D1%26utm_ad%3D23859899314510086%26utm_adset%3D23859898890210086%26utm_cid%3D7014y000001RTPKAA4%26fbclid%3DIwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL&dt=UN%20World%20Food%20Programme&en=page_view&_fv=1&_ss=1&_c=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TL7TXTVCYL&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Sep 2023 15:52:44 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://donate.wfp.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-TL7TXTVCYL&cid=1932176568.1695484364&gtm=45je39k2&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TL7TXTVCYL&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Sep 2023 15:52:44 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://donate.wfp.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-TL7TXTVCYL&cid=1932176568.1695484364&gtm=45je39k2&aip=1&z=24680187
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Sep 2023 15:52:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-2556524-1&cid=1932176568.1695484364&jid=941898549&_u=YGDAiEABBAAAAGAAI~&z=29457781
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Sep 2023 15:52:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-2556524-1&cid=1932176568.1695484364&jid=941898549&_u=YGDAiEABBAAAAGAAI~&z=29457781
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Sep 2023 15:52:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-7B8MHJ3Q6W&gtm=45je39k2&_p=1082732900&ul=en-us&sr=1600x1200&cid=1932176568.1695484364&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fdonate.wfp.org%2FAR%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3287%26utm_source%3Dfacebook%26utm_medium%3Dcpm%26utm_campaign%3D23852145504580086%26utm_content%3D1%26utm_ad%3D23859899314510086%26utm_adset%3D23859898890210086%26utm_cid%3D7014y000001RTPKAA4%26fbclid%3DIwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL&dt=UN%20World%20Food%20Programme&sid=1695484364&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7B8MHJ3Q6W&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Sep 2023 15:52:44 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://donate.wfp.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
destination
www.googletagmanager.com/gtag/ 		178 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-10390555&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C9S5DE8LYK&cx=c&_slc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
be1bbb35796298923c583d5442a6edbc54bc6c2ff1691d88be7a1e441fe354a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 15:52:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67327
x-xss-protection
0
last-modified
Sat, 23 Sep 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 23 Sep 2023 15:52:44 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-C9S5DE8LYK&gtm=45je39k2&_p=1082732900&ul=en-us&sr=1600x1200&cid=1932176568.1695484364&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fdonate.wfp.org%2FAR%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3287%26utm_source%3Dfacebook%26utm_medium%3Dcpm%26utm_campaign%3D23852145504580086%26utm_content%3D1%26utm_ad%3D23859899314510086%26utm_adset%3D23859898890210086%26utm_cid%3D7014y000001RTPKAA4%26fbclid%3DIwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL&dt=UN%20World%20Food%20Programme&sid=1695484364&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C9S5DE8LYK&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Sep 2023 15:52:44 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://donate.wfp.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=COeKirqLwYEDFYTDmgodtycKhg;src=5499309;type=sitev00;cat=wfpor0;ord=1529841533682;auiddc=1868754821.1695484364;gtm=45He39k2;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3...
adservice.google.com/ddm/fls/i/ Frame A066 		939 B
959 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=COeKirqLwYEDFYTDmgodtycKhg;src=5499309;type=sitev00;cat=wfpor0;ord=1529841533682;auiddc=1868754821.1695484364;gtm=45He39k2;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2FAR%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3287%26utm_source%3Dfacebook%26utm_medium%3Dcpm%26utm_campaign%3D23852145504580086%26utm_content%3D1%26utm_ad%3D23859899314510086%26utm_adset%3D23859898890210086%26utm_cid%3D7014y000001RTPKAA4%26fbclid%3DIwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Requested by
Host: 5499309.fls.doubleclick.net
URL: https://5499309.fls.doubleclick.net/activityi;dc_pre=COeKirqLwYEDFYTDmgodtycKhg;src=5499309;type=sitev00;cat=wfpor0;ord=1529841533682;auiddc=1868754821.1695484364;gtm=45He39k2;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2FAR%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3287%26utm_source%3Dfacebook%26utm_medium%3Dcpm%26utm_campaign%3D23852145504580086%26utm_content%3D1%26utm_ad%3D23859899314510086%26utm_adset%3D23859898890210086%26utm_cid%3D7014y000001RTPKAA4%26fbclid%3DIwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
75414204a991a43e8f9b4744593e48f6b7f34037f545066de591f3a3f4fe74fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5499309.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
584
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 23 Sep 2023 15:52:44 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
p
c5.adalyser.com/tracking/track/v3/ 		43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c5.adalyser.com/tracking/track/v3/p?stm=1695484364677&e=lce1&url=https%3A%2F%2Fdonate.wfp.org%2FAR%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3287%26utm_source%3Dfacebook%26utm_medium%3Dcpm%26utm_campaign%3D23852145504580086%26utm_content%3D1%26utm_ad%3D23859899314510086%26utm_adset%3D23859898890210086%26utm_cid%3D7014y000001RTPKAA4%26fbclid%3DIwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL&cid=wfp&p=%7B%22et%22%3A1695484364676%2C%22nr%22%3A%22New%22%2C%22cg%22%3A%22Display%22%2C%22dt%22%3A%22desktop%22%2C%22so%22%3A%22facebook%22%2C%22me%22%3A%22cpm%22%2C%22ca%22%3A%2223852145504580086%22%2C%22co%22%3A%221%22%2C%22ke%22%3A%22(not%20set)%22%2C%22vid%22%3A2%2C%22sid%22%3A%2248b640f9-f7df-4ef3-aa47-4b19a2d945f0%22%2C%22duid%22%3A%22443b2b04-ce84-497d-892b-41975edcf015%22%2C%22cw%22%3A1695484364676%2C%22lp%22%3A%22https%3A%2F%2Fdonate.wfp.org%2FAR%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3287%26utm_source%3Dfacebook%26utm_medium%3Dcpm%26utm_campaign%3D23852145504580086%26utm_content%3D1%26utm_ad%3D23859899314510086%26utm_adset%3D23859898890210086%26utm_cid%3D7014y000001RTPKAA4%26fbclid%3DIwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL%22%7D&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F117.0.5938.92%20Safari%2F537.36&domain=donate.wfp.org
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.117.191 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-117-191.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Sep 2023 15:52:44 GMT
x-powered-by
Express
etag
W/"2b-B//0C13UlayirE4cP7xgqg"
p3p
CP="ADMa OUR IND DSP NON COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
43
expires
0
22021902.js
bat.bing.com/p/action/ 		0
118 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/22021902.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Sat, 23 Sep 2023 15:52:43 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 3EA007C5E068425CBAAF7D2ACC3CF3E3 Ref B: FRA31EDGE0710 Ref C: 2023-09-23T15:52:44Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=22021902&tm=gtm002&Ver=2&mid=7dae8a44-f35c-4c48-836e-5c8349d8e397&sid=3c507e405a2911eeb8a137ab8e1629f8&vid=3c50c0205a2911eebd04c5fe42ab5563&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=UN%20World%20Food%20Programme&p=https%3A%2F%2Fdonate.wfp.org%2FAR%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3287%26utm_source%3Dfacebook%26utm_medium%3Dcpm%26utm_campaign%3D23852145504580086%26utm_content%3D1%26utm_ad%3D23859899314510086%26utm_adset%3D23859898890210086%26utm_cid%3D7014y000001RTPKAA4%26fbclid%3DIwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL&r=&lt=2267&evt=pageLoad&sv=1&rn=793591
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 23 Sep 2023 15:52:43 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: AEBBA86E483740989FEDE6E89EBDB0B1 Ref B: FRA31EDGE0710 Ref C: 2023-09-23T15:52:44Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
activityi;dc_pre=CMWnpLqLwYEDFVLhmgodj7UBZA;src=10390555;type=rem0;cat=allp;ord=2577884222483;auiddc=1868754821.1695484364;gtm=45fe39k2;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=h...
10390555.fls.doubleclick.net/ Frame C997
Redirect Chain
  • https://10390555.fls.doubleclick.net/activityi;src=10390555;type=rem0;cat=allp;ord=2577884222483;auiddc=1868754821.1695484364;gtm=45fe39k2;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~ore...
  • https://10390555.fls.doubleclick.net/activityi;dc_pre=CMWnpLqLwYEDFVLhmgodj7UBZA;src=10390555;type=rem0;cat=allp;ord=2577884222483;auiddc=1868754821.1695484364;gtm=45fe39k2;uaa=;uab=;uafvl=;uamb=0;...
1 KB
801 B 		Document
General
Check archive.org
Download Go to
Full URL
https://10390555.fls.doubleclick.net/activityi;dc_pre=CMWnpLqLwYEDFVLhmgodj7UBZA;src=10390555;type=rem0;cat=allp;ord=2577884222483;auiddc=1868754821.1695484364;gtm=45fe39k2;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2FAR%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3287%26utm_source%3Dfacebook%26utm_medium%3Dcpm%26utm_campaign%3D23852145504580086%26utm_content%3D1%26utm_ad%3D23859899314510086%26utm_adset%3D23859898890210086%26utm_cid%3D7014y000001RTPKAA4%26fbclid%3DIwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-10390555&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.38 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f6.1e100.net
Software
cafe /
Resource Hash
a1163fa73ca9232b9a326dc255008508af1f726b660ec278f1ecc1d5d3e77cc3
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://donate.wfp.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
776
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 23 Sep 2023 15:52:44 GMT
expires
Sat, 23 Sep 2023 15:52:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 23 Sep 2023 15:52:44 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://10390555.fls.doubleclick.net/activityi;dc_pre=CMWnpLqLwYEDFVLhmgodj7UBZA;src=10390555;type=rem0;cat=allp;ord=2577884222483;auiddc=1868754821.1695484364;gtm=45fe39k2;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2FAR%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3287%26utm_source%3Dfacebook%26utm_medium%3Dcpm%26utm_campaign%3D23852145504580086%26utm_content%3D1%26utm_ad%3D23859899314510086%26utm_adset%3D23859898890210086%26utm_cid%3D7014y000001RTPKAA4%26fbclid%3DIwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dc_pre=COeKirqLwYEDFYTDmgodtycKhg;src=5499309;type=sitev00;cat=wfpor0;ord=1529841533682;auiddc=1868754821.1695484364;gtm=45He39k2;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3...
5499309.fls.doubleclick.net/ddm/fls/r/ Frame E86F
Redirect Chain
  • https://adservice.google.de/ddm/fls/i/dc_pre=COeKirqLwYEDFYTDmgodtycKhg;src=5499309;type=sitev00;cat=wfpor0;ord=1529841533682;auiddc=1868754821.1695484364;gtm=45He39k2;uaa=;uab=;uafvl=;uamb=0;uam=;...
  • https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=COeKirqLwYEDFYTDmgodtycKhg;src=5499309;type=sitev00;cat=wfpor0;ord=1529841533682;auiddc=1868754821.1695484364;gtm=45He39k2;uaa=;uab=;uafvl=;uamb...
1 KB
514 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=COeKirqLwYEDFYTDmgodtycKhg;src=5499309;type=sitev00;cat=wfpor0;ord=1529841533682;auiddc=1868754821.1695484364;gtm=45He39k2;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2FAR%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3287%26utm_source%3Dfacebook%26utm_medium%3Dcpm%26utm_campaign%3D23852145504580086%26utm_content%3D1%26utm_ad%3D23859899314510086%26utm_adset%3D23859898890210086%26utm_cid%3D7014y000001RTPKAA4%26fbclid%3DIwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=COeKirqLwYEDFYTDmgodtycKhg;src=5499309;type=sitev00;cat=wfpor0;ord=1529841533682;auiddc=1868754821.1695484364;gtm=45He39k2;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2FAR%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3287%26utm_source%3Dfacebook%26utm_medium%3Dcpm%26utm_campaign%3D23852145504580086%26utm_content%3D1%26utm_ad%3D23859899314510086%26utm_adset%3D23859898890210086%26utm_cid%3D7014y000001RTPKAA4%26fbclid%3DIwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.38 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f6.1e100.net
Software
cafe /
Resource Hash
b007046f1e8a934f4b00171ca7a31656d2de596051a9367a4292aec5b2bae7f3
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
489
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 23 Sep 2023 15:52:44 GMT
expires
Sat, 23 Sep 2023 15:52:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 23 Sep 2023 15:52:44 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=COeKirqLwYEDFYTDmgodtycKhg;src=5499309;type=sitev00;cat=wfpor0;ord=1529841533682;auiddc=1868754821.1695484364;gtm=45He39k2;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2FAR%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3287%26utm_source%3Dfacebook%26utm_medium%3Dcpm%26utm_campaign%3D23852145504580086%26utm_content%3D1%26utm_ad%3D23859899314510086%26utm_adset%3D23859898890210086%26utm_cid%3D7014y000001RTPKAA4%26fbclid%3DIwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
c5986ca.modern.js
donate.wfp.org/_wfp/ 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://donate.wfp.org/_wfp/c5986ca.modern.js
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/_wfp/ad8a60b.modern.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.85.67 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.85.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
25d5acbd565a779e657c50e2f5a1e8e3ef50725b90f23348b51ab2882bae385d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 13:06:21 GMT
content-encoding
br
via
1.1 google
last-modified
Wed, 20 Sep 2023 09:42:47 GMT
server
Google Frontend
age
182783
etag
W/"170c-18ab1f87dd8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
x-cloud-trace-context
394394f21a7def85df854e2425cbf863
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5900
e87ce1e.modern.js
donate.wfp.org/_wfp/ 		139 B
156 B 		Script
General
Check archive.org
Download Go to
Full URL
https://donate.wfp.org/_wfp/e87ce1e.modern.js
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/_wfp/ad8a60b.modern.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.85.67 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.85.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
8dc5232f0ce9d4a84d95b6d83cf77c20b788accdaee706e57c5030a36faa19e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 13:06:21 GMT
content-encoding
gzip
via
1.1 google
last-modified
Wed, 20 Sep 2023 09:42:47 GMT
server
Google Frontend
age
182783
etag
W/"8b-18ab1f87dd8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1877519415676647&ev=PageView&dl=https%3A%2F%2Fdonate.wfp.org%2FAR%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3287%26utm_source%3Dfacebook%26utm_medium%3Dcpm%26utm_campaign%3D23852145504580086%26utm_content%3D1%26utm_ad%3D23859899314510086%26utm_adset%3D23859898890210086%26utm_cid%3D7014y000001RTPKAA4%26fbclid%3DIwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL&rl=&if=false&ts=1695484364813&sw=1600&sh=1200&v=2.9.128&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbc=fb.1.1695484364812.IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL&fbp=fb.1.1695484364812.462835640&it=1695484364359&coo=false&rqm=GET
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 23 Sep 2023 15:52:44 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.google.com/pagead/1p-user-list/597680250/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/597680250/?random=1695484364372&cv=11&fst=1695481200000&bg=ffffff&guid=ON&async=1&gtm=45be39k2&u_w=1600&u_h=1200&url=https%3A%2F%2Fdonate.wfp.org%2FAR%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3287%26utm_source%3Dfacebook%26utm_medium%3Dcpm%26utm_campaign%3D23852145504580086%26utm_content%3D1%26utm_ad%3D23859899314510086%26utm_adset%3D23859898890210086%26utm_cid%3D7014y000001RTPKAA4%26fbclid%3DIwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL&frm=0&tiba=UN%20World%20Food%20Programme&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4106736485&rmt_tld=0&ipr=y
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Sep 2023 15:52:44 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/597680250/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/597680250/?random=1695484364372&cv=11&fst=1695481200000&bg=ffffff&guid=ON&async=1&gtm=45be39k2&u_w=1600&u_h=1200&url=https%3A%2F%2Fdonate.wfp.org%2FAR%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3287%26utm_source%3Dfacebook%26utm_medium%3Dcpm%26utm_campaign%3D23852145504580086%26utm_content%3D1%26utm_ad%3D23859899314510086%26utm_adset%3D23859898890210086%26utm_cid%3D7014y000001RTPKAA4%26fbclid%3DIwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL&frm=0&tiba=UN%20World%20Food%20Programme&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4106736485&rmt_tld=1&ipr=y
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Sep 2023 15:52:44 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v3
js.stripe.com/ 		529 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/_wfp/c5986ca.modern.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
faa479f6ab9e6ce381d4dc92196b147f88b5247182d37ea4764182d0ca37f7f9
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 23 Sep 2023 15:52:44 GMT
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
4
x-cache
Hit from cloudfront
last-modified
Fri, 22 Sep 2023 20:48:36 GMT
server
Cloudfront
etag
W/"2f43f864ab4d97d636908d4a345359f6"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
O4mXV8hYk-_355Ksu7WwQq8a47T1DcmKkKItjfNx9sSt7D2U8s47og==
1244
donate.wfp.org/_content/get/pages/en-gb/ 		11 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://donate.wfp.org/_content/get/pages/en-gb/1244
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/_wfp/13bb4f0.modern.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.85.67 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.85.117.34.bc.googleusercontent.com
Software
Google Frontend / Express
Resource Hash
6d00c37d8b1612f42089455b3ec6badc684d460347dc041d0473a468e5292048

Request headers

Accept
application/json, text/plain, */*
Referer
https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 15:51:54 GMT
content-encoding
gzip
via
1.1 google
server
Google Frontend
age
50
x-powered-by
Express
etag
W/"2b7c-/f46pJIGxG32J0Bob1aFURWoHHQ"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1463
translations
donate.wfp.org/_content/get/bundle/en-gb/ 		79 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://donate.wfp.org/_content/get/bundle/en-gb/translations
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/_wfp/13bb4f0.modern.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.85.67 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.85.117.34.bc.googleusercontent.com
Software
Google Frontend / Express
Resource Hash
660e751f152236164b7dc3845c30f8b8655908df8a59b00e044bc77ac8c09a61

Request headers

Accept
application/json, text/plain, */*
Referer
https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 15:52:30 GMT
content-encoding
gzip
via
1.1 google
server
Google Frontend
age
14
x-powered-by
Express
etag
W/"13a1b-4uhTPc/CJRyxqyTiKMxlLMTe3tg"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
e50b4030058ca9c232d7858757fd48c5
cache-control
max-age=60
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9015
7eb7061.modern.js
donate.wfp.org/_wfp/ 		1 KB
414 B 		Script
General
Check archive.org
Download Go to
Full URL
https://donate.wfp.org/_wfp/7eb7061.modern.js
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/_wfp/ad8a60b.modern.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.85.67 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.85.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
607f124f180d0722361dbf030fb56190ab6bc2a8695661eb101a0fee1efa55c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 13:06:22 GMT
content-encoding
gzip
via
1.1 google
last-modified
Wed, 20 Sep 2023 09:42:47 GMT
server
Google Frontend
age
182782
etag
W/"403-18ab1f87dd8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
393
conversion.js
www.googleadservices.com/pagead/ Frame C997 		49 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: 10390555.fls.doubleclick.net
URL: https://10390555.fls.doubleclick.net/activityi;dc_pre=CMWnpLqLwYEDFVLhmgodj7UBZA;src=10390555;type=rem0;cat=allp;ord=2577884222483;auiddc=1868754821.1695484364;gtm=45fe39k2;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2FAR%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3287%26utm_source%3Dfacebook%26utm_medium%3Dcpm%26utm_campaign%3D23852145504580086%26utm_content%3D1%26utm_ad%3D23859899314510086%26utm_adset%3D23859898890210086%26utm_cid%3D7014y000001RTPKAA4%26fbclid%3DIwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
2061e7d9fa8015cf272769598761fbdbf20e5fcd0a322b5c9430145247e023d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://10390555.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 15:52:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18505
x-xss-protection
0
server
cafe
etag
13963124205898545528
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 23 Sep 2023 15:52:44 GMT
dc_pre=CMWnpLqLwYEDFVLhmgodj7UBZA;src=10390555;type=rem0;cat=allp;ord=2577884222483;auiddc=*;gtm=45fe39k2;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F...
adservice.google.com/ddm/fls/z/ Frame C997 		42 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CMWnpLqLwYEDFVLhmgodj7UBZA;src=10390555;type=rem0;cat=allp;ord=2577884222483;auiddc=*;gtm=45fe39k2;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2FAR%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3287%26utm_source%3Dfacebook%26utm_medium%3Dcpm%26utm_campaign%3D23852145504580086%26utm_content%3D1%26utm_ad%3D23859899314510086%26utm_adset%3D23859898890210086%26utm_cid%3D7014y000001RTPKAA4%26fbclid%3DIwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Requested by
Host: 10390555.fls.doubleclick.net
URL: https://10390555.fls.doubleclick.net/activityi;dc_pre=CMWnpLqLwYEDFVLhmgodj7UBZA;src=10390555;type=rem0;cat=allp;ord=2577884222483;auiddc=1868754821.1695484364;gtm=45fe39k2;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2FAR%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3287%26utm_source%3Dfacebook%26utm_medium%3Dcpm%26utm_campaign%3D23852145504580086%26utm_content%3D1%26utm_ad%3D23859899314510086%26utm_adset%3D23859898890210086%26utm_cid%3D7014y000001RTPKAA4%26fbclid%3DIwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://10390555.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Sep 2023 15:52:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tc.min.js
c1.rfihub.net/js/ Frame E86F 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1.rfihub.net/js/tc.min.js
Requested by
Host: 5499309.fls.doubleclick.net
URL: https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=COeKirqLwYEDFYTDmgodtycKhg;src=5499309;type=sitev00;cat=wfpor0;ord=1529841533682;auiddc=1868754821.1695484364;gtm=45He39k2;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2FAR%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3287%26utm_source%3Dfacebook%26utm_medium%3Dcpm%26utm_campaign%3D23852145504580086%26utm_content%3D1%26utm_ad%3D23859899314510086%26utm_adset%3D23859898890210086%26utm_cid%3D7014y000001RTPKAA4%26fbclid%3DIwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:de00:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Jetty(9.4.51.v20230217) /
Resource Hash
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5499309.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 15:39:01 GMT
content-encoding
gzip
via
1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront)
last-modified
Sat, 23 Sep 2023 15:38:51 GMT
server
Jetty(9.4.51.v20230217)
x-amz-cf-pop
FRA53-C1
age
823
x-cache
Hit from cloudfront
content-type
application/x-javascript
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
public, max-age=3600
content-length
6162
x-amz-cf-id
Rk_t8JR-PYDbAnmv4yzfC8mjnesK4Xbfldi-cfBTgCKIBAZpEp0-IQ==
expires
Sat, 23 Sep 2023 16:39:01 GMT
960d92a.modern.js
donate.wfp.org/_wfp/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://donate.wfp.org/_wfp/960d92a.modern.js
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/_wfp/ad8a60b.modern.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.85.67 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.85.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
3a726662d35cda6fc724a47636793e28aeca63ad7fd7586edd53db4815def981

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 13:06:23 GMT
content-encoding
br
via
1.1 google
last-modified
Wed, 20 Sep 2023 09:42:47 GMT
server
Google Frontend
age
182782
etag
W/"146e-18ab1f87dd8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
x-cloud-trace-context
8dc747dabaa451c638108623bf40731c
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5230
46073b0.modern.js
donate.wfp.org/_wfp/ 		411 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://donate.wfp.org/_wfp/46073b0.modern.js
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/_wfp/ad8a60b.modern.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.85.67 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.85.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
ac8aa96e1da838f3af3d354dce527e833927ec4f40dfaed294b22b72eb41821b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 17:20:29 GMT
content-encoding
br
via
1.1 google
last-modified
Tue, 22 Aug 2023 11:48:57 GMT
server
Google Frontend
age
2500336
etag
W/"1613a-18a1d139428"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
x-cloud-trace-context
815131830bc35aecd1b21a0992815460
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
90426
241bc23.modern.js
donate.wfp.org/_wfp/ 		18 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://donate.wfp.org/_wfp/241bc23.modern.js
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/_wfp/ad8a60b.modern.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.85.67 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.85.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
fb8a5407a4d6d3f2f75b3accb0e27248a053efeb437dcffce147fe941d2a3071

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 13:06:23 GMT
content-encoding
br
via
1.1 google
last-modified
Wed, 20 Sep 2023 09:42:47 GMT
server
Google Frontend
age
182782
etag
W/"115e-18ab1f87dd8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
x-cloud-trace-context
fc49b10192401f115da6d88c1cf72dde
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4446
api.js
www.recaptcha.net/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api.js?render=6LcW0K4kAAAAAIvAD4LnnB0XoYSHPXpH6MuedSFw
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/_wfp/d2318a9.modern.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
67f50ff2f46e963aacba52c8bc30747f0bcf87d221f8074d9249bd1b036d86f1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 15:52:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sat, 23 Sep 2023 15:52:45 GMT
hotjar-2048364.js
static.hotjar.com/c/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2048364.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KN3K8D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.36.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-36-47.ams58.r.cloudfront.net
Software
/
Resource Hash
15b258f07d479ecdaed50ab7f2b75cba803bed7c79e7efe60e370fab305a5077
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 15:52:35 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 95e331271d583b113f2793246bc6205c.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P2
age
10
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/93879d2096ddd4d4518e3ca4c7ea7cc9
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-cache-hit
1
x-amz-cf-id
g2ufCTPNC1su3srpzBsK3oRW8ZzXagwhmilWFrgKZoOMHJwFaVFBfQ==
Open_Sans-800-latin80.a09c41f.woff2
donate.wfp.org/_wfp/fonts/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://donate.wfp.org/_wfp/fonts/Open_Sans-800-latin80.a09c41f.woff2
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/_wfp/css/f176ef8.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.85.67 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.85.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Request headers

Referer
https://donate.wfp.org/_wfp/css/f176ef8.css
Origin
https://donate.wfp.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 23:00:37 GMT
via
1.1 google
last-modified
Tue, 22 Aug 2023 11:48:57 GMT
server
Google Frontend
age
2393528
etag
W/"af00-18a1d139428"
content-type
font/woff2
x-cloud-trace-context
15a0f900405d57cdb08b268158598e0f
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44800
Open_Sans-700-latin72.a09c41f.woff2
donate.wfp.org/_wfp/fonts/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://donate.wfp.org/_wfp/fonts/Open_Sans-700-latin72.a09c41f.woff2
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/_wfp/css/f176ef8.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.85.67 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.85.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Request headers

Referer
https://donate.wfp.org/_wfp/css/f176ef8.css
Origin
https://donate.wfp.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 09:18:00 GMT
via
1.1 google
last-modified
Tue, 22 Aug 2023 11:48:57 GMT
server
Google Frontend
age
2529285
etag
W/"af00-18a1d139428"
content-type
font/woff2
x-cloud-trace-context
e3b0c3d36cc6b7c0850d2518995287c6
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44800
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1082732900&t=event&ni=1&_s=1&dl=https%3A%2F%2Fdonate.wfp.org%2FAR%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3287%26utm_source%3Dfacebook%26utm_medium%3Dcpm%26utm_campaign%3D23852145504580086%26utm_content%3D1%26utm_ad%3D23859899314510086%26utm_adset%3D23859898890210086%26utm_cid%3D7014y000001RTPKAA4%26fbclid%3DIwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL&ul=en-us&de=UTF-8&dt=UN%20World%20Food%20Programme&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=IG%20Forms&ea=Donation%20Page%20View&_u=aGDACEABBAAAAGAAI~&jid=1288667101&gjid=1037069561&cid=1932176568.1695484364&tid=UA-2556524-1&_gid=25339099.1695484364&_r=1&gtm=45He39k2n71KN3K8D&z=1483823652
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://donate.wfp.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 23 Sep 2023 15:52:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://donate.wfp.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
xwk0klq7.js
l.getsitecontrol.com/ 		433 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://l.getsitecontrol.com/xwk0klq7.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KN3K8D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 -, , ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
7dd394c401138f8120a30565d9b89bc3c87d104dc3a7b87bdc87472675356aa5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 15:52:45 GMT
content-encoding
br
cdn-edgestorageid
1080
x-amz-request-id
80W99F7S5MSFEESZ
x-amz-server-side-encryption
AES256
cdn-cachedat
09/22/2023 12:16:33
cdn-pullzone
89704
cross-origin-resource-policy
cross-origin
x-amz-id-2
Z9yLwe8sM9tQPVgRRu/eKHSaLqUzJnJvnbRKtCCfo4ni90pFizLIt9DRjxq8B50za2+xGh5rgQc=
last-modified
Thu, 21 Sep 2023 10:48:56 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"65858d798385904d45c9bb1aa3a5e720"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
e3a1246b-2fdd-4153-9207-6ca707c9379d
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=0
cdn-requestid
c007016fcb5e30a2b68947f33ef1b743
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
loader.json
cdn.sparkcentral.com/rtm/web/1.25.7/ 		80 B
607 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.sparkcentral.com/rtm/web/1.25.7/loader.json
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:c200:14:56a0:4680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9909925d4ab51d22ae9bab97f369a550542efa7ed88b3282980b8ce816d16677

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 09:54:35 GMT
via
1.1 0c898d6f2a10977d2385a738646746ba.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P2
age
21526
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-meta-lastmodified
2020-03-16 15:17:38 +0000 UTC
content-length
80
last-modified
Fri, 19 Feb 2021 16:46:29 GMT
server
AmazonS3
etag
"f404840dc69a65c5380c1f11207d1c15"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
IYxU9bcfmJBwUYWVpU3zfhBgna8P6aGW_n4cdrWjpFCeGurxjbJgOw==
wf1398140__lyb_192x128.webp
donate.wfp.org/media/768/0elbvgh5/3x4/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://donate.wfp.org/media/768/0elbvgh5/3x4/wf1398140__lyb_192x128.webp
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.85.67 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.85.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
160813bf6eb107262188b2c5ac1f895a98935fa21dc1995e5403d4afb4f890d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 15:46:18 GMT
age
387
x-guploader-uploadid
ADPycdtp6GvHvW2c0cqWIDsS-1rSLWzQ6EU0acadGSXSQYPok7pmxL7jHPq4lYtGkvG9B01zgyZlSJjCDIyVwXNeF1nLVjsMOMaL
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11460
last-modified
Wed, 13 Sep 2023 09:05:53 GMT
server
UploadServer
etag
"4b2d62bf6022f71e32ff235f24169a34"
x-goog-generation
1694595953176741
x-goog-hash
crc32c=RzX9xw==, md5=Sy1iv2Ai9x4y/yNfJBaaNA==
content-type
image/webp
cache-control
public,max-age=3600
x-goog-stored-content-length
11460
accept-ranges
bytes
wf1398140__lyb_370x232.webp
donate.wfp.org/media/768/t4wppzxf/3x4/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://donate.wfp.org/media/768/t4wppzxf/3x4/wf1398140__lyb_370x232.webp
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.85.67 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.85.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e2d04b0f18b975cd661a68d36e4552aa8aabc62f5a1c198e959ddc4796412f25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 15:50:05 GMT
age
160
x-guploader-uploadid
ADPycdt2O8mhx2c9Fm7o26xOLH2WR8Em7adKYPFYj_4VMIvcxLIh6RjtRCfiGNy38ihVZwXLjB8v99T_AM_szZFLC7Q8lQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29294
last-modified
Wed, 13 Sep 2023 09:05:52 GMT
server
UploadServer
etag
"984ae947532c4f29f315c8bf0634fa6d"
x-goog-generation
1694595952090496
x-goog-hash
crc32c=6xjh+g==, md5=mErpR1MsTynzFci/BjT6bQ==
content-type
image/webp
cache-control
public,max-age=3600
x-goog-stored-content-length
29294
accept-ranges
bytes
wf1795016_20230911_lby_afp_000_33uy8vc.jpg
donate.wfp.org/media/1eihmiu3/ 		348 KB
348 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://donate.wfp.org/media/1eihmiu3/wf1795016_20230911_lby_afp_000_33uy8vc.jpg
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.85.67 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.85.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b6d2af8e39b42b966c0fd856ea0cf0d90d1f9f10a38e2898664f17ea97468c82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 15:04:56 GMT
age
2869
x-guploader-uploadid
ADPycduiq7UqEKIJcLXoZkEvQ6RA8m-5uoSG9U5ubxvQPsgH3AvBHHZncJvPKKYgVEkIA4tvJtz2jAaGlyh1huLCM49CQOzZ1CIK
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
355977
last-modified
Wed, 13 Sep 2023 08:12:35 GMT
server
UploadServer
etag
"f656fd2c1bd8690c65a6eb1b587d04f4"
x-goog-generation
1694592755587070
x-goog-hash
crc32c=F8pPtA==, md5=9lb9LBvYaQxlpusbWH0E9A==
content-type
image/jpeg
cache-control
public,max-age=3600
x-goog-stored-content-length
355977
accept-ranges
bytes
Open_Sans-500-latin56.a09c41f.woff2
donate.wfp.org/_wfp/fonts/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://donate.wfp.org/_wfp/fonts/Open_Sans-500-latin56.a09c41f.woff2
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/_wfp/css/f176ef8.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.85.67 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.85.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Request headers

Referer
https://donate.wfp.org/_wfp/css/f176ef8.css
Origin
https://donate.wfp.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 06:04:56 GMT
via
1.1 google
last-modified
Tue, 22 Aug 2023 11:48:57 GMT
server
Google Frontend
age
2540869
etag
W/"af00-18a1d139428"
content-type
font/woff2
x-cloud-trace-context
907d42102b543284308105877cd748ec
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44800
unwfpar.webp
donate.wfp.org/media/320/nt3njryj/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://donate.wfp.org/media/320/nt3njryj/unwfpar.webp
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.85.67 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.85.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
749d75df48e32d27f7639ed0e7c086480821ce44aeb2e81976318fdaf52b1b23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 15:27:53 GMT
age
1492
x-guploader-uploadid
ADPycdtejH4igum0qUlpK-UskHONZRRDTtiTZWvQO9i2HcfELFBB7km4lj8DDvDOzJyJmP_8UD6Iw3vXi7HZD7eI6vQ6nECXHWsj
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10702
last-modified
Tue, 11 Oct 2022 13:21:24 GMT
server
UploadServer
etag
"f8c16efde220d07d2c21f094731d71fe"
x-goog-generation
1665494484949526
x-goog-hash
crc32c=qTquHQ==, md5=+MFu/eIg0H0sIfCUcx1x/g==
content-type
image/webp
cache-control
public,max-age=3600
x-goog-stored-content-length
10702
accept-ranges
bytes
unwfp-standard-black-rgb-ar.png
donate.wfp.org/media/b3tbhfpy/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://donate.wfp.org/media/b3tbhfpy/unwfp-standard-black-rgb-ar.png
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.85.67 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.85.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
160d44a74ceb1a0ed47d2f37fddcdae59b6dfc4c27a9b2a5fdf90bdea8477aca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 15:04:56 GMT
age
2869
x-guploader-uploadid
ADPycduxRgQ4zVviVANyr-2qyKHiZCpz_ON3xG992NQkHOyelnyUauUHWU3dzNwhGYJ46pn8ldiy2TQy1aJH1BE708boR2nXXeuf
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8216
last-modified
Tue, 18 Oct 2022 16:03:26 GMT
server
UploadServer
etag
"83bcfe62020513d7877897018785448f"
x-goog-generation
1666109006109011
x-goog-hash
crc32c=41/dhA==, md5=g7z+YgIFE9eHeJcBh4VEjw==
content-type
image/png
cache-control
public,max-age=3600
x-goog-stored-content-length
8216
accept-ranges
bytes
email-t.svg
donate.wfp.org/media/qsnbnjsm/ 		761 B
790 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://donate.wfp.org/media/qsnbnjsm/email-t.svg
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.85.67 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.85.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
15c5c05e1c7787a5caacde914ea0316bfaa79d8e0d027d4e1f555252b4658654

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 15:51:29 GMT
age
76
x-guploader-uploadid
ADPycdvHQNYW0dbwgX8UAlb83nyd8LfqBpJQ51LxPMsbx1ghID5U6V6PEHXaIWD9CyMP-Ls0DFHTZPwYV7pG837yHwQPog
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
761
last-modified
Wed, 17 Aug 2022 14:48:46 GMT
server
UploadServer
etag
"d3a5551ded7ee06303ce091b41922983"
x-goog-generation
1660747726973559
x-goog-hash
crc32c=mQQ7WA==, md5=06VVHe1+4GMDzgkbQZIpgw==
content-type
image/svg+xml
cache-control
public,max-age=3600
x-goog-stored-content-length
761
accept-ranges
bytes
unwfp-standard-white-rgb-ar.png
donate.wfp.org/media/vukeheeq/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://donate.wfp.org/media/vukeheeq/unwfp-standard-white-rgb-ar.png
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.85.67 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.85.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
c68a253fb9996b8078a00077252c219d71e8b5aaad7339b97e2c479c7518b48a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 15:04:56 GMT
age
2869
x-guploader-uploadid
ADPycdt0JKfqm3nGRfr70-ZK8Md7uKhIlilLhlpARJgBg2gb8heFI-1QJML4uInlIu5LNo3OePpCOjhd7jWOoudQN728nkYM9eTj
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16540
last-modified
Fri, 28 Jul 2023 14:19:05 GMT
server
UploadServer
etag
"dbeec7eaccc930428346240a17ef291d"
x-goog-generation
1690553945472471
x-goog-hash
crc32c=U0/Y9w==, md5=2+7H6szJMEKDRiQKF+8pHQ==
content-type
image/png
cache-control
public,max-age=3600
x-goog-stored-content-length
16540
accept-ranges
bytes
twitter.svg
donate.wfp.org/assets/img/icons/ 		758 B
458 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://donate.wfp.org/assets/img/icons/twitter.svg
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.85.67 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.85.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
54907da2e52379025c2f40b252a1954bcae7e19c5f871e3977652e4da48f621d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 15:52:45 GMT
content-encoding
gzip
via
1.1 google
last-modified
Wed, 20 Sep 2023 09:39:14 GMT
server
Google Frontend
etag
W/"2f6-18ab1f53dd0"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=0
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
facebook.svg
donate.wfp.org/assets/img/icons/ 		552 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://donate.wfp.org/assets/img/icons/facebook.svg
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.85.67 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.85.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
c6034e158d46463cf39b67667d1f14fc3767042d02244d98335189291184e3a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 15:52:45 GMT
content-encoding
gzip
via
1.1 google
last-modified
Wed, 20 Sep 2023 09:39:14 GMT
server
Google Frontend
etag
W/"228-18ab1f53dd0"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=0
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
instagram.svg
donate.wfp.org/assets/img/icons/ 		2 KB
748 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://donate.wfp.org/assets/img/icons/instagram.svg
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.85.67 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.85.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
bf190f53b34ca5a0445da2fbd9ff9a7155487c067c907fa7540d855e603fb807

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 15:52:45 GMT
content-encoding
gzip
via
1.1 google
last-modified
Wed, 20 Sep 2023 09:39:14 GMT
server
Google Frontend
etag
W/"74b-18ab1f53dd0"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=0
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
linkedin.svg
donate.wfp.org/assets/img/icons/ 		616 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://donate.wfp.org/assets/img/icons/linkedin.svg
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.85.67 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.85.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
0f9aa279fa08f83278e9ae8de1c27ba480c6cb8a6c41e017b7b71e86305f13fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 15:52:45 GMT
content-encoding
gzip
via
1.1 google
last-modified
Wed, 20 Sep 2023 09:39:14 GMT
server
Google Frontend
etag
W/"268-18ab1f53dd0"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=0
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
youtube.svg
donate.wfp.org/assets/img/icons/ 		547 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://donate.wfp.org/assets/img/icons/youtube.svg
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.85.67 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.85.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
9812cb6d54877fc4bf9e7129b85d16475af9b00b367ad8e812a7365c48867a8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 15:52:45 GMT
content-encoding
gzip
via
1.1 google
last-modified
Wed, 20 Sep 2023 09:39:14 GMT
server
Google Frontend
etag
W/"223-18ab1f53dd0"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=0
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
www.facebook.com/tr/ 		0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1877519415676647&ev=Microdata&dl=https%3A%2F%2Fdonate.wfp.org%2FAR%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3287%26utm_source%3Dfacebook%26utm_medium%3Dcpm%26utm_campaign%3D23852145504580086%26utm_content%3D1%26utm_ad%3D23859899314510086%26utm_adset%3D23859898890210086%26utm_cid%3D7014y000001RTPKAA4%26fbclid%3DIwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL&rl=&if=false&ts=1695484365467&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22UN%20World%20Food%20Programme%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22UN%20World%20Food%20Programme%22%2C%22og%3Adescription%22%3A%22%22%2C%22og%3Aimage%22%3A%22%22%2C%22og%3Aimage%3Asecure_url%22%3A%22%22%2C%22og%3Aimage%3Aalt%22%3A%22UN%20World%20Food%20Programme%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.128&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbc=fb.1.1695484364812.IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL&fbp=fb.1.1695484364812.462835640&it=1695484364359&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 23 Sep 2023 15:52:45 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.googleadservices.com/pagead/conversion/481751819/ Frame C997 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/481751819/?random=1695484365471&cv=9&fst=1695484365471&num=1&npa=1&label=5IJhCIaT_O0BEIvm2-UB&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F10390555.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCMWnpLqLwYEDFVLhmgodj7UBZA%3Bsrc%3D10390555%3Btype%3Drem0%3Bcat%3Dallp%3Bord%3D2577884222483%3Bauiddc%3D1868754821.1695484364%3Bgtm%3D45fe39k2%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fdonate.wfp.org%252FAR%252F1244%252Fdonation%252Fsingle%252F%253Fcampaign%253D3287%2526utm_source%253Dfacebook%2526utm_medium%253Dcpm%2526utm_campaign%253D23852145504580086%2526utm_content%253D1%2526utm_ad%253D23859899314510086%2526utm_adset%253D23859898890210086%2526utm_cid%253D7014y000001RTPKAA4%2526fbclid%25&ref=https%3A%2F%2Fdonate.wfp.org%2F&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
0b6aa53df4c59ecbf06a3e0b06ed0de9e4a109e78dca52454d550a80d4892373
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://10390555.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Sep 2023 15:52:45 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1717
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-2556524-1&cid=1932176568.1695484364&jid=1288667101&gjid=1037069561&_gid=25339099.1695484364&_u=aGDACEABBAAAAGAAI~&z=1254214007
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://donate.wfp.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 23 Sep 2023 15:52:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://donate.wfp.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
sparkcentral.1.25.7.min.js
cdn.sparkcentral.com/rtm/web/1.25.7/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sparkcentral.com/rtm/web/1.25.7/sparkcentral.1.25.7.min.js
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:c200:14:56a0:4680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3fc75d058624330c6f1611633822e4023b960fad6a3f35876046f3adaa6349c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 00:07:21 GMT
content-encoding
gzip
via
1.1 2e727a8c78efdc43baa0571190ea0f4a.cloudfront.net (CloudFront)
last-modified
Fri, 19 Feb 2021 16:46:30 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P2
age
56870
x-amz-server-side-encryption
AES256
etag
W/"cd3c7f973f6b72e066d3f3f23b53d94f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-meta-lastmodified
2020-03-16 15:17:38 +0000 UTC
x-amz-cf-id
6loHCFpUKW9WbvxJN3RDindqFvzawXxfSVyO-7rgleKzZ6oQ-DZvRg==
ca.html
20777079p.rfihub.com/ Frame 89F9 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://20777079p.rfihub.com/ca.html?ver=9&rb=27244&ca=20777079&_o=27244&_t=20777079&pe=https%3A%2F%2F5499309.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCOeKirqLwYEDFYTDmgodtycKhg%3Bsrc%3D5499309%3Btype%3Dsitev00%3Bcat%3Dwfpor0%3Bord%3D1529841533682%3Bauiddc%3D1868754821.1695484364%3Bgtm%3D45He39k2%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B%7Eoref%3Dhttps%253A%252F%252Fdonate.wfp.org%252FAR%252F1244%252Fdonation%252Fsingle%252F%253Fcampaign%253D3287%2526utm_source%253Dfacebook%2526utm_medium%253Dcpm%2526utm_campaign%253D23852145504580086%2526utm_content%253D1%2526utm_ad%253D23859899314510086%2526utm_adset%253D23859898890210086%2526utm_cid%253D7014y000001RTPKAA4%2526fbclid%253DIwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL&pf=https%3A%2F%2Fadservice.google.com%2F&ra=13626788430058467
Requested by
Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.0.160.130 , Netherlands, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.4.51.v20230217) /
Resource Hash
0c3674d38bb723fb10ef29459ba1e8e870fcfdcb5c198adf9b38e650d8be2b7e

Request headers

Referer
https://5499309.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Content-Length
2546
Content-Type
text/html;charset=utf-8
Date
Sat, 23 Sep 2023 15:52:45 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-2556524-1&cid=1932176568.1695484364&jid=1288667101&_u=aGDACEABBAAAAGAAI~&z=1838602548
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Sep 2023 15:52:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-2556524-1&cid=1932176568.1695484364&jid=1288667101&_u=aGDACEABBAAAAGAAI~&z=1838602548
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Sep 2023 15:52:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/ 		456 KB
184 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__de.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?render=6LcW0K4kAAAAAIvAD4LnnB0XoYSHPXpH6MuedSFw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9af3aa843ca57a0c7b85eae7c3c66feae378f1329dd6484caf2efc98f595c4e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://donate.wfp.org/
Origin
https://donate.wfp.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 18:15:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
250635
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
187854
x-xss-protection
0
last-modified
Mon, 18 Sep 2023 04:01:58 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Sep 2024 18:15:30 GMT
initialise.js
pay.gocardless.com/billing/static/dropin/v2/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.gocardless.com/billing/static/dropin/v2/initialise.js
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/_wfp/dfe388b.modern.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:8b22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
100082a5a528e4e7117b02aa04631420999caaa3823cad14addb139ba07622bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 15:52:45 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
HIT
age
312
x-guploader-uploadid
ADPycdtz37JSYZyOHGh_8wzJZi5LlxMOsjmpzc9QaKU8Vr5Ntl12On7mmC6dYGQEvarZBd56kFpvXRfjTqQySXifFnLdug
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
1384
last-modified
Wed, 13 Sep 2023 13:21:44 GMT
server
cloudflare
etag
"bfe4acaca79d9ff4f75632dfea89d06a"
vary
Accept-Encoding
x-goog-generation
1694611304685049
content-type
application/javascript
x-goog-hash
crc32c=YCECfQ==, md5=v+SsrKedn/T3VjLf6onQag==
cache-control
public, max-age=3600
x-goog-stored-content-length
1384
accept-ranges
bytes
cf-ray
80b3f4e54c3d9bb8-FRA
expires
Sat, 23 Sep 2023 16:47:33 GMT
js
www.paypal.com/sdk/ 		273 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?client-id=AbyrqEp_MW1nDeGIuU7pGYUNi85B7a9Gdcf8tpWgcHrn6mtIMPNruc31B06UJw7DHDdOd10ZCGh2bAth&disable-funding=card,credit,bancontact,blik,eps,giropay,ideal,mercadopago,mybank,p24,sepa,sofort,venmo&currency=EUR
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/_wfp/c5986ca.modern.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bfeb2e4213c8280f6a799efe607be5d41b6b91517b4a29696c9fa35c3a0f40a4
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-MK857PrcVyKud9MusGSToKbdnm9axnWaPw6drNEcE0JUBmUT' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-MK857PrcVyKud9MusGSToKbdnm9axnWaPw6drNEcE0JUBmUT' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-MK857PrcVyKud9MusGSToKbdnm9axnWaPw6drNEcE0JUBmUT' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-MK857PrcVyKud9MusGSToKbdnm9axnWaPw6drNEcE0JUBmUT' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
disable-set-cookie
true
via
1.1 varnish, 1.1 varnish
date
Sat, 23 Sep 2023 15:52:45 GMT
age
4536
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT, MISS
p3p
true
paypal-debug-id
f662522417377
server-timing
"traceparent;desc="00-0000000000000000000f662522417377-f3e000cf0e95bcf5-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
76494
x-xss-protection
1; mode=block
x-served-by
cache-fra-etou8220099-FRA, cache-fra-etou8220099-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f662522417377-a46e718e3b163f37-01
x-timer
S1695484366.676333,VS0,VE7
etag
W/"12ace-DgrR442aIM0DtV/+lqjEsdaJQwI"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600, s-maxage=10800
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
1, 0
pb-stripe.svg
donate.wfp.org/assets/img/icons/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://donate.wfp.org/assets/img/icons/pb-stripe.svg
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.85.67 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.85.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
3f39956e5e5efe0dc248d9574a7a7071f5ac512ae3d553d3f949653cb8147962

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 15:52:45 GMT
content-encoding
gzip
via
1.1 google
last-modified
Wed, 20 Sep 2023 09:39:14 GMT
server
Google Frontend
etag
W/"f81-18ab1f53dd0"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=0
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
controller-9239195964f74ac7d035010429fa6fc6.html
js.stripe.com/v3/ Frame 5D23 		325 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-9239195964f74ac7d035010429fa6fc6.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
cd499789aa0cc8dfa10bfe9e511cc447cc27f58dcf554793d8103f8e4e318a61
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://donate.wfp.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
43
cache-control
max-age=60
content-length
325
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sat, 23 Sep 2023 15:52:03 GMT
etag
"9239195964f74ac7d035010429fa6fc6"
last-modified
Thu, 21 Sep 2023 22:20:16 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-cf-id
xNZoyG4R4xQrCqmgZbkqGkG-7b0wYLv-pycMiWTZmSIYzAOAuoITSA==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
payment-request-inner-google-pay-20c2cf4f5b9ea242870672367f48a2a6.html
js.stripe.com/v3/ Frame F90F 		408 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/payment-request-inner-google-pay-20c2cf4f5b9ea242870672367f48a2a6.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
1a0477237aa35f2866b9da85a454cbfe81fa0140b9e303368c822723c963ce2e
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://donate.wfp.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1220
cache-control
max-age=31536000
content-length
408
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sat, 23 Sep 2023 15:32:44 GMT
etag
"20c2cf4f5b9ea242870672367f48a2a6"
last-modified
Thu, 21 Sep 2023 22:20:33 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-cf-id
Bz_f9tvsNEnn3eX067x4L6BLj4wg0oWHf1k8a8G-0qQAbUicuNZUIQ==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
payment-request-inner-browser-80846e8472702b473a692422b9cb8fc1.html
js.stripe.com/v3/ Frame 5C10 		344 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/payment-request-inner-browser-80846e8472702b473a692422b9cb8fc1.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
88395a7f3d862d090aa5c8f430c832d565cde33801234dff0317828ffec7c56f
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://donate.wfp.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
4
cache-control
max-age=60
content-length
344
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sat, 23 Sep 2023 15:52:45 GMT
etag
"80846e8472702b473a692422b9cb8fc1"
last-modified
Thu, 21 Sep 2023 22:20:33 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-cf-id
BkS0QijaCNfSC2b-1wtzwAcFgfI6XZjvSSPTsRS8EYUqcEepjdE1sg==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
controller-9239195964f74ac7d035010429fa6fc6.html
js.stripe.com/v3/ Frame 509D 		325 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-9239195964f74ac7d035010429fa6fc6.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
cd499789aa0cc8dfa10bfe9e511cc447cc27f58dcf554793d8103f8e4e318a61
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://donate.wfp.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
43
cache-control
max-age=60
content-length
325
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sat, 23 Sep 2023 15:52:03 GMT
etag
"9239195964f74ac7d035010429fa6fc6"
last-modified
Thu, 21 Sep 2023 22:20:16 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-cf-id
hNRKya54jwY9tjsWJIOpkHmSe9K-jH9D2IK5hlh518DQxqz_C0IeDQ==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
elements-inner-card-c8839c7149dc8c999077f46486575853.html
js.stripe.com/v3/ Frame 9932 		798 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/elements-inner-card-c8839c7149dc8c999077f46486575853.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
e293d48b94cc26fee1a0bc128087c5e551acf01100e199595b14824263ab1041
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://donate.wfp.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
3088
cache-control
max-age=31536000
content-length
798
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sat, 23 Sep 2023 15:02:38 GMT
etag
"c8839c7149dc8c999077f46486575853"
last-modified
Thu, 21 Sep 2023 22:20:17 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-cf-id
mOtIPam2SHteAgThU-xgMZJGqOwsmm567ufbUCDrjdy7LGPFzFvDnQ==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
elements-inner-card-c8839c7149dc8c999077f46486575853.html
js.stripe.com/v3/ Frame 23E7 		798 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/elements-inner-card-c8839c7149dc8c999077f46486575853.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
e293d48b94cc26fee1a0bc128087c5e551acf01100e199595b14824263ab1041
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://donate.wfp.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
3088
cache-control
max-age=31536000
content-length
798
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sat, 23 Sep 2023 15:02:38 GMT
etag
"c8839c7149dc8c999077f46486575853"
last-modified
Thu, 21 Sep 2023 22:20:17 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-cf-id
4t9nmkykWihcQOE82yQAnt1yM8cYbmhjrEGT7VHa2kKd7HWYxEQUuw==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
elements-inner-card-c8839c7149dc8c999077f46486575853.html
js.stripe.com/v3/ Frame 70C4 		798 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/elements-inner-card-c8839c7149dc8c999077f46486575853.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
e293d48b94cc26fee1a0bc128087c5e551acf01100e199595b14824263ab1041
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://donate.wfp.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
3088
cache-control
max-age=31536000
content-length
798
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sat, 23 Sep 2023 15:02:38 GMT
etag
"c8839c7149dc8c999077f46486575853"
last-modified
Thu, 21 Sep 2023 22:20:17 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-cf-id
uX7fBE-0MUgfrqrwBZm_xNt-qB_nlEofxGWCf8IFVhdpRLXKwrBJ-w==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
credit-card.png
donate.wfp.org/assets/img/icons/ 		407 B
429 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://donate.wfp.org/assets/img/icons/credit-card.png
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.85.67 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.85.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
2a6ab45df9e4d7ba1661e98f9e57c9ae68ed0475f05f23117746c78d2e4fc43b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 15:52:45 GMT
via
1.1 google
last-modified
Wed, 20 Sep 2023 09:39:14 GMT
server
Google Frontend
etag
W/"197-18ab1f53dd0"
content-type
image/png
x-cloud-trace-context
e99abbebf5bd9c0e76578f575668b934
cache-control
public, max-age=0
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
407
modules.87c64ece4c32532efcb6.js
script.hotjar.com/ 		225 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.87c64ece4c32532efcb6.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2048364.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.3 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-3.ams54.r.cloudfront.net
Software
/
Resource Hash
535b2abfe5021a4ebd5577db4ff0bcc358dd30d4943df49d02a26feb8c1a4ea4
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 13:37:07 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 6c22fb0e883db3123ae98d8d72cdaf76.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS54-C1
age
180938
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
56133
last-modified
Thu, 21 Sep 2023 13:36:45 GMT
etag
"df814a1255030223e6ab003f27b95f6f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
mwIkNEODCcfEHQSHIXvoQZbbhLv5NFbx-phtStZtRkYWs_xvRUnciw==
xwk0klq7.json
l.getsitecontrol.com/ 		24 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.getsitecontrol.com/xwk0klq7.json
Requested by
Host: l.getsitecontrol.com
URL: https://l.getsitecontrol.com/xwk0klq7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 -, , ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
500cafb8e11eb67632e831133006d698657c39c57305c96bd364a313adb84263

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 15:52:45 GMT
content-encoding
br
cdn-edgestorageid
1082
x-amz-request-id
KV5YJ4AP8F316ZV7
x-amz-server-side-encryption
AES256
cdn-cachedat
09/21/2023 10:49:25
cdn-pullzone
89704
cross-origin-resource-policy
cross-origin
x-amz-id-2
g+Vbkg8NHdT7NkaQSko+mpzyJdtgP+mHkFwfdK9ILOMHBSKLJ4ISHJcw++TCOX7iCey1ch7D0Ww=
last-modified
Thu, 21 Sep 2023 10:48:56 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"575ee7b158f51c42ff491c1fb494a0e6"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cdn-cache
REVALIDATED
cdn-uid
e3a1246b-2fdd-4153-9207-6ca707c9379d
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=0
access-control-max-age
3000
cdn-requestid
578b143bb351e3118ad8ce749c59fc77
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
shared-64ae3beea3113d48aa7486462fd2d12e.js
js.stripe.com/v3/fingerprinted/js/ Frame 5D23 		494 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-9239195964f74ac7d035010429fa6fc6.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
9fa101eb8187170c04e5b2b0c46c611a6aa029e8eb4ca816193ebd5bbc4567be
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-9239195964f74ac7d035010429fa6fc6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 23 Sep 2023 15:22:38 GMT
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
1831
x-cache
Hit from cloudfront
last-modified
Thu, 21 Sep 2023 22:20:31 GMT
server
Cloudfront
etag
W/"4ee047fd9c07072ad4206430e08adc9b"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
j473-3vJpfxZfSiRDqc1aTvj-FOVutICT6S78-DC9rb-aVim5e0Fhg==
controller-6911f86fec01b61d77aef174880786ec.js
js.stripe.com/v3/fingerprinted/js/ Frame 5D23 		573 KB
152 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/controller-6911f86fec01b61d77aef174880786ec.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-9239195964f74ac7d035010429fa6fc6.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
57cbe6b573d45adcf6ed7a6c9d5fe87651d4902f266cacaadad32552037eab89
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-9239195964f74ac7d035010429fa6fc6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 23 Sep 2023 15:04:49 GMT
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
2886
x-cache
Hit from cloudfront
last-modified
Thu, 21 Sep 2023 20:06:46 GMT
server
Cloudfront
etag
W/"f25de5bf18bdc52a370fda9b0d5ee732"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
zLuHrT2gKLejjeqdtkhGzMuFHAGZiGYzahXQat3nvN3m5wWWHBM7rQ==
pay.js
pay.google.com/gp/p/js/ Frame F90F 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/js/pay.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-20c2cf4f5b9ea242870672367f48a2a6.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1cb146a6294f46b5d58de858134694c25c9bbd944c25ef47c259cddc7f4d60a8
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-Q42VoAK0pKAeUCaqiOu8cA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 15:52:46 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-Q42VoAK0pKAeUCaqiOu8cA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Sat, 23 Sep 2023 15:52:46 GMT
shared-64ae3beea3113d48aa7486462fd2d12e.js
js.stripe.com/v3/fingerprinted/js/ Frame F90F 		494 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-20c2cf4f5b9ea242870672367f48a2a6.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
9fa101eb8187170c04e5b2b0c46c611a6aa029e8eb4ca816193ebd5bbc4567be
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/payment-request-inner-google-pay-20c2cf4f5b9ea242870672367f48a2a6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 23 Sep 2023 15:22:38 GMT
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
1831
x-cache
Hit from cloudfront
last-modified
Thu, 21 Sep 2023 22:20:31 GMT
server
Cloudfront
etag
W/"4ee047fd9c07072ad4206430e08adc9b"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
n7Xu6gvxPXdf4_p96DT9FbIMJLRbZSQks5s22mPu9IlLevI-Kkk6FA==
payment-request-inner-google-pay-c1393017a41a9a55f1972b366ff43e92.js
js.stripe.com/v3/fingerprinted/js/ Frame F90F 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-c1393017a41a9a55f1972b366ff43e92.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-20c2cf4f5b9ea242870672367f48a2a6.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
f05a075dfa9cee7ab76b28bf5ebb367646493c4c3712ad1fb6bff0378f49a573
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/payment-request-inner-google-pay-20c2cf4f5b9ea242870672367f48a2a6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 23 Sep 2023 15:45:13 GMT
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
473
x-cache
Hit from cloudfront
last-modified
Tue, 19 Sep 2023 17:14:23 GMT
server
Cloudfront
etag
W/"8f9acb52354218d5f45674debf56b2bd"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
BRn7iKhjkTaVN7Ou1cM26ZpQgnvVvCMk2jlG72glPSYsliqz_d2Wxw==
shared-64ae3beea3113d48aa7486462fd2d12e.js
js.stripe.com/v3/fingerprinted/js/ Frame 5C10 		494 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-80846e8472702b473a692422b9cb8fc1.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
9fa101eb8187170c04e5b2b0c46c611a6aa029e8eb4ca816193ebd5bbc4567be
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/payment-request-inner-browser-80846e8472702b473a692422b9cb8fc1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 23 Sep 2023 15:22:38 GMT
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
1831
x-cache
Hit from cloudfront
last-modified
Thu, 21 Sep 2023 22:20:31 GMT
server
Cloudfront
etag
W/"4ee047fd9c07072ad4206430e08adc9b"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
vzwX1MZMWBkRXLf4HUwwo7rPYcxCPqppv6xEn6DPuMwzbTEdKjC0cw==
payment-request-inner-browser-be0e242b8c475d6fe5c6b08997031928.js
js.stripe.com/v3/fingerprinted/js/ Frame 5C10 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-be0e242b8c475d6fe5c6b08997031928.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-80846e8472702b473a692422b9cb8fc1.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
2cd5192ff8b020b1b320397711a8d5fb40be5e2954fff09a707e092713b7fc03
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/payment-request-inner-browser-80846e8472702b473a692422b9cb8fc1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 23 Sep 2023 15:29:11 GMT
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
1419
x-cache
Hit from cloudfront
last-modified
Tue, 19 Sep 2023 17:14:23 GMT
server
Cloudfront
etag
W/"330666bb238cf77ae96a867563ebc09a"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
1NTrTJubnSlAZUSm5MaPBC9p-_7cA4o62SA_mjrN7RANmU_l23mxyg==
shared-64ae3beea3113d48aa7486462fd2d12e.js
js.stripe.com/v3/fingerprinted/js/ Frame 509D 		494 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-9239195964f74ac7d035010429fa6fc6.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
9fa101eb8187170c04e5b2b0c46c611a6aa029e8eb4ca816193ebd5bbc4567be
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-9239195964f74ac7d035010429fa6fc6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 23 Sep 2023 15:22:38 GMT
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
1831
x-cache
Hit from cloudfront
last-modified
Thu, 21 Sep 2023 22:20:31 GMT
server
Cloudfront
etag
W/"4ee047fd9c07072ad4206430e08adc9b"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
t59BbjKudUbFhj8Bc9FbEa5MM8zD7sNv3fOPotJID6g4cdmRKv8shw==
controller-6911f86fec01b61d77aef174880786ec.js
js.stripe.com/v3/fingerprinted/js/ Frame 509D 		573 KB
152 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/controller-6911f86fec01b61d77aef174880786ec.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-9239195964f74ac7d035010429fa6fc6.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
57cbe6b573d45adcf6ed7a6c9d5fe87651d4902f266cacaadad32552037eab89
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-9239195964f74ac7d035010429fa6fc6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 23 Sep 2023 15:04:49 GMT
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
2886
x-cache
Hit from cloudfront
last-modified
Thu, 21 Sep 2023 20:06:46 GMT
server
Cloudfront
etag
W/"f25de5bf18bdc52a370fda9b0d5ee732"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
Mj3N0EcvD6Zfjob7SiiM9uic4BLBGoWgZ4Qt4lXIwglIvlKWT42-5w==
shared-64ae3beea3113d48aa7486462fd2d12e.js
js.stripe.com/v3/fingerprinted/js/ Frame 9932 		494 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-c8839c7149dc8c999077f46486575853.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
9fa101eb8187170c04e5b2b0c46c611a6aa029e8eb4ca816193ebd5bbc4567be
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-c8839c7149dc8c999077f46486575853.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 23 Sep 2023 15:22:38 GMT
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
1831
x-cache
Hit from cloudfront
last-modified
Thu, 21 Sep 2023 22:20:31 GMT
server
Cloudfront
etag
W/"4ee047fd9c07072ad4206430e08adc9b"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
7Hp9OpWg7wrPjhxQn9MBOTcz8broKksSxoSFieMrAMJ0GJ1x48RL6A==
ui-shared-9dbddfcfc656c0282376647fda9915a7.js
js.stripe.com/v3/fingerprinted/js/ Frame 9932 		309 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/ui-shared-9dbddfcfc656c0282376647fda9915a7.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-c8839c7149dc8c999077f46486575853.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
314eccb31ae54c82d0124be09e911c6b15e744335c6a1dbd9474dec5fc570794
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-c8839c7149dc8c999077f46486575853.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 23 Sep 2023 14:59:24 GMT
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
3230
x-cache
Hit from cloudfront
last-modified
Thu, 21 Sep 2023 22:20:32 GMT
server
Cloudfront
etag
W/"bcc5411dbab11bd7e108924986fa9838"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
ZqgZAo6huCu7EEzWd07eczPULmfkiTErjnlg7BGbsspXkwQS8uAg_w==
elements-inner-card-cdd742720b8be0f15f93969054c43ddd.js
js.stripe.com/v3/fingerprinted/js/ Frame 9932 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-cdd742720b8be0f15f93969054c43ddd.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-c8839c7149dc8c999077f46486575853.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
dd5e6ca8dd24585187320b0ebcb6291879e9a04831ffdabcf3e2a9e8113c96db
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-c8839c7149dc8c999077f46486575853.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 23 Sep 2023 15:24:41 GMT
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
1769
x-cache
Hit from cloudfront
last-modified
Thu, 21 Sep 2023 22:20:29 GMT
server
Cloudfront
etag
W/"93e76bde8326d768a44de6786a5a326e"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
LlS81Krja00aU75jLXRt5L_LGxxV5hrOHjo5386zemOpBsibhpjd4Q==
ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
js.stripe.com/v3/fingerprinted/css/ Frame 9932 		20 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-c8839c7149dc8c999077f46486575853.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-c8839c7149dc8c999077f46486575853.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 23 Sep 2023 15:48:50 GMT
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
236
x-cache
Hit from cloudfront
last-modified
Tue, 22 Aug 2023 19:34:18 GMT
server
Cloudfront
etag
W/"b361d7109e9925ca18e32c9da528520f"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
lKeQvYiNlKhybD8WTSSRL30NprRqRgqyr92GhWPQrvBcccr0NhWTPQ==
elements-inner-card-1c7bee4785d93019a11fa1aa4aadb4ae.css
js.stripe.com/v3/fingerprinted/css/ Frame 9932 		12 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-1c7bee4785d93019a11fa1aa4aadb4ae.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-c8839c7149dc8c999077f46486575853.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
53d6eb6e1878802f013e9ba10e391922ffd1debb6f528c3b65a9c6bd24aaac03
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-c8839c7149dc8c999077f46486575853.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 23 Sep 2023 15:15:58 GMT
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
2225
x-cache
Hit from cloudfront
last-modified
Wed, 06 Sep 2023 16:08:05 GMT
server
Cloudfront
etag
W/"c70a6ce921e821338c031d05a48eb659"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
oZcZ3f_qbn3jGQ98aoi0vNilB81bFfLGDPA0PD66ae8HtM4jJ8O5mA==
shared-64ae3beea3113d48aa7486462fd2d12e.js
js.stripe.com/v3/fingerprinted/js/ Frame 23E7 		494 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-c8839c7149dc8c999077f46486575853.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
9fa101eb8187170c04e5b2b0c46c611a6aa029e8eb4ca816193ebd5bbc4567be
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-c8839c7149dc8c999077f46486575853.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 23 Sep 2023 15:22:38 GMT
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
1831
x-cache
Hit from cloudfront
last-modified
Thu, 21 Sep 2023 22:20:31 GMT
server
Cloudfront
etag
W/"4ee047fd9c07072ad4206430e08adc9b"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
BFpJpWD67iz44beIN5HF38rHCAhHnmZOcNoSiSqt81to989Rb0WCBQ==
ui-shared-9dbddfcfc656c0282376647fda9915a7.js
js.stripe.com/v3/fingerprinted/js/ Frame 23E7 		309 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/ui-shared-9dbddfcfc656c0282376647fda9915a7.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-c8839c7149dc8c999077f46486575853.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
314eccb31ae54c82d0124be09e911c6b15e744335c6a1dbd9474dec5fc570794
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-c8839c7149dc8c999077f46486575853.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 23 Sep 2023 14:59:24 GMT
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
3230
x-cache
Hit from cloudfront
last-modified
Thu, 21 Sep 2023 22:20:32 GMT
server
Cloudfront
etag
W/"bcc5411dbab11bd7e108924986fa9838"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
OcXZueguTaDR6_Ww9tRyKu7SWvKHyWn4LdJSjPssaDbYB1-yNYIITQ==
elements-inner-card-cdd742720b8be0f15f93969054c43ddd.js
js.stripe.com/v3/fingerprinted/js/ Frame 23E7 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-cdd742720b8be0f15f93969054c43ddd.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-c8839c7149dc8c999077f46486575853.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
dd5e6ca8dd24585187320b0ebcb6291879e9a04831ffdabcf3e2a9e8113c96db
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-c8839c7149dc8c999077f46486575853.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 23 Sep 2023 15:24:41 GMT
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
1769
x-cache
Hit from cloudfront
last-modified
Thu, 21 Sep 2023 22:20:29 GMT
server
Cloudfront
etag
W/"93e76bde8326d768a44de6786a5a326e"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
j7vg0UubVA-AweZ8Oi4ucfcGQjgdSmsnKOLDRg8H5-N0tuPR4ccBVg==
ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
js.stripe.com/v3/fingerprinted/css/ Frame 23E7 		20 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-c8839c7149dc8c999077f46486575853.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-c8839c7149dc8c999077f46486575853.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 23 Sep 2023 15:48:50 GMT
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
236
x-cache
Hit from cloudfront
last-modified
Tue, 22 Aug 2023 19:34:18 GMT
server
Cloudfront
etag
W/"b361d7109e9925ca18e32c9da528520f"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
y2tL864mepb21S-rADhLNTrYr3cdRWUN9mqsiIQgUZy7jzAgbRcnrg==
elements-inner-card-1c7bee4785d93019a11fa1aa4aadb4ae.css
js.stripe.com/v3/fingerprinted/css/ Frame 23E7 		12 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-1c7bee4785d93019a11fa1aa4aadb4ae.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-c8839c7149dc8c999077f46486575853.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
53d6eb6e1878802f013e9ba10e391922ffd1debb6f528c3b65a9c6bd24aaac03
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-c8839c7149dc8c999077f46486575853.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 23 Sep 2023 15:15:58 GMT
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
2225
x-cache
Hit from cloudfront
last-modified
Wed, 06 Sep 2023 16:08:05 GMT
server
Cloudfront
etag
W/"c70a6ce921e821338c031d05a48eb659"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
f4-3bLpDJNlMQMvlQgThRG4Uxs7ZXr9t5aNfKjB-fDc8mCQ-Eq6XoQ==
shared-64ae3beea3113d48aa7486462fd2d12e.js
js.stripe.com/v3/fingerprinted/js/ Frame 70C4 		494 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-c8839c7149dc8c999077f46486575853.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
9fa101eb8187170c04e5b2b0c46c611a6aa029e8eb4ca816193ebd5bbc4567be
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-c8839c7149dc8c999077f46486575853.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 23 Sep 2023 15:22:38 GMT
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
1831
x-cache
Hit from cloudfront
last-modified
Thu, 21 Sep 2023 22:20:31 GMT
server
Cloudfront
etag
W/"4ee047fd9c07072ad4206430e08adc9b"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
51cW9NBwRFUrfH1A97ZNTcnfqiNlH96fX0yhCl2KdoQBxFt-GxGC1Q==
ui-shared-9dbddfcfc656c0282376647fda9915a7.js
js.stripe.com/v3/fingerprinted/js/ Frame 70C4 		309 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/ui-shared-9dbddfcfc656c0282376647fda9915a7.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-c8839c7149dc8c999077f46486575853.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
314eccb31ae54c82d0124be09e911c6b15e744335c6a1dbd9474dec5fc570794
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-c8839c7149dc8c999077f46486575853.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 23 Sep 2023 14:59:24 GMT
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
3230
x-cache
Hit from cloudfront
last-modified
Thu, 21 Sep 2023 22:20:32 GMT
server
Cloudfront
etag
W/"bcc5411dbab11bd7e108924986fa9838"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
W6_rCnv-rigix043kRvYJV2seQ55tcBuOFn5MMIV9EpnsfCxjeXNRw==
elements-inner-card-cdd742720b8be0f15f93969054c43ddd.js
js.stripe.com/v3/fingerprinted/js/ Frame 70C4 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-cdd742720b8be0f15f93969054c43ddd.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-c8839c7149dc8c999077f46486575853.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
dd5e6ca8dd24585187320b0ebcb6291879e9a04831ffdabcf3e2a9e8113c96db
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-c8839c7149dc8c999077f46486575853.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 23 Sep 2023 15:24:41 GMT
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
1769
x-cache
Hit from cloudfront
last-modified
Thu, 21 Sep 2023 22:20:29 GMT
server
Cloudfront
etag
W/"93e76bde8326d768a44de6786a5a326e"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
w0SSnUJGkyuPMiBg_XVwj3fMOoOK_dkgmkXYdCkJt8pchfW7CIgsLQ==
ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
js.stripe.com/v3/fingerprinted/css/ Frame 70C4 		20 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-c8839c7149dc8c999077f46486575853.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-c8839c7149dc8c999077f46486575853.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 23 Sep 2023 15:48:50 GMT
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
236
x-cache
Hit from cloudfront
last-modified
Tue, 22 Aug 2023 19:34:18 GMT
server
Cloudfront
etag
W/"b361d7109e9925ca18e32c9da528520f"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
kKem5ar8x3WO207oqAcqZ_ntlzqWx4rJb1QbQXePvy9otTDgfYT2Tw==
elements-inner-card-1c7bee4785d93019a11fa1aa4aadb4ae.css
js.stripe.com/v3/fingerprinted/css/ Frame 70C4 		12 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-1c7bee4785d93019a11fa1aa4aadb4ae.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-c8839c7149dc8c999077f46486575853.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
53d6eb6e1878802f013e9ba10e391922ffd1debb6f528c3b65a9c6bd24aaac03
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-c8839c7149dc8c999077f46486575853.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 23 Sep 2023 15:15:58 GMT
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
2225
x-cache
Hit from cloudfront
last-modified
Wed, 06 Sep 2023 16:08:05 GMT
server
Cloudfront
etag
W/"c70a6ce921e821338c031d05a48eb659"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
aQY7vMvsxI67yrTzMjvsW0HugkKoThe2iT3qhXEHjYWVxqmH3mwhNA==
/
www.google.de/pagead/1p-conversion/481751819/ Frame C997
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/481751819/?random=2080456396&cv=9&fst=1695484365471&num=1&npa=1&label=5IJhCIaT_O0BEIvm2-UB&guid=ON&resp=GooglemKTybQhCsO&eid=3756032...
  • https://www.google.com/pagead/1p-conversion/481751819/?random=2080456396&cv=9&fst=1695484365471&num=1&npa=1&label=5IJhCIaT_O0BEIvm2-UB&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C5122...
  • https://www.google.de/pagead/1p-conversion/481751819/?random=2080456396&cv=9&fst=1695484365471&num=1&npa=1&label=5IJhCIaT_O0BEIvm2-UB&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C51224...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/481751819/?random=2080456396&cv=9&fst=1695484365471&num=1&npa=1&label=5IJhCIaT_O0BEIvm2-UB&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F10390555.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCMWnpLqLwYEDFVLhmgodj7UBZA%3Bsrc%3D10390555%3Btype%3Drem0%3Bcat%3Dallp%3Bord%3D2577884222483%3Bauiddc%3D1868754821.1695484364%3Bgtm%3D45fe39k2%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fdonate.wfp.org%252FAR%252F1244%252Fdonation%252Fsingle%252F%253Fcampaign%253D3287%2526utm_source%253Dfacebook%2526utm_medium%253Dcpm%2526utm_campaign%253D23852145504580086%2526utm_content%253D1%2526utm_ad%253D23859899314510086%2526utm_adset%253D23859898890210086%2526utm_cid%253D7014y000001RTPKAA4%2526fbclid%25&ref=https%3A%2F%2Fdonate.wfp.org%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI_u3NuovBgQMVBcO7CB1ikQci&is_vtc=1&ocp_id=zQkPZb7THIWG7_UP4qKekAI&cid=CAQSKQBpAlJW8aq8aOycVvVMutjzCP91t7ixeq0x0nwnOAcQk2C_5ZUaNjrA&random=1404994862&resp=GooglemKTybQhCsO&ipr=y
Requested by
Host: 10390555.fls.doubleclick.net
URL: https://10390555.fls.doubleclick.net/activityi;dc_pre=CMWnpLqLwYEDFVLhmgodj7UBZA;src=10390555;type=rem0;cat=allp;ord=2577884222483;auiddc=1868754821.1695484364;gtm=45fe39k2;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2FAR%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3287%26utm_source%3Dfacebook%26utm_medium%3Dcpm%26utm_campaign%3D23852145504580086%26utm_content%3D1%26utm_ad%3D23859899314510086%26utm_adset%3D23859898890210086%26utm_cid%3D7014y000001RTPKAA4%26fbclid%3DIwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL?
Protocol
H3
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://10390555.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Sep 2023 15:52:46 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Sep 2023 15:52:46 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/481751819/?random=2080456396&cv=9&fst=1695484365471&num=1&npa=1&label=5IJhCIaT_O0BEIvm2-UB&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F10390555.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCMWnpLqLwYEDFVLhmgodj7UBZA%3Bsrc%3D10390555%3Btype%3Drem0%3Bcat%3Dallp%3Bord%3D2577884222483%3Bauiddc%3D1868754821.1695484364%3Bgtm%3D45fe39k2%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fdonate.wfp.org%252FAR%252F1244%252Fdonation%252Fsingle%252F%253Fcampaign%253D3287%2526utm_source%253Dfacebook%2526utm_medium%253Dcpm%2526utm_campaign%253D23852145504580086%2526utm_content%253D1%2526utm_ad%253D23859899314510086%2526utm_adset%253D23859898890210086%2526utm_cid%253D7014y000001RTPKAA4%2526fbclid%25&ref=https%3A%2F%2Fdonate.wfp.org%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI_u3NuovBgQMVBcO7CB1ikQci&is_vtc=1&ocp_id=zQkPZb7THIWG7_UP4qKekAI&cid=CAQSKQBpAlJW8aq8aOycVvVMutjzCP91t7ixeq0x0nwnOAcQk2C_5ZUaNjrA&random=1404994862&resp=GooglemKTybQhCsO&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
501709.gif
idsync.rlcdn.com/ Frame 89F9
Redirect Chain
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5140084927356606379&referrer=https%3A%2F%2Fadservice.google.com%2F&forward=
  • https://p.rfihub.com/cm?pub=39342&in=0&userid=775470fd-cecc-4bb8-b69a-7dc339c3bb36%3A1695484366.1072783&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D775470fd-cecc-4bb8-b69a-7dc339c...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5140084927356606379&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D775470fd-cecc-4bb8-b6...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=775470fd-cecc-4bb8-b69a-7dc339c3bb36%3A1695484366.1072783&_=1695484366.1084116
0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/501709.gif?partner_uid=775470fd-cecc-4bb8-b69a-7dc339c3bb36%3A1695484366.1072783&_=1695484366.1084116
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H2
Server
35.244.174.68 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20777079p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 15:52:46 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Redirect headers

date
Sat, 23 Sep 2023 15:52:46 GMT
via
1.1 e5b747ffd1713cb17ddd7d55234a3300.cloudfront.net (CloudFront)
server
lighttpd/1.4.69
x-amz-cf-pop
FRA2-C2
vary
Cookie
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
location
https://idsync.rlcdn.com/501709.gif?partner_uid=775470fd-cecc-4bb8-b69a-7dc339c3bb36%3A1695484366.1072783&_=1695484366.1084116
content-length
447
x-amz-cf-id
l0KM6tJlxAfxLIk4kfGl-war2NojMh3IrGIoiXFa7xiowysJ082aPQ==
501709.gif
idsync.rlcdn.com/ Frame 89F9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTE0MDA4NDkyNzM1NjYwNjM3OQ==&forward=
  • https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEIHejr_RNM1ZAJm9eJtYZ8Q&google_cver=1
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5140084927356606379&referrer={encSite}&forward=
  • https://p.rfihub.com/cm?pub=39342&in=0&userid=775470fd-cecc-4bb8-b69a-7dc339c3bb36%3A1695484366.1072783&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D775470fd-cecc-4bb8-b69a-7dc339c...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5140084927356606379&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D775470fd-cecc-4bb8-b6...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=775470fd-cecc-4bb8-b69a-7dc339c3bb36%3A1695484366.1072783&_=1695484366.4074845
0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/501709.gif?partner_uid=775470fd-cecc-4bb8-b69a-7dc339c3bb36%3A1695484366.1072783&_=1695484366.4074845
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H3
Server
35.244.174.68 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20777079p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 15:52:46 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Redirect headers

date
Sat, 23 Sep 2023 15:52:46 GMT
via
1.1 e5b747ffd1713cb17ddd7d55234a3300.cloudfront.net (CloudFront)
server
lighttpd/1.4.69
x-amz-cf-pop
FRA2-C2
vary
Cookie
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
location
https://idsync.rlcdn.com/501709.gif?partner_uid=775470fd-cecc-4bb8-b69a-7dc339c3bb36%3A1695484366.1072783&_=1695484366.4074845
content-length
447
x-amz-cf-id
6tq-G2CNwiSPUyntpWM2orNRQZanIg0aBFMlYx4a_4VNsMLJfkQ3Pg==
bounce
ib.adnxs.com/ Frame 89F9
Redirect Chain
  • https://ib.adnxs.com/setuid?entity=18&code=5140084927356606379
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5140084927356606379
43 B
881 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5140084927356606379
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H2
Server
185.89.211.12 , Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20777079p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Sep 2023 15:52:46 GMT
an-x-request-uuid
2e2104a3-5a0b-41c8-a31a-9281554a5ad6
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
138.199.38.134; 138.199.38.134; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Sep 2023 15:52:46 GMT
an-x-request-uuid
aacae1ca-abd1-4490-82ec-0f079ee16d31
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5140084927356606379
cache-control
no-store, no-cache, private
x-proxy-origin
138.199.38.134; 138.199.38.134; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
demconf.jpg
dpm.demdex.net/ Frame 89F9
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5140084927356606379&redir=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5140084927356606379&redir=
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5140084927356606379&redir=
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
HTTP/1.1
Server
34.255.45.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-45-168.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20777079p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v050-096fd6b03.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
LvZlEydxTRQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v050-080b06e04.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
6MF9r17zSjE=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5140084927356606379&redir=
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
Pug
image2.pubmatic.com/AdServer/ Frame 89F9 		42 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw==&piggybackCookie=5140084927356606379&r=
Requested by
Host: 5499309.fls.doubleclick.net
URL: https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=COeKirqLwYEDFYTDmgodtycKhg;src=5499309;type=sitev00;cat=wfpor0;ord=1529841533682;auiddc=1868754821.1695484364;gtm=45He39k2;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2FAR%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3287%26utm_source%3Dfacebook%26utm_medium%3Dcpm%26utm_campaign%3D23852145504580086%26utm_content%3D1%26utm_ad%3D23859899314510086%26utm_adset%3D23859898890210086%26utm_cid%3D7014y000001RTPKAA4%26fbclid%3DIwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20777079p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 23 Sep 2023 15:52:44 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sd
us-u.openx.net/w/1.0/ Frame 89F9 		43 B
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073062&val=5140084927356606379&r=
Requested by
Host: 5499309.fls.doubleclick.net
URL: https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=COeKirqLwYEDFYTDmgodtycKhg;src=5499309;type=sitev00;cat=wfpor0;ord=1529841533682;auiddc=1868754821.1695484364;gtm=45He39k2;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2FAR%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3287%26utm_source%3Dfacebook%26utm_medium%3Dcpm%26utm_campaign%3D23852145504580086%26utm_content%3D1%26utm_ad%3D23859899314510086%26utm_adset%3D23859898890210086%26utm_cid%3D7014y000001RTPKAA4%26fbclid%3DIwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20777079p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Sep 2023 15:52:46 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
match
ps.eyeota.net/ Frame 89F9
Redirect Chain
  • https://p.rfihub.com/cm?pub=24472&in=1
  • https://ps.eyeota.net/match?uid=5140084927356606379&bid=omt9pi0
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?uid=5140084927356606379&bid=omt9pi0
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
HTTP/1.1
Server
3.127.178.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-178-105.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20777079p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date
Sat, 23 Sep 2023 15:52:46 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location
https://ps.eyeota.net/match?uid=5140084927356606379&bid=omt9pi0
Date
Sat, 23 Sep 2023 15:52:46 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cksync.php
contextual.media.net/ Frame 89F9 		53 B
616 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5140084927356606379
Requested by
Host: 5499309.fls.doubleclick.net
URL: https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=COeKirqLwYEDFYTDmgodtycKhg;src=5499309;type=sitev00;cat=wfpor0;ord=1529841533682;auiddc=1868754821.1695484364;gtm=45He39k2;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2FAR%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3287%26utm_source%3Dfacebook%26utm_medium%3Dcpm%26utm_campaign%3D23852145504580086%26utm_content%3D1%26utm_ad%3D23859899314510086%26utm_adset%3D23859898890210086%26utm_cid%3D7014y000001RTPKAA4%26fbclid%3DIwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20777079p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 23 Sep 2023 15:52:46 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Sat, 23 Sep 2023 15:52:46 GMT
/
bpi.rtactivate.com/tag/ Frame 89F9 		43 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bpi.rtactivate.com/tag/?id=11017&user_id=5140084927356606379
Requested by
Host: 5499309.fls.doubleclick.net
URL: https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=COeKirqLwYEDFYTDmgodtycKhg;src=5499309;type=sitev00;cat=wfpor0;ord=1529841533682;auiddc=1868754821.1695484364;gtm=45He39k2;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2FAR%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3287%26utm_source%3Dfacebook%26utm_medium%3Dcpm%26utm_campaign%3D23852145504580086%26utm_content%3D1%26utm_ad%3D23859899314510086%26utm_adset%3D23859898890210086%26utm_cid%3D7014y000001RTPKAA4%26fbclid%3DIwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.238.22.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-22-106.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20777079p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 15:52:46 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
rum
dsum-sec.casalemedia.com/ Frame 89F9
Redirect Chain
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5140084927356606379&forward=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5140084927356606379&forward=&C=1
43 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5140084927356606379&forward=&C=1
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H2
Server
104.18.26.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20777079p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Sep 2023 15:52:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8rgj1I1QTbzrCEfkbd1ZMdDgOAB9OIi%2FQNdX1Sj7zRI8VYrtsiebCxs9nRwxM8aT4oKPhbF9l0oALdtpyyraiHd8YJ244gny%2FZBdZs4%2BzbY9hEAHiD6mmXreWWXynBqz%2BQdO7cpcFSt3kQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80b3f4ea09fe917a-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 23 Sep 2023 15:52:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3wO7qllJiRCfnPUfv%2Bzi%2BdZIfPAqBkxzxy064pUtUdDQ04dX69L69ruWANT%2B4UFUls%2B8%2BmuZE90uoYS%2FhZ4vvvdrahhawLyv%2BDRI74tF4vO6%2BODb4jW6QypfdN6MTRdkh6V1oP6FAp7oog%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=57&external_user_id=5140084927356606379&forward=&C=1
cache-control
no-cache
cf-ray
80b3f4e90881917a-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
360947.gif
idsync.rlcdn.com/ Frame 89F9 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/360947.gif?partner_uid=5140084927356606379
Requested by
Host: 5499309.fls.doubleclick.net
URL: https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=COeKirqLwYEDFYTDmgodtycKhg;src=5499309;type=sitev00;cat=wfpor0;ord=1529841533682;auiddc=1868754821.1695484364;gtm=45He39k2;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2FAR%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3287%26utm_source%3Dfacebook%26utm_medium%3Dcpm%26utm_campaign%3D23852145504580086%26utm_content%3D1%26utm_ad%3D23859899314510086%26utm_adset%3D23859898890210086%26utm_cid%3D7014y000001RTPKAA4%26fbclid%3DIwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20777079p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 15:52:46 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
rocketfuel_sync
x.dlx.addthis.com/e/ Frame 89F9 		43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5140084927356606379
Requested by
Host: 5499309.fls.doubleclick.net
URL: https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=COeKirqLwYEDFYTDmgodtycKhg;src=5499309;type=sitev00;cat=wfpor0;ord=1529841533682;auiddc=1868754821.1695484364;gtm=45He39k2;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2FAR%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3287%26utm_source%3Dfacebook%26utm_medium%3Dcpm%26utm_campaign%3D23852145504580086%26utm_content%3D1%26utm_ad%3D23859899314510086%26utm_adset%3D23859898890210086%26utm_cid%3D7014y000001RTPKAA4%26fbclid%3DIwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.200.221 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-200-221.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20777079p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires
Sat, 23 Sep 2023 15:52:46 GMT
pragma
no-cache
date
Sat, 23 Sep 2023 15:52:46 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
43
content-type
image/gif
sync
partners.tremorhub.com/ Frame 89F9 		43 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIRF=5140084927356606379&r=A21rxKW5Je1E
Requested by
Host: 5499309.fls.doubleclick.net
URL: https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=COeKirqLwYEDFYTDmgodtycKhg;src=5499309;type=sitev00;cat=wfpor0;ord=1529841533682;auiddc=1868754821.1695484364;gtm=45He39k2;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2FAR%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3287%26utm_source%3Dfacebook%26utm_medium%3Dcpm%26utm_campaign%3D23852145504580086%26utm_content%3D1%26utm_ad%3D23859899314510086%26utm_adset%3D23859898890210086%26utm_cid%3D7014y000001RTPKAA4%26fbclid%3DIwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:333c:fbab:e531:2e93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20777079p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Sat, 23 Sep 2023 15:52:46 GMT
server
nginx
content-type
image/gif
g.pixel
aa.agkn.com/adscores/ Frame 89F9 		43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5140084927356606379
Requested by
Host: 5499309.fls.doubleclick.net
URL: https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=COeKirqLwYEDFYTDmgodtycKhg;src=5499309;type=sitev00;cat=wfpor0;ord=1529841533682;auiddc=1868754821.1695484364;gtm=45He39k2;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2FAR%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3287%26utm_source%3Dfacebook%26utm_medium%3Dcpm%26utm_campaign%3D23852145504580086%26utm_content%3D1%26utm_ad%3D23859899314510086%26utm_adset%3D23859898890210086%26utm_cid%3D7014y000001RTPKAA4%26fbclid%3DIwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.129.25.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-129-25-174.eu-west-1.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20777079p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Sep 2023 15:52:46 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
expires
0
usermatch.gif
beacon.krxd.net/ Frame 89F9 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5140084927356606379
Requested by
Host: 5499309.fls.doubleclick.net
URL: https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=COeKirqLwYEDFYTDmgodtycKhg;src=5499309;type=sitev00;cat=wfpor0;ord=1529841533682;auiddc=1868754821.1695484364;gtm=45He39k2;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2FAR%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3287%26utm_source%3Dfacebook%26utm_medium%3Dcpm%26utm_campaign%3D23852145504580086%26utm_content%3D1%26utm_ad%3D23859899314510086%26utm_adset%3D23859898890210086%26utm_cid%3D7014y000001RTPKAA4%26fbclid%3DIwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.62.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-62-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20777079p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-served-by
beacon-n002-dub-prod.krxd.net
date
Sat, 23 Sep 2023 15:52:46 GMT
cache-control
private, no-cache, no-store
x-request-time
D=29 t=1695484366
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
x.bidswitch.net/ Frame 89F9 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=119&user_id=5140084927356606379&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD}
Requested by
Host: 5499309.fls.doubleclick.net
URL: https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=COeKirqLwYEDFYTDmgodtycKhg;src=5499309;type=sitev00;cat=wfpor0;ord=1529841533682;auiddc=1868754821.1695484364;gtm=45He39k2;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2FAR%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3287%26utm_source%3Dfacebook%26utm_medium%3Dcpm%26utm_campaign%3D23852145504580086%26utm_content%3D1%26utm_ad%3D23859899314510086%26utm_adset%3D23859898890210086%26utm_cid%3D7014y000001RTPKAA4%26fbclid%3DIwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.19.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-19-227.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20777079p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 15:52:46 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
cm
p.rfihub.com/ Frame 89F9
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=ZQ8JzgASgUvVrgA_
  • https://p.rfihub.com/cm?in=1&pub=21653&userid=ZQ8JzgASgUvVrgA_&_test=ZQ8JzgASgUvVrgA_
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.rfihub.com/cm?in=1&pub=21653&userid=ZQ8JzgASgUvVrgA_&_test=ZQ8JzgASgUvVrgA_
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
HTTP/1.1
Server
193.0.160.130 , Netherlands, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.4.51.v20230217) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20777079p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type
image/gif
Date
Sat, 23 Sep 2023 15:52:46 GMT
Cache-Control
no-cache
Server
Jetty(9.4.51.v20230217)
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by
cache-fra-eddf8230099-FRA
pragma
no-cache
date
Sat, 23 Sep 2023 15:52:46 GMT
via
1.1 varnish
server
Varnish
x-timer
S1695484366.450122,VS0,VE0
x-cache
HIT
location
https://p.rfihub.com/cm?in=1&pub=21653&userid=ZQ8JzgASgUvVrgA_&_test=ZQ8JzgASgUvVrgA_
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
runtime.913ffdb.js
s2.getsitecontrol.com/widgets/es6/ 		150 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s2.getsitecontrol.com/widgets/es6/runtime.913ffdb.js
Requested by
Host: l.getsitecontrol.com
URL: https://l.getsitecontrol.com/xwk0klq7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1075:1 -, , ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1075 /
Resource Hash
5446fad7f9f36f6c65eec0a8b3baec1ffc55dafb94aa7ee316ab1afb19bc33e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 15:52:46 GMT
content-encoding
br
cdn-edgestorageid
755
x-amz-request-id
T2VDXETXDYJ4ZC1W
x-amz-server-side-encryption
AES256
cdn-cachedat
09/07/2023 12:50:25
cdn-pullzone
83560
cross-origin-resource-policy
cross-origin
x-amz-id-2
KSJj89WeE0ELPyeeONKcMoxVCF7bG655+n73cAuT6csMCaaBV3Mb9GDkAM7PTVw1p5Uzv8OeGzI=
last-modified
Thu, 07 Sep 2023 12:47:15 GMT
server
BunnyCDN-DE1-1075
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"3b7d2578a1e1d337732f2e445368ad4c"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
e3a1246b-2fdd-4153-9207-6ca707c9379d
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=22809600
cdn-requestid
b9ed2cf726c19199368470d68abf666f
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
pptm.js
www.paypal.com/tagmanager/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=donate.wfp.org&t=xo&v=5.0.398&source=payments_sdk&client_id=AbyrqEp_MW1nDeGIuU7pGYUNi85B7a9Gdcf8tpWgcHrn6mtIMPNruc31B06UJw7DHDdOd10ZCGh2bAth&disableSetCookie=true&vault=false
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AbyrqEp_MW1nDeGIuU7pGYUNi85B7a9Gdcf8tpWgcHrn6mtIMPNruc31B06UJw7DHDdOd10ZCGh2bAth&disable-funding=card,credit,bancontact,blik,eps,giropay,ideal,mercadopago,mybank,p24,sepa,sofort,venmo&currency=EUR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
aab7029b49eaa35a619533a2b197c5bb9983ef42ea65a998a9b61b167b5cd32b
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-sxMlYS8DQ6qVnljJ2Qdl9GJ4t5OuMX9VQTQKNnSihfVR7Wjk' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-sxMlYS8DQ6qVnljJ2Qdl9GJ4t5OuMX9VQTQKNnSihfVR7Wjk' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 23 Sep 2023 15:52:46 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
86248
x-cache
HIT, MISS
paypal-debug-id
f6262999397a1
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
4777
x-xss-protection
1; mode=block
x-served-by
cache-fra-etou8220099-FRA, cache-fra-etou8220099-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f6262999397a1-f62dee5e8d867f0e-01
x-timer
S1695484366.001869,VS0,VE19
etag
W/"366c-8Y0uSemL3gETIs9qfWFlg7H1Xkk"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=3600
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
1, 0
buttons
www.paypal.com/smart/ Frame D617 		394 KB
101 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=blue&style.shape=rect&style.tagline=false&style.height=45&style.menuPlacement=below&sdkVersion=5.0.398&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJ5cnFFcF9NVzFuRGVHSXVVN3BHWVVOaTg1QjdhOUdkY2Y4dHBXZ2NIcm42bXRJTVBOcnVjMzFCMDZVSnc3REhEZE9kMTBaQ0doMmJBdGgmZGlzYWJsZS1mdW5kaW5nPWNhcmQsY3JlZGl0LGJhbmNvbnRhY3QsYmxpayxlcHMsZ2lyb3BheSxpZGVhbCxtZXJjYWRvcGFnbyxteWJhbmsscDI0LHNlcGEsc29mb3J0LHZlbm1vJmN1cnJlbmN5PUVVUiIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX2xxa3h0cWthaWZyamZnd2lzYXVnZWJqdWlvbWJqayJ9fQ&clientID=AbyrqEp_MW1nDeGIuU7pGYUNi85B7a9Gdcf8tpWgcHrn6mtIMPNruc31B06UJw7DHDdOd10ZCGh2bAth&sdkCorrelationID=f3406705dd00f&storageID=uid_11a8c1b610_mtu6nti6ndy&sessionID=uid_4d154020c6_mtu6nti6ndy&buttonSessionID=uid_3f61aba13a_mtu6nti6ndy&env=production&buttonSize=medium&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=EUR&intent=capture&commit=true&vault=false&disableFunding.0=card&disableFunding.1=credit&disableFunding.2=bancontact&disableFunding.3=blik&disableFunding.4=eps&disableFunding.5=giropay&disableFunding.6=ideal&disableFunding.7=mercadopago&disableFunding.8=mybank&disableFunding.9=p24&disableFunding.10=sepa&disableFunding.11=sofort&disableFunding.12=venmo&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true&experimentation.experience=107634&experimentation.treatment=135612
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AbyrqEp_MW1nDeGIuU7pGYUNi85B7a9Gdcf8tpWgcHrn6mtIMPNruc31B06UJw7DHDdOd10ZCGh2bAth&disable-funding=card,credit,bancontact,blik,eps,giropay,ideal,mercadopago,mybank,p24,sepa,sofort,venmo&currency=EUR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8349895016dbbaf7a54ccb9c94743d72d45e3f59e8cc94d89fe7a7b3d9672b03
Security Headers
Name Value
Content-Security-Policy form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://donate.wfp.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-disposition
inline
content-encoding
gzip
content-security-policy
form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type
text/html; charset=utf-8
date
Sat, 23 Sep 2023 15:52:46 GMT
dc
ccg11-origin-www-1.paypal.com
etag
W/"62713-smm85e83MXQTQXgUO+W4Ctd+es4"
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
p3p
true
paypal-debug-id
f175292732f49
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
"traceparent;desc="00-0000000000000000000f175292732f49-63c6f621c411df5a-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f175292732f49-fdf715025d47ae6e-01
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-content-type-options
nosniff
x-csrf-jwt
__blank__
x-served-by
cache-fra-etou8220099-FRA, cache-fra-etou8220099-FRA
x-timer
S1695484366.057562,VS0,VE418
x-xss-protection
1; mode=block
paypal-white.svg
www.paypalobjects.com/js-sdk-logos/2.2.7/ Frame 5A26 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/js-sdk-logos/2.2.7/paypal-white.svg
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CEB) /
Resource Hash
3f8c62b36198124e39fe0d48535fef486d0eb6174159c5c72b0fcaede72222f2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 15:52:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
6f351d43d2f8e
dc
ccg11-origin-www-1.paypal.com
content-length
1210
last-modified
Tue, 04 Apr 2023 21:46:19 GMT
server
ECAcc (frc/4CEB)
traceparent
00-00000000000000000006f351d43d2f8e-57db498aac5658a6-01
etag
W/"642c9aab-cc2"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Sat, 23 Sep 2023 16:52:46 GMT
csp-report
q.stripe.com/ Frame 5D23 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 23 Sep 2023 15:52:46 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1695484366698494
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1695484366698134
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 5C10 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 23 Sep 2023 15:52:46 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1695484366701116
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1695484366700741
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 5C10 		0
718 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 23 Sep 2023 15:52:46 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1695484366698393
x-envoy-upstream-service-time
0
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1695484366698136
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
.deploy_status_henson.json
js.stripe.com/v3/ Frame 5D23 		474 B
865 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
bb5880ffd5fb15b0669aacc2f6b2b40e4671d39fa0328f498029aacf30569c1a

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-9239195964f74ac7d035010429fa6fc6.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 23 Sep 2023 15:52:34 GMT
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
last-modified
Fri, 22 Sep 2023 20:48:37 GMT
server
Cloudfront
x-amz-cf-pop
FRA6-C1
age
13
etag
"6a955f8970d56b697fb1312045250936"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
qN-cQJoKHvEhdCJSteRMSVhRsit9H_uIQa62ZW5V0JiWRUmz_QXWTw==
2048364
vc.hotjar.io/sessions/ 		0
259 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vc.hotjar.io/sessions/2048364?s=0.25&r=0.20414891099677002
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.87c64ece4c32532efcb6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-16.zrh55.r.cloudfront.net
Software
Python/3.8 aiohttp/3.8.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 15:52:46 GMT
via
1.1 478446fb4d72a1fd99b9a7a5157265f4.cloudfront.net (CloudFront)
server
Python/3.8 aiohttp/3.8.4
x-amz-cf-pop
ZRH55-P1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store
x-amz-cf-id
ekRYrvMJYvhH5W5H2C7V6Qz5Dje2KfMQV_JRCBkqW1Nxqs3djvPDag==
anchor
www.recaptcha.net/recaptcha/api2/ Frame 3C80 		52 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcW0K4kAAAAAIvAD4LnnB0XoYSHPXpH6MuedSFw&co=aHR0cHM6Ly9kb25hdGUud2ZwLm9yZzo0NDM.&hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=invisible&cb=z73d89umgvnw
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4fdcceb8c35a19b34656f2181a1be43ee8635f87ed5e78d6765767a7fa7e763a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ooKA9iUgqVX3Gnfh2v7AUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://donate.wfp.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-ooKA9iUgqVX3Gnfh2v7AUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 23 Sep 2023 15:52:46 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
csp-report
q.stripe.com/ Frame 509D 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 23 Sep 2023 15:52:46 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1695484366698815
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1695484366698487
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 9932 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 23 Sep 2023 15:52:46 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1695484366699608
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1695484366699320
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 9932 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 23 Sep 2023 15:52:46 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1695484366698825
x-envoy-upstream-service-time
0
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1695484366698510
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
.deploy_status_henson.json
js.stripe.com/v3/ Frame 509D 		474 B
865 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
bb5880ffd5fb15b0669aacc2f6b2b40e4671d39fa0328f498029aacf30569c1a

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-9239195964f74ac7d035010429fa6fc6.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 23 Sep 2023 15:52:34 GMT
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
last-modified
Fri, 22 Sep 2023 20:48:37 GMT
server
Cloudfront
x-amz-cf-pop
FRA6-C1
age
13
etag
"6a955f8970d56b697fb1312045250936"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
LFT_BfKerGnfjhOWmKOxgGBiL8JPqRjp3I6bZ0f4X3D2Z-XcYF85qA==
.deploy_status_henson.json
js.stripe.com/v3/ Frame 9932 		474 B
865 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
bb5880ffd5fb15b0669aacc2f6b2b40e4671d39fa0328f498029aacf30569c1a

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/elements-inner-card-c8839c7149dc8c999077f46486575853.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 23 Sep 2023 15:52:34 GMT
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
last-modified
Fri, 22 Sep 2023 20:48:37 GMT
server
Cloudfront
x-amz-cf-pop
FRA6-C1
age
13
etag
"6a955f8970d56b697fb1312045250936"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
InFlqJUWfETOzg36RTI7u0bhc_wIAg8JZL7DmdCMgvYN1KlGsRrAhQ==
csp-report
q.stripe.com/ Frame 23E7 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 23 Sep 2023 15:52:46 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1695484366700156
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1695484366699725
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 23E7 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 23 Sep 2023 15:52:46 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1695484366700180
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1695484366699760
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
.deploy_status_henson.json
js.stripe.com/v3/ Frame 23E7 		474 B
864 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
bb5880ffd5fb15b0669aacc2f6b2b40e4671d39fa0328f498029aacf30569c1a

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/elements-inner-card-c8839c7149dc8c999077f46486575853.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 23 Sep 2023 15:52:34 GMT
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
last-modified
Fri, 22 Sep 2023 20:48:37 GMT
server
Cloudfront
x-amz-cf-pop
FRA6-C1
age
13
etag
"6a955f8970d56b697fb1312045250936"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
0ISj3c8oVwKfr424ukG8FMExYDwLbzJOo42zrLz5PSkS2kUBCRoLpA==
csp-report
q.stripe.com/ Frame 70C4 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 23 Sep 2023 15:52:46 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1695484366698826
x-envoy-upstream-service-time
0
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1695484366698540
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 70C4 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 23 Sep 2023 15:52:46 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1695484366700043
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1695484366699631
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
.deploy_status_henson.json
js.stripe.com/v3/ Frame 70C4 		474 B
864 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
bb5880ffd5fb15b0669aacc2f6b2b40e4671d39fa0328f498029aacf30569c1a

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/elements-inner-card-c8839c7149dc8c999077f46486575853.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 23 Sep 2023 15:52:34 GMT
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
last-modified
Fri, 22 Sep 2023 20:48:37 GMT
server
Cloudfront
x-amz-cf-pop
FRA6-C1
age
13
etag
"6a955f8970d56b697fb1312045250936"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
KM9DmIB9N7GbnjTIJpJnyoViS2Z44HG7dR6HSiIcUrAHb1jsxq5xug==
wallet-config
merchant-ui-api.stripe.com/elements/ Frame 5D23 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://merchant-ui-api.stripe.com/elements/wallet-config
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.202.131.124 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-202-131-124.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a3b305c28a7820e51c72325c6badbc4ce6950612484eaf032076051bef7fc518
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 23 Sep 2023 15:52:46 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
cross-origin-resource-policy
same-site
content-length
1701
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
access-control-max-age
300
access-control-allow-methods
GET, POST
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://js.stripe.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
access-control-allow-headers
x-stripe-csrf-token
expires
0
styles__ltr.css
www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/ Frame 3C80 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/styles__ltr.css
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcW0K4kAAAAAIvAD4LnnB0XoYSHPXpH6MuedSFw&co=aHR0cHM6Ly9kb25hdGUud2ZwLm9yZzo0NDM.&hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=invisible&cb=z73d89umgvnw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 07:15:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
31056
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 18 Sep 2023 04:01:58 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 22 Sep 2024 07:15:10 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/ Frame 3C80 		456 KB
184 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__de.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcW0K4kAAAAAIvAD4LnnB0XoYSHPXpH6MuedSFw&co=aHR0cHM6Ly9kb25hdGUud2ZwLm9yZzo0NDM.&hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=invisible&cb=z73d89umgvnw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9af3aa843ca57a0c7b85eae7c3c66feae378f1329dd6484caf2efc98f595c4e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 18:15:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
250636
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
187854
x-xss-protection
0
last-modified
Mon, 18 Sep 2023 04:01:58 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Sep 2024 18:15:30 GMT
muse.js
www.paypalobjects.com/muse/ 		55 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/muse.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?id=donate.wfp.org&t=xo&v=5.0.398&source=payments_sdk&client_id=AbyrqEp_MW1nDeGIuU7pGYUNi85B7a9Gdcf8tpWgcHrn6mtIMPNruc31B06UJw7DHDdOd10ZCGh2bAth&disableSetCookie=true&vault=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CA9) /
Resource Hash
20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 15:52:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
dc21d9f04f5fc
dc
ccg11-origin-www-1.paypal.com
content-length
16488
last-modified
Fri, 01 Sep 2023 21:10:59 GMT
server
ECAcc (frc/4CA9)
traceparent
00-0000000000000000000dc21d9f04f5fc-b94b7e36efc65f3e-01
etag
"64f25363-daa8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Sat, 23 Sep 2023 16:52:46 GMT
ts
t.paypal.com/ 		42 B
513 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3AZ2YYMM8UVWX3A-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3AZ2YYMM8UVWX3A-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=cb71c1d9-41a7-416c-91f5-405984c59fba&fltp=analytics&mrid=Z2YYMM8UVWX3A&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=UN%20World%20Food%20Programme&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1695484366418&g=-120&completeurl=https%3A%2F%2Fdonate.wfp.org%2FAR%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3287%26utm_source%3Dfacebook%26utm_medium%3Dcpm%26utm_campaign%3D23852145504580086%26utm_content%3D1%26utm_ad%3D23859899314510086%26utm_adset%3D23859898890210086%26utm_cid%3D7014y000001RTPKAA4%26fbclid%3DIwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL&disableSetCookie=true
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-cache-hits
0
date
Sat, 23 Sep 2023 15:52:46 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
f911e5b5c14b9
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-fra-etou8220082-FRA
pragma
no-cache
correlation-id
f911e5b5c14b9
traceparent
00-0000000000000000000f911e5b5c14b9-f89e801b2f5dd53d-01
x-timer
S1695484366.461785,VS0,VE164
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Sep 2023 15:52:46 GMT
events
events.getsitectrl.com/api/v1/ 		643 B
891 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.getsitectrl.com/api/v1/events?query=campaign%3D3287%26utm_source%3Dfacebook%26utm_medium%3Dcpm%26utm_campaign%3D23852145504580086%26utm_content%3D1%26utm_ad%3D23859899314510086%26utm_adset%3D23859898890210086%26utm_cid%3D7014y000001RTPKAA4%26fbclid%3DIwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Requested by
Host: s2.getsitecontrol.com
URL: https://s2.getsitecontrol.com/widgets/es6/runtime.913ffdb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.235.255.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-255-200.compute-1.amazonaws.com
Software
Getsitecontrol /
Resource Hash
e4f30ab2b0681049d9fce996c700d0c87f2a8b14a8ad59775aa6dc46e5b8a1bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 15:52:46 GMT
server
Getsitecontrol
access-control-allow-methods
GET,POST
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
private, no-cache
access-control-allow-credentials
false
access-control-allow-headers
Content-Type,X-Requested-With
content-length
643
csp-report
q.stripe.com/ Frame F90F 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 23 Sep 2023 15:52:46 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1695484366700977
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1695484366700690
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame F90F 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 23 Sep 2023 15:52:46 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1695484366701018
x-envoy-upstream-service-time
0
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1695484366700731
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
0
r.stripe.com/ Frame 5D23 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 23 Sep 2023 15:52:46 GMT
x-stripe-server-envoy-start-time-us
1695484366701489
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1695484366701132
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 5D23 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 23 Sep 2023 15:52:46 GMT
x-stripe-server-envoy-start-time-us
1695484366700741
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1695484366700408
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 5D23 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 23 Sep 2023 15:52:46 GMT
x-stripe-server-envoy-start-time-us
1695484366700902
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1695484366700309
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 5D23 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 23 Sep 2023 15:52:46 GMT
x-stripe-server-envoy-start-time-us
1695484366700978
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1695484366700357
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 5D23 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 23 Sep 2023 15:52:46 GMT
x-stripe-server-envoy-start-time-us
1695484366700939
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1695484366700389
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 5D23 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 23 Sep 2023 15:52:46 GMT
x-stripe-server-envoy-start-time-us
1695484366700337
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1695484366700107
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 5D23 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 23 Sep 2023 15:52:46 GMT
x-stripe-server-envoy-start-time-us
1695484366700680
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1695484366700015
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 5D23 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 23 Sep 2023 15:52:46 GMT
x-stripe-server-envoy-start-time-us
1695484366701504
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1695484366701178
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 5D23 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 23 Sep 2023 15:52:46 GMT
x-stripe-server-envoy-start-time-us
1695484366701491
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1695484366701049
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 5D23 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 23 Sep 2023 15:52:46 GMT
x-stripe-server-envoy-start-time-us
1695484366701515
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1695484366701272
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 5D23 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 23 Sep 2023 15:52:46 GMT
x-stripe-server-envoy-start-time-us
1695484366700534
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1695484366700210
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 5D23 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 23 Sep 2023 15:52:46 GMT
x-stripe-server-envoy-start-time-us
1695484366700802
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1695484366700159
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 5D23 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 23 Sep 2023 15:52:46 GMT
x-stripe-server-envoy-start-time-us
1695484366701320
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
4
x-stripe-client-envoy-start-time-us
1695484366701073
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 5D23 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 23 Sep 2023 15:52:46 GMT
x-stripe-server-envoy-start-time-us
1695484366700647
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1695484366700322
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 5D23 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 23 Sep 2023 15:52:46 GMT
x-stripe-server-envoy-start-time-us
1695484366868806
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1695484366868086
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 509D 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 23 Sep 2023 15:52:46 GMT
x-stripe-server-envoy-start-time-us
1695484366701526
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1695484366701226
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 509D 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 23 Sep 2023 15:52:46 GMT
x-stripe-server-envoy-start-time-us
1695484366701299
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1695484366700949
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 509D 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 23 Sep 2023 15:52:46 GMT
x-stripe-server-envoy-start-time-us
1695484366701498
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1695484366700970
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 509D 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 23 Sep 2023 15:52:46 GMT
x-stripe-server-envoy-start-time-us
1695484366869079
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1695484366868749
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 509D 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 23 Sep 2023 15:52:46 GMT
x-stripe-server-envoy-start-time-us
1695484366869146
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1695484366868606
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 509D 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 23 Sep 2023 15:52:46 GMT
x-stripe-server-envoy-start-time-us
1695484366869169
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
1
x-stripe-client-envoy-start-time-us
1695484366868499
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 509D 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 23 Sep 2023 15:52:46 GMT
x-stripe-server-envoy-start-time-us
1695484366869023
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1695484366868433
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 509D 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 23 Sep 2023 15:52:46 GMT
x-stripe-server-envoy-start-time-us
1695484366868894
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1695484366868311
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 509D 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 23 Sep 2023 15:52:46 GMT
x-stripe-server-envoy-start-time-us
1695484366868514
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1695484366868250
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 509D 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 23 Sep 2023 15:52:46 GMT
x-stripe-server-envoy-start-time-us
1695484366869077
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1695484366868265
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 509D 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 23 Sep 2023 15:52:46 GMT
x-stripe-server-envoy-start-time-us
1695484366868958
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1695484366868098
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 509D 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 23 Sep 2023 15:52:46 GMT
x-stripe-server-envoy-start-time-us
1695484366870955
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
4
x-stripe-client-envoy-start-time-us
1695484366870307
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 509D 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 23 Sep 2023 15:52:46 GMT
x-stripe-server-envoy-start-time-us
1695484366869976
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1695484366869637
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 509D 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 23 Sep 2023 15:52:46 GMT
x-stripe-server-envoy-start-time-us
1695484366869947
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1695484366869573
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 509D 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 23 Sep 2023 15:52:46 GMT
x-stripe-server-envoy-start-time-us
1695484366870189
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
4
x-stripe-client-envoy-start-time-us
1695484366869481
access-control-allow-credentials
true
content-length
0
wallet-config
merchant-ui-api.stripe.com/elements/ Frame 509D 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://merchant-ui-api.stripe.com/elements/wallet-config
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.202.131.124 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-202-131-124.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
fb23d3f2491392ac6bbca3094cd05738a77e3982a9656279ce0c45255c19e1c7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 23 Sep 2023 15:52:46 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
cross-origin-resource-policy
same-site
content-length
1701
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
access-control-max-age
300
access-control-allow-methods
GET, POST
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://js.stripe.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
access-control-allow-headers
x-stripe-csrf-token
expires
0
0
r.stripe.com/ Frame 509D 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 23 Sep 2023 15:52:46 GMT
x-stripe-server-envoy-start-time-us
1695484366869227
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1695484366868803
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 509D 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 23 Sep 2023 15:52:46 GMT
x-stripe-server-envoy-start-time-us
1695484366870671
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
5
x-stripe-client-envoy-start-time-us
1695484366869985
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 509D 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 23 Sep 2023 15:52:46 GMT
x-stripe-server-envoy-start-time-us
1695484366870069
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1695484366869790
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 509D 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 23 Sep 2023 15:52:46 GMT
x-stripe-server-envoy-start-time-us
1695484366869399
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
4
x-stripe-client-envoy-start-time-us
1695484366868861
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 509D 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 23 Sep 2023 15:52:46 GMT
x-stripe-server-envoy-start-time-us
1695484366869745
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1695484366869361
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 509D 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 23 Sep 2023 15:52:46 GMT
x-stripe-server-envoy-start-time-us
1695484366700789
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1695484366700488
access-control-allow-credentials
true
content-length
0
payframe
pay.google.com/gp/p/ui/ Frame 59CD 		18 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3c131cf2766ebad7b2013097bd4dcd8bb63e79a93da574250c02d5712dcf877e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-WnnuiB2EMWciTtdN0PDujQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-WnnuiB2EMWciTtdN0PDujQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-site
date
Sat, 23 Sep 2023 15:52:46 GMT
expires
Sat, 23 Sep 2023 15:52:46 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0
0
r.stripe.com/ Frame 509D 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 23 Sep 2023 15:52:46 GMT
x-stripe-server-envoy-start-time-us
1695484366870751
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1695484366870133
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 509D 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 23 Sep 2023 15:52:46 GMT
x-stripe-server-envoy-start-time-us
1695484366870293
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1695484366869914
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 509D 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 23 Sep 2023 15:52:46 GMT
x-stripe-server-envoy-start-time-us
1695484366870217
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1695484366869932
access-control-allow-credentials
true
content-length
0
index.html
www.paypalobjects.com/muse/analytics/ Frame 971C 		55 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/analytics/index.html
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CBF) /
Resource Hash
7247ab83a30fbd92bf8425aca87dbb9f3f44c1b7facc6f7fd80df157ea6b5e03
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://donate.wfp.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
s-maxage=31536000, public,max-age=3600
content-encoding
gzip
content-length
16892
content-type
text/html
date
Sat, 23 Sep 2023 15:52:46 GMT
dc
ccg11-origin-www-1.paypal.com
etag
"64f25363-dacc"
expires
Sat, 23 Sep 2023 16:52:46 GMT
last-modified
Fri, 01 Sep 2023 21:10:59 GMT
paypal-debug-id
733370d065e57
server
ECAcc (frc/4CBF)
strict-transport-security
max-age=63072000; includeSubDomains; preload
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
traceparent
00-0000000000000000000733370d065e57-3c2230dc187c9664-01
vary
Accept-Encoding
x-cache
HIT
x-content-type-options
nosniff
0
r.stripe.com/ Frame 509D 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 23 Sep 2023 15:52:46 GMT
x-stripe-server-envoy-start-time-us
1695484366870279
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1695484366869964
access-control-allow-credentials
true
content-length
0
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 3C80 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 06:02:48 GMT
x-content-type-options
nosniff
age
35398
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Sat, 30 Sep 2023 06:02:48 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3C80 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcW0K4kAAAAAIvAD4LnnB0XoYSHPXpH6MuedSFw&co=aHR0cHM6Ly9kb25hdGUud2ZwLm9yZzo0NDM.&hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=invisible&cb=z73d89umgvnw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.recaptcha.net/
Origin
https://www.recaptcha.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 02:58:03 GMT
x-content-type-options
nosniff
age
46483
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 22 Sep 2024 02:58:03 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3C80 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcW0K4kAAAAAIvAD4LnnB0XoYSHPXpH6MuedSFw&co=aHR0cHM6Ly9kb25hdGUud2ZwLm9yZzo0NDM.&hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=invisible&cb=z73d89umgvnw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.recaptcha.net/
Origin
https://www.recaptcha.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 05:51:22 GMT
x-content-type-options
nosniff
age
36084
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 22 Sep 2024 05:51:22 GMT
js
www.paypal.com/sdk/ Frame D617 		273 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?client-id=AbyrqEp_MW1nDeGIuU7pGYUNi85B7a9Gdcf8tpWgcHrn6mtIMPNruc31B06UJw7DHDdOd10ZCGh2bAth&disable-funding=card,credit,bancontact,blik,eps,giropay,ideal,mercadopago,mybank,p24,sepa,sofort,venmo&currency=EUR
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=blue&style.shape=rect&style.tagline=false&style.height=45&style.menuPlacement=below&sdkVersion=5.0.398&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJ5cnFFcF9NVzFuRGVHSXVVN3BHWVVOaTg1QjdhOUdkY2Y4dHBXZ2NIcm42bXRJTVBOcnVjMzFCMDZVSnc3REhEZE9kMTBaQ0doMmJBdGgmZGlzYWJsZS1mdW5kaW5nPWNhcmQsY3JlZGl0LGJhbmNvbnRhY3QsYmxpayxlcHMsZ2lyb3BheSxpZGVhbCxtZXJjYWRvcGFnbyxteWJhbmsscDI0LHNlcGEsc29mb3J0LHZlbm1vJmN1cnJlbmN5PUVVUiIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX2xxa3h0cWthaWZyamZnd2lzYXVnZWJqdWlvbWJqayJ9fQ&clientID=AbyrqEp_MW1nDeGIuU7pGYUNi85B7a9Gdcf8tpWgcHrn6mtIMPNruc31B06UJw7DHDdOd10ZCGh2bAth&sdkCorrelationID=f3406705dd00f&storageID=uid_11a8c1b610_mtu6nti6ndy&sessionID=uid_4d154020c6_mtu6nti6ndy&buttonSessionID=uid_3f61aba13a_mtu6nti6ndy&env=production&buttonSize=medium&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=EUR&intent=capture&commit=true&vault=false&disableFunding.0=card&disableFunding.1=credit&disableFunding.2=bancontact&disableFunding.3=blik&disableFunding.4=eps&disableFunding.5=giropay&disableFunding.6=ideal&disableFunding.7=mercadopago&disableFunding.8=mybank&disableFunding.9=p24&disableFunding.10=sepa&disableFunding.11=sofort&disableFunding.12=venmo&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true&experimentation.experience=107634&experimentation.treatment=135612
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bfeb2e4213c8280f6a799efe607be5d41b6b91517b4a29696c9fa35c3a0f40a4
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-MK857PrcVyKud9MusGSToKbdnm9axnWaPw6drNEcE0JUBmUT' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-MK857PrcVyKud9MusGSToKbdnm9axnWaPw6drNEcE0JUBmUT' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=blue&style.shape=rect&style.tagline=false&style.height=45&style.menuPlacement=below&sdkVersion=5.0.398&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJ5cnFFcF9NVzFuRGVHSXVVN3BHWVVOaTg1QjdhOUdkY2Y4dHBXZ2NIcm42bXRJTVBOcnVjMzFCMDZVSnc3REhEZE9kMTBaQ0doMmJBdGgmZGlzYWJsZS1mdW5kaW5nPWNhcmQsY3JlZGl0LGJhbmNvbnRhY3QsYmxpayxlcHMsZ2lyb3BheSxpZGVhbCxtZXJjYWRvcGFnbyxteWJhbmsscDI0LHNlcGEsc29mb3J0LHZlbm1vJmN1cnJlbmN5PUVVUiIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX2xxa3h0cWthaWZyamZnd2lzYXVnZWJqdWlvbWJqayJ9fQ&clientID=AbyrqEp_MW1nDeGIuU7pGYUNi85B7a9Gdcf8tpWgcHrn6mtIMPNruc31B06UJw7DHDdOd10ZCGh2bAth&sdkCorrelationID=f3406705dd00f&storageID=uid_11a8c1b610_mtu6nti6ndy&sessionID=uid_4d154020c6_mtu6nti6ndy&buttonSessionID=uid_3f61aba13a_mtu6nti6ndy&env=production&buttonSize=medium&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=EUR&intent=capture&commit=true&vault=false&disableFunding.0=card&disableFunding.1=credit&disableFunding.2=bancontact&disableFunding.3=blik&disableFunding.4=eps&disableFunding.5=giropay&disableFunding.6=ideal&disableFunding.7=mercadopago&disableFunding.8=mybank&disableFunding.9=p24&disableFunding.10=sepa&disableFunding.11=sofort&disableFunding.12=venmo&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true&experimentation.experience=107634&experimentation.treatment=135612
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-MK857PrcVyKud9MusGSToKbdnm9axnWaPw6drNEcE0JUBmUT' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-MK857PrcVyKud9MusGSToKbdnm9axnWaPw6drNEcE0JUBmUT' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
disable-set-cookie
true
via
1.1 varnish, 1.1 varnish
date
Sat, 23 Sep 2023 15:52:46 GMT
age
4537
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT, MISS
p3p
true
paypal-debug-id
f662522417377
server-timing
"traceparent;desc="00-0000000000000000000f662522417377-f3e000cf0e95bcf5-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
76494
x-xss-protection
1; mode=block
x-served-by
cache-fra-etou8220099-FRA, cache-fra-etou8220099-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f662522417377-a46e718e3b163f37-01
x-timer
S1695484367.556103,VS0,VE8
etag
W/"12ace-DgrR442aIM0DtV/+lqjEsdaJQwI"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600, s-maxage=10800
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
2, 0
webworker.js
www.recaptcha.net/recaptcha/api2/ Frame 3C80 		102 B
135 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api2/webworker.js?hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcW0K4kAAAAAIvAD4LnnB0XoYSHPXpH6MuedSFw&co=aHR0cHM6Ly9kb25hdGUud2ZwLm9yZzo0NDM.&hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=invisible&cb=z73d89umgvnw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
92fd239ffc7ccfa6d1586848df32f07e749d3fea1a39143948f7dac710a19531
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcW0K4kAAAAAIvAD4LnnB0XoYSHPXpH6MuedSFw&co=aHR0cHM6Ly9kb25hdGUud2ZwLm9yZzo0NDM.&hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=invisible&cb=z73d89umgvnw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 15:52:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sat, 23 Sep 2023 15:52:46 GMT
truncated
/ Frame D617 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3f8c62b36198124e39fe0d48535fef486d0eb6174159c5c72b0fcaede72222f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type
image/svg+xml
0
r.stripe.com/ Frame 5D23 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 23 Sep 2023 15:52:46 GMT
x-stripe-server-envoy-start-time-us
1695484366870622
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1695484366870049
access-control-allow-credentials
true
content-length
0
noop.js
www.paypalobjects.com/muse/ Frame 971C 		18 B
211 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/noop.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (daa/7D8C) /
Resource Hash
0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paypalobjects.com/muse/analytics/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 15:52:46 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
paypal-debug-id
775ee15b09ef4
dc
ccg11-origin-www-1.paypal.com
content-length
18
last-modified
Sat, 13 Feb 2021 00:26:56 GMT
server
ECAcc (daa/7D8C)
traceparent
00-0000000000000000000775ee15b09ef4-63d3e1152fa3bb7b-01
etag
"60271cd0-12"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Sat, 23 Sep 2023 15:52:45 GMT
ts
t.paypal.com/ 		42 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3AZ2YYMM8UVWX3A-1&page=muse%3Aoffer%3A%3A%3AZ2YYMM8UVWX3A-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=cb71c1d9-41a7-416c-91f5-405984c59fba&es=visitorInfoFlowStarted&mrid=Z2YYMM8UVWX3A&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=UN%20World%20Food%20Programme&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1695484366704&g=-120&completeurl=https%3A%2F%2Fdonate.wfp.org%2FAR%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3287%26utm_source%3Dfacebook%26utm_medium%3Dcpm%26utm_campaign%3D23852145504580086%26utm_content%3D1%26utm_ad%3D23859899314510086%26utm_adset%3D23859898890210086%26utm_cid%3D7014y000001RTPKAA4%26fbclid%3DIwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL&disableSetCookie=true
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-cache-hits
0
date
Sat, 23 Sep 2023 15:52:46 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
1effab9a190e1
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-fra-etou8220082-FRA
pragma
no-cache
correlation-id
1effab9a190e1
traceparent
00-00000000000000000001effab9a190e1-8d400632cf56a81f-01
x-timer
S1695484367.695092,VS0,VE159
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Sep 2023 15:52:46 GMT
0
r.stripe.com/ Frame 5D23 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 23 Sep 2023 15:52:46 GMT
x-stripe-server-envoy-start-time-us
1695484366870342
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1695484366870087
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 5D23 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 23 Sep 2023 15:52:46 GMT
x-stripe-server-envoy-start-time-us
1695484366870832
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
4
x-stripe-client-envoy-start-time-us
1695484366870206
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 509D 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 23 Sep 2023 15:52:46 GMT
x-stripe-server-envoy-start-time-us
1695484366870747
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
4
x-stripe-client-envoy-start-time-us
1695484366870215
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 509D 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 23 Sep 2023 15:52:46 GMT
x-stripe-server-envoy-start-time-us
1695484366870584
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1695484366870271
access-control-allow-credentials
true
content-length
0
logger
www.paypal.com/xoplatform/logger/api/ Frame D617 		1018 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AbyrqEp_MW1nDeGIuU7pGYUNi85B7a9Gdcf8tpWgcHrn6mtIMPNruc31B06UJw7DHDdOd10ZCGh2bAth&disable-funding=card,credit,bancontact,blik,eps,giropay,ideal,mercadopago,mybank,p24,sepa,sofort,venmo&currency=EUR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a1ba6c18197a36083dca3fea73566a99382dc0972ece5ea22f52b5720e483931
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=blue&style.shape=rect&style.tagline=false&style.height=45&style.menuPlacement=below&sdkVersion=5.0.398&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJ5cnFFcF9NVzFuRGVHSXVVN3BHWVVOaTg1QjdhOUdkY2Y4dHBXZ2NIcm42bXRJTVBOcnVjMzFCMDZVSnc3REhEZE9kMTBaQ0doMmJBdGgmZGlzYWJsZS1mdW5kaW5nPWNhcmQsY3JlZGl0LGJhbmNvbnRhY3QsYmxpayxlcHMsZ2lyb3BheSxpZGVhbCxtZXJjYWRvcGFnbyxteWJhbmsscDI0LHNlcGEsc29mb3J0LHZlbm1vJmN1cnJlbmN5PUVVUiIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX2xxa3h0cWthaWZyamZnd2lzYXVnZWJqdWlvbWJqayJ9fQ&clientID=AbyrqEp_MW1nDeGIuU7pGYUNi85B7a9Gdcf8tpWgcHrn6mtIMPNruc31B06UJw7DHDdOd10ZCGh2bAth&sdkCorrelationID=f3406705dd00f&storageID=uid_11a8c1b610_mtu6nti6ndy&sessionID=uid_4d154020c6_mtu6nti6ndy&buttonSessionID=uid_3f61aba13a_mtu6nti6ndy&env=production&buttonSize=medium&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=EUR&intent=capture&commit=true&vault=false&disableFunding.0=card&disableFunding.1=credit&disableFunding.2=bancontact&disableFunding.3=blik&disableFunding.4=eps&disableFunding.5=giropay&disableFunding.6=ideal&disableFunding.7=mercadopago&disableFunding.8=mybank&disableFunding.9=p24&disableFunding.10=sepa&disableFunding.11=sofort&disableFunding.12=venmo&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true&experimentation.experience=107634&experimentation.treatment=135612
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
content-type
application/json

Response headers

date
Sat, 23 Sep 2023 15:52:47 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cache
MISS, MISS
paypal-debug-id
f299579d16f7a
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-fra-etou8220099-FRA, cache-fra-etou8220099-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f299579d16f7a-a0a5f205dedbce99-01
x-timer
S1695484367.820858,VS0,VE193
etag
W/"3fa-iDvKNCPlw2D05tAoEU4FUKL1e00"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.paypal.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
none
x-cache-hits
0, 0
phone-numbers-lib-12ff6fba58e6c35240f70bcada1d1c6d.js
js.stripe.com/v3/fingerprinted/js/ 		129 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/phone-numbers-lib-12ff6fba58e6c35240f70bcada1d1c6d.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
6eaf243e54b530454f1552f3c3b848d9093e559bf4d44869ac10c37bdb63b488
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 23 Sep 2023 14:58:46 GMT
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
3320
x-cache
Hit from cloudfront
last-modified
Thu, 17 Aug 2023 20:05:32 GMT
server
Cloudfront
etag
W/"77f70bac4642cea3e221082993faa983"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
8vV_EDHvlZ6STLijTYFfC5ftcxCgyXPx2G6o7_v7zHpSS_rcd8tEAA==
0
r.stripe.com/ Frame 5D23 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 23 Sep 2023 15:52:46 GMT
x-stripe-server-envoy-start-time-us
1695484366925225
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1695484366924920
access-control-allow-credentials
true
content-length
0
logger
www.paypal.com/xoplatform/logger/api/ Frame D617 		1016 B
790 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=blue&style.shape=rect&style.tagline=false&style.height=45&style.menuPlacement=below&sdkVersion=5.0.398&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJ5cnFFcF9NVzFuRGVHSXVVN3BHWVVOaTg1QjdhOUdkY2Y4dHBXZ2NIcm42bXRJTVBOcnVjMzFCMDZVSnc3REhEZE9kMTBaQ0doMmJBdGgmZGlzYWJsZS1mdW5kaW5nPWNhcmQsY3JlZGl0LGJhbmNvbnRhY3QsYmxpayxlcHMsZ2lyb3BheSxpZGVhbCxtZXJjYWRvcGFnbyxteWJhbmsscDI0LHNlcGEsc29mb3J0LHZlbm1vJmN1cnJlbmN5PUVVUiIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX2xxa3h0cWthaWZyamZnd2lzYXVnZWJqdWlvbWJqayJ9fQ&clientID=AbyrqEp_MW1nDeGIuU7pGYUNi85B7a9Gdcf8tpWgcHrn6mtIMPNruc31B06UJw7DHDdOd10ZCGh2bAth&sdkCorrelationID=f3406705dd00f&storageID=uid_11a8c1b610_mtu6nti6ndy&sessionID=uid_4d154020c6_mtu6nti6ndy&buttonSessionID=uid_3f61aba13a_mtu6nti6ndy&env=production&buttonSize=medium&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=EUR&intent=capture&commit=true&vault=false&disableFunding.0=card&disableFunding.1=credit&disableFunding.2=bancontact&disableFunding.3=blik&disableFunding.4=eps&disableFunding.5=giropay&disableFunding.6=ideal&disableFunding.7=mercadopago&disableFunding.8=mybank&disableFunding.9=p24&disableFunding.10=sepa&disableFunding.11=sofort&disableFunding.12=venmo&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true&experimentation.experience=107634&experimentation.treatment=135612
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
261e9102c2dec76bb10061011925e48efc450d8858337b9cebd558421a7d4e75
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=blue&style.shape=rect&style.tagline=false&style.height=45&style.menuPlacement=below&sdkVersion=5.0.398&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJ5cnFFcF9NVzFuRGVHSXVVN3BHWVVOaTg1QjdhOUdkY2Y4dHBXZ2NIcm42bXRJTVBOcnVjMzFCMDZVSnc3REhEZE9kMTBaQ0doMmJBdGgmZGlzYWJsZS1mdW5kaW5nPWNhcmQsY3JlZGl0LGJhbmNvbnRhY3QsYmxpayxlcHMsZ2lyb3BheSxpZGVhbCxtZXJjYWRvcGFnbyxteWJhbmsscDI0LHNlcGEsc29mb3J0LHZlbm1vJmN1cnJlbmN5PUVVUiIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX2xxa3h0cWthaWZyamZnd2lzYXVnZWJqdWlvbWJqayJ9fQ&clientID=AbyrqEp_MW1nDeGIuU7pGYUNi85B7a9Gdcf8tpWgcHrn6mtIMPNruc31B06UJw7DHDdOd10ZCGh2bAth&sdkCorrelationID=f3406705dd00f&storageID=uid_11a8c1b610_mtu6nti6ndy&sessionID=uid_4d154020c6_mtu6nti6ndy&buttonSessionID=uid_3f61aba13a_mtu6nti6ndy&env=production&buttonSize=medium&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=EUR&intent=capture&commit=true&vault=false&disableFunding.0=card&disableFunding.1=credit&disableFunding.2=bancontact&disableFunding.3=blik&disableFunding.4=eps&disableFunding.5=giropay&disableFunding.6=ideal&disableFunding.7=mercadopago&disableFunding.8=mybank&disableFunding.9=p24&disableFunding.10=sepa&disableFunding.11=sofort&disableFunding.12=venmo&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true&experimentation.experience=107634&experimentation.treatment=135612
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 23 Sep 2023 15:52:47 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cache
MISS, MISS
paypal-debug-id
f299579128ac5
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-fra-etou8220099-FRA, cache-fra-etou8220099-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f299579128ac5-97ac8e714240a77b-01
x-timer
S1695484367.842969,VS0,VE188
etag
W/"3f8-TV9M2bXFzX6LNnRUHa1+2nVF+sE"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.paypal.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
none
x-cache-hits
0, 0
0
r.stripe.com/ Frame 5D23 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 23 Sep 2023 15:52:46 GMT
x-stripe-server-envoy-start-time-us
1695484366927499
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1695484366927222
access-control-allow-credentials
true
content-length
0
graphql
www.paypal.com/targeting/ Frame 971C 		435 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/targeting/graphql?disableSetCookie=true
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
762a4ee6acceae8f5fbcd0e88af914a9b845ebe3d26e2546cfe3fc8cce1b9abe
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-8pbcC8a6u6crVKNfKiPZ0MKiE4W8vDbj+/bnh1Bpi5WDE6EH' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypalobjects.com/
disable-set-cookie
true
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-8pbcC8a6u6crVKNfKiPZ0MKiE4W8vDbj+/bnh1Bpi5WDE6EH' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Sat, 23 Sep 2023 15:52:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
paypal-debug-id
f299579a35ffe
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-xss-protection
1; mode=block
x-served-by
cache-fra-etou8220099-FRA, cache-fra-etou8220099-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f299579a35ffe-3b1cf60d5d651299-01
x-timer
S1695484367.036888,VS0,VE266
etag
W/"1b3-39HfE/80HA58qk8mvjLEGwyQrg4"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.paypalobjects.com
access-control-expose-headers
Paypal-Debug-Id
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0
graphql
www.paypal.com/targeting/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/targeting/graphql?disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,disable-set-cookie
Access-Control-Request-Method
POST
Origin
https://www.paypalobjects.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type,disable-set-cookie
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.paypalobjects.com
access-control-expose-headers
Paypal-Debug-Id
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Sat, 23 Sep 2023 15:52:47 GMT
dc
ccg11-origin-www-1.paypal.com
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f29957913d7fb
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f29957913d7fb-062ab2e37fdbc0d0-01
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-served-by
cache-fra-etou8220048-FRA, cache-fra-etou8220048-FRA
x-timer
S1695484367.861126,VS0,VE168
0
r.stripe.com/ Frame 509D 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 23 Sep 2023 15:52:46 GMT
x-stripe-server-envoy-start-time-us
1695484366932918
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1695484366932694
access-control-allow-credentials
true
content-length
0
m=_b,_tp
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.mAcCA4GB-AI.es5.O/am=AMAY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfr... Frame 59CD 		156 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.mAcCA4GB-AI.es5.O/am=AMAY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrguQl8BM6LK173atVLYymBVycKPrA/m=_b,_tp
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9dcfcb7c0d00fdf2f4e8f3d91c2b08ef5fe0607028fa0892da0b7ab16bf6982
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 16:33:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
83937
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56336
x-xss-protection
0
last-modified
Fri, 22 Sep 2023 00:27:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sat, 21 Sep 2024 16:33:49 GMT
cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 59CD 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c0c::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer
https://pay.google.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 23 Sep 2023 15:52:46 GMT
referrer-policy
no-referrer
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1608
content-type
text/html; charset=UTF-8
m=Das5Le
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.mAcCA4GB-AI.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.TWG4Oh... Frame 59CD 		72 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.mAcCA4GB-AI.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.TWG4OhFXjrM.L.B1.O/am=AMAY/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrjHXPYcBlJO_s6nNLu7N13TX4bznw/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.mAcCA4GB-AI.es5.O/am=AMAY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrguQl8BM6LK173atVLYymBVycKPrA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
406c78eb32ad09d4cb63627419de5701cadc804ca716fcf1f39efeeef8d0ab87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 16:51:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
82873
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26940
x-xss-protection
0
last-modified
Mon, 18 Sep 2023 11:25:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sat, 21 Sep 2024 16:51:33 GMT
pay
pay.google.com/gp/p/ui/ Frame 59CD 		1 MB
369 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/pay
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.mAcCA4GB-AI.es5.O/am=AMAY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrguQl8BM6LK173atVLYymBVycKPrA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c0c::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7253b975cd5b5e6ed2ba6587558caa66c0bb172e3cff836bb3a721045f33ce0d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce--Tq0jfLoUxlI26Jl47vZUQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 15:52:46 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce--Tq0jfLoUxlI26Jl47vZUQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options
nosniff
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
x-ua-compatible
IE=edge
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
unsafe-none
server
ESF
x-frame-options
DENY
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
cache-control
private, max-age=3600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Sat, 23 Sep 2023 15:52:46 GMT
sparkcentral.1.25.7.css
cdn.sparkcentral.com/rtm/web/1.25.7/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.sparkcentral.com/rtm/web/1.25.7/sparkcentral.1.25.7.css
Requested by
Host: cdn.sparkcentral.com
URL: https://cdn.sparkcentral.com/rtm/web/1.25.7/sparkcentral.1.25.7.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:c200:14:56a0:4680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
73f7889bf92cf273187c2cd8353f4c92005ae3164e6d6c8ec997df4c93401038

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 02:45:04 GMT
content-encoding
gzip
via
1.1 2e727a8c78efdc43baa0571190ea0f4a.cloudfront.net (CloudFront)
last-modified
Fri, 19 Feb 2021 16:46:30 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P2
age
50914
x-amz-server-side-encryption
AES256
etag
W/"4c74258ace5e1e172fe16e0f81170ea4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-meta-lastmodified
2020-03-16 15:17:38 +0000 UTC
x-amz-cf-id
k-Woar35vH5e_wOi3HlAYh36xCaxLxSDoCqyA-wfpcaPCDrAggxT4A==
frame.1.25.7.css
cdn.sparkcentral.com/rtm/web/1.25.7/ Frame EDDC 		96 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.sparkcentral.com/rtm/web/1.25.7/frame.1.25.7.css
Requested by
Host: cdn.sparkcentral.com
URL: https://cdn.sparkcentral.com/rtm/web/1.25.7/sparkcentral.1.25.7.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:c200:14:56a0:4680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2279acbe0b909f296878149708331941cdb1f78fdd049ae04689eb17c44f7962

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 07:04:28 GMT
content-encoding
gzip
via
1.1 2e727a8c78efdc43baa0571190ea0f4a.cloudfront.net (CloudFront)
last-modified
Fri, 19 Feb 2021 16:46:29 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P2
age
31724
x-amz-server-side-encryption
AES256
etag
W/"79560a9f764fa94e6e9d749b61ac292a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-meta-lastmodified
2020-03-16 15:17:38 +0000 UTC
x-amz-cf-id
e6E6hNzX4OqGF-UiDzHQhfZA7v6uiJaahU15kj7muxi1bNzvKsB9KA==
frame.1.25.7.min.js
cdn.sparkcentral.com/rtm/web/1.25.7/ Frame EDDC 		833 KB
252 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sparkcentral.com/rtm/web/1.25.7/frame.1.25.7.min.js
Requested by
Host: cdn.sparkcentral.com
URL: https://cdn.sparkcentral.com/rtm/web/1.25.7/sparkcentral.1.25.7.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:c200:14:56a0:4680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4c35771cad9dde5289558c52bd9f64f795170b265066370898c2f6d01b47ff5d

Request headers

Referer
https://donate.wfp.org/
Origin
https://donate.wfp.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 01:12:39 GMT
content-encoding
gzip
via
1.1 0c898d6f2a10977d2385a738646746ba.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P2
age
53340
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-meta-lastmodified
2020-03-16 15:17:38 +0000 UTC
last-modified
Fri, 19 Feb 2021 16:46:30 GMT
server
AmazonS3
etag
W/"461058a8e768a1691575ed540ddecdab"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
rDyfp8pdQF9_JPIIk5LswZQ7ie8T-MaLbAnh2xxFuR38JVaBxT39kQ==
m-outer-27c67c0d52761104439bb051c7856ab1.html
js.stripe.com/v3/ Frame AAF4 		200 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://donate.wfp.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
594
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sat, 23 Sep 2023 15:42:53 GMT
etag
"27c67c0d52761104439bb051c7856ab1"
last-modified
Fri, 08 Sep 2023 21:23:50 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-cf-id
VMnDafl7JvTidpBQPal2qro84Fty-fGJJtjG-FaRvszlZgY0p7g0eg==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.mAcCA4GB-AI.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.TWG4Oh... Frame 59CD 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.mAcCA4GB-AI.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.TWG4OhFXjrM.L.B1.O/am=AMAY/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrjHXPYcBlJO_s6nNLu7N13TX4bznw/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.mAcCA4GB-AI.es5.O/am=AMAY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrguQl8BM6LK173atVLYymBVycKPrA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2ff2585fa9125327837cd84436eb49cbd693c55b22e672f64a894cdcf843eda8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 16:51:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
82873
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3927
x-xss-protection
0
last-modified
Mon, 18 Sep 2023 11:25:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sat, 21 Sep 2024 16:51:33 GMT
m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.mAcCA4GB-AI.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.TWG4Oh... Frame 59CD 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.mAcCA4GB-AI.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.TWG4OhFXjrM.L.B1.O/am=AMAY/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrjHXPYcBlJO_s6nNLu7N13TX4bznw/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.mAcCA4GB-AI.es5.O/am=AMAY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrguQl8BM6LK173atVLYymBVycKPrA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9fc02713520a6911a50efbd221a3752177a80f62206fc681b4eaac0ec28bab75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 16:51:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
82873
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13838
x-xss-protection
0
last-modified
Mon, 18 Sep 2023 11:25:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sat, 21 Sep 2024 16:51:33 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Sat, 23 Sep 2023 15:52:46 GMT
expires
Sat, 23 Sep 2023 15:52:46 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 59CD 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.mAcCA4GB-AI.es5.O/am=AMAY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrguQl8BM6LK173atVLYymBVycKPrA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 23 Sep 2023 15:52:47 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 23 Sep 2023 15:52:47 GMT
log
play.google.com/ Frame 59CD 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.mAcCA4GB-AI.es5.O/am=AMAY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrguQl8BM6LK173atVLYymBVycKPrA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 23 Sep 2023 15:52:47 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 23 Sep 2023 15:52:47 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Sat, 23 Sep 2023 15:52:46 GMT
expires
Sat, 23 Sep 2023 15:52:46 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Sat, 23 Sep 2023 15:52:46 GMT
expires
Sat, 23 Sep 2023 15:52:46 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 59CD 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.mAcCA4GB-AI.es5.O/am=AMAY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrguQl8BM6LK173atVLYymBVycKPrA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 23 Sep 2023 15:52:47 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 23 Sep 2023 15:52:47 GMT
log
play.google.com/ Frame 59CD 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.mAcCA4GB-AI.es5.O/am=AMAY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrguQl8BM6LK173atVLYymBVycKPrA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 23 Sep 2023 15:52:47 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 23 Sep 2023 15:52:47 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Sat, 23 Sep 2023 15:52:46 GMT
expires
Sat, 23 Sep 2023 15:52:46 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 59CD 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.mAcCA4GB-AI.es5.O/am=AMAY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrguQl8BM6LK173atVLYymBVycKPrA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 23 Sep 2023 15:52:47 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 23 Sep 2023 15:52:47 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Sat, 23 Sep 2023 15:52:46 GMT
expires
Sat, 23 Sep 2023 15:52:46 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
0
r.stripe.com/ Frame 5D23 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 23 Sep 2023 15:52:47 GMT
x-stripe-server-envoy-start-time-us
1695484367035164
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1695484367034335
access-control-allow-credentials
true
content-length
0
m-outer-6576085ca35ee42f2f484cda6763e4aa.js
js.stripe.com/v3/fingerprinted/js/ Frame AAF4 		631 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
date
Sat, 23 Sep 2023 15:07:53 GMT
x-content-type-options
nosniff
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
2693
x-cache
Hit from cloudfront
content-length
631
last-modified
Wed, 13 Sep 2023 20:29:35 GMT
server
Cloudfront
etag
"70cacf09ae81711ac6dcbc5ee59750c4"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
RDqtDRI0ByWu91rGQZGiPATqYnEl9F86HuS15sVmSgiEsrOv6unkwA==
log
play.google.com/ Frame 59CD 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.mAcCA4GB-AI.es5.O/am=AMAY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrguQl8BM6LK173atVLYymBVycKPrA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 23 Sep 2023 15:52:47 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 23 Sep 2023 15:52:47 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Sat, 23 Sep 2023 15:52:46 GMT
expires
Sat, 23 Sep 2023 15:52:46 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
0
r.stripe.com/ Frame 5D23 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 23 Sep 2023 15:52:47 GMT
x-stripe-server-envoy-start-time-us
1695484367053885
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1695484367053618
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 5D23 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 23 Sep 2023 15:52:47 GMT
x-stripe-server-envoy-start-time-us
1695484367053952
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1695484367053684
access-control-allow-credentials
true
content-length
0
csp-report
q.stripe.com/ Frame AAF4 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 23 Sep 2023 15:52:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1695484367060420
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1695484367059818
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame AAF4 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 23 Sep 2023 15:52:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1695484367062821
x-envoy-upstream-service-time
0
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1695484367062553
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
inner.html
m.stripe.network/ Frame DCBF 		930 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
285
cache-control
max-age=300, public
content-encoding
br
content-length
540
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sat, 23 Sep 2023 15:52:47 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 varnish
x-cache
HIT
x-cache-hits
238
x-content-type-options
nosniff
x-request-id
a9a11043-f446-4cf9-a8bd-e7141a42f991
x-served-by
cache-fra-eddf8230034-FRA
x-timer
S1695484367.021077,VS0,VE0
0
r.stripe.com/ Frame 5D23 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 23 Sep 2023 15:52:47 GMT
x-stripe-server-envoy-start-time-us
1695484367063706
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1695484367063406
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 5D23 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 23 Sep 2023 15:52:47 GMT
x-stripe-server-envoy-start-time-us
1695484367064630
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1695484367064417
access-control-allow-credentials
true
content-length
0
elements-inner-payment-request-d941fc8a641c9910c13047d0182f6c0a.html
js.stripe.com/v3/ Frame 435A 		820 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/elements-inner-payment-request-d941fc8a641c9910c13047d0182f6c0a.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
2b4c375b07dd04e20819ea33543ffc87c6b551ac58e1c146dd0684ecd2aa78ea
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://donate.wfp.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
254
cache-control
max-age=31536000
content-length
820
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sat, 23 Sep 2023 15:48:33 GMT
etag
"d941fc8a641c9910c13047d0182f6c0a"
last-modified
Thu, 21 Sep 2023 22:20:17 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-cf-id
mDojmksyaX6RKTHFw6fUhTdYKVrwRJXWeNl_0rp9XISEZS0iCbHCVw==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
0
r.stripe.com/ Frame 5D23 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 23 Sep 2023 15:52:47 GMT
x-stripe-server-envoy-start-time-us
1695484367074948
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1695484367074634
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 5D23 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 23 Sep 2023 15:52:47 GMT
x-stripe-server-envoy-start-time-us
1695484367075289
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1695484367075096
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 5D23 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 23 Sep 2023 15:52:47 GMT
x-stripe-server-envoy-start-time-us
1695484367075726
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1695484367075529
access-control-allow-credentials
true
content-length
0
logger
www.paypal.com/xoplatform/logger/api/ 		1016 B
872 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AbyrqEp_MW1nDeGIuU7pGYUNi85B7a9Gdcf8tpWgcHrn6mtIMPNruc31B06UJw7DHDdOd10ZCGh2bAth&disable-funding=card,credit,bancontact,blik,eps,giropay,ideal,mercadopago,mybank,p24,sepa,sofort,venmo&currency=EUR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1781b3bc503b7fecfe07dd79cd8f351993f33225ec4079f1fc63c3be5d40d69a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
https://donate.wfp.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
content-type
application/json

Response headers

date
Sat, 23 Sep 2023 15:52:47 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cache
MISS, MISS
paypal-debug-id
f299579f48058
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-fra-etou8220048-FRA, cache-fra-etou8220048-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f299579f48058-dbbbcb3a597842ba-01
x-timer
S1695484367.166344,VS0,VE188
etag
W/"3f8-IBywyC1LSrG3nqfjmBa21/ffh8Y"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://donate.wfp.org
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
none
x-cache-hits
0, 0
logger
www.paypal.com/xoplatform/logger/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://donate.wfp.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://donate.wfp.org
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-length
0
date
Sat, 23 Sep 2023 15:52:47 GMT
dc
ccg11-origin-www-1.paypal.com
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f2995792ae567
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f2995792ae567-2341404c2fa2ccc1-01
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-content-type-options
nosniff
x-served-by
cache-fra-etou8220048-FRA, cache-fra-etou8220048-FRA
x-timer
S1695484367.994588,VS0,VE165
config
5f3157de284bd6000cc5b1eb.config.eu-1.smooch.io/sdk/apps/5f3157de284bd6000cc5b1eb/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://5f3157de284bd6000cc5b1eb.config.eu-1.smooch.io/sdk/apps/5f3157de284bd6000cc5b1eb/config
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.64.154.227 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-smooch-appid,x-smooch-clientid,x-smooch-sdk
Access-Control-Request-Method
GET
Origin
https://donate.wfp.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-smooch-appid,x-smooch-clientid,x-smooch-sdk
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE, OPTIONS
access-control-allow-origin
https://donate.wfp.org
access-control-max-age
2592000
cache-control
private, no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
80b3f4ee9968bbce-FRA
content-length
0
date
Sat, 23 Sep 2023 15:52:47 GMT
expires
-1
pragma
no-cache
server
cloudflare
vary
Origin
x-request-id
80b3f4ee9968bbce-FRA
x-zendesk-account-subdomain
-
x-zendesk-zorg
yes
config
5f3157de284bd6000cc5b1eb.config.eu-1.smooch.io/sdk/apps/5f3157de284bd6000cc5b1eb/ Frame EDDC 		1 KB
759 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://5f3157de284bd6000cc5b1eb.config.eu-1.smooch.io/sdk/apps/5f3157de284bd6000cc5b1eb/config
Requested by
Host: cdn.sparkcentral.com
URL: https://cdn.sparkcentral.com/rtm/web/1.25.7/frame.1.25.7.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.64.154.227 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dadac14c76c7f89adf7b5047a18e359ad1154ff6bf56de3f4922a2ddd401428c

Request headers

accept-language
de-DE,de;q=0.9
x-smooch-sdk
web/sparkcentral/1.25.7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/json
Accept
application/json
x-smooch-clientid
b2f7f7240adc4b49b90d299aaa5c4d88
Referer
https://donate.wfp.org/
x-smooch-appid
5f3157de284bd6000cc5b1eb

Response headers

date
Sat, 23 Sep 2023 15:52:47 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-request-id
80b3f4eef9cdbbce-FRA
x-zendesk-account-subdomain
-
pragma
no-cache
server
cloudflare
etag
W/"411-mCuiqrdXlKiYk4s4Is7rGSbbdRI"
x-zendesk-zorg
yes
vary
Accept-Encoding,Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://donate.wfp.org
access-control-expose-headers
Retry-After
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
80b3f4eef9cdbbce-FRA
expires
-1
shared-64ae3beea3113d48aa7486462fd2d12e.js
js.stripe.com/v3/fingerprinted/js/ Frame 435A 		494 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-d941fc8a641c9910c13047d0182f6c0a.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
9fa101eb8187170c04e5b2b0c46c611a6aa029e8eb4ca816193ebd5bbc4567be
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-payment-request-d941fc8a641c9910c13047d0182f6c0a.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 23 Sep 2023 15:22:38 GMT
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
1833
x-cache
Hit from cloudfront
last-modified
Thu, 21 Sep 2023 22:20:31 GMT
server
Cloudfront
etag
W/"4ee047fd9c07072ad4206430e08adc9b"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
IccnGXBrcRjRWwF4-JchOo6nIAAZwkYyoSxlbeGBY2ir5qKnvHMaww==
ui-shared-9dbddfcfc656c0282376647fda9915a7.js
js.stripe.com/v3/fingerprinted/js/ Frame 435A 		309 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/ui-shared-9dbddfcfc656c0282376647fda9915a7.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-d941fc8a641c9910c13047d0182f6c0a.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
314eccb31ae54c82d0124be09e911c6b15e744335c6a1dbd9474dec5fc570794
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-payment-request-d941fc8a641c9910c13047d0182f6c0a.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 23 Sep 2023 14:59:24 GMT
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
3232
x-cache
Hit from cloudfront
last-modified
Thu, 21 Sep 2023 22:20:32 GMT
server
Cloudfront
etag
W/"bcc5411dbab11bd7e108924986fa9838"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
3X2O8b-36Dcc3M5Plx-cdIZCpN-go_EU92lIdnB5fHK2eUKGSQirtQ==
elements-inner-payment-request-b308a867855da1968e39e7b252f48f0e.js
js.stripe.com/v3/fingerprinted/js/ Frame 435A 		71 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/elements-inner-payment-request-b308a867855da1968e39e7b252f48f0e.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-d941fc8a641c9910c13047d0182f6c0a.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
b9e113e7de905a0206f457ce5e79357afae70eb33bd565acdb2820b4925a263e
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-payment-request-d941fc8a641c9910c13047d0182f6c0a.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 23 Sep 2023 15:18:30 GMT
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
2058
x-cache
Hit from cloudfront
last-modified
Tue, 19 Sep 2023 17:14:21 GMT
server
Cloudfront
etag
W/"68ff74f435fe3ef0b36fde52a36477d7"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
5T2LL97IVE6JwWdFZ-zVkJG0xiBmb5z2hfQ2xNyvwG30Qe1w-8NrrQ==
ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
js.stripe.com/v3/fingerprinted/css/ Frame 435A 		20 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-d941fc8a641c9910c13047d0182f6c0a.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-payment-request-d941fc8a641c9910c13047d0182f6c0a.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 23 Sep 2023 15:48:50 GMT
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
238
x-cache
Hit from cloudfront
last-modified
Tue, 22 Aug 2023 19:34:18 GMT
server
Cloudfront
etag
W/"b361d7109e9925ca18e32c9da528520f"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
R0hOKQ6VVXJ-0IAzHETaUuHWqLkinJg9fp7N7cmhkMdz1f20iZ15qA==
elements-inner-payment-request-6851fb638395ab2ad12082441235bcfa.css
js.stripe.com/v3/fingerprinted/css/ Frame 435A 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/elements-inner-payment-request-6851fb638395ab2ad12082441235bcfa.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-d941fc8a641c9910c13047d0182f6c0a.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
5033e337e474e5d2818fee21b093eaef81d5f545fd49b5f635b3e1160fa83abe
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-payment-request-d941fc8a641c9910c13047d0182f6c0a.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 23 Sep 2023 15:50:57 GMT
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
111
x-cache
Hit from cloudfront
last-modified
Fri, 08 Sep 2023 21:23:36 GMT
server
Cloudfront
etag
W/"828ee6578d45b518446bf74a1cc39038"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
XF2_wZZRBHaVRwbG589KmA6u5SWPlxmEYz9bpKYcNP6ecDzXuGAsaQ==
csp-report
q.stripe.com/ Frame DCBF 		0
491 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 23 Sep 2023 15:52:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1695484367139488
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
x-stripe-server-envoy-upstream-service-time-ms
1
x-stripe-client-envoy-start-time-us
1695484367139203
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
expires
0
out-4.5.43.js
m.stripe.network/ Frame DCBF 		87 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.43.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
date
Sat, 23 Sep 2023 15:52:47 GMT
x-content-type-options
nosniff
content-encoding
br
via
1.1 varnish
age
227
x-cache
HIT
content-length
15509
x-request-id
021d395f-e94e-4230-9f7b-106dc1c53fdf
x-served-by
cache-fra-eddf8230034-FRA
server
Fastly
x-timer
S1695484367.056644,VS0,VE0
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
accept-ranges
bytes
x-cache-hits
197
csp-report
q.stripe.com/ Frame 435A 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 23 Sep 2023 15:52:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1695484367151896
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1695484367151650
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 435A 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 23 Sep 2023 15:52:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1695484367151969
x-envoy-upstream-service-time
0
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1695484367151705
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
.deploy_status_henson.json
js.stripe.com/v3/ Frame 435A 		474 B
864 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
bb5880ffd5fb15b0669aacc2f6b2b40e4671d39fa0328f498029aacf30569c1a

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/elements-inner-payment-request-d941fc8a641c9910c13047d0182f6c0a.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 23 Sep 2023 15:52:34 GMT
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
last-modified
Fri, 22 Sep 2023 20:48:37 GMT
server
Cloudfront
x-amz-cf-pop
FRA6-C1
age
14
etag
"6a955f8970d56b697fb1312045250936"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
1cVSEzZ0sNgHxzqYwpQoJ7W2YvtesdgslpqXEezWL9GQijdwUY79tw==
0
r.stripe.com/ Frame 5D23 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 23 Sep 2023 15:52:47 GMT
x-stripe-server-envoy-start-time-us
1695484367196329
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1695484367195964
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 5D23 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 23 Sep 2023 15:52:47 GMT
x-stripe-server-envoy-start-time-us
1695484367198492
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1695484367198152
access-control-allow-credentials
true
content-length
0
6
m.stripe.com/ Frame DCBF 		156 B
669 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.208.135.88 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-208-135-88.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
fa9d61a48ccf7ae3e69daa1052740cdf9aa58fbe4f2855681308442ef2d3982a
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 23 Sep 2023 15:52:47 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1695484367582445
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1695484367581944
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
0
r.stripe.com/ Frame 5D23 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 23 Sep 2023 15:52:47 GMT
x-stripe-server-envoy-start-time-us
1695484367214511
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1695484367214333
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 5D23 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 23 Sep 2023 15:52:47 GMT
x-stripe-server-envoy-start-time-us
1695484367214683
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1695484367214509
access-control-allow-credentials
true
content-length
0
495cbf48a0b5e9bd3b3efd74d07d1e62.png
cdn.sparkcentral.com/rtm/web/1.25.7/ Frame EDDC 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.sparkcentral.com/rtm/web/1.25.7/495cbf48a0b5e9bd3b3efd74d07d1e62.png
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:c200:14:56a0:4680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7d283151277ce9a966db5e94713b12b55345bacc16d09ed871d3ac7fd619251f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 18:25:43 GMT
via
1.1 2e727a8c78efdc43baa0571190ea0f4a.cloudfront.net (CloudFront)
last-modified
Fri, 19 Feb 2021 16:46:29 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P2
age
77607
x-amz-server-side-encryption
AES256
etag
"495cbf48a0b5e9bd3b3efd74d07d1e62"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
x-amz-meta-lastmodified
2020-03-16 15:17:32 +0000 UTC
accept-ranges
bytes
content-length
3296
x-amz-cf-id
alfzitblOFcO-FlbDdnSO4-pXnfc67cGznN4usc-El19lrtjP-_ymQ==
2fb46965575c0c497c81e110c437f0ce.jpg
media.eu-1.smooch.io/5f3157de284bd6000cc5b1eb/icons/ Frame EDDC 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.eu-1.smooch.io/5f3157de284bd6000cc5b1eb/icons/2fb46965575c0c497c81e110c437f0ce.jpg
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.243.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-243-32.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2f73e9ac0222fded928c39a9dcb5bd7e57c6d8dd70b025eaa88d74433de570da
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 22:52:41 GMT
x-amz-version-id
jXX0xo4WZeYgkmw3zDgFQK5_DSvCWDa3
via
1.1 a4f5633e78f92f983940236e96220232.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
2739607
x-amz-cf-pop
AMS58-P1
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
13712
last-modified
Mon, 24 Aug 2020 07:47:47 GMT
server
AmazonS3
etag
"d672f813fc7205fef9cfbd559be83e62"
content-type
image/png
cache-control
max-age=315532800
accept-ranges
bytes
x-robots-tag
noindex
x-amz-cf-id
WqZ-n_jkfc3NymXv246klZKj1vdyrOvw4j86AHsFWJVQKktn_3wayg==
7f0078e82d2e653bfab143e8181cdd9e.png
cdn.sparkcentral.com/rtm/web/1.25.7/ Frame EDDC 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.sparkcentral.com/rtm/web/1.25.7/7f0078e82d2e653bfab143e8181cdd9e.png
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/AR/1244/donation/single/?campaign=3287&utm_source=facebook&utm_medium=cpm&utm_campaign=23852145504580086&utm_content=1&utm_ad=23859899314510086&utm_adset=23859898890210086&utm_cid=7014y000001RTPKAA4&fbclid=IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:c200:14:56a0:4680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
44c48de85c6def81ed02239d6b54ec624c9d7f91aa11cd3b27766eeb985dfb48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 03:05:39 GMT
via
1.1 2e727a8c78efdc43baa0571190ea0f4a.cloudfront.net (CloudFront)
last-modified
Fri, 19 Feb 2021 16:46:29 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P2
age
46413
x-amz-server-side-encryption
AES256
etag
"7f0078e82d2e653bfab143e8181cdd9e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
x-amz-meta-lastmodified
2020-03-16 15:17:34 +0000 UTC
accept-ranges
bytes
content-length
1203
x-amz-cf-id
G2UPOvsM1WZ7ubZIPJ-V0iAQHE45AxzjDDFFIPW0b4e811PlsCqTZw==
6
m.stripe.com/ Frame DCBF 		156 B
668 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.208.135.88 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-208-135-88.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
fa9d61a48ccf7ae3e69daa1052740cdf9aa58fbe4f2855681308442ef2d3982a
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 23 Sep 2023 15:52:47 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1695484367765188
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1695484367764885
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
6
m.stripe.com/ Frame DCBF 		156 B
668 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.208.135.88 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-208-135-88.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
fa9d61a48ccf7ae3e69daa1052740cdf9aa58fbe4f2855681308442ef2d3982a
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 23 Sep 2023 15:52:47 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1695484367815125
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1695484367814810
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-TL7TXTVCYL&gtm=45je39k2&_p=1082732900&cid=1932176568.1695484364&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1695484364&sct=1&seg=0&dl=https%3A%2F%2Fdonate.wfp.org%2FAR%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3287%26utm_source%3Dfacebook%26utm_medium%3Dcpm%26utm_campaign%3D23852145504580086%26utm_content%3D1%26utm_ad%3D23859899314510086%26utm_adset%3D23859898890210086%26utm_cid%3D7014y000001RTPKAA4%26fbclid%3DIwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL&dt=UN%20World%20Food%20Programme&en=scroll&epn.percent_scrolled=90&_et=14
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TL7TXTVCYL&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Sep 2023 15:52:49 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://donate.wfp.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

148 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| documentPictureInPicture number| _gtm_init number| doNotTrack object| _gtm_ids function| _gtm_inject object| dataLayer object| google_tag_manager object| google_tag_data object| google_optimize string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| GlobalAdalyserNamespace function| adalyserTracker object| gaplugins object| gaGlobal object| gaData function| gtag object| GooglebQhCsO function| onYouTubeIframeAPIReady object| __WFP__ function| adalyserModules function| trackerCore function| rng object| _rnds8 undefined| _rnds function| parse function| unparse function| v1 function| v4 object| _byteToHex object| _hexToByte object| _seedBytes object| _nodeId number| _clockseq number| _lastMSecs number| _lastNSecs function| uuid string| queueName function| queue object| mutState object| AdalyserTracker object| outQueueManager object| commonContexts function| UET function| UET_init function| UET_push object| ueto_b52d77abec object| uetq object| webpackJsonp function| installComponents function| setImmediate function| clearImmediate function| _ object| onWfpReadyCbs function| onWfpReady object| $nuxt object| $wfp function| recaptchaSuccessCallback function| recaptchaExpiredCallback function| recaptchaErrorCallback function| _log function| replacer function| getCookie undefined| iframe undefined| isOrganic string| referrerHostName object| review string| cookieName object| domains object| referred object| social number| maxTrackedItems object| cookie string| cookieDomain undefined| decoded object| tracking string| url object| regex object| params object| match object| item string| cookieValue number| expirationTime string| date number| dateTimeNow string| referrer string| campaign string| medium string| cid undefined| ecid string| ad string| adset object| stashFieldValue string| fieldValue string| fieldCookie object| bodyElement function| hj object| _hjSettings function| gsc string| loaderUrl object| Sparkcentral object| clear function| clearChat string| appId function| initialiseSparkcentral object| webpackChunkStripeJSouter function| noop function| Stripe object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules function| __onWebMessengerFrameReady__ object| GoCardlessDropin object| __post_robot_11_0_0___uid_lqkxtqkaifrjfgwisaugebjuiombjk object| paypal object| __zoid_10_3_1___uid_lqkxtqkaifrjfgwisaugebjuiombjk object| recaptcha object| closure_lm_779805 object| paypalDDL string| PaypalOffersObject function| ppq object| __post_robot_10_0_44__ object| PAYPAL

52 Cookies

Domain/Path Name / Value
.wfp.org/ Name: _gcl_au
Value: 1.1.1868754821.1695484364
.wfp.org/ Name: _gid
Value: GA1.2.25339099.1695484364
.wfp.org/ Name: _gat_UA-127155074-1
Value: 1
.wfp.org/ Name: _dc_gtm_UA-2556524-1
Value: 1
.wfp.org/ Name: _gat_UA-2556524-57
Value: 1
.wfp.org/ Name: _ga_TL7TXTVCYL
Value: GS1.1.1695484364.1.0.1695484364.60.0.0
.wfp.org/ Name: _ga_7B8MHJ3Q6W
Value: GS1.2.1695484364.1.0.1695484364.0.0.0
.wfp.org/ Name: _ga_C9S5DE8LYK
Value: GS1.2.1695484364.1.0.1695484364.0.0.0
.wfp.org/ Name: __adal_ses
Value: *
.wfp.org/ Name: __adal_lp
Value: https%3A//donate.wfp.org/AR/1244/donation/single/%3Fcampaign%3D3287%26utm_source%3Dfacebook%26utm_medium%3Dcpm%26utm_campaign%3D23852145504580086%26utm_content%3D1%26utm_ad%3D23859899314510086%26utm_adset%3D23859898890210086%26utm_cid%3D7014y000001RTPKAA4%26fbclid%3DIwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
.wfp.org/ Name: __adal_ca
Value: so%3Dfacebook%26me%3Dcpm%26ca%3D23852145504580086%26co%3D1%26ke%3D%28not%2520set%29%26cg%3DDisplay
.wfp.org/ Name: __adal_id
Value: 443b2b04-ce84-497d-892b-41975edcf015.1695484365.2.1695484365.1695484365.48b640f9-f7df-4ef3-aa47-4b19a2d945f0
.wfp.org/ Name: __adal_cw
Value: 1695484364676
.wfp.org/ Name: _uetsid
Value: 3c507e405a2911eeb8a137ab8e1629f8
.wfp.org/ Name: _uetvid
Value: 3c50c0205a2911eebd04c5fe42ab5563
.bing.com/ Name: MUID
Value: 130A69E54B336FED231A7A704A9F6E36
.wfp.org/ Name: _fbc
Value: fb.1.1695484364812.IwAR0UXof7YiXgZdVkevOzfmKILY9nid7lBdkANvzYbr6XMEjpeUaJbQper7k_aem_AWDMYue_8AkLDx_3O9Om3Mt9yTOzwXXbrYCJWMRqHBMwUcnfFlzfPAMSb5YEE5m-dyjIKzpZpS5_oLusCLUoTXTL
.wfp.org/ Name: _fbp
Value: fb.1.1695484364812.462835640
.doubleclick.net/ Name: IDE
Value: AHWqTUmFBQmGpPh7dqXW6POMh1ZD1ynrt2Qr0OEPfvoUZc9mXvjUcqsqmr8XBLJHpDM
.wfp.org/ Name: SourceTracking
Value: W3sicmVmZXJyZXIiOiJmYWNlYm9vayIsImNhbXBhaWduIjoiMjM4NTIxNDU1MDQ1ODAwODYiLCJtZWRpdW0iOiJjcG0iLCJjaWQiOiI3MDE0eTAwMDAwMVJUUEtBQTQiLCJlY2lkIjpudWxsLCJhZHNldCI6IjIzODU5ODk4ODkwMjEwMDg2IiwiYWQiOiIyMzg1OTg5OTMxNDUxMDA4NiIsInRpbWVzdGFtcCI6MTY5NTQ4NDM2NTA4M31d
.wfp.org/ Name: GDFieldVal
Value: eyJyZXNlcnZlZF9jYW1wYWlnbl9zb3VyY2VfZmlyc3QiOiJmYWNlYm9vayIsInJlc2VydmVkX2NhbXBhaWduX2lkX2ZpcnN0IjoiMjM4NTIxNDU1MDQ1ODAwODYiLCJyZXNlcnZlZF9jYW1wYWlnbl9tZWRpdW1fZmlyc3QiOiJjcG0iLCJyZXNlcnZlZF9jYW1wYWlnbl9jaWRfZmlyc3QiOiI3MDE0eTAwMDAwMVJUUEtBQTQiLCJyZXNlcnZlZF9jYW1wYWlnbl9lY2lkX2ZpcnN0IjpudWxsLCJyZXNlcnZlZF9hZF9maXJzdCI6IjIzODU5ODk5MzE0NTEwMDg2IiwicmVzZXJ2ZWRfYWRzZXRfZmlyc3QiOiIyMzg1OTg5ODg5MDIxMDA4NiIsInJlc2VydmVkX2NhbXBhaWduX3NvdXJjZV9sYXN0IjoiZmFjZWJvb2siLCJyZXNlcnZlZF9jYW1wYWlnbl9pZF9sYXN0IjoiMjM4NTIxNDU1MDQ1ODAwODYiLCJyZXNlcnZlZF9jYW1wYWlnbl9jaWRfbGFzdCI6IjcwMTR5MDAwMDAxUlRQS0FBNCIsInJlc2VydmVkX2NhbXBhaWduX2VjaWRfbGFzdCI6bnVsbCwicmVzZXJ2ZWRfY2FtcGFpZ25fbWVkaXVtX2xhc3QiOiJjcG0iLCJyZXNlcnZlZF9hZF9sYXN0IjoiMjM4NTk4OTkzMTQ1MTAwODYiLCJyZXNlcnZlZF9hZHNldF9sYXN0IjoiMjM4NTk4OTg4OTAyMTAwODYiLCJyZXNlcnZlZF9jYW1wYWlnbl9zb3VyY2VfY2FsY3VsYXRlZCI6ImZhY2Vib29rIiwicmVzZXJ2ZWRfY2FtcGFpZ25faWRfY2FsY3VsYXRlZCI6IjIzODUyMTQ1NTA0NTgwMDg2IiwicmVzZXJ2ZWRfY2FtcGFpZ25fbWVkaXVtX2NhbGN1bGF0ZWQiOiJjcG0iLCJyZXNlcnZlZF9jYW1wYWlnbl9jaWRfY2FsY3VsYXRlZCI6IjcwMTR5MDAwMDAxUlRQS0FBNCIsInJlc2VydmVkX2NhbXBhaWduX2VjaWRfY2FsY3VsYXRlZCI6bnVsbCwicmVzZXJ2ZWRfYWRfY2FsY3VsYXRlZCI6IjIzODU5ODk5MzE0NTEwMDg2IiwicmVzZXJ2ZWRfYWRzZXRfY2FsY3VsYXRlZCI6IjIzODU5ODk4ODkwMjEwMDg2In0=
.wfp.org/ Name: _ga
Value: GA1.2.1932176568.1695484364
.wfp.org/ Name: _gat_UA-2556524-1
Value: 1
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0Mjc2NTMzMDM2txTiM9R1N6i0zMv19XTUzcsEAEDrWdslAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0Mjc2NTMzMDM2txTiM9R1N6i0zMv19XTUzcsEAEDrWdslAAAA
.adnxs.com/ Name: uuid2
Value: 7036714368695738733
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5140084927356606379
.pubmatic.com/ Name: PugT
Value: 1695484364
.media.net/ Name: visitor-id
Value: 3384859660733480000V10
.media.net/ Name: data-rk
Value: 5140084927356606379~~3
.adnxs.com/ Name: anj
Value: dTM7k!M4/YErk#WF']wIg2C$Mv5^sK!]tbPl1MNu::wpAk`W=icvim-ieG7wjFL1Tgm4bOn<!FZ2*h-f!_6-zQEVk`!)/69_nG*.
.wfp.org/ Name: _hjSessionUser_2048364
Value: eyJpZCI6ImQ5NjJlMGY3LWFkNjEtNWJhMy1iNzNmLWNjNmZkYjg2N2YxZSIsImNyZWF0ZWQiOjE2OTU0ODQzNjYxNTAsImV4aXN0aW5nIjpmYWxzZX0=
.wfp.org/ Name: _hjFirstSeen
Value: 1
.wfp.org/ Name: _hjIncludedInSessionSample_2048364
Value: 0
.wfp.org/ Name: _hjSession_2048364
Value: eyJpZCI6ImI1MmM3ZGNlLTM3MzEtNGEwMC1hODIzLTljNmRmMjEyODM1ZiIsImNyZWF0ZWQiOjE2OTU0ODQzNjYxNTEsImluU2FtcGxlIjpmYWxzZX0=
.wfp.org/ Name: _hjAbsoluteSessionInProgress
Value: 1
.google.com/ Name: NID
Value: 511=F5rdVE8clVNG4UJq7RvwA2fap7ZQaqgQT0ziVHUfJdootTOAtZZ-t1BikJZhGVm2zZJsAvYvu-S0xDLYSGde-wlNUt5-SC-AtEtiF8fzBf0uLqmA79FXousxuTSKjECgsDa_heXgSfD-X8jx3h4CYw7fxbN4NvMOzevxf1sJyHs
.demdex.net/ Name: demdex
Value: 11394215870774166342025589470876293118
.rezync.com/ Name: zync-uuid
Value: 775470fd-cecc-4bb8-b69a-7dc339c3bb36:1695484366.1072783
live.rezync.com/ Name: sd-session-id
Value: .eJwNylEOgyAMANC79FsWsKUFLmMEuoRsukX0Z8a7z8-XvBOmr27LvOq6Q9q3Qwco73arQzqht9-iL0jgHVkbKI6CntkySoRrgK69t886tXofEU9in9UULcVQzsFkjrORWhBjwZyRk-PoKRAyP5yVUQLC9QfJdyZA.ZQ8Jzg.THOpxgYCTq1njNXoDgSU-3Hr3NQ
.eyeota.net/ Name: SERVERID
Value: 22649~DM
.casalemedia.com/ Name: CMID
Value: ZQ8JzhfjlfAPNB73HTiqfgAA
.casalemedia.com/ Name: CMPS
Value: 5145
.casalemedia.com/ Name: CMPRO
Value: 5145
.dpm.demdex.net/ Name: dpm
Value: 11394215870774166342025589470876293118
.krxd.net/ Name: _kuid_
Value: P0EB3EjC
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZQ8JzgASgUvVrgA_
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_-OSMXR2dA129fRIzSqKD_LzNYxy9Mq1TPUqiYyyCFzFKBAVaOFVle4YnB5aFlaU7hjfxGJubm5qYm6QlqKbnJqcrGuSlGShm2RmmahrnpJsbGyZbJyUZGxmZWhmaWpiYWJsZqZnaGBuZG5hDACNnXiCawAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_-OSMXR2dA129fRIzSqKD_LzNYxy9Mq1TPUqiYyyCAziNTSzNDWxMDE2MzM0M5jFiOCbmpmYbkLj70Ljn0Ljv0Lj_0LjT2JC5S9C469C429C4-9CV8-Cyr-FxDczMDNbxCoQFWjhVZXuGJweWhZWlO4Yv4oVSYmJpcEmVjQruNGcLGxubm5qYm6QlqKbnJqcrGuSlGShm2RmmahrnpJsbGyZbJyUZGxmhTBUz9DA3MjcwniWMJJNpiaWi1D4pgaPhFFtAgD49rhGqgEAAA
m.stripe.com/ Name: m
Value: dd79a13a-75cc-47d3-bbac-88b424bff24a9b47e3
.donate.wfp.org/ Name: __stripe_mid
Value: 4132e389-1016-4879-94f2-9510eb89df411d6f2e
.donate.wfp.org/ Name: __stripe_sid
Value: 9b42c1e3-436d-461c-bcba-dcefe05405d1d22bde

12 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
network error URL: https://idsync.rlcdn.com/360947.gif?partner_uid=5140084927356606379
Message:
Failed to load resource: the server responded with a status of 451 ()
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
network error URL: https://idsync.rlcdn.com/501709.gif?partner_uid=775470fd-cecc-4bb8-b69a-7dc339c3bb36%3A1695484366.1072783&_=1695484366.1084116
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://idsync.rlcdn.com/501709.gif?partner_uid=775470fd-cecc-4bb8-b69a-7dc339c3bb36%3A1695484366.1072783&_=1695484366.4074845
Message:
Failed to load resource: the server responded with a status of 451 ()
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
network error URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Message:
Failed to load resource: the server responded with a status of 404 ()
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10390555.fls.doubleclick.net
20777079p.rfihub.com
5499309.fls.doubleclick.net
5f3157de284bd6000cc5b1eb.config.eu-1.smooch.io
a.rfihub.com
aa.agkn.com
adservice.google.com
adservice.google.de
bat.bing.com
beacon.krxd.net
bpi.rtactivate.com
c1.rfihub.net
c5.adalyser.com
cdn.sparkcentral.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
donate.wfp.org
dpm.demdex.net
dsum-sec.casalemedia.com
events.getsitectrl.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
js.stripe.com
l.getsitecontrol.com
live.rezync.com
m.stripe.com
m.stripe.network
media.eu-1.smooch.io
merchant-ui-api.stripe.com
p.rfihub.com
partners.tremorhub.com
pay.gocardless.com
pay.google.com
play.google.com
ps.eyeota.net
q.stripe.com
r.stripe.com
region1.analytics.google.com
region1.google-analytics.com
s2.getsitecontrol.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
sync-tm.everesttech.net
t.paypal.com
us-u.openx.net
vc.hotjar.io
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
www.gstatic.com
www.paypal.com
www.paypalobjects.com
www.recaptcha.net
x.bidswitch.net
x.dlx.addthis.com
104.18.26.193
104.76.200.221
108.129.25.174
13.225.78.123
13.227.219.3
142.250.186.130
151.101.1.21
151.101.1.35
151.101.128.176
151.101.130.49
172.217.16.194
172.64.154.227
18.165.183.16
18.198.19.227
18.202.131.124
18.238.243.32
18.239.36.47
185.64.191.210
185.89.211.12
192.229.221.25
193.0.160.130
2001:4860:4802:32::36
2001:4860:4802:34::36
216.58.206.38
2400:52e0:1e00::1075:1
2400:52e0:1e00::1080:1
2600:1f18:612b:4232:333c:fbab:e531:2e93
2600:9000:20a0:c200:14:56a0:4680:93a1
2600:9000:214f:de00:1:76cf:fe80:93a1
2606:4700:10::6814:8b22
2620:1ec:c11::200
2a00:1450:4001:802::2004
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::200e
2a00:1450:4001:81c::2003
2a00:1450:4001:827::2003
2a00:1450:4001:827::200e
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2002
2a00:1450:400c:c07::9d
2a00:1450:400c:c0c::5c
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
3.127.178.105
34.117.85.67
34.208.135.88
34.235.255.200
34.238.22.106
34.250.62.135
34.255.45.168
35.244.159.8
35.244.174.68
54.186.23.98
54.77.117.191
95.101.148.20
99.86.4.9
0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154
0b6aa53df4c59ecbf06a3e0b06ed0de9e4a109e78dca52454d550a80d4892373
0c3674d38bb723fb10ef29459ba1e8e870fcfdcb5c198adf9b38e650d8be2b7e
0cd32b897f2e019ff24b16e2447472ba490b053e9683a136af5cbfc6b418d47c
0eaf9e043fd46f73db527b8babaae23d889ddcdb78430b7008eef5991ecec768
0f9aa279fa08f83278e9ae8de1c27ba480c6cb8a6c41e017b7b71e86305f13fc
100082a5a528e4e7117b02aa04631420999caaa3823cad14addb139ba07622bf
15b258f07d479ecdaed50ab7f2b75cba803bed7c79e7efe60e370fab305a5077
15c5c05e1c7787a5caacde914ea0316bfaa79d8e0d027d4e1f555252b4658654
160813bf6eb107262188b2c5ac1f895a98935fa21dc1995e5403d4afb4f890d5
160d44a74ceb1a0ed47d2f37fddcdae59b6dfc4c27a9b2a5fdf90bdea8477aca
1781b3bc503b7fecfe07dd79cd8f351993f33225ec4079f1fc63c3be5d40d69a
17a38e8efb248441ec95b0e1266d94c8bb9f1e275d68d36e8dc29d0c11ab1d2e
1a0477237aa35f2866b9da85a454cbfe81fa0140b9e303368c822723c963ce2e
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1cb146a6294f46b5d58de858134694c25c9bbd944c25ef47c259cddc7f4d60a8
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c
2061e7d9fa8015cf272769598761fbdbf20e5fcd0a322b5c9430145247e023d8
2279acbe0b909f296878149708331941cdb1f78fdd049ae04689eb17c44f7962
25d5acbd565a779e657c50e2f5a1e8e3ef50725b90f23348b51ab2882bae385d
261e9102c2dec76bb10061011925e48efc450d8858337b9cebd558421a7d4e75
2a6ab45df9e4d7ba1661e98f9e57c9ae68ed0475f05f23117746c78d2e4fc43b
2b4c375b07dd04e20819ea33543ffc87c6b551ac58e1c146dd0684ecd2aa78ea
2cd5192ff8b020b1b320397711a8d5fb40be5e2954fff09a707e092713b7fc03
2f73e9ac0222fded928c39a9dcb5bd7e57c6d8dd70b025eaa88d74433de570da
2ff2585fa9125327837cd84436eb49cbd693c55b22e672f64a894cdcf843eda8
314eccb31ae54c82d0124be09e911c6b15e744335c6a1dbd9474dec5fc570794
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
394067024ff2b1dd2f08d513866d56ef03fc67b8f735c7570edca5262fa11fa6
394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d
3a726662d35cda6fc724a47636793e28aeca63ad7fd7586edd53db4815def981
3c131cf2766ebad7b2013097bd4dcd8bb63e79a93da574250c02d5712dcf877e
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f39956e5e5efe0dc248d9574a7a7071f5ac512ae3d553d3f949653cb8147962
3f8c62b36198124e39fe0d48535fef486d0eb6174159c5c72b0fcaede72222f2
3fc75d058624330c6f1611633822e4023b960fad6a3f35876046f3adaa6349c9
406c78eb32ad09d4cb63627419de5701cadc804ca716fcf1f39efeeef8d0ab87
41d1b8f8141f92ca18368fff1a1caf9f18ea12dcb8c527e738f6199017f67914
44c48de85c6def81ed02239d6b54ec624c9d7f91aa11cd3b27766eeb985dfb48
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c35771cad9dde5289558c52bd9f64f795170b265066370898c2f6d01b47ff5d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fdcceb8c35a19b34656f2181a1be43ee8635f87ed5e78d6765767a7fa7e763a
500cafb8e11eb67632e831133006d698657c39c57305c96bd364a313adb84263
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5033e337e474e5d2818fee21b093eaef81d5f545fd49b5f635b3e1160fa83abe
523ccc05bf563e4086b1e1ffbf44fa63b0777f85d40b0119e8739a3aaeec900b
535b2abfe5021a4ebd5577db4ff0bcc358dd30d4943df49d02a26feb8c1a4ea4
53d6eb6e1878802f013e9ba10e391922ffd1debb6f528c3b65a9c6bd24aaac03
5446fad7f9f36f6c65eec0a8b3baec1ffc55dafb94aa7ee316ab1afb19bc33e6
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54907da2e52379025c2f40b252a1954bcae7e19c5f871e3977652e4da48f621d
57cbe6b573d45adcf6ed7a6c9d5fe87651d4902f266cacaadad32552037eab89
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c6d244d5e0bf7f0f94b501174e30fe722e60c9ccae3168c5f82ae33c7050896
607f124f180d0722361dbf030fb56190ab6bc2a8695661eb101a0fee1efa55c6
660e751f152236164b7dc3845c30f8b8655908df8a59b00e044bc77ac8c09a61
67f50ff2f46e963aacba52c8bc30747f0bcf87d221f8074d9249bd1b036d86f1
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d00c37d8b1612f42089455b3ec6badc684d460347dc041d0473a468e5292048
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6eaf243e54b530454f1552f3c3b848d9093e559bf4d44869ac10c37bdb63b488
7247ab83a30fbd92bf8425aca87dbb9f3f44c1b7facc6f7fd80df157ea6b5e03
7253b975cd5b5e6ed2ba6587558caa66c0bb172e3cff836bb3a721045f33ce0d
73f7889bf92cf273187c2cd8353f4c92005ae3164e6d6c8ec997df4c93401038
749d75df48e32d27f7639ed0e7c086480821ce44aeb2e81976318fdaf52b1b23
75414204a991a43e8f9b4744593e48f6b7f34037f545066de591f3a3f4fe74fd
7548c3055914d349aaa855ee361c41615fa20296859a58eb6e4325a70c78d361
762a4ee6acceae8f5fbcd0e88af914a9b845ebe3d26e2546cfe3fc8cce1b9abe
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7d283151277ce9a966db5e94713b12b55345bacc16d09ed871d3ac7fd619251f
7dd394c401138f8120a30565d9b89bc3c87d104dc3a7b87bdc87472675356aa5
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
8349895016dbbaf7a54ccb9c94743d72d45e3f59e8cc94d89fe7a7b3d9672b03
84bce8bf76a804edc832ab0e6e9c3f378df3318a80fda3bcdd9801ec2d312f1d
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85e0445d24cfa83afcc9f008f279842a3f908626f8526de2dfff8830a82d7968
88395a7f3d862d090aa5c8f430c832d565cde33801234dff0317828ffec7c56f
899647c02bcb30ef459018cf80669be142adf7dd5d5b8a5e8d037518b42cb108
8dc5232f0ce9d4a84d95b6d83cf77c20b788accdaee706e57c5030a36faa19e8
92fd239ffc7ccfa6d1586848df32f07e749d3fea1a39143948f7dac710a19531
93b51d67b4da221405622961990c92328b9bd2790278bad7db3fc8c175bd6c98
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
9812cb6d54877fc4bf9e7129b85d16475af9b00b367ad8e812a7365c48867a8f
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9909925d4ab51d22ae9bab97f369a550542efa7ed88b3282980b8ce816d16677
9af3aa843ca57a0c7b85eae7c3c66feae378f1329dd6484caf2efc98f595c4e0
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
9e50a0993ae124034102ab9516b7d3a257c80141a8caf1e769405a22d4591fe6
9ee1bc4923dc7344b0c712352a782fcadcd1bbeda8b3a7059f60944a7e1305b0
9fa101eb8187170c04e5b2b0c46c611a6aa029e8eb4ca816193ebd5bbc4567be
9fc02713520a6911a50efbd221a3752177a80f62206fc681b4eaac0ec28bab75
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1163fa73ca9232b9a326dc255008508af1f726b660ec278f1ecc1d5d3e77cc3
a1ba6c18197a36083dca3fea73566a99382dc0972ece5ea22f52b5720e483931
a236aed5086b9c24d3cc94944d4349e9ce469f325ac23bafcaa5fe3659b15fd1
a3b305c28a7820e51c72325c6badbc4ce6950612484eaf032076051bef7fc518
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
aab7029b49eaa35a619533a2b197c5bb9983ef42ea65a998a9b61b167b5cd32b
ac8aa96e1da838f3af3d354dce527e833927ec4f40dfaed294b22b72eb41821b
b007046f1e8a934f4b00171ca7a31656d2de596051a9367a4292aec5b2bae7f3
b02d00f123297597d6e4b02dfbee910cfe211687b2d454309d5dd9b1b39fd0e4
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6d2af8e39b42b966c0fd856ea0cf0d90d1f9f10a38e2898664f17ea97468c82
b9dcfcb7c0d00fdf2f4e8f3d91c2b08ef5fe0607028fa0892da0b7ab16bf6982
b9e113e7de905a0206f457ce5e79357afae70eb33bd565acdb2820b4925a263e
bb5880ffd5fb15b0669aacc2f6b2b40e4671d39fa0328f498029aacf30569c1a
be1bbb35796298923c583d5442a6edbc54bc6c2ff1691d88be7a1e441fe354a6
bf190f53b34ca5a0445da2fbd9ff9a7155487c067c907fa7540d855e603fb807
bfeb2e4213c8280f6a799efe607be5d41b6b91517b4a29696c9fa35c3a0f40a4
c0c1c13bd546f6a934f9b4fbd5e9100064b82ad2bfb3bc46e00208a0480fbfb1
c6034e158d46463cf39b67667d1f14fc3767042d02244d98335189291184e3a6
c68a253fb9996b8078a00077252c219d71e8b5aaad7339b97e2c479c7518b48a
cd499789aa0cc8dfa10bfe9e511cc447cc27f58dcf554793d8103f8e4e318a61
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
dadac14c76c7f89adf7b5047a18e359ad1154ff6bf56de3f4922a2ddd401428c
dd5e6ca8dd24585187320b0ebcb6291879e9a04831ffdabcf3e2a9e8113c96db
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e293d48b94cc26fee1a0bc128087c5e551acf01100e199595b14824263ab1041
e2d04b0f18b975cd661a68d36e4552aa8aabc62f5a1c198e959ddc4796412f25
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f30ab2b0681049d9fce996c700d0c87f2a8b14a8ad59775aa6dc46e5b8a1bf
e51fc1d194ae40ce2db4ba6abce427ad95cc98d505a4e7346c0c6f6eae33b1c9
e674d27949af42b9cb83b2914b36b3f910dbeeddd2167ffefb047d23484d76be
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
f05a075dfa9cee7ab76b28bf5ebb367646493c4c3712ad1fb6bff0378f49a573
f3cb3c087377fcd1ff6696de65730b49d301d4f18c962818b4e353f4f304295b
f99e3ac5aa5269b1ab7f6d3ca7ff5c9524d2d6620df5d0599db234d48de30201
fa9d61a48ccf7ae3e69daa1052740cdf9aa58fbe4f2855681308442ef2d3982a
faa479f6ab9e6ce381d4dc92196b147f88b5247182d37ea4764182d0ca37f7f9
fb23d3f2491392ac6bbca3094cd05738a77e3982a9656279ce0c45255c19e1c7
fb8a5407a4d6d3f2f75b3accb0e27248a053efeb437dcffce147fe941d2a3071