amazonfrontlines.org Open in urlscan Pro
23.21.52.182 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://amazonfrontlines.org/
Submission Tags: analytics-framework
Submission: On April 24 via api (April 24th 2023, 1:09:03 pm UTC) from US — Scanned from DE

Summary HTTP 266 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 41 IPs in 4 countries across 31 domains to perform 266 HTTP transactions. The main IP is 23.21.52.182, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is amazonfrontlines.org.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 21st 2022. Valid for: a year.

This is the only time amazonfrontlines.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	23.21.52.182 23.21.52.182	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
20	2600:9000:218... 2600:9000:2182:b600:14:5590:7e40:21	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
9	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
13	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
1 25	2606:4700::68... 2606:4700::6812:843c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:480... 2a02:26f0:480:e::210:f108	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
13	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400c:c09::9d	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20e... 2600:9000:20eb:d600:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	52.143.247.24 52.143.247.24	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6810:7baf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.32.121.78 13.32.121.78	16509 (AMAZON-02) (AMAZON-02)
23	99.86.4.99 99.86.4.99	16509 (AMAZON-02) (AMAZON-02)
1	13.32.27.35 13.32.27.35	16509 (AMAZON-02) (AMAZON-02)
2	2600:1901:0:7... 2600:1901:0:7a0b::	15169 (GOOGLE) (GOOGLE)
11	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
1	2606:4700:440... 2606:4700:4400::ac40:9062	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
6	34.231.49.196 34.231.49.196	14618 (AMAZON-AES) (AMAZON-AES)
54	54.186.23.98 54.186.23.98	16509 (AMAZON-02) (AMAZON-02)
2	151.101.0.176 151.101.0.176	54113 (FASTLY) (FASTLY)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1a	20446 (STACKPATH...) (STACKPATH-CDN)
1	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER)
2	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
1	52.42.94.138 52.42.94.138	() ()
8	2a00:1450:400... 2a00:1450:400c:c09::5c	15169 (GOOGLE) (GOOGLE)
2	18.202.131.124 18.202.131.124	() ()
20	2a00:1450:400... 2a00:1450:4001:827::200e	() ()
266	41

16 23.21.52.182 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-52-182.compute-1.amazonaws.com

amazonfrontlines.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2600:9000:2182:b600:14:5590:7e40:21 (United States)

ASN16509 (AMAZON-02, US)

d188lez4s0fwft.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2606:4700::6812:843c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

sdk.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
give.amazonfrontlines.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prod-frs.content.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pay.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:e::210:f108 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c09::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:d600:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.dz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.143.247.24 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

htp.tokenex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7baf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-78.fra60.r.cloudfront.net

cdn.plaid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 99.86.4.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-99.fra6.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-35.fra56.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:7a0b:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

sessions.bugsnag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 151.101.194.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9062 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.231.49.196 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-49-196.compute-1.amazonaws.com

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

54 54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.0.176 (United States)

ASN54113 (FASTLY, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.8 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.241.14 (Portland, United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.42.94.138 (None, )

ASN- ()

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400c:c09::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.202.131.124 (None, )

ASN- ()

merchant-ui-api.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:827::200e (None, )

ASN- ()

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
80	stripe.com js.stripe.com — Cisco Umbrella Rank: 2411 q.stripe.com — Cisco Umbrella Rank: 20152 m.stripe.com merchant-ui-api.stripe.com r.stripe.com	913 KB
33	google.com www.google.com — Cisco Umbrella Rank: 16 region1.analytics.google.com — Cisco Umbrella Rank: 2930 pay.google.com — Cisco Umbrella Rank: 3849 play.google.com	862 KB
27	amazonfrontlines.org amazonfrontlines.org give.amazonfrontlines.org	736 KB
20	cloudfront.net d188lez4s0fwft.cloudfront.net	4 MB
19	gstatic.com www.gstatic.com fonts.gstatic.com	614 KB
15	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 91 region1.google-analytics.com — Cisco Umbrella Rank: 1718	40 KB
14	classy.org 1 redirects sdk.classy.org — Cisco Umbrella Rank: 210142 www.classy.org — Cisco Umbrella Rank: 197096 prod-frs.content.classy.org — Cisco Umbrella Rank: 143433 pay.classy.org — Cisco Umbrella Rank: 166071 assets.classy.org — Cisco Umbrella Rank: 187530	1 MB
11	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 776	33 KB
7	heapanalytics.com cdn.heapanalytics.com — Cisco Umbrella Rank: 3337 heapanalytics.com — Cisco Umbrella Rank: 2833	40 KB
5	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 67 stats.g.doubleclick.net — Cisco Umbrella Rank: 166	2 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	300 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 733 www.linkedin.com — Cisco Umbrella Rank: 779 px4.ads.linkedin.com — Cisco Umbrella Rank: 6554	3 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1159 syndication.twitter.com — Cisco Umbrella Rank: 1451	132 KB
3	google.de www.google.de — Cisco Umbrella Rank: 3425	622 B
2	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 477	945 B
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 2669	17 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 87	64 KB
2	bugsnag.com sessions.bugsnag.com — Cisco Umbrella Rank: 932	140 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	260 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 189	137 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 119	2 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 997	30 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 882	183 B
1	plaid.com cdn.plaid.com — Cisco Umbrella Rank: 29131	42 KB
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 1180	3 KB
1	tokenex.com htp.tokenex.com — Cisco Umbrella Rank: 31874	5 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 187	16 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1274	7 KB
1	google.dz www.google.dz — Cisco Umbrella Rank: 24259	455 B
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1604	369 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1365	5 KB
266	31

	Domain	Requested by
41	r.stripe.com	js.stripe.com
23	js.stripe.com	give.amazonfrontlines.org amazonfrontlines.org js.stripe.com
20	play.google.com	www.gstatic.com
20	d188lez4s0fwft.cloudfront.net	amazonfrontlines.org
16	amazonfrontlines.org	amazonfrontlines.org
13	q.stripe.com	amazonfrontlines.org
13	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com amazonfrontlines.org
11	js-agent.newrelic.com	amazonfrontlines.org
11	give.amazonfrontlines.org	sdk.classy.org give.amazonfrontlines.org amazonfrontlines.org
10	fonts.gstatic.com	fonts.googleapis.com
9	www.gstatic.com	www.google.com pay.google.com www.gstatic.com
8	pay.google.com	js.stripe.com pay.google.com amazonfrontlines.org www.gstatic.com
8	prod-frs.content.classy.org	give.amazonfrontlines.org amazonfrontlines.org prod-frs.content.classy.org
6	heapanalytics.com
5	www.googletagmanager.com	amazonfrontlines.org www.googletagmanager.com give.amazonfrontlines.org
4	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com amazonfrontlines.org
4	www.google.com	amazonfrontlines.org
3	pay.classy.org	amazonfrontlines.org
3	www.google.de	amazonfrontlines.org
2	merchant-ui-api.stripe.com	js.stripe.com
2	bam.nr-data.net	amazonfrontlines.org
2	m.stripe.network	js.stripe.com m.stripe.network
2	www.youtube.com	amazonfrontlines.org
2	platform.twitter.com	amazonfrontlines.org
2	sessions.bugsnag.com	amazonfrontlines.org
2	region1.google-analytics.com	www.googletagmanager.com
2	www.facebook.com	amazonfrontlines.org
2	px.ads.linkedin.com	2 redirects
2	connect.facebook.net	amazonfrontlines.org connect.facebook.net
2	fonts.googleapis.com	amazonfrontlines.org
1	m.stripe.com	m.stripe.network
1	syndication.twitter.com	platform.twitter.com
1	code.jquery.com	amazonfrontlines.org
1	assets.classy.org
1	geolocation.onetrust.com	amazonfrontlines.org
1	cdn.heapanalytics.com	amazonfrontlines.org
1	cdn.plaid.com	give.amazonfrontlines.org
1	unpkg.com	give.amazonfrontlines.org
1	htp.tokenex.com	give.amazonfrontlines.org
1	www.googleadservices.com	give.amazonfrontlines.org
1	static.cloudflareinsights.com	give.amazonfrontlines.org
1	www.classy.org	1 redirects
1	www.google.dz	amazonfrontlines.org
1	px4.ads.linkedin.com	amazonfrontlines.org
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	snap.licdn.com
1	region1.analytics.google.com	www.googletagmanager.com
1	snap.licdn.com	amazonfrontlines.org
1	sdk.classy.org	amazonfrontlines.org
1	googleads.g.doubleclick.net	www.googletagmanager.com
266	50

This site contains links to these domains. Also see Links.

Domain
www.instagram.com
www.facebook.com
twitter.com
www.youtube.com
sinangoe.amazonfrontlines.org

Subject Issuer	Validity	Valid
*.amazonfrontlines.org Sectigo RSA Domain Validation Secure Server CA	`2022-05-21` - `2023-05-21`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-31` - `2023-05-01`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
classy.org Cloudflare Inc ECC CA-3	`2023-04-03` - `2024-04-02`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-02-24` - `2023-08-06`	5 months	crt.sh
*.google.dz GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
give.amazonfrontlines.org Cloudflare Inc ECC CA-3	`2023-04-08` - `2024-04-07`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
api.tokenex.com Go Daddy Secure Certificate Authority - G2	`2023-02-08` - `2024-01-12`	a year	crt.sh
secure.plaid.com DigiCert EV RSA CA G2	`2023-03-09` - `2024-04-08`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-02-06` - `2023-05-13`	3 months	crt.sh
cdn.heapanalytics.com Amazon RSA 2048 M02	`2023-02-21` - `2023-08-27`	6 months	crt.sh
*.bugsnag.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-19` - `2024-04-12`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-04-13` - `2024-05-14`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-06` - `2023-11-06`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
heapanalytics.com Amazon RSA 2048 M02	`2022-12-09` - `2024-01-07`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-14` - `2023-06-13`	4 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-18` - `2023-12-19`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-28` - `2023-07-26`	4 months	crt.sh

This page contains 14 frames:

Primary Page: https://amazonfrontlines.org/
Frame ID: 4C237EBECA5F9137D5DD7920750BA182
Requests: 65 HTTP requests in this frame

Frame: https://give.amazonfrontlines.org/give/313372/
Frame ID: 218E2ED8B25316E5E897AC7CC8F503AF
Requests: 81 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: AF30B9B65E97348BC104FF22CC6E812C
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: CC67D7C64D4EF73156AEABD940245ACB
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: CE6EA6BB5F017F0E2B67AEC70F541B98
Requests: 4 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fgive.amazonfrontlines.org
Frame ID: F886F150365CEBD72F8CA0198F8D1F43
Requests: 2 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-da48732248638df288726a142b6e91f4.html
Frame ID: 1DA1812CFBF9B5ED0D79B8F60631768C
Requests: 29 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-4df80cebba232da48dbcd6f848e79d2f.html
Frame ID: A31B73B7D20299D40A30FF51662D6308
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-dea8b7bde353fc0f17cd521e4527bbab.html
Frame ID: B2197F0FEAE85B262774858292FD10AA
Requests: 5 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-da48732248638df288726a142b6e91f4.html
Frame ID: 7F917F6F4FC82EDF1A9892DB1A2BCBCC
Requests: 24 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-4df80cebba232da48dbcd6f848e79d2f.html
Frame ID: 12062671673E4782AA95FA78DCD92CE0
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-dea8b7bde353fc0f17cd521e4527bbab.html
Frame ID: 22383DC84C950957EF0E045B5D4B763D
Requests: 5 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 6C904801A7CEFBC427B6FC3F8CD14115
Requests: 13 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 52EC07E3BBDDFA913A6481E699C73DFB
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Amazon Frontlines - Defending indigenous rights to land, life and cultural survival in the Amazon rainforest.

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Heap (Analytics) Expand

Overall confidence: 100%
Detected patterns

heap-\d+\.js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

266
Requests

100 %
HTTPS

63 %
IPv6

31
Domains

50
Subdomains

41
IPs

4
Countries

8815 kB
Transfer

20269 kB
Size

37
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.instagram.com/amazonfrontlines/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/amazonfrontlines/

Search URL Search Domain Scan URL

URL: https://twitter.com/AFrontlines

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCuhEfIrM9DdUiI69gf8DZRg

Search URL Search Domain Scan URL

URL: https://sinangoe.amazonfrontlines.org/content/sinangoe-map/
Title: Sinangoe

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2976970&time=1682341736603&url=https%3A%2F%2Famazonfrontlines.org%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2976970%26time%3D1682341736603%26url%3Dhttps%253A%252F%252Famazonfrontlines.org%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2976970&time=1682341736603&url=https%3A%2F%2Famazonfrontlines.org%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2976970&time=1682341736603&url=https%3A%2F%2Famazonfrontlines.org%2F&liSync=true&e_ipv6=AQLaXRG_BRs8ywAAAYezYbKT_8xW6AGN7arvKJooMN2D1_zl-DKSQtJ8X2urdZjl832XeVncykAp

Request Chain 64

https://www.classy.org/give/313372/ HTTP 302
https://give.amazonfrontlines.org/give/313372/

266 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
amazonfrontlines.org/ 73 KB
20 KB 502ms
118ms Document
text/html 23.21.52.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://amazonfrontlines.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.21.52.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-52-182.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: d5fbd8d11f9a310b0f3fc5f45bd79c163cfbd0a81214b06324511633d214d7ce

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=3600, public
content-encoding: gzip
content-length: 20315
content-type: text/html; charset=UTF-8
date: Mon, 24 Apr 2023 13:08:55 GMT
etag: "4f5b-5fa13e2521bec"
last-modified: Mon, 24 Apr 2023 12:09:51 GMT
pragma: public
referrer-policy: no-referrer-when-downgrade
server: nginx
vary: Accept-Encoding
x-powered-by: PleskLin

GET
H2 200 css2
fonts.googleapis.com/ 8 KB
1 KB 56ms
18ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Manrope:wght@500;700;800&family=Space+Grotesk:wght@700&family=Staatliches&display=swap

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ac01180e608065cc699c50c1517765f00ea1d5a077f1cb895b99881ac3660988

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 24 Apr 2023 13:08:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 13:08:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 24 Apr 2023 13:08:55 GMT

GET
H2 200 57fc2.css
amazonfrontlines.org/wp-content/cache/minify/ 296 KB
43 KB 119ms
118ms Stylesheet
text/css 23.21.52.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://amazonfrontlines.org/wp-content/cache/minify/57fc2.css
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.21.52.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-52-182.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 15700dd8eb8e54e4d06e5a3cb134b175e43b9d1dc3e76bb42f7b1f313bf9cba3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: public
date: Mon, 24 Apr 2023 13:08:55 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 23 Apr 2023 17:54:01 GMT
server: nginx
etag: "aad9-5fa049347fd55"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: text/css
cache-control: public
accept-ranges: bytes
content-length: 43737

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 186 KB
67 KB 51ms
25ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10864905236

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5c7352b597156cd3a4225b34385715ed3871ba3a69e9229bfc2fa07d6d826806

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 13:08:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68599
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 24 Apr 2023 13:08:56 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
876 B 43ms
18ms Script
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

56b6e95b2d7f0ef3499dd72399e73ffe9e08d5a5c9ff3fafe0aae9c5da33ad0b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 13:08:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 556
x-xss-protection: 1; mode=block
expires: Mon, 24 Apr 2023 13:08:55 GMT

GET
H2 200 749f2.js Show response
amazonfrontlines.org/wp-content/cache/minify/ 245 KB
69 KB 229ms
227ms Script
application/x-javascript 23.21.52.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://amazonfrontlines.org/wp-content/cache/minify/749f2.js
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.21.52.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-52-182.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 25460046e739811aee204eab1b61642c6cfeb603a184bf2f36001e8797129a75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: public
date: Mon, 24 Apr 2023 13:08:55 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 22 Apr 2023 17:53:07 GMT
server: nginx
etag: "1134c-5f9f07234a303"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public
accept-ranges: bytes
content-length: 70476

GET
H2 200 style.min.css
d188lez4s0fwft.cloudfront.net/wp-includes/css/dist/block-library/ 95 KB
96 KB 548ms
492ms Stylesheet
text/css 2600:9000:2182:b600:14:5590:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d188lez4s0fwft.cloudfront.net/wp-includes/css/dist/block-library/style.min.css?ver=6.2

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:b600:14:5590:7e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 13:08:56 GMT
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9604.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: DUS51-C1
x-powered-by: PleskLin
x-cache: Miss from cloudfront
content-length: 97517
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 30 Mar 2023 06:28:58 GMT
server: nginx
etag: "64252c2a-17ced"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public
accept-ranges: bytes
x-amz-cf-id: XpyXecQzseTU-C4ScxNGHZK4e6ed5TGtoBFJ9SjchxZsKJkbwYImng==

GET
H2 200 classic-themes.min.css
d188lez4s0fwft.cloudfront.net/wp-includes/css/ 291 B
829 B 452ms
396ms Stylesheet
text/css 2600:9000:2182:b600:14:5590:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d188lez4s0fwft.cloudfront.net/wp-includes/css/classic-themes.min.css?ver=6.2

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:b600:14:5590:7e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 13:08:56 GMT
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9604.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: DUS51-C1
x-powered-by: PleskLin
x-cache: Miss from cloudfront
content-length: 291
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 30 Mar 2023 06:28:58 GMT
server: nginx
x-accel-version: 0.01
etag: "123-5f818352ff409"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public
accept-ranges: bytes
x-amz-cf-id: oDyoIbhRsnCnpNl2EJRk_ztZICBd1XkxyL_AZqSCemjXsbVy_E4dyQ==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 113 KB
44 KB 22ms
21ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-162643912-1

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eb11e7592e7b935bec5839c64add5577ea9d892dd96c0e20851e4fe4aac73774

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 13:08:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45043
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 24 Apr 2023 13:08:56 GMT

GET
H2 200 logo.png
amazonfrontlines.org/wp-content/themes/amazonfrontlines/assets/img/ 6 KB
6 KB 118ms
118ms Image
image/png 23.21.52.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amazonfrontlines.org/wp-content/themes/amazonfrontlines/assets/img/logo.png
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.21.52.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-52-182.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: f8d31fc95340935f0a1e3f04183511383a0b2ef7cc5b48d7af07aa402d2c6762

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 13:08:56 GMT
last-modified: Sun, 08 May 2022 01:27:34 GMT
server: nginx
etag: "62771c86-1888"
x-powered-by: PleskLin
content-type: image/png
cache-control: public
accept-ranges: bytes
content-length: 6280

GET
H2 200 home-sign-500x325_3.png
d188lez4s0fwft.cloudfront.net/wp-content/uploads/2022/09/ 156 KB
156 KB 490ms
489ms Image
image/png 2600:9000:2182:b600:14:5590:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d188lez4s0fwft.cloudfront.net/wp-content/uploads/2022/09/home-sign-500x325_3.png

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:b600:14:5590:7e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

3e7d859a6809b7a9ee7f54287cae97d2cedb72957e3213f81a2d2dcf73ae3dfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 13:08:56 GMT
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9604.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: DUS51-C1
x-powered-by: PleskLin
x-cache: Miss from cloudfront
content-length: 159528
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 27 Sep 2022 22:44:47 GMT
server: nginx
etag: "63337cdf-26f28"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/png
cache-control: public
accept-ranges: bytes
x-amz-cf-id: n0dHoUuibbu3IDsl43lRjEKwFP0tNLTaexDRFABBf7NqOlmhu18kgA==

GET
H2 200 icon-building-solutions.png
d188lez4s0fwft.cloudfront.net/wp-content/uploads/2022/02/ 8 KB
9 KB 404ms
387ms Image
image/png 2600:9000:2182:b600:14:5590:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d188lez4s0fwft.cloudfront.net/wp-content/uploads/2022/02/icon-building-solutions.png

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:b600:14:5590:7e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

e248bd1b7cf411f7060c0c10aa8e9b7358c5d751727fced5e5cc0bbd8a5bc3c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 13:08:56 GMT
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9604.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: DUS51-C1
x-powered-by: PleskLin
x-cache: Miss from cloudfront
content-length: 8313
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 23 Feb 2022 13:08:37 GMT
server: nginx
etag: "621631d5-2079"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/png
cache-control: public
accept-ranges: bytes
x-amz-cf-id: k7jZcP6qugMshvYKRTaB5rD1PS_QpmBCcwK-BDCpt25kPg0IwBseJw==

GET
H2 200 icon-telling-stories.png
d188lez4s0fwft.cloudfront.net/wp-content/uploads/2022/02/ 6 KB
7 KB 404ms
388ms Image
image/png 2600:9000:2182:b600:14:5590:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d188lez4s0fwft.cloudfront.net/wp-content/uploads/2022/02/icon-telling-stories.png

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:b600:14:5590:7e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

5e588fef38b35ab5cacf0a93bee333235b844160dae0cca598363a681f49742a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 13:08:56 GMT
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9604.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: DUS51-C1
x-powered-by: PleskLin
x-cache: Miss from cloudfront
content-length: 6296
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 23 Feb 2022 13:10:00 GMT
server: nginx
etag: "62163228-1898"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/png
cache-control: public
accept-ranges: bytes
x-amz-cf-id: K-Qp-EcsTLwS_46W_Tw7oKYYHflZNphdUzgQQYBP2JQs6QKusQI2Ag==

GET
H2 200 icon-reviving-culture.png
d188lez4s0fwft.cloudfront.net/wp-content/uploads/2022/02/ 21 KB
21 KB 527ms
510ms Image
image/png 2600:9000:2182:b600:14:5590:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d188lez4s0fwft.cloudfront.net/wp-content/uploads/2022/02/icon-reviving-culture.png

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:b600:14:5590:7e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

2c8cb3dd7cbbdc391215448b84492ea93f13bea4798a2df22854d8cbfcf2d464

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 13:08:56 GMT
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9604.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: DUS51-C1
x-powered-by: PleskLin
x-cache: Miss from cloudfront
content-length: 21127
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 23 Feb 2022 13:09:04 GMT
server: nginx
etag: "621631f0-5287"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/png
cache-control: public
accept-ranges: bytes
x-amz-cf-id: 515DjwtHHpC6H_JbEbnDLmo6_p9AO22VWgt68K4qUe6lTgN-B4UsEg==

GET
H2 200 icon-defending-territory.png
d188lez4s0fwft.cloudfront.net/wp-content/uploads/2022/02/ 13 KB
14 KB 472ms
455ms Image
image/png 2600:9000:2182:b600:14:5590:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d188lez4s0fwft.cloudfront.net/wp-content/uploads/2022/02/icon-defending-territory.png

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:b600:14:5590:7e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

f7edf8812e9e7e12c20d41424bfcdaa12bb69631217a1a653282e681b57dee33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 13:08:56 GMT
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9604.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: DUS51-C1
x-powered-by: PleskLin
x-cache: Miss from cloudfront
content-length: 13717
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 23 Feb 2022 13:08:10 GMT
server: nginx
etag: "621631ba-3595"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/png
cache-control: public
accept-ranges: bytes
x-amz-cf-id: 7JZseONJUVInxjKsErQpR3rRN9eQ-DunkJFMCcOWuk7U8Uoh6QlYOA==

GET
H2 200 home-explore-01.png
d188lez4s0fwft.cloudfront.net/wp-content/uploads/2022/02/ 78 KB
79 KB 552ms
536ms Image
image/png 2600:9000:2182:b600:14:5590:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d188lez4s0fwft.cloudfront.net/wp-content/uploads/2022/02/home-explore-01.png

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:b600:14:5590:7e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

c5c19c57f48c707d99edc04f7d3175f82e3f7fb20063d9d3f8d2d77381f4e519

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 13:08:56 GMT
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9604.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: DUS51-C1
x-powered-by: PleskLin
x-cache: Miss from cloudfront
content-length: 80147
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 25 Feb 2022 12:00:42 GMT
server: nginx
etag: "6218c4ea-13913"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/png
cache-control: public
accept-ranges: bytes
x-amz-cf-id: xOlhm77p-vf09e3GXMJHKBr4lcLo_zkh6Wg8CSFi9G47-XBaW4HyIg==

GET
H2 200 home-explore-02.png
d188lez4s0fwft.cloudfront.net/wp-content/uploads/2022/02/ 83 KB
83 KB 569ms
553ms Image
image/png 2600:9000:2182:b600:14:5590:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d188lez4s0fwft.cloudfront.net/wp-content/uploads/2022/02/home-explore-02.png

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:b600:14:5590:7e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

b7d9e93df0e9ed19898260e542dd3ab74302010dfe2a5a4d3fdcceb2d38f9b00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 13:08:56 GMT
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9604.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: DUS51-C1
x-powered-by: PleskLin
x-cache: Miss from cloudfront
content-length: 84770
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 25 Feb 2022 12:00:46 GMT
server: nginx
etag: "6218c4ee-14b22"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/png
cache-control: public
accept-ranges: bytes
x-amz-cf-id: pympz-tE-y02-S934OG0VYJgklQz3DtBEl7Q7rzC9RV1-DOaGn4tHA==

GET
H2 200 home-explore-03.png
d188lez4s0fwft.cloudfront.net/wp-content/uploads/2022/02/ 60 KB
60 KB 546ms
531ms Image
image/png 2600:9000:2182:b600:14:5590:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d188lez4s0fwft.cloudfront.net/wp-content/uploads/2022/02/home-explore-03.png

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:b600:14:5590:7e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

f6c2565244a7d2fd5524ea698c9694fd053a99d1955cfdad0658e6acd7feb054

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 13:08:56 GMT
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9604.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: DUS51-C1
x-powered-by: PleskLin
x-cache: Miss from cloudfront
content-length: 61204
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 25 Feb 2022 12:00:49 GMT
server: nginx
etag: "6218c4f1-ef14"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/png
cache-control: public
accept-ranges: bytes
x-amz-cf-id: f31gouQUF74YsZStoZbnQ1sm7BUv91r4mpjBzHT0916BKkgbiDeCTA==

GET
H2 200 image-footer.png
amazonfrontlines.org/wp-content/themes/amazonfrontlines/assets/img/ 195 KB
196 KB 147ms
132ms Image
image/png 23.21.52.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amazonfrontlines.org/wp-content/themes/amazonfrontlines/assets/img/image-footer.png
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.21.52.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-52-182.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 04492b9fe12b21b73c514216289c8ee03751b335d2750fa77d81b16a50102e4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 13:08:56 GMT
last-modified: Wed, 02 Mar 2022 14:43:12 GMT
server: nginx
etag: "621f8280-30de3"
x-powered-by: PleskLin
content-type: image/png
cache-control: public
accept-ranges: bytes
content-length: 200163

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 40ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 24 Apr 2023 13:08:56 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27967
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: Y/+ZpqAS31YzneufhdtM4Fy/fABmT+ntdTO/tDHaMX05dTv7y4qeNRbHgt9oAvCTDuvYIgWTNApqJYcbjj+EKg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/ 410 KB
165 KB 46ms
12ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f1d9b491b08daadc738115c579f9cc1b85b29078fdefe99ad994f9db0f5da22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://amazonfrontlines.org/
Origin: https://amazonfrontlines.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:03:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7525
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168688
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 01:25:41 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 23 Apr 2024 11:03:31 GMT

GET
H2 200 wp-emoji-release.min.js Show response
d188lez4s0fwft.cloudfront.net/wp-includes/js/ 18 KB
19 KB 528ms
515ms Script
application/x-javascript 2600:9000:2182:b600:14:5590:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d188lez4s0fwft.cloudfront.net/wp-includes/js/wp-emoji-release.min.js?ver=6.2

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:b600:14:5590:7e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 13:08:56 GMT
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9604.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: DUS51-C1
x-powered-by: PleskLin
x-cache: Miss from cloudfront
content-length: 18692
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 30 Mar 2023 06:28:58 GMT
server: nginx
etag: "64252c2a-4904"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/x-javascript
cache-control: public
accept-ranges: bytes
x-amz-cf-id: Vh5l0oKhz2KsT3K5h7_NQ0a1LI921NMdIIn50mucGdcjL_DSDggaBg==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10864905236/ 3 KB
2 KB 82ms
47ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10864905236/?random=1682341736308&cv=11&fst=1682341736308&bg=ffffff&guid=ON&async=1&gtm=45be34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Famazonfrontlines.org%2F&hn=www.googleadservices.com&frm=0&tiba=Amazon%20Frontlines%20-%20Defending%20indigenous%20rights%20to%20land%2C%20life%20and%20cultural%20survival%20in%20the%20Amazon%20rainforest.&auid=189807465.1682341736&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10864905236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c5cd66261191becb2ce1bbaa772686a17b892c5fe8560f8f4fdc126c58777c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 13:08:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 46ms
10ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-162643912-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 24 Apr 2023 12:27:45 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 2471
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Mon, 24 Apr 2023 14:27:45 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 205 KB
72 KB 36ms
27ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NM9HNZLLGQ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10864905236

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dc67425c35cc38b15f4de4d9f64ca62ec7744eed33a50bf02bd5b4f9a3e31449

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 13:08:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 74134
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 24 Apr 2023 13:08:56 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 98 KB
38 KB 31ms
21ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5D7RFVX

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fc0ed88882d4d98312c5ca2593f1045ed68d625a5eda165d77d6608cc29d428d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 13:08:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39060
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 24 Apr 2023 13:08:56 GMT

GET
DATA 200
OK truncated
/ 290 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee43de7f6648dac36980de3bcf1bf0d34f07178fdb8afac80541f5cf1660cc5d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 embedded-giving.js Show response
sdk.classy.org/ 35 KB
9 KB 468ms
433ms Script
application/javascript 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.classy.org/embedded-giving.js

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/wp-content/cache/minify/749f2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1a13f2865f54d88cd9ebcb80da9825501a684285f0e484c21a5f8017b7fe5db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 13:08:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 20 Apr 2023 17:43:27 GMT
cf-bgj: minify
server: cloudflare
x-amz-request-id: 5F6AP8X5CZQETJTJ
etag: W/"d55b13efd0aa4a0b8e94579254b75d23"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=60, s-maxage=900, stale-while-revalidate=60
cf-ray: 7bce93ecec573609-FRA
x-amz-id-2: AzTEBekqWNOURqjocrtJPQKPcgVI7v1cYR1WVJFVxjc/zv218y/nzjyiAs2fhu8BpkR5/nZkrKvRc/mL9XuZOgeMnmLR2AacaImnvomAcEk=

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 63ms
9ms Script
application/x-javascript 2a02:26f0:480:e::210:f108
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:e::210:f108 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 13:08:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=14010
accept-ranges: bytes
content-length: 4777

GET
H2 200 Nemonte-Nenquimo-x-Vanessa-Kirby-v2-scaled.jpg
d188lez4s0fwft.cloudfront.net/wp-content/uploads/2022/09/ 184 KB
185 KB 529ms
519ms Image
image/jpeg 2600:9000:2182:b600:14:5590:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d188lez4s0fwft.cloudfront.net/wp-content/uploads/2022/09/Nemonte-Nenquimo-x-Vanessa-Kirby-v2-scaled.jpg

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:b600:14:5590:7e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

47e7eaea18791ebecf65100410d22246f2c95e839c75a9a588a29aa402b88264

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 13:08:56 GMT
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9604.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: DUS51-C1
x-powered-by: PleskLin
x-cache: Miss from cloudfront
content-length: 188805
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 28 Sep 2022 15:07:54 GMT
server: nginx
etag: "6334634a-2e185"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/jpeg
cache-control: public
accept-ranges: bytes
x-amz-cf-id: qCDl0YjwkdS_T417-18QFOefw1_PL9uvR4h-IhXQaZV4uqEEoY5kQQ==

GET
H2 200 arrow-long.svg
amazonfrontlines.org/wp-content/themes/amazonfrontlines/assets/img/icons/ 489 B
564 B 252ms
242ms Image
image/svg+xml 23.21.52.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amazonfrontlines.org/wp-content/themes/amazonfrontlines/assets/img/icons/arrow-long.svg
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/wp-content/cache/minify/57fc2.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.21.52.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-52-182.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 0c06c562695b244c211c4dfa162c4dfb527dbf6ac77a81e0d6840392ce16e199

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/wp-content/cache/minify/57fc2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: public
date: Mon, 24 Apr 2023 13:08:56 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 03 Mar 2022 14:55:44 GMT
server: nginx
x-accel-version: 0.01
etag: "1e9-5d95197af9c00-gzip"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public
accept-ranges: bytes
content-length: 289

GET
H2 200 Human-Right-Defenders-under-threat-scaled.jpeg
d188lez4s0fwft.cloudfront.net/wp-content/uploads/2022/08/ 208 KB
209 KB 540ms
530ms Image
image/jpeg 2600:9000:2182:b600:14:5590:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d188lez4s0fwft.cloudfront.net/wp-content/uploads/2022/08/Human-Right-Defenders-under-threat-scaled.jpeg

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:b600:14:5590:7e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

cc1a8f5f467a2c40b94e88a74933bf9a9e46b808d69b5bda1e5acb6094f550dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 13:08:56 GMT
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9604.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: DUS51-C1
x-powered-by: PleskLin
x-cache: Miss from cloudfront
content-length: 213080
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 05 Aug 2022 18:36:55 GMT
server: nginx
etag: "62ed6347-34058"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/jpeg
cache-control: public
accept-ranges: bytes
x-amz-cf-id: hiV96KFm-Y7-EgGgAV4cDKVniurw-YWLYc0m8BqpU26oNH8khEtxFw==

GET
H2 200 Alex-and-Alexandra-Goldman-Prize-Winners-2022_-1-scaled.jpeg
d188lez4s0fwft.cloudfront.net/wp-content/uploads/2022/05/ 178 KB
179 KB 559ms
549ms Image
image/jpeg 2600:9000:2182:b600:14:5590:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d188lez4s0fwft.cloudfront.net/wp-content/uploads/2022/05/Alex-and-Alexandra-Goldman-Prize-Winners-2022_-1-scaled.jpeg

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:b600:14:5590:7e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

6a4d9b4f37862a161cb9a7b7c8b6d4bea495c108be4d8086e3af80aa1493e733

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 13:08:56 GMT
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9604.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: DUS51-C1
x-powered-by: PleskLin
x-cache: Miss from cloudfront
content-length: 182437
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 25 May 2022 16:41:25 GMT
server: nginx
etag: "628e5c35-2c8a5"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/jpeg
cache-control: public
accept-ranges: bytes
x-amz-cf-id: XhOL8tFGu23cU4s1SjrTfxVPXw1I-h0Y271WTZJHW2Qrtyy4rBbWiQ==

GET
H2 200 bg-brush.png
amazonfrontlines.org/wp-content/themes/amazonfrontlines/assets/img/shapes/ 263 KB
264 KB 249ms
240ms Image
image/png 23.21.52.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amazonfrontlines.org/wp-content/themes/amazonfrontlines/assets/img/shapes/bg-brush.png
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/wp-content/cache/minify/57fc2.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.21.52.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-52-182.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: e253eb12258cda41bd93412f04cced9cedffd11b6aee1c90391cb043da9dc5d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/wp-content/cache/minify/57fc2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 13:08:56 GMT
last-modified: Wed, 06 Apr 2022 15:25:10 GMT
server: nginx
etag: "624db0d6-41cac"
x-powered-by: PleskLin
content-type: image/png
cache-control: public
accept-ranges: bytes
content-length: 269484

GET
H2 200 home-about.jpg
d188lez4s0fwft.cloudfront.net/wp-content/uploads/2022/02/ 157 KB
157 KB 536ms
527ms Image
image/jpeg 2600:9000:2182:b600:14:5590:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d188lez4s0fwft.cloudfront.net/wp-content/uploads/2022/02/home-about.jpg

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:b600:14:5590:7e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

7287403835f30c5729e1139dd36787dd60b70d00c35e80ed76fee8025b0c29a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 13:08:56 GMT
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9604.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: DUS51-C1
x-powered-by: PleskLin
x-cache: Miss from cloudfront
content-length: 160346
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 22 Feb 2022 12:30:24 GMT
server: nginx
etag: "6214d760-2725a"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/jpeg
cache-control: public
accept-ranges: bytes
x-amz-cf-id: 5UXasfNGF105u0ZmsKrbmjJgjyM3xSVdDDLnunVyAsd3JXXBZSzdUw==

GET
H2 200 arrow-down.svg
amazonfrontlines.org/wp-content/themes/amazonfrontlines/assets/img/icons/ 284 B
487 B 249ms
240ms Image
image/svg+xml 23.21.52.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amazonfrontlines.org/wp-content/themes/amazonfrontlines/assets/img/icons/arrow-down.svg
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/wp-content/cache/minify/57fc2.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.21.52.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-52-182.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: a5d81cbdf216b4451e07b1de69b6c749c99dbf84d85189eb5825f971bcc68f5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/wp-content/cache/minify/57fc2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: public
date: Mon, 24 Apr 2023 13:08:56 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 03 Mar 2022 14:49:25 GMT
server: nginx
x-accel-version: 0.01
etag: "11c-5d95181188740-gzip"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public
accept-ranges: bytes
content-length: 212

GET
H2 200 arrow-short.svg
amazonfrontlines.org/wp-content/themes/amazonfrontlines/assets/img/icons/ 504 B
571 B 247ms
239ms Image
image/svg+xml 23.21.52.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amazonfrontlines.org/wp-content/themes/amazonfrontlines/assets/img/icons/arrow-short.svg
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/wp-content/cache/minify/57fc2.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.21.52.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-52-182.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 8a111e32f8ac3668f71a163d62aa9465d33bfa641a2df93c636495b3de961f08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/wp-content/cache/minify/57fc2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: public
date: Mon, 24 Apr 2023 13:08:56 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 03 Mar 2022 14:49:27 GMT
server: nginx
x-accel-version: 0.01
etag: "1f8-5d95181370bc0-gzip"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public
accept-ranges: bytes
content-length: 296

GET
H2 200 shape-bottom-light.svg
amazonfrontlines.org/wp-content/themes/amazonfrontlines/assets/img/shapes/ 208 B
461 B 250ms
242ms Image
image/svg+xml 23.21.52.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amazonfrontlines.org/wp-content/themes/amazonfrontlines/assets/img/shapes/shape-bottom-light.svg
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/wp-content/cache/minify/57fc2.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.21.52.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-52-182.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 7af5a08b3fbf0fe91b04a13b11a266b8deef1eaf3f3351d5f708b0d363cfd085

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/wp-content/cache/minify/57fc2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: public
date: Mon, 24 Apr 2023 13:08:56 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 06 Apr 2022 15:25:13 GMT
server: nginx
x-accel-version: 0.01
etag: "d0-5dbfdf7bb2840-gzip"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public
accept-ranges: bytes
content-length: 187

GET
H2 200 home-presentation-1.jpeg
d188lez4s0fwft.cloudfront.net/wp-content/uploads/2022/05/ 382 KB
383 KB 509ms
502ms Image
image/jpeg 2600:9000:2182:b600:14:5590:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d188lez4s0fwft.cloudfront.net/wp-content/uploads/2022/05/home-presentation-1.jpeg

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:b600:14:5590:7e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

9c0eb9ed92ce7dc0e6ca22edf64d469e4e63b2746adc0fc9840277f1edcc6de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 13:08:56 GMT
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9604.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: DUS51-C1
x-powered-by: PleskLin
x-cache: Miss from cloudfront
content-length: 390900
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 25 May 2022 18:12:27 GMT
server: nginx
etag: "628e718b-5f6f4"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/jpeg
cache-control: public
accept-ranges: bytes
x-amz-cf-id: 9K3I-I4rLKE4QyBLdMrHIyXODpUEr21r4mV571R_iq57fuIQg-3o7A==

GET
H2 200 mask-explore.svg
amazonfrontlines.org/wp-content/themes/amazonfrontlines/assets/img/shapes/ 501 B
626 B 248ms
241ms Image
image/svg+xml 23.21.52.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amazonfrontlines.org/wp-content/themes/amazonfrontlines/assets/img/shapes/mask-explore.svg
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/wp-content/cache/minify/57fc2.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.21.52.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-52-182.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 488c51a30edd1588ceb44a43332fcc4ee5744cb689464f71ca62978092ac115b

Request headers

Referer: https://amazonfrontlines.org/wp-content/cache/minify/57fc2.css
Origin: https://amazonfrontlines.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: public
date: Mon, 24 Apr 2023 13:08:56 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 06 Apr 2022 15:25:11 GMT
server: nginx
x-accel-version: 0.01
etag: "1f5-5dbfdf79ca3c0-gzip"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public
accept-ranges: bytes
content-length: 351

GET
H2 200 home-explore-scaled.jpg
d188lez4s0fwft.cloudfront.net/wp-content/uploads/2022/02/ 292 KB
293 KB 541ms
535ms Image
image/jpeg 2600:9000:2182:b600:14:5590:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d188lez4s0fwft.cloudfront.net/wp-content/uploads/2022/02/home-explore-scaled.jpg

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:b600:14:5590:7e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

ef606211a2fb3a2bc5128dd6e67a8e644b2a879dc604b218028e525035e6df1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 13:08:56 GMT
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9604.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: DUS51-C1
x-powered-by: PleskLin
x-cache: Miss from cloudfront
content-length: 298754
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 24 Feb 2022 12:53:26 GMT
server: nginx
etag: "62177fc6-48f02"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/jpeg
cache-control: public
accept-ranges: bytes
x-amz-cf-id: CcxMnCsxMgnCM7AovWVPtPqUDAqSXMGtS45vsoYjmWdZ2O3pGTU0BA==

GET
H2 200 MG_5380-1024x682.jpg
d188lez4s0fwft.cloudfront.net/wp-content/uploads/2023/04/ 173 KB
174 KB 514ms
508ms Image
image/jpeg 2600:9000:2182:b600:14:5590:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d188lez4s0fwft.cloudfront.net/wp-content/uploads/2023/04/MG_5380-1024x682.jpg

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:b600:14:5590:7e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

6719fa0d3554909fe69bc82c22606b28ea8d1bf5cef2e705928dd4f66c17efac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 13:08:56 GMT
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9604.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: DUS51-C1
x-powered-by: PleskLin
x-cache: Miss from cloudfront
content-length: 177375
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 04 Apr 2023 17:38:53 GMT
server: nginx
etag: "642c60ad-2b4df"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/jpeg
cache-control: public
accept-ranges: bytes
x-amz-cf-id: Z8aisINCAlSb4_VNxTh6EPnK6V07oJvgZ4glLdRnFTCs_rSaBT5hag==

GET
H2 200 3C9A6014_2019_Terr_wao_waoresist_vidacotidiana_NMP_MA-1024x682.png
d188lez4s0fwft.cloudfront.net/wp-content/uploads/2023/02/ 1 MB
1 MB 535ms
529ms Image
image/png 2600:9000:2182:b600:14:5590:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d188lez4s0fwft.cloudfront.net/wp-content/uploads/2023/02/3C9A6014_2019_Terr_wao_waoresist_vidacotidiana_NMP_MA-1024x682.png

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:b600:14:5590:7e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

f866d217a96d2683e5a51b091d3ed6db356c3fc1f4bc30712aadce0efc6409c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 13:08:56 GMT
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9604.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: DUS51-C1
x-powered-by: PleskLin
x-cache: Miss from cloudfront
content-length: 1450506
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 16 Feb 2023 20:22:19 GMT
server: nginx
etag: "63ee907b-16220a"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/png
cache-control: public
accept-ranges: bytes
x-amz-cf-id: eJZAR-YOvcqDFldxwKhgVs3Hc3U5rG-TNMrZxa_MEaADg05whrjmww==

GET
H2 200 Siekopai-Wajoya-1024x683.jpg
d188lez4s0fwft.cloudfront.net/wp-content/uploads/2023/02/ 175 KB
176 KB 553ms
547ms Image
image/jpeg 2600:9000:2182:b600:14:5590:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d188lez4s0fwft.cloudfront.net/wp-content/uploads/2023/02/Siekopai-Wajoya-1024x683.jpg

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:b600:14:5590:7e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

7839604d7a5c0f2f1b092cc0b9476a4175003bf86d35c6f354225dc58f6e1a1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 13:08:56 GMT
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9604.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: DUS51-C1
x-powered-by: PleskLin
x-cache: Miss from cloudfront
content-length: 179053
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 28 Feb 2023 18:50:59 GMT
server: nginx
etag: "63fe4d13-2bb6d"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/jpeg
cache-control: public
accept-ranges: bytes
x-amz-cf-id: mUUAr5BvEd6zoovn8YctTFldChuxKN9ahEWtidh2cYdTUbHM1ObN-A==

GET
H2 200 arrow-up.svg
amazonfrontlines.org/wp-content/themes/amazonfrontlines/assets/img/icons/ 283 B
486 B 244ms
239ms Image
image/svg+xml 23.21.52.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amazonfrontlines.org/wp-content/themes/amazonfrontlines/assets/img/icons/arrow-up.svg
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/wp-content/cache/minify/57fc2.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.21.52.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-52-182.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 5bfee04f991dacac6d2eeee72cbd9e13f61bdbe19e315e7e9e598d66d1ba2e79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/wp-content/cache/minify/57fc2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: public
date: Mon, 24 Apr 2023 13:08:56 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 03 Mar 2022 14:49:28 GMT
server: nginx
x-accel-version: 0.01
etag: "11b-5d95181464e00-gzip"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public
accept-ranges: bytes
content-length: 211

GET
H2 200 shape-top.svg
amazonfrontlines.org/wp-content/themes/amazonfrontlines/assets/img/shapes/ 475 B
613 B 246ms
240ms Image
image/svg+xml 23.21.52.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amazonfrontlines.org/wp-content/themes/amazonfrontlines/assets/img/shapes/shape-top.svg
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/wp-content/cache/minify/57fc2.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.21.52.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-52-182.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: ea5e960e0f14eea41744b9b0f55e837bd66f6abf20557345ff783dfb10bcf87d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/wp-content/cache/minify/57fc2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: public
date: Mon, 24 Apr 2023 13:08:56 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 06 Apr 2022 15:25:20 GMT
server: nginx
x-accel-version: 0.01
etag: "1db-5dbfdf825f800-gzip"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public
accept-ranges: bytes
content-length: 338

GET
H2 200 xn7gYHE41ni1AdIRggexSg.woff2
fonts.gstatic.com/s/manrope/v13/ 24 KB
24 KB 43ms
12ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/manrope/v13/xn7gYHE41ni1AdIRggexSg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Manrope:wght@500;700;800&family=Space+Grotesk:wght@700&family=Staatliches&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3c9bb0126992129d561e6615234943f04520c69bdba33205c935ca70414c2ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://amazonfrontlines.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 15:11:43 GMT
x-content-type-options: nosniff
age: 165433
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24328
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:14:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 15:11:43 GMT

GET
H2 200 fontawesome-webfont.woff2
amazonfrontlines.org/wp-content/themes/amazonfrontlines/assets/fonts/ 75 KB
76 KB 246ms
241ms Font
application/font-woff2 23.21.52.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://amazonfrontlines.org/wp-content/themes/amazonfrontlines/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/wp-content/cache/minify/57fc2.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.21.52.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-52-182.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://amazonfrontlines.org/wp-content/cache/minify/57fc2.css
Origin: https://amazonfrontlines.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 13:08:56 GMT
last-modified: Mon, 21 Feb 2022 20:02:12 GMT
server: nginx
etag: "6213efc4-12d68"
x-powered-by: PleskLin
content-type: application/font-woff2
cache-control: public
accept-ranges: bytes
content-length: 77160

GET
H2 200 HI_OiY8KO6hCsQSoAPmtMYebvpA.woff2
fonts.gstatic.com/s/staatliches/v11/ 15 KB
15 KB 51ms
20ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/staatliches/v11/HI_OiY8KO6hCsQSoAPmtMYebvpA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Manrope:wght@500;700;800&family=Space+Grotesk:wght@700&family=Staatliches&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f17671ce030879a0b89ffce96fc31e6feb1a46b560ec7df7e8fb615682258a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://amazonfrontlines.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 18:04:09 GMT
x-content-type-options: nosniff
age: 155087
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15752
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:09:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 18:04:09 GMT

GET
H2 200 V8mQoQDjQSkFtoMM3T6r8E7mF71Q-gOoraIAEj4PVnskPMA.woff2
fonts.gstatic.com/s/spacegrotesk/v15/ 11 KB
11 KB 52ms
22ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/spacegrotesk/v15/V8mQoQDjQSkFtoMM3T6r8E7mF71Q-gOoraIAEj4PVnskPMA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Manrope:wght@500;700;800&family=Space+Grotesk:wght@700&family=Staatliches&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

751851e72654508ca07678c61bdacd91b772d725f531dd8a6f62e6f941e11ecc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://amazonfrontlines.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 21:11:32 GMT
x-content-type-options: nosniff
age: 143844
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11448
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 21:08:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 21:11:32 GMT

GET
H2 200 icon-arrow-back.svg
amazonfrontlines.org/wp-content/themes/amazonfrontlines/assets/img/icons/ 282 B
486 B 182ms
181ms Image
image/svg+xml 23.21.52.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amazonfrontlines.org/wp-content/themes/amazonfrontlines/assets/img/icons/icon-arrow-back.svg
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/wp-content/cache/minify/57fc2.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.21.52.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-52-182.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 775c0d83ab0c95e5349a26584816b075ff88c9ce6ef5d46726aa28f4ededb868

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/wp-content/cache/minify/57fc2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: public
date: Mon, 24 Apr 2023 13:08:56 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 03 Mar 2022 15:19:54 GMT
server: nginx
x-accel-version: 0.01
etag: "11a-5d951ee1cda80-gzip"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public
accept-ranges: bytes
content-length: 212

GET
H2 200 icon-arrow-next.svg
amazonfrontlines.org/wp-content/themes/amazonfrontlines/assets/img/icons/ 279 B
485 B 182ms
182ms Image
image/svg+xml 23.21.52.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amazonfrontlines.org/wp-content/themes/amazonfrontlines/assets/img/icons/icon-arrow-next.svg
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/wp-content/cache/minify/57fc2.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.21.52.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-52-182.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: e5be0cf9e12892e32ca57fd11154fe22c8f57958752e83c22905a194bdc52a7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/wp-content/cache/minify/57fc2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: public
date: Mon, 24 Apr 2023 13:08:56 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 03 Mar 2022 15:23:04 GMT
server: nginx
x-accel-version: 0.01
etag: "117-5d951f9700600-gzip"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public
accept-ranges: bytes
content-length: 210

GET
H2 200 441107926563407 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 70ms
69ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/441107926563407?v=2.9.102&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1eee475401ced2b41622d05d372d5994af2ef888f82d09b6a7507838600819e5

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 24 Apr 2023 13:08:56 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: o0RDsM9G7HKWR8JYfyjs9R3i2lWI11lnNNh6GW1y3kqAANjOmmnuPnlZ4h5kkUhnUuatoFJ+77/b4opA4+XWbg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
210 B 15ms
15ms XHR
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&aip=1&a=1216673420&t=pageview&_s=1&dl=https%3A%2F%2Famazonfrontlines.org%2F&ul=en-us&de=UTF-8&dt=Amazon%20Frontlines%20-%20Defending%20indigenous%20rights%20to%20land%2C%20life%20and%20cultural%20survival%20in%20the%20Amazon%20rainforest.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACUABBAAAACAAI~&jid=1572358435&gjid=303827982&cid=244419417.1682341737&tid=UA-162643912-1&_gid=4931597.1682341737&_r=1&gtm=457e34j0&did=dZTNiMT&gdid=dZTNiMT&jsscut=1&z=1851329044

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://amazonfrontlines.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 13:08:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://amazonfrontlines.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
257 B 65ms
19ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-NM9HNZLLGQ&gtm=45je34j0&_p=1216673420&_gaz=1&gdid=dZTNiMT&cid=244419417.1682341737&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1682341736&sct=1&seg=0&dl=https%3A%2F%2Famazonfrontlines.org%2F&dt=Amazon%20Frontlines%20-%20Defending%20indigenous%20rights%20to%20land%2C%20life%20and%20cultural%20survival%20in%20the%20Amazon%20rainforest.&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NM9HNZLLGQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 13:08:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://amazonfrontlines.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 64ms
24ms Ping
text/plain 2a00:1450:400c:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-NM9HNZLLGQ&cid=244419417.1682341737&gtm=45je34j0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NM9HNZLLGQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c09::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 13:08:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://amazonfrontlines.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 64ms
35ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-NM9HNZLLGQ&cid=244419417.1682341737&gtm=45je34j0&aip=1&z=71543673

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 13:08:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
352 B 40ms
19ms XHR
text/plain 2a00:1450:400c:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-162643912-1&cid=244419417.1682341737&jid=1572358435&gjid=303827982&_gid=4931597.1682341737&_u=YGBACUAABAAAACAAI~&z=444606378

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://amazonfrontlines.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 24 Apr 2023 13:08:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://amazonfrontlines.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/2976970/domain/amazonfrontlines.org/ 36 B
369 B 221ms
152ms XHR
application/json 2600:9000:20eb:d600:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/2976970/domain/amazonfrontlines.org/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:d600:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://amazonfrontlines.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 13:08:56 GMT
content-encoding: gzip
via: 1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
vary: accept-encoding
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: Nl8YzS69yQX0nGQfStRKfRONgz8pTArPZBRIIlOmIXn61x87kFijMg==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2976970&time=1682341736603&url=https%3A%2F%2Famazonfrontlines.org%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2976970%26time%3D1682341736603%26url%3Dhttps%253A%252F%252Famazonfrontlines.org%2...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2976970&time=1682341736603&url=https%3A%2F%2Famazonfrontlines.org%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2976970&time=1682341736603&url=https%3A%2F%2Famazonfrontlines.org%2F&liSync=true&e_ipv6=AQLaXRG_BRs8ywAAAYezYbKT_8xW6AGN7arvKJooMN2D1_zl-DKSQtJ8X...

0
266 B

209ms
179ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2976970&time=1682341736603&url=https%3A%2F%2Famazonfrontlines.org%2F&liSync=true&e_ipv6=AQLaXRG_BRs8ywAAAYezYbKT_8xW6AGN7arvKJooMN2D1_zl-DKSQtJ8X2urdZjl832XeVncykAp
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 13:08:56 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 5E87FEC034EE43F7AD58121C62DACBB7 Ref B: FRAEDGE2012 Ref C: 2023-04-24T13:08:57Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX6FLWk2ufnxThUKWAvjg==

Redirect headers

date: Mon, 24 Apr 2023 13:08:56 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 609BC5ABAEB74CA6B66D52FBDF26450A Ref B: FRAEDGE1221 Ref C: 2023-04-24T13:08:57Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2976970&time=1682341736603&url=https%3A%2F%2Famazonfrontlines.org%2F&liSync=true&e_ipv6=AQLaXRG_BRs8ywAAAYezYbKT_8xW6AGN7arvKJooMN2D1_zl-DKSQtJ8X2urdZjl832XeVncykAp
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX6FLWha1batnHFdLJVVA==

GET
H2 200 /
www.google.com/pagead/1p-user-list/10864905236/ 42 B
327 B 22ms
20ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10864905236/?random=1682341736308&cv=11&fst=1682341200000&bg=ffffff&guid=ON&async=1&gtm=45be34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Famazonfrontlines.org%2F&frm=0&tiba=Amazon%20Frontlines%20-%20Defending%20indigenous%20rights%20to%20land%2C%20life%20and%20cultural%20survival%20in%20the%20Amazon%20rainforest.&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1208869878&rmt_tld=0&ipr=y

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 13:08:56 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.dz/pagead/1p-user-list/10864905236/ 42 B
455 B 51ms
25ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.dz/pagead/1p-user-list/10864905236/?random=1682341736308&cv=11&fst=1682341200000&bg=ffffff&guid=ON&async=1&gtm=45be34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Famazonfrontlines.org%2F&frm=0&tiba=Amazon%20Frontlines%20-%20Defending%20indigenous%20rights%20to%20land%2C%20life%20and%20cultural%20survival%20in%20the%20Amazon%20rainforest.&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1208869878&rmt_tld=1&ipr=y

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 13:08:56 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 32ms
7ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=441107926563407&ev=PageView&dl=https%3A%2F%2Famazonfrontlines.org%2F&rl=&if=false&ts=1682341736634&sw=1600&sh=1200&v=2.9.102&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1682341736632.2039063096&it=1682341736524&coo=false&rqm=GET

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 24 Apr 2023 13:08:56 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 35ms
34ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-162643912-1&cid=244419417.1682341737&jid=1572358435&_u=YGBACUAABAAAACAAI~&z=790383695

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 13:08:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 36ms
36ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-162643912-1&cid=244419417.1682341737&jid=1572358435&_u=YGBACUAABAAAACAAI~&z=790383695

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 13:08:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/ Show response
give.amazonfrontlines.org/give/313372/ Frame 218E
Redirect Chain

https://www.classy.org/give/313372/
https://give.amazonfrontlines.org/give/313372/

134 KB
34 KB

805ms
657ms

Document
text/html

2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.amazonfrontlines.org/give/313372/

Requested by

Host: sdk.classy.org
URL: https://sdk.classy.org/embedded-giving.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2135bdfae392d1cae00214207650e96f90eca12a931bdff24b7115fc85423e2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.amazonfrontlines.org https://amazonfrontlines.org;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://amazonfrontlines.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 7bce93f5eb36926b-FRA
content-encoding: br
content-security-policy: frame-ancestors 'self' https://www.amazonfrontlines.org https://amazonfrontlines.org;
content-type: text/html; charset=utf-8
date: Mon, 24 Apr 2023 13:08:58 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 7bce93efc8e63609-FRA
content-security-policy: frame-ancestors 'self' https://www.amazonfrontlines.org https://amazonfrontlines.org;
content-type: text/html; charset=utf-8
date: Mon, 24 Apr 2023 13:08:57 GMT
location: https://give.amazonfrontlines.org/give/313372/
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept, Accept-Encoding
x-content-type-options: nosniff

POST
H2 200 / Show response
www.facebook.com/tr/ Frame AF30 0
75 B 17ms
16ms Document
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://amazonfrontlines.org
Referer: https://amazonfrontlines.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://amazonfrontlines.org
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Mon, 24 Apr 2023 13:08:57 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 main.css
prod-frs.content.classy.org/prod/18167/static/frs/ Frame 218E 1 MB
141 KB 61ms
38ms Stylesheet
text/css 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/18167/static/frs/main.css

Requested by

Host: give.amazonfrontlines.org
URL: https://give.amazonfrontlines.org/give/313372/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

743400827279a748ff4e9c0760b9d878206351259383b9913183294f68bc2871

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 13:08:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: KHDHX4V45V22DTTV
age: 46438
cf-polished: origSize=1111771
x-amz-server-side-encryption: AES256
x-amz-id-2: 8gdDxVryjAnk7eotfOlxaky1Z35qLxbNJCKPoD1Fii+i/dnF+5SiHzvgvk87+CyOUE5f4nkN2xE=
cf-bgj: minify
last-modified: Tue, 18 Apr 2023 18:05:16 GMT
server: cloudflare
etag: W/"699816fb5249a1fd21c0d75e7b4a14ee"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
cf-ray: 7bce93fafabc3609-FRA

GET
H2 200 rocket-loader.min.js Show response
give.amazonfrontlines.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame 218E 12 KB
4 KB 11ms
11ms Script
application/javascript 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.amazonfrontlines.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: give.amazonfrontlines.org
URL: https://give.amazonfrontlines.org/give/313372/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/give/313372/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 13:08:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 18 Apr 2023 16:29:56 GMT
server: cloudflare
content-encoding: gzip
etag: W/"643ec584-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 7bce93fb2871926b-FRA
expires: Wed, 26 Apr 2023 13:08:58 GMT

GET
H2 200 v52afc6f149f6479b8c77fa569edb01181681764108816 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame 218E 19 KB
7 KB 75ms
54ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
Requested by: Host: give.amazonfrontlines.org
URL: https://give.amazonfrontlines.org/give/313372/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b

Request headers

Referer: https://give.amazonfrontlines.org/
Origin: https://give.amazonfrontlines.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 13:08:58 GMT
content-encoding: gzip
last-modified: Mon, 17 Apr 2023 20:41:48 GMT
server: cloudflare
etag: W/2023.4.2
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7bce93fb4b586915-FRA

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame 218E 44 KB
16 KB 104ms
72ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: give.amazonfrontlines.org
URL: https://give.amazonfrontlines.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

2a348f9793269ef74e8bd0be51c68f47b76b1bbd1c054b78b8fa3feb0bb82971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 13:08:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16233
x-xss-protection: 0
server: cafe
etag: 7413974659963572443
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 13:08:58 GMT

GET
H2 200 onetrustConsent-1539020710655.js Show response
prod-frs.content.classy.org/prod/18167/static/onetrust/ Frame 218E 50 KB
12 KB 29ms
27ms Script
application/javascript 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/18167/static/onetrust/onetrustConsent-1539020710655.js

Requested by

Host: give.amazonfrontlines.org
URL: https://give.amazonfrontlines.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

987371454c1ad11929a412bd48f8ca28d2a951425e60023e9b1031575980ac9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 13:08:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: TZHME79ADYK746YG
age: 43139
cf-polished: origSize=54583
x-amz-server-side-encryption: AES256
x-amz-id-2: lyP/QE5+ho8gyL97DlKnaLy21qJneJFDL5RaJ5GHQzfEMlyPRh8LGlL+Rrusgy/RiWE5KFAvXsjuxp/pTc5hjA==
cf-bgj: minify
last-modified: Tue, 18 Apr 2023 18:05:16 GMT
server: cloudflare
etag: W/"64c3a4446a1c238c4df7f2db78163772"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 7bce93fb8bce3609-FRA

GET
H2 200 iframe-v3.min.js Show response
htp.tokenex.com/iframe/ Frame 218E 18 KB
5 KB 523ms
127ms Script
application/javascript 52.143.247.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://htp.tokenex.com/iframe/iframe-v3.min.js

Requested by

Host: give.amazonfrontlines.org
URL: https://give.amazonfrontlines.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.143.247.24 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9e7d595f9089209fce023a961d31ea386f600d32a44094e000d830bc7bdd4e6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 24 Apr 2023 13:08:58 GMT
last-modified: Tue, 27 Dec 2022 16:48:20 GMT
etag: "0a2816131ad91:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 4568
x-xss-protection: 1; mode=block

GET
H2 200 paypal-js.legacy.min.js Show response
unpkg.com/@paypal/paypal-js@4.0.8/dist/iife/ Frame 218E 7 KB
3 KB 48ms
25ms Script
application/javascript 2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@paypal/paypal-js@4.0.8/dist/iife/paypal-js.legacy.min.js

Requested by

Host: give.amazonfrontlines.org
URL: https://give.amazonfrontlines.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62f42276dddf470e795cc1b1bdcb8fe73a0354188bcfa80e0600e8b8d2a21dcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 13:08:58 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 9539178
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01GNXCTSS0J01S6N7YX5GYPNSN-fra
server: cloudflare
etag: W/"1b81-IpiDV5HCNI7yT2mRdGuH3F1n0RQ"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7bce93fba8cc2c27-FRA

GET
H2 200 module.min.js Show response
prod-frs.content.classy.org/prod/18167/static/frs/donation/ Frame 218E 182 KB
37 KB 34ms
32ms Script
application/javascript 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/18167/static/frs/donation/module.min.js

Requested by

Host: give.amazonfrontlines.org
URL: https://give.amazonfrontlines.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e60089421dbb62b7064eb8cc3cb72115dc6ffabdad8835bd131c95de1ed915f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 13:08:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 18 Apr 2023 18:05:16 GMT
server: cloudflare
x-amz-request-id: XX7JKR323P8CGP0Q
age: 48996
etag: W/"019a8ddd211c38b1e8b755ee24a0b939"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 7bce93fb8bd13609-FRA
x-amz-id-2: Wc9z7xLsQhLQauXeAwG5GQf/smQ4IGaVWDwguc5oyJsN4k7y/L/yKsIW4qcbZt+tJc1WwlMs9NI=

GET
H2 200 module.min.js Show response
prod-frs.content.classy.org/prod/18167/static/global/ Frame 218E 2 MB
376 KB 47ms
45ms Script
application/javascript 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/18167/static/global/module.min.js

Requested by

Host: give.amazonfrontlines.org
URL: https://give.amazonfrontlines.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd8be1f415e873bf9ceec9ccbc8910764e4270c704d004ecb2d636e7604e9032

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 13:08:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 18 Apr 2023 18:05:16 GMT
server: cloudflare
x-amz-request-id: 53E8E3H2V036286S
age: 46408
etag: W/"9b3ebfa8ab4e28b03ce88af64e4ba91f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 7bce93fb8bd33609-FRA
x-amz-id-2: q3h4UmdRHKC65MQ+5GesIK9DT3CL9cNqd3cSAcArS6kRvpvzKvjeZr8doXVpPhkFmZP/ABSdb6k=

GET
H2 200 libs.min.js Show response
prod-frs.content.classy.org/prod/18167/static/global/ Frame 218E 1 MB
430 KB 44ms
42ms Script
application/javascript 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/18167/static/global/libs.min.js

Requested by

Host: give.amazonfrontlines.org
URL: https://give.amazonfrontlines.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b05bc405a4294a1d778025a79275c288477dda7cf50f679c9b621925b0dad5a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 13:08:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 18 Apr 2023 18:05:16 GMT
server: cloudflare
x-amz-request-id: 53E4T6ECKGHDKH9T
age: 49308
etag: W/"772e1301b871cc2545926cb86ee5965f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 7bce93fb8bd53609-FRA
x-amz-id-2: 8kr7lx1HA3MV6zW/0k7Lu5Uu2AUQRWWQLfzTl2ah92S8yI3OGO0To7UDKKN3Q0olHHDeaFOM5Ik=

GET
H2 200 link-initialize.js Show response
cdn.plaid.com/link/v2/stable/ Frame 218E 136 KB
42 KB 380ms
54ms Script
application/javascript 13.32.121.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by: Host: give.amazonfrontlines.org
URL: https://give.amazonfrontlines.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-78.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aca0682f2a6967bfe39854cbc9abf550ac57023624336aa699dcd76552afc183

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: SHeiVgw_m0obH2o2b.1WO_dSfxFampjq
content-encoding: gzip
via: 1.1 3141f89cca62ae5784a211a8d1176d1c.cloudfront.net (CloudFront)
date: Mon, 24 Apr 2023 01:31:53 GMT
x-amz-request-id: RTNV7GEA16QZ9N64
x-amz-cf-pop: FRA60-P1
x-amz-server-side-encryption: AES256
age: 41827
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-id-2: gEjtFmBgIxQC3LK15KSPysHF+l2e11e2pV7caumqdfFb6LlPV2ID59jhK+Ho6cWemA0gSzBVhUQ=
last-modified: Fri, 21 Apr 2023 19:49:42 GMT
server: AmazonS3
etag: W/"35af75bb3a81cec7c3bb257ee20ac496"
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache,must-revalidate,max-age=0
x-amz-cf-id: yeNDihBJG1izfwl7bvk877XFGkh3UPph0NvtO6sOAScGomX6lDOLvw==

GET
H2 200 / Show response
js.stripe.com/v3/ Frame 218E 463 KB
111 KB 370ms
13ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: give.amazonfrontlines.org
URL: https://give.amazonfrontlines.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

6ac48a7c704eb512addd8690ff165f87f9757f986d2ecf6b3f12c2ff077cecbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 24 Apr 2023 13:08:10 GMT
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 50
x-cache: Hit from cloudfront
last-modified: Fri, 21 Apr 2023 20:38:05 GMT
server: Cloudfront
etag: W/"8fda7e60cbb19842ca19415aa6b29ca1"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: BuNBcyoYeGOCHb_ke2wVV9RY16tNR7J4nDWkUwLm2bsrX0EocHb6EA==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 218E 223 KB
78 KB 24ms
22ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6HXY58W7SY

Requested by

Host: give.amazonfrontlines.org
URL: https://give.amazonfrontlines.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c8fbcb4c0f9a9e4538d31bbfb9549daa8955f86a63502a87841276b5f9bf1c50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 13:08:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79358
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 24 Apr 2023 13:08:58 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 218E 49 KB
20 KB 31ms
29ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 24 Apr 2023 12:27:45 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 2473
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Mon, 24 Apr 2023 14:27:45 GMT

GET
H2 200 heap-1566116007.js Show response
cdn.heapanalytics.com/js/ Frame 218E 122 KB
39 KB 70ms
13ms Script
application/javascript 13.32.27.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-1566116007.js

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.35 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-35.fra56.r.cloudfront.net

Software

nginx / Express

Resource Hash

f23919d80b8e1ef191cc819204a9f5da658468b28e448d5294d05ae39094d39a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 13:08:24 GMT
content-encoding: br
via: 1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
x-amz-cf-pop: FRA56-C2
age: 34
x-powered-by: Express
etag: W/"1e701-qr6RFvuqy+NzKoFgms0g3+8IaWA"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=120
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: DXN_2SgDdCJQXkHutlBBFEHKqwODtlDoo9WGYp6k3Hjj2_29utDejw==

POST
H2 204 collect
region1.google-analytics.com/g/ Frame 218E 0
79 B 17ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-6HXY58W7SY&gtm=45je34j0&_p=1163752989&cid=244419417.1682341737&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1682341738&sct=1&seg=0&dl=https%3A%2F%2Fgive.amazonfrontlines.org%2Fgive%2F313372%2F&dr=https%3A%2F%2Famazonfrontlines.org%2F&dt=Frontlines%20Challenge&en=appv2_default2&_fv=1&_ss=1&_ee=1&ep.allowLinker=true&ep.name=clientTrack
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6HXY58W7SY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 13:08:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.amazonfrontlines.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 /
sessions.bugsnag.com/ Frame 0
0 193ms
151ms Preflight 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method: POST
Origin: https://give.amazonfrontlines.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Mon, 24 Apr 2023 13:08:59 GMT
via: 1.1 google

POST
H2 202 / Show response
sessions.bugsnag.com/ Frame 218E 21 B
140 B 152ms
151ms XHR
application/json 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1.0
Referer: https://give.amazonfrontlines.org/
Bugsnag-Sent-At: 2023-04-24T13:08:59.178Z
accept-language: de-DE,de;q=0.9
Bugsnag-Api-Key: ed2f4223afa43ef4870a151ab82d1ac6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Mon, 24 Apr 2023 13:08:59 GMT
via: 1.1 google
bugsnag-session-uuid: 857e5dc0-2b2f-49d5-998a-3a80d5492e7b
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
content-type: application/json

GET
H2 200 sdk.js Show response
give.amazonfrontlines.org/sso/ Frame 218E 25 KB
7 KB 517ms
517ms Script
application/javascript 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.amazonfrontlines.org/sso/sdk.js

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a39c7130747e5795889aa3ee603173b357eb0deade0252622413c78ddbe00350

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/give/313372/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 13:08:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Mon, 24 Apr 2023 08:53:43 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=1200
cf-ray: 7bce93fe0b3f926b-FRA
expires: Mon, 24 Apr 2023 13:28:59 GMT

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame CC67 200 B
1 KB 10ms
10ms Document
text/html 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.amazonfrontlines.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1261
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 24 Apr 2023 12:47:59 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Thu, 20 Apr 2023 20:13:02 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
x-amz-cf-id: qDhNxWS1mdrTe7ukTDv6R076IOtRTNnto3vzrkenGAp_HRtVV1hC3w==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 async-api.6c072bf7-1.230.0.min.js Show response
js-agent.newrelic.com/ Frame 218E 2 KB
2 KB 38ms
8ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/async-api.6c072bf7-1.230.0.min.js
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b6a613ee9108f1d682a41dbf67bf48474111f09ae1b3f9610371f9e9ab310ba1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: rWoTEmf9ai1ouwS3ToIE043y.yHgDQor
content-encoding: gzip
via: 1.1 varnish
date: Mon, 24 Apr 2023 13:08:59 GMT
x-amz-request-id: HNBA4932RWYBP917
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1210
x-amz-id-2: Qo+iXw/8QSBfr+MSqbtNarMG/qdCu4nkNNBIF840V12GG4RxeDlnSG1lzerfyC5HzB1occV09k8=
x-served-by: cache-hhn-etou8220045-HHN
last-modified: Mon, 10 Apr 2023 17:14:03 GMT
server: AmazonS3
x-timer: S1682341739.367040,VS0,VE0
etag: "a21c5f6b7cdfc3dedc83c2262a56d7cd"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1123

GET
H2 200 lazy-loader.ff971c03-1.230.0.min.js Show response
js-agent.newrelic.com/ Frame 218E 928 B
618 B 38ms
8ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/lazy-loader.ff971c03-1.230.0.min.js
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 16a2fcf59eb7e6f04fe15ad2b13cff5fd8813a3267e7f4c57fdf16d35470f5d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: moNPj5M8w_3ogm1Lwe_Y7qB7rdPjSB51
content-encoding: gzip
via: 1.1 varnish
date: Mon, 24 Apr 2023 13:08:59 GMT
x-amz-request-id: HNB50R21YEDERC1S
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 414
x-amz-id-2: dZHcxpIxVl56hDw16ah5Uh0h3bYcPOQPlE9yFfQshP8jI3Vvkzt/uFAemiq1ZBrQfNuXvaKZIDc=
x-served-by: cache-hhn-etou8220045-HHN
last-modified: Mon, 10 Apr 2023 17:14:03 GMT
server: AmazonS3
x-timer: S1682341739.367017,VS0,VE0
etag: "5c71e603fdc4b5e7eb31a10d4bf90768"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1129

GET
H2 200 optanon.css
prod-frs.content.classy.org/prod/18167/static/onetrust/skins/3.6.25/default_flat_bottom_two_button_white/v2/css/ Frame 218E 22 KB
6 KB 36ms
35ms Stylesheet
text/css 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/18167/static/onetrust/skins/3.6.25/default_flat_bottom_two_button_white/v2/css/optanon.css

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

adf4afee15d307888f52c5c1b8649ba2ef593e9a04e1400b63f80774c0d20176

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 13:08:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: JV2H3AFYJWGYC9Y8
age: 46886
cf-polished: origSize=22581
x-amz-server-side-encryption: AES256
x-amz-id-2: ChnCcKDoaM/27quqXhWL+GPUZvGMMT7/b416pMWxnoXICtdnRVLdhH9lGjB935iE+0laiynYM/FA8fxZwm36ddp0ZTWinAVE4DGfD9ZVwOc=
cf-bgj: minify
last-modified: Tue, 18 Apr 2023 18:05:16 GMT
server: cloudflare
etag: W/"5ec3a032a0370bd8e3f63adf430b4617"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
cf-ray: 7bce93fed92b3609-FRA

GET
H2 200 EU Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/countries/ Frame 218E 32 B
183 B 47ms
27ms Script
text/javascript 2606:4700:4400::ac40:9062
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/countries/EU?callback=jQuery321016251047550911535_1682341739011&_=1682341739012

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9062 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0817a0d6a87f2d42532035e42b20ea55cfaa5ca1092c761f5fc5e734790bdbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 13:08:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7bce93ff0d736901-FRA
content-length: 32
vary: Accept-Encoding
content-type: text/javascript

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ Frame 218E 91 KB
28 KB 75ms
8ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668A) /
Resource Hash: 392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 13:08:59 GMT
Content-Encoding: gzip
Age: 1076
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27630
Last-Modified: Tue, 24 Jan 2023 21:41:51 GMT
Server: ECS (frb/668A)
Etag: "9e99725b7a4cd730a934afba2a438bb5+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H2 200 iframe_api Show response
www.youtube.com/ Frame 218E 992 B
2 KB 51ms
27ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0a30f94167bc21b61b2417f07dd1ee6a6cf76b83eacaedf1a1704cba3b904c79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 13:08:59 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Mon, 24 Apr 2023 13:08:59 GMT

GET
H2 200 tax-entities Show response
give.amazonfrontlines.org/frs-api/organizations/67405/ Frame 218E 397 B
316 B 455ms
454ms XHR
application/json 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.amazonfrontlines.org/frs-api/organizations/67405/tax-entities

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

700e2283a18e14ed801ad182b3ce69a1ff0b79db0309b367ddf6d9dbfbf085b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: MdlqyUI4-QPMC2zn--9_njCZByLJOMCQDgHk
tracestate: 423787@nr=0-1-423787-363751183-9b24c4c2057bb469----1682341739531
traceparent: 00-26ddc2820ea2a95388cd87c344806d20-9b24c4c2057bb469-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI5YjI0YzRjMjA1N2JiNDY5IiwidHIiOiIyNmRkYzI4MjBlYTJhOTUzODhjZDg3YzM0NDgwNmQyMCIsInRpIjoxNjgyMzQxNzM5NTMxfX0=
Accept: application/json, text/plain, */*
csrf-token: MdlqyUI4-QPMC2zn--9_njCZByLJOMCQDgHk
Referer: https://give.amazonfrontlines.org/give/313372/

Response headers

date: Mon, 24 Apr 2023 13:08:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"18d-Ai++LgAVXidrmPnOPDu1W3bZ+Hk"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7bce94001d52926b-FRA

GET
H2 200 dropdown-caret.png
prod-frs.content.classy.org/prod/18167/static/global/images/ Frame 218E 394 B
666 B 23ms
22ms Image
image/webp 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/18167/static/global/images/dropdown-caret.png

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/18167/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9dc9f15be9644fe661ed74493a4de393418024500fe78cf633bac0a86f29a745

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://prod-frs.content.classy.org/prod/18167/static/frs/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 13:08:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-amz-request-id: JH61CDYWK6GCDPM7
age: 32351
cf-polished: origFmt=png, origSize=547
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="dropdown-caret.webp"
content-length: 394
x-amz-id-2: 9oG6tQJPR5cd32DYW+PM+46Pc+I6/nQHEJLQ6CTMEUzo5bVtodK/6Rl1OQjnPqL6TQR+ia/YOMiooovW1KXBOQ==
cf-bgj: imgq:85,h2pri
last-modified: Tue, 18 Apr 2023 18:05:16 GMT
server: cloudflare
etag: "43da60879cfe0801ed7fc830a628885c"
vary: Accept
content-type: image/webp
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7bce94008bb53609-FRA

GET
H2 200 fontawesome-webfont.woff2
prod-frs.content.classy.org/prod/18167/static/fonts/ Frame 218E 65 KB
66 KB 447ms
426ms Font
binary/octet-stream 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/18167/static/fonts/fontawesome-webfont.woff2?v=4.5.0

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/18167/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://prod-frs.content.classy.org/prod/18167/static/frs/main.css
Origin: https://give.amazonfrontlines.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 13:09:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: REVALIDATED
x-amz-request-id: Z7MPS5MZXND1V4A7
x-amz-server-side-encryption: AES256
content-length: 66624
x-amz-id-2: ZRgHlBDCDj7zQXaUSVGuinyk5vweqBcAOTrd2aIQzb6IO/OZ9JYU6bpbMPRtZyVNwIfl1WWWKVg=
last-modified: Tue, 18 Apr 2023 18:05:16 GMT
server: cloudflare
etag: "db812d8a70a4e88e888744c1c9a27e89"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7bce9400a9cebbb3-FRA

GET
H2 200 ach-account-routing Show response
give.amazonfrontlines.org/frs-api/organizations/67405/ Frame 218E 33 B
282 B 473ms
472ms XHR
application/json 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.amazonfrontlines.org/frs-api/organizations/67405/ach-account-routing

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db35d9942ff3fe390acc214cea81723f9c880cdd53788be8a16d6b3e0aab3965

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: MdlqyUI4-QPMC2zn--9_njCZByLJOMCQDgHk
tracestate: 423787@nr=0-1-423787-363751183-8bc3fabbece7e1ad----1682341739651
traceparent: 00-ee1260bb187e367487d9b434b8779870-8bc3fabbece7e1ad-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI4YmMzZmFiYmVjZTdlMWFkIiwidHIiOiJlZTEyNjBiYjE4N2UzNjc0ODdkOWI0MzRiODc3OTg3MCIsInRpIjoxNjgyMzQxNzM5NjUxfX0=
Accept: application/json, text/plain, */*
csrf-token: MdlqyUI4-QPMC2zn--9_njCZByLJOMCQDgHk
Referer: https://give.amazonfrontlines.org/give/313372/

Response headers

date: Mon, 24 Apr 2023 13:09:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"21-x2mDQC0vzbrt0ZWFDFk/7jYh9jg"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7bce9400de06926b-FRA
content-length: 33

GET
H2 200 currency-conversions Show response
give.amazonfrontlines.org/frs-api/i18n/ Frame 218E 75 B
221 B 146ms
145ms XHR
application/json 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.amazonfrontlines.org/frs-api/i18n/currency-conversions?amount=1&from=USD&to=EUR

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f7e21372859a2f6cf237901739dce1bf3f711c18973959a9e624b3735059f59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: MdlqyUI4-QPMC2zn--9_njCZByLJOMCQDgHk
tracestate: 423787@nr=0-1-423787-363751183-99e739abc43dc8a1----1682341739673
traceparent: 00-6d9352af50b82135be1fced7d84812a0-99e739abc43dc8a1-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI5OWU3MzlhYmM0M2RjOGExIiwidHIiOiI2ZDkzNTJhZjUwYjgyMTM1YmUxZmNlZDdkODQ4MTJhMCIsInRpIjoxNjgyMzQxNzM5NjczfX0=
Accept: application/json, text/plain, */*
csrf-token: MdlqyUI4-QPMC2zn--9_njCZByLJOMCQDgHk
Referer: https://give.amazonfrontlines.org/give/313372/

Response headers

date: Mon, 24 Apr 2023 13:08:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"4b-ZyBbzC7AO8QPz2aaINj1e5oHWBo"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7bce9400fe25926b-FRA

GET
H2 200 plaid Show response
pay.classy.org/token/ Frame 218E 88 B
504 B 421ms
403ms XHR
application/json 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/plaid?applicationId=13381&currency=EUR

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86cb276d0550d189e7dad4800fbbcfe7b5312f7845e0e711115d5aad589b5d27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://give.amazonfrontlines.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 13:09:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-classypay-version: 1
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-classypay-requestid: cf36ccbf-75e7-44ae-8f2b-2af6579b8caa
cf-ray: 7bce94011a5fbbb3-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 user-icon.png
give.amazonfrontlines.org/static/global/images/ Frame 218E 2 KB
2 KB 41ms
38ms Image
image/webp 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://give.amazonfrontlines.org/static/global/images/user-icon.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c751fe2e3ebe19205c4845af55a79608fcc55109648115357e673bf5dc161b49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/give/313372/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 13:08:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
age: 182368
cf-polished: origFmt=png, origSize=4588
content-disposition: inline; filename="user-icon.webp"
content-length: 2024
last-modified: Tue, 18 Apr 2023 18:00:38 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "643edac6-11ec"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bce94011e4c926b-FRA
expires: Sun, 21 Apr 2024 10:29:31 GMT

GET
H2 200 da5e570c-2a8d-11eb-82d1-0a6be12f22e9.png
assets.classy.org/13434754/ Frame 218E 15 KB
15 KB 60ms
48ms Image
image/webp 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/13434754/da5e570c-2a8d-11eb-82d1-0a6be12f22e9.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

641e6fc348b4f6de3b8c056930ac32722d5b9e64d5136dbb5c097b3fe57e530c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 13:08:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 af7ccd7ee52b9d2db7e10a7abcefaa2e.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: 5CqcSkIOBzgw6oTOWI1cLRiILut6fQ2F
age: 184629
x-amz-cf-pop: ATL58-P3
cf-polished: origFmt=png, origSize=95415
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
content-disposition: inline; filename="da5e570c-2a8d-11eb-82d1-0a6be12f22e9.webp"
content-length: 15342
last-modified: Thu, 19 Nov 2020 17:37:14 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "15336d5b97e1c22678e90202eb3156ed"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public,max-age=31536000
accept-ranges: bytes
cf-ray: 7bce94012c773609-FRA
x-amz-cf-id: fOGUNG0JhFPc2eK8HStgz7RA2D3UcJ4NiclVQcwFJtwQyKql-96Bag==

GET
H2 200 h
heapanalytics.com/ Frame 218E 37 B
284 B 343ms
107ms Image
image/gif 34.231.49.196
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1566116007&u=813113933522097&v=4054604701673755&s=6293430835976536&b=web&tv=4.0&z=0&g=%23!%2Fdonation%2Fcheckout%3Fc_src%3Dweb%26c_src2%3Dhome%26eg%3Dtrue%26egp%3Ddo&h=%2Fgive%2F313372%2F&d=give.amazonfrontlines.org&t=Donate%20to%20Frontlines%20Challenge&r=https%3A%2F%2Famazonfrontlines.org%2F&ts=1682341739702&st=1682341739705

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.231.49.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-231-49-196.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 13:08:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
access-control-allow-origin: *
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

POST
H2 204 rum Show response
give.amazonfrontlines.org/cdn-cgi/ Frame 218E 0
149 B 12ms
12ms XHR
text/plain 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.amazonfrontlines.org/cdn-cgi/rum?

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-3f2c5eccbfd4de1e----1682341739708
traceparent: 00-107d33e2166b8777660f0476390151c0-3f2c5eccbfd4de1e-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIzZjJjNWVjY2JmZDRkZTFlIiwidHIiOiIxMDdkMzNlMjE2NmI4Nzc3NjYwZjA0NzYzOTAxNTFjMCIsInRpIjoxNjgyMzQxNzM5NzA4fX0=
content-type: application/json
Referer: https://give.amazonfrontlines.org/give/313372/

Response headers

date: Mon, 24 Apr 2023 13:08:59 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://give.amazonfrontlines.org
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7bce94012e5c926b-FRA

POST
H2 200 csp-report
q.stripe.com/ Frame CC67 0
716 B 562ms
183ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 24 Apr 2023 13:09:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682341740181682
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1682341740181130
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame CC67 0
716 B 567ms
188ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 24 Apr 2023 13:09:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682341740181449
x-envoy-upstream-service-time: 4
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1682341740181185
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame CC67 631 B
1 KB 12ms
11ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Mon, 24 Apr 2023 12:28:24 GMT
x-content-type-options: nosniff
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 2436
x-cache: Hit from cloudfront
content-length: 631
last-modified: Fri, 07 Apr 2023 22:37:54 GMT
server: Cloudfront
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: x_UQxjgHEkabukJZgEqBfmE-nHrrXspCvFvQiiVbMDR_O4a9tkesrw==

GET
H2 200 css
fonts.googleapis.com/ Frame 218E 12 KB
829 B 23ms
23ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

520b4b1a4e266fcd8dc4d48f3c5fd89e542b4d164143caf784c93447cccc6709

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 24 Apr 2023 13:08:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 13:08:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 24 Apr 2023 13:08:59 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame 218E 4 B
24 B 20ms
19ms XHR
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1163752989&t=event&_s=1&dl=https%3A%2F%2Fgive.amazonfrontlines.org%2Fgive%2F313372%2F&dr=https%3A%2F%2Famazonfrontlines.org%2F&ul=en-us&de=UTF-8&dt=Donate%20to%20Frontlines%20Challenge&sd=24-bit&sr=1600x1200&vp=420x620&je=0&ec=frs&ea=checkout&el=Begin%20Checkout&_u=CCCACEABBAAAACAAI~&jid=1584839407&gjid=457511470&cid=244419417.1682341737&tid=UA-3837893-1&_gid=4931597.1682341737&_r=1&_slc=1&z=941269214

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.amazonfrontlines.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 13:08:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.amazonfrontlines.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame 218E 4 B
24 B 18ms
17ms XHR
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1163752989&t=event&_s=1&dl=https%3A%2F%2Fgive.amazonfrontlines.org%2Fgive%2F313372%2F&dr=https%3A%2F%2Famazonfrontlines.org%2F&ul=en-us&de=UTF-8&dt=Donate%20to%20Frontlines%20Challenge&sd=24-bit&sr=1600x1200&vp=420x620&je=0&ec=frs&ea=checkout&el=Begin%20Checkout&_u=CCCACEABBAAAACAAI~&jid=838395763&gjid=1132621475&cid=244419417.1682341737&tid=UA-163699844-1&_gid=4931597.1682341737&_r=1&_slc=1&z=1423688881

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.amazonfrontlines.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 13:08:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.amazonfrontlines.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ Frame 218E 0
45 B 16ms
16ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-6HXY58W7SY&gtm=45je34j0&_p=1163752989&cid=244419417.1682341737&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1682341738&sct=1&seg=0&dl=https%3A%2F%2Fgive.amazonfrontlines.org%2Fgive%2F313372%2F&dr=https%3A%2F%2Famazonfrontlines.org%2F&dt=Frontlines%20Challenge&en=scroll&ep.allowLinker=true&ep.name=clientTrack&epn.percent_scrolled=90
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6HXY58W7SY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 13:08:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.amazonfrontlines.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 stripePublishableKey Show response
pay.classy.org/token/ Frame 218E 44 B
329 B 402ms
402ms XHR
application/json 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/stripePublishableKey

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4f03677f716f1db373f1c115b0199d7d777dd90634465e8e9de07ada8d96036

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://give.amazonfrontlines.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 13:09:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-classypay-version: 1
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-classypay-requestid: c478c479-2db1-44f3-94c9-f54513ca9c47
cf-ray: 7bce94015acdbbb3-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 44

GET
H3 200 collect
www.google-analytics.com/ Frame 218E 35 B
55 B 8ms
8ms Image
image/gif 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1163752989&t=timing&_s=2&dl=https%3A%2F%2Fgive.amazonfrontlines.org%2Fgive%2F313372%2F&dr=https%3A%2F%2Famazonfrontlines.org%2F&ul=en-us&de=UTF-8&dt=Donate%20to%20Frontlines%20Challenge&sd=24-bit&sr=1600x1200&vp=420x620&je=0&utc=TT%3A%20latency&utv=fresh&utl=1682341739401&utt=993&_u=SCCACEABBAAAACAAI~&jid=&gjid=&cid=244419417.1682341737&tid=UA-3837893-1&_gid=4931597.1682341737&cd1=67405&cd2=Classy%20Pay&cd3=0&cd4=crowdfunding&cd5=313372&cd6=campaign&cd11=recurring%20optimization&z=567870345

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 02:12:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 39413
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame 218E 35 B
55 B 9ms
7ms Image
image/gif 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1163752989&t=timing&_s=3&dl=https%3A%2F%2Fgive.amazonfrontlines.org%2Fgive%2F313372%2F&dr=https%3A%2F%2Famazonfrontlines.org%2F&ul=en-us&de=UTF-8&dt=Donate%20to%20Frontlines%20Challenge&sd=24-bit&sr=1600x1200&vp=420x620&je=0&utc=TT%3A%20first%20byte&utv=fresh&utl=1682341739401&utt=1651&_u=SCCACEABBAAAACAAI~&jid=&gjid=&cid=244419417.1682341737&tid=UA-3837893-1&_gid=4931597.1682341737&cd1=67405&cd2=Classy%20Pay&cd3=0&cd4=crowdfunding&cd5=313372&cd6=campaign&cd11=recurring%20optimization&z=948588139

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 02:12:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 39413
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame 218E 35 B
55 B 8ms
8ms Image
image/gif 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1163752989&t=timing&_s=4&dl=https%3A%2F%2Fgive.amazonfrontlines.org%2Fgive%2F313372%2F&dr=https%3A%2F%2Famazonfrontlines.org%2F&ul=en-us&de=UTF-8&dt=Donate%20to%20Frontlines%20Challenge&sd=24-bit&sr=1600x1200&vp=420x620&je=0&utc=TT%3A%20last%20byte&utv=fresh&utl=1682341739401&utt=1832&_u=SCCACEABBAAAACAAI~&jid=&gjid=&cid=244419417.1682341737&tid=UA-3837893-1&_gid=4931597.1682341737&cd1=67405&cd2=Classy%20Pay&cd3=0&cd4=crowdfunding&cd5=313372&cd6=campaign&cd11=recurring%20optimization&z=24957224

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 02:12:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 39413
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame 218E 35 B
55 B 9ms
8ms Image
image/gif 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1163752989&t=timing&_s=5&dl=https%3A%2F%2Fgive.amazonfrontlines.org%2Fgive%2F313372%2F&dr=https%3A%2F%2Famazonfrontlines.org%2F&ul=en-us&de=UTF-8&dt=Donate%20to%20Frontlines%20Challenge&sd=24-bit&sr=1600x1200&vp=420x620&je=0&utc=TT%3A%20document%20ready&utv=fresh&utl=1682341739401&utt=1936&_u=SCCACEABBAAAACAAI~&jid=&gjid=&cid=244419417.1682341737&tid=UA-3837893-1&_gid=4931597.1682341737&cd1=67405&cd2=Classy%20Pay&cd3=0&cd4=crowdfunding&cd5=313372&cd6=campaign&cd11=recurring%20optimization&z=1082232909

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 02:12:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 39413
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame 218E 35 B
55 B 9ms
8ms Image
image/gif 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1163752989&t=timing&_s=6&dl=https%3A%2F%2Fgive.amazonfrontlines.org%2Fgive%2F313372%2F&dr=https%3A%2F%2Famazonfrontlines.org%2F&ul=en-us&de=UTF-8&dt=Donate%20to%20Frontlines%20Challenge&sd=24-bit&sr=1600x1200&vp=420x620&je=0&utc=TT%3A%20view%20rendered&utv=fresh&utl=1682341739401&utt=2810&_u=SCCACEABBAAAACAAI~&jid=&gjid=&cid=244419417.1682341737&tid=UA-3837893-1&_gid=4931597.1682341737&cd1=67405&cd2=Classy%20Pay&cd3=0&cd4=crowdfunding&cd5=313372&cd6=campaign&cd11=recurring%20optimization&z=1623559499

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 02:12:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 39413
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 telemetry
heapanalytics.com/api/ Frame 218E 37 B
283 B 247ms
108ms Image
image/gif 34.231.49.196
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/api/telemetry?a=1566116007&te=type&te=data&te=cm&te=eventPropertiesTelemetry%20-%20added%20new%20properties&te=val&te=8&st=1682341739797&hv=4.19.3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.231.49.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-231-49-196.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 13:08:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
access-control-allow-origin: *
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 h
heapanalytics.com/ Frame 218E 37 B
283 B 247ms
108ms Image
image/gif 34.231.49.196
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1566116007&u=813113933522097&v=4054604701673755&s=6293430835976536&b=web&tv=4.0&sp=z&sp=0&sp=r&sp=https%3A%2F%2Famazonfrontlines.org%2F&sp=ts&sp=1682341739702&sp=d&sp=give.amazonfrontlines.org&sp=h&sp=%2Fgive%2F313372%2F&sp=t&sp=Donate%20to%20Frontlines%20Challenge&sp=g&sp=%23!%2Fdonation%2Fcheckout%3Fc_src%3Dweb%26c_src2%3Dhome%26eg%3Dtrue%26egp%3Ddo&pp=d&pp=give.amazonfrontlines.org&pp=h&pp=%2Fgive%2F313372%2F&pp=g&pp=%23!%2Fdonation%2Fcheckout%3Fc_src%3Dweb%26c_src2%3Dhome%26eg%3Dtrue%26egp%3Ddo&pp=t&pp=Donate%20to%20Frontlines%20Challenge&pp=ts&pp=1682341739702&id0=574536780934601&k0=environment&k0=prod&k0=organization_id&k0=67405&k0=campaign&k0=313372&k0=campaign_type&k0=crowdfunding&k0=duplicate_fundraisers&k0=false&k0=existing_fundraiser&k0=false&k0=label&k0=Begin%20Checkout&k0=action&k0=checkout&k0=currency&k0=USD&t0=Begin%20Checkout&ts0=1682341739799&st=1682341739800

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.231.49.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-231-49-196.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 13:08:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
access-control-allow-origin: *
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/ Frame 218E 27 KB
27 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.amazonfrontlines.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 21:41:16 GMT
x-content-type-options: nosniff
age: 142063
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27428
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 21:41:16 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/ Frame 218E 27 KB
27 KB 11ms
11ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.amazonfrontlines.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 21:41:16 GMT
x-content-type-options: nosniff
age: 142063
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27428
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 21:41:16 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/ Frame 218E 27 KB
27 KB 13ms
13ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.amazonfrontlines.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 21:41:16 GMT
x-content-type-options: nosniff
age: 142063
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27428
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 21:41:16 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/ Frame 218E 27 KB
27 KB 17ms
17ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.amazonfrontlines.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 21:41:16 GMT
x-content-type-options: nosniff
age: 142063
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27428
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 21:41:16 GMT

GET
H2 200 1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v12/ Frame 218E 28 KB
29 KB 18ms
18ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Pttg83HX_SGhgqk2jovaqQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d081b1ed15a0074cf2cc7e574123fc85736ef6648ba45c5e6f5a446c9dcc849

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.amazonfrontlines.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 15:35:17 GMT
x-content-type-options: nosniff
age: 164022
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29156
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:01:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 15:35:17 GMT

GET
H2 200 inner.html Show response
m.stripe.network/ Frame CE6E 930 B
1 KB 44ms
7ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 116
cache-control: max-age=300, public
content-encoding: gzip
content-length: 527
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 24 Apr 2023 13:08:59 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 100
x-content-type-options: nosniff
x-request-id: be55a7dd-b773-4480-a053-89b138dd116b
x-served-by: cache-fra-eddf8230059-FRA
x-timer: S1682341740.955674,VS0,VE0

GET
H2 200 stripePublishableKey Show response
pay.classy.org/token/ Frame 218E 44 B
916 B 423ms
422ms XHR
application/json 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/stripePublishableKey

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4f03677f716f1db373f1c115b0199d7d777dd90634465e8e9de07ada8d96036

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://give.amazonfrontlines.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 13:09:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-classypay-version: 1
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=D26gcnCzPb2kENPYpNHEWEKFBExD8DPPs3iCg9hPW6o-1682341740-0-ARi9Vvx_7LXBWvI1QPYfFZV3kP8PwI5m8K4EbdoMCIRGPSLbVhD811u9h_D0eQDfr4hRv5PV_ThsM1DA3duLjVz-fuLWnRcP6tLm6GH30JcgmuBV_IPB2vhbHQsDpQ3K9DVJQyookZSv39aDAU_WWfs"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-classypay-requestid: 1a5c3ab9-efdb-4aa6-b371-c7a015e7b492
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=D26gcnCzPb2kENPYpNHEWEKFBExD8DPPs3iCg9hPW6o-1682341740-0-ARi9Vvx_7LXBWvI1QPYfFZV3kP8PwI5m8K4EbdoMCIRGPSLbVhD811u9h_D0eQDfr4hRv5PV_ThsM1DA3duLjVz-fuLWnRcP6tLm6GH30JcgmuBV_IPB2vhbHQsDpQ3K9DVJQyookZSv39aDAU_WWfs; report-to cf-csp-endpoint
cf-ray: 7bce9402ad09bbb3-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 44

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ Frame 218E 1 B
94 B 19ms
18ms XHR
text/plain 2a00:1450:400c:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-3837893-1&cid=244419417.1682341737&jid=1584839407&gjid=457511470&_gid=4931597.1682341737&_u=CCCACEAABAAAACAAI~&z=671317722

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.amazonfrontlines.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 24 Apr 2023 13:08:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.amazonfrontlines.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ Frame 218E 4 B
70 B 19ms
19ms XHR
text/plain 2a00:1450:400c:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-163699844-1&cid=244419417.1682341737&jid=838395763&gjid=1132621475&_gid=4931597.1682341737&_u=CCCACEABBAAAACAAI~&z=1910062854

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.amazonfrontlines.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 24 Apr 2023 13:08:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.amazonfrontlines.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jquery-3.6.1.min.js Show response
code.jquery.com/ Frame 218E 88 KB
30 KB 42ms
12ms Script
application/javascript 2001:4de0:ac18::1:a:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.1.min.js
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Request headers

Referer: https://give.amazonfrontlines.org/
Origin: https://give.amazonfrontlines.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 13:08:59 GMT
content-encoding: gzip
last-modified: Fri, 26 Aug 2022 17:36:05 GMT
server: nginx
etag: W/"63090485-15e40"
vary: Accept-Encoding
x-hw: 1682341739.dop263.fr8.t,1682341739.cds319.fr8.hn,1682341739.cds258.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30957

GET
H3 200 1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v12/ Frame 218E 28 KB
29 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Pttg83HX_SGhgqk2jovaqQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d081b1ed15a0074cf2cc7e574123fc85736ef6648ba45c5e6f5a446c9dcc849

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.amazonfrontlines.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 15:35:17 GMT
x-content-type-options: nosniff
age: 164022
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29156
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:01:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 15:35:17 GMT

GET
H3 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/ Frame 218E 27 KB
27 KB 12ms
12ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.amazonfrontlines.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 21:41:16 GMT
x-content-type-options: nosniff
age: 142063
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27428
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 21:41:16 GMT

GET
H2 200 862.9f44b58b-1.230.0.min.js Show response
js-agent.newrelic.com/ Frame 218E 9 KB
4 KB 8ms
7ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/862.9f44b58b-1.230.0.min.js
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f6859eb8f0f96a1493a47e0cab0144e6dba46b3c492042660dd5b02b6cec167b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: xRkMl8fpKmpkb8xSPDFwInKFtxpiLeiU
content-encoding: gzip
via: 1.1 varnish
date: Mon, 24 Apr 2023 13:08:59 GMT
x-amz-request-id: HNBB2NDAM6RJJYMC
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3583
x-amz-id-2: wZF07nlFupiKdKNkPZOAmbD9mJCGeQXD9C0YwAzsNaXukkFYYeQZm6OikEao7HVS2S75HSv+lKM=
x-served-by: cache-hhn-etou8220045-HHN
last-modified: Mon, 10 Apr 2023 17:14:03 GMT
server: AmazonS3
x-timer: S1682341740.981556,VS0,VE0
etag: "c4e5d826698f6566f247167a7565c832"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1097

GET
H2 200 page_view_event-aggregate.75812140-1.230.0.min.js Show response
js-agent.newrelic.com/ Frame 218E 10 KB
4 KB 10ms
9ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/page_view_event-aggregate.75812140-1.230.0.min.js
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3c124e8d5cc4a724c0cc1650bbb0c64f90f6cd00807ec75353423d6cb0880390

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: 7bfBjgjP9vhwGKyYNbxNdw69c7w6yepO
content-encoding: gzip
via: 1.1 varnish
date: Mon, 24 Apr 2023 13:08:59 GMT
x-amz-request-id: HNB02ZVV92QY39S0
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3954
x-amz-id-2: +JPOAXfBIVgayRjS5rW3EVGB3wTVny7ipKpN0i953HlDhsC7yQgZ95wP0l8SGw7wQ7NfL4wiD54=
x-served-by: cache-hhn-etou8220045-HHN
last-modified: Mon, 10 Apr 2023 17:14:03 GMT
server: AmazonS3
x-timer: S1682341740.982123,VS0,VE0
etag: "a4978f5fb64e86334a1dbb282220c851"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1100

GET
H2 200 page_view_timing-aggregate.9590bdab-1.230.0.min.js Show response
js-agent.newrelic.com/ Frame 218E 12 KB
5 KB 9ms
8ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/page_view_timing-aggregate.9590bdab-1.230.0.min.js
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ffa12a66b77bcb1fc0cc691ed439b877e084a91bd9f5537e651306fcf6246049

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: Fq.2FKw4tsY9sm_ft7J67YTmHBEmGUpk
content-encoding: gzip
via: 1.1 varnish
date: Mon, 24 Apr 2023 13:08:59 GMT
x-amz-request-id: HNBB5CKEPRRQEC0E
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 4624
x-amz-id-2: DwTPFkNRzLROIf4onPfUKG5HS+Wm/ygQkg+zt7lfm0FgOjTfzjdkq8KExtrKIllLe319K3adQ9Q=
x-served-by: cache-hhn-etou8220045-HHN
last-modified: Mon, 10 Apr 2023 17:14:03 GMT
server: AmazonS3
x-timer: S1682341740.981893,VS0,VE0
etag: "2357140ba2b3c410d01d12937c6269d8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1092

GET
H2 200 metrics-aggregate.20a08804-1.230.0.min.js Show response
js-agent.newrelic.com/ Frame 218E 4 KB
2 KB 8ms
8ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/metrics-aggregate.20a08804-1.230.0.min.js
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9b1fb531c79eb8ce9a6e9f833b9de4a43be31458e9a999dcced9147e0176d601

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: Ue3teI4xiVp879tlCKhGPbDuwtTRksP9
content-encoding: gzip
via: 1.1 varnish
date: Mon, 24 Apr 2023 13:08:59 GMT
x-amz-request-id: HNBCWR8BPBMBPTHK
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1593
x-amz-id-2: mJ3/PRO8pXB363/JL+nC1+zkpcLG3i0dTjR0dXZutrKubkDO939WIcy+S4pPvXf9ETjTpWN1PEI=
x-served-by: cache-hhn-etou8220045-HHN
last-modified: Mon, 10 Apr 2023 17:14:03 GMT
server: AmazonS3
x-timer: S1682341740.981888,VS0,VE0
etag: "2b4287467d6e1c411110556d75fe617a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1105

GET
H2 200 jserrors-aggregate.9136a849-1.230.0.min.js Show response
js-agent.newrelic.com/ Frame 218E 7 KB
3 KB 9ms
8ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/jserrors-aggregate.9136a849-1.230.0.min.js
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 04183289430803326acd6b1535457d8196284cb67186adb767c506c8c69a0fb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: v5HVEhCBGcej47AYKf5XScCvsKds85Ry
content-encoding: gzip
via: 1.1 varnish
date: Mon, 24 Apr 2023 13:08:59 GMT
x-amz-request-id: HNBATQ1JR1BAHYGM
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2699
x-amz-id-2: PPyZARr9I8ARWSIfPCenWibMuBPxsf1f0qDY3NfSx5Bmqfh98ZU71bstWRLm0vMZHWc1h9GCt9s=
x-served-by: cache-hhn-etou8220045-HHN
last-modified: Mon, 10 Apr 2023 17:14:03 GMT
server: AmazonS3
x-timer: S1682341740.982803,VS0,VE0
etag: "105c0b07033e97d2ad5192f22cd2b7be"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 720

GET
H2 200 ajax-aggregate.bcd562bf-1.230.0.min.js Show response
js-agent.newrelic.com/ Frame 218E 5 KB
3 KB 9ms
8ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/ajax-aggregate.bcd562bf-1.230.0.min.js
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 46989843cf6db9b279fe42b1ad1f76e09e30eabc768be16ea6c6bb2f94c67883

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: RGeelkGAT7YETe4MVmUoI6TYFjMgjsll
content-encoding: gzip
via: 1.1 varnish
date: Mon, 24 Apr 2023 13:08:59 GMT
x-amz-request-id: HNB4BYHGSS2T1QRY
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2158
x-amz-id-2: R17AlcWb33n9rc0kCPO+oACLbgm2c5CWyoJgOhlVTFG1xrgUMTXrNGGiN9JRS4IhpqIDOJfG2pw=
x-served-by: cache-hhn-etou8220045-HHN
last-modified: Mon, 10 Apr 2023 17:14:03 GMT
server: AmazonS3
x-timer: S1682341740.983650,VS0,VE0
etag: "9a50be0680ff4e93b2870bc5fa243b5e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 726

GET
H2 200 session_trace-aggregate.6e2218bf-1.230.0.min.js Show response
js-agent.newrelic.com/ Frame 218E 8 KB
3 KB 8ms
8ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/session_trace-aggregate.6e2218bf-1.230.0.min.js
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6bd0f25f74142536db572062ff1ca9e9e244a02c45bf8a1218198553e95bea0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: wKHTxgUg_rL30Au_du4y9trU9sbfu0Pz
content-encoding: gzip
via: 1.1 varnish
date: Mon, 24 Apr 2023 13:08:59 GMT
x-amz-request-id: HNBFFXR930Q6C32V
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3156
x-amz-id-2: LwLaloBF/xhjUwnIEPoZOxB/ECYW83aI9Jk5N3HTUML77w+IPsNzKOKk04KaKbJzFzYlhlngDK0=
x-served-by: cache-hhn-etou8220045-HHN
last-modified: Mon, 10 Apr 2023 17:14:03 GMT
server: AmazonS3
x-timer: S1682341740.983610,VS0,VE0
etag: "309bc51447ad3ded6e5673698a4b93ed"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 717

GET
H2 200 page_action-aggregate.4d79b951-1.230.0.min.js Show response
js-agent.newrelic.com/ Frame 218E 2 KB
1 KB 10ms
9ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/page_action-aggregate.4d79b951-1.230.0.min.js
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 51e416712f2a66c0f2abf8fc2ea4d86df45109a57406156a6ebec14c8138d626

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: 8oQqhsOKIgpIXbVO2KdHKF_AsgqpQxSV
content-encoding: gzip
via: 1.1 varnish
date: Mon, 24 Apr 2023 13:08:59 GMT
x-amz-request-id: HNB3JPAGXS67EK2R
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 983
x-amz-id-2: Q+Wbikj4EurPDIy/fcq9xLzqrzozneugSmndA6A7Jp/9Cyat0+36qiDcJIaBKGdv5PIlEpM3ZK8=
x-served-by: cache-hhn-etou8220045-HHN
last-modified: Mon, 10 Apr 2023 17:14:03 GMT
server: AmazonS3
x-timer: S1682341740.983944,VS0,VE0
etag: "127fe6773a93cca9c6fdbb5ff34d7655"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 720

GET
H2 200 spa-aggregate.6c038a0a-1.230.0.min.js Show response
js-agent.newrelic.com/ Frame 218E 18 KB
7 KB 10ms
10ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/spa-aggregate.6c038a0a-1.230.0.min.js
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 23a830983184102217d5b0f0c01a3ab5f209589914d062cea8fca5dc5d760807

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: _4Kn2_cGnPPNvz5HfVPRzHsDfN15Qlzi
content-encoding: gzip
via: 1.1 varnish
date: Mon, 24 Apr 2023 13:08:59 GMT
x-amz-request-id: HNB9NFBN57NGCNBR
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 6462
x-amz-id-2: slpa04kY53l07ctrldOVycVNqQwDSBW4ZkL7zVUp/pUDqBtcvPyOPZw/GrZg54cgPXv1SkK+yRE=
x-served-by: cache-hhn-etou8220045-HHN
last-modified: Mon, 10 Apr 2023 17:14:03 GMT
server: AmazonS3
x-timer: S1682341740.983953,VS0,VE0
etag: "a224e9f0f0bf1b8714e924a6fe9c4bcd"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 534

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/d87d581f/www-widgetapi.vflset/ Frame 218E 184 KB
62 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d87d581f/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb316b7543de09693b789a31a3cf23d39272ca8a14c2720bd69c2a1eec6c4d23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 13:01:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 473
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63257
x-xss-protection: 0
last-modified: Wed, 19 Apr 2023 02:50:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 23 Apr 2024 13:01:06 GMT

GET
H/1.1 200
OK widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html Show response
platform.twitter.com/widgets/ Frame F886 320 KB
104 KB 9ms
9ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fgive.amazonfrontlines.org
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6795) /
Resource Hash: 4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer: https://give.amazonfrontlines.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 3428173
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105435
Content-Type: text/html; charset=utf-8
Date: Mon, 24 Apr 2023 13:08:59 GMT
Etag: "95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6795)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

POST
H2 200 csp-report
q.stripe.com/ Frame CE6E 0
489 B 282ms
188ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 24 Apr 2023 13:09:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682341740181697
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 0
x-stripe-client-envoy-start-time-us: 1682341740181219
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H3 200 ga-audiences
www.google.com/ads/ Frame 218E 42 B
63 B 41ms
38ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-163699844-1&cid=244419417.1682341737&jid=838395763&_u=CCCACEABBAAAACAAI~&z=958477847

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 13:09:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ Frame 218E 42 B
107 B 38ms
34ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-163699844-1&cid=244419417.1682341737&jid=838395763&_u=CCCACEABBAAAACAAI~&z=958477847

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 13:09:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame 218E 35 B
55 B 8ms
8ms Image
image/gif 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1163752989&t=timing&_s=7&dl=https%3A%2F%2Fgive.amazonfrontlines.org%2Fgive%2F313372%2F&dr=https%3A%2F%2Famazonfrontlines.org%2F&ul=en-us&de=UTF-8&dt=Donate%20to%20Frontlines%20Challenge&sd=24-bit&sr=1600x1200&vp=420x620&je=0&utc=TT%3A%20fully%20loaded&utv=fresh&utl=1682341739401&utt=3058&_u=SCCACEABBAAAACAAI~&jid=&gjid=&cid=244419417.1682341737&tid=UA-3837893-1&_gid=4931597.1682341737&cd1=67405&cd2=Classy%20Pay&cd3=0&cd4=crowdfunding&cd5=313372&cd6=campaign&cd11=recurring%20optimization&z=502875045

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 02:12:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 39414
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame CE6E 86 KB
16 KB 7ms
7ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Mon, 24 Apr 2023 13:09:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 varnish
age: 239
x-cache: HIT
content-length: 16031
x-request-id: 9e2a0391-d5f2-44ca-aeb3-76bc3b475721
x-served-by: cache-fra-eddf8230059-FRA
server: Fastly
x-timer: S1682341740.026758,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 213

GET
H2 200 settings Show response
syndication.twitter.com/ Frame F886 663 B
604 B 146ms
116ms Fetch
application/json 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=52a34a7ed4fc4fe30e3ce346c5a7b1fae5ae6417

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fgive.amazonfrontlines.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

92747742b0d05de841880d3cad6550593fa08692d26fe086e15d4a5696606a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-response-time: 106
date: Mon, 24 Apr 2023 13:09:00 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Mon, 24 Apr 2023 13:09:00 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: cc7c6130334b516e
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: 61891aa626210d2c24e5c2d8a6fd9427a90101e544c1e5b42e5f93fb706aea51
content-length: 284

GET
H2 200 iframeResizer-6bb8ec1b02.js Show response
give.amazonfrontlines.org/sso/ssobuild/js/ Frame 218E 22 KB
7 KB 26ms
25ms XHR
application/javascript 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.amazonfrontlines.org/sso/ssobuild/js/iframeResizer-6bb8ec1b02.js

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb92a1ef1cf264bb8eea72c2931c0792c88263258e00e86de118bdd5f1aae997

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-20c4d601209816f9----1682341740077
traceparent: 00-d8711bb100172f5343a4b137f58b3a00-20c4d601209816f9-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIyMGM0ZDYwMTIwOTgxNmY5IiwidHIiOiJkODcxMWJiMTAwMTcyZjUzNDNhNGIxMzdmNThiM2EwMCIsInRpIjoxNjgyMzQxNzQwMDc3fX0=
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://give.amazonfrontlines.org/give/313372/
X-Requested-With: XMLHttpRequest

Response headers

date: Mon, 24 Apr 2023 13:09:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 18 Apr 2023 17:59:18 GMT
cf-bgj: minify
server: cloudflare
age: 323430
etag: W/"643eda76-893d"
cf-polished: origSize=35133
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-ray: 7bce9403790a926b-FRA
expires: Fri, 19 Apr 2024 19:18:30 GMT

GET
H/1.1 200
OK 67fe2a1b26 Show response
bam.nr-data.net/1/ Frame 218E 49 B
532 B 311ms
241ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/67fe2a1b26?a=363721230&v=1.230.0&to=ZV0HYUJUCEYEU0QLC1wXIE1ARwNGFlpDTSN3bEoaV1wQUEoKUwMJQlkMUl58Ah8%3D&rst=3184&ck=0&s=792bb35b16ced7da&ref=https://give.amazonfrontlines.org/give/313372/&ap=220.165119&be=1651&fe=286&dc=263&tt=7ea6f68c4e4b5291&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1682341736914,%22n%22:0,%22f%22:845,%22dn%22:846,%22dne%22:884,%22c%22:884,%22s%22:891,%22ce%22:993,%22rq%22:994,%22rp%22:1651,%22rpe%22:1832,%22dl%22:1655,%22di%22:1835,%22ds%22:1914,%22de%22:1914,%22dc%22:1914,%22l%22:1914,%22le%22:1936%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 13:09:00 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
CF-Ray: 7bce94040b013664-FRA

GET
H2 200 controller-da48732248638df288726a142b6e91f4.html Show response
js.stripe.com/v3/ Frame 1DA1 325 B
1 KB 12ms
11ms Document
text/html 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-da48732248638df288726a142b6e91f4.html

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

106e4667e7886cd358211fd6ce897e3ceeca0003bac487d9986a64da601ca601

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.amazonfrontlines.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 8
cache-control: max-age=60
content-length: 325
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 24 Apr 2023 13:08:56 GMT
etag: "da48732248638df288726a142b6e91f4"
last-modified: Fri, 21 Apr 2023 20:08:23 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
x-amz-cf-id: RZe7EZiEfndr7Fe2RSCf7iH9ZkeL0E0F7jadt3ZubJnqWTvFGyvKCg==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 payment-request-inner-google-pay-4df80cebba232da48dbcd6f848e79d2f.html Show response
js.stripe.com/v3/ Frame A31B 408 B
1 KB 13ms
13ms Document
text/html 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-4df80cebba232da48dbcd6f848e79d2f.html

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

42da9879df79b772af2ce2bf1a55a86438f777028bfc9d22ab625e5d1f22362a

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.amazonfrontlines.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 3120
cache-control: max-age=31536000
content-length: 408
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 24 Apr 2023 12:17:01 GMT
etag: "4df80cebba232da48dbcd6f848e79d2f"
last-modified: Fri, 21 Apr 2023 20:08:36 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
x-amz-cf-id: wlw9HwhLegiPWp8sQhSPFXZkvoFOG9VjUzC089Lwy0hKW7R5tJFZaQ==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 payment-request-inner-browser-dea8b7bde353fc0f17cd521e4527bbab.html Show response
js.stripe.com/v3/ Frame B219 344 B
1 KB 14ms
13ms Document
text/html 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-dea8b7bde353fc0f17cd521e4527bbab.html

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

8c5962cd04b24babf8108ffd61a518f18c2bd86aef0d9d02fa0a6a6f939d2858

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.amazonfrontlines.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 47
cache-control: max-age=60
content-length: 344
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 24 Apr 2023 13:08:17 GMT
etag: "dea8b7bde353fc0f17cd521e4527bbab"
last-modified: Fri, 21 Apr 2023 20:08:36 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
x-amz-cf-id: EMJPOmUZMyX1vumIKYBoUXm1F-n13yZF4RGGUG1vfZ7rhepEK7hnsQ==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 6 Show response
m.stripe.com/ Frame CE6E 156 B
669 B 587ms
187ms XHR
application/json 52.42.94.138

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.42.94.138 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

696b52ea04ef71ff87bf17e66f80a482f72fe6f63469f1eed0da4345c74c09a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Mon, 24 Apr 2023 13:09:00 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682341740684457
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1682341740684165
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 status Show response
give.amazonfrontlines.org/sso/ Frame 218E 90 B
1 KB 150ms
145ms XHR
application/javascript 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.amazonfrontlines.org/sso/status?client_id=hkDllBPffAW7sKhdYbpNc5PrwMIVbh&callback=jQuery361023875252289364046_1682341740076&_=1682341740077

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cc928714a5c9f6a5b87e6cf5d0493b41c859d25f626e3f7a0ec9ff9fa1e8971

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-3803a088487b7dc0----1682341740204
traceparent: 00-e60e5fec8c6b105fef0c96fc63ae3040-3803a088487b7dc0-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIzODAzYTA4ODQ4N2I3ZGMwIiwidHIiOiJlNjBlNWZlYzhjNmIxMDVmZWYwYzk2ZmM2M2FlMzA0MCIsInRpIjoxNjgyMzQxNzQwMjA0fX0=
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://give.amazonfrontlines.org/give/313372/
X-Requested-With: XMLHttpRequest

Response headers

date: Mon, 24 Apr 2023 13:09:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
p3p: CP="Classy does not have a P3P policy."
content-type: application/javascript; charset=utf-8
cache-control: no-cache, private
cf-ray: 7bce940449e7926b-FRA
x-xss-protection: 1; mode=block

POST
H2 200 csp-report
q.stripe.com/ Frame 1DA1 0
716 B 185ms
182ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 24 Apr 2023 13:09:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682341740293752
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1682341740293421
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 1DA1 403 KB
88 KB 18ms
15ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-da48732248638df288726a142b6e91f4.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

1291012d74c10f8b6a72bb1fddddbe566b7f90af474dc3b470d0876896d3f365

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-da48732248638df288726a142b6e91f4.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 24 Apr 2023 12:11:04 GMT
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 3528
x-cache: Hit from cloudfront
last-modified: Fri, 21 Apr 2023 20:08:35 GMT
server: Cloudfront
etag: W/"e03289b7ee1aec82902e21b622541f44"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: IJNkXrVRm6ZozZdZis0BX0Fq9ZjaYzTBNiBkCBVViRAsfsskET1Ndg==

GET
H2 200 controller-43e51077eca1d80728869bb0659d3c1a.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 1DA1 448 KB
111 KB 24ms
22ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-43e51077eca1d80728869bb0659d3c1a.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-da48732248638df288726a142b6e91f4.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

9818d0989f4b538a42d1701d5f4ce58b7892164aa53cb9a9597cab6d74f84f9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-da48732248638df288726a142b6e91f4.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 24 Apr 2023 12:10:16 GMT
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 3528
x-cache: Hit from cloudfront
last-modified: Fri, 21 Apr 2023 20:08:33 GMT
server: Cloudfront
etag: W/"a1f071644b409fdecffbd51d56493eff"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 6p8I-cAFPZnoww9DrORarjHePz3CflJfVWm9PzsjIfsnlAgdTVhTWw==

POST
H2 200 csp-report
q.stripe.com/ Frame A31B 0
718 B 273ms
273ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 24 Apr 2023 13:09:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682341740361908
x-envoy-upstream-service-time: 24
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 20
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1682341740361302
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame A31B 0
717 B 262ms
262ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 24 Apr 2023 13:09:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682341740362786
x-envoy-upstream-service-time: 10
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 7
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1682341740361327
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame A31B 115 KB
35 KB 131ms
67ms Script
application/javascript 2a00:1450:400c:c09::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-4df80cebba232da48dbcd6f848e79d2f.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

db9aa809494d9ff4fd4154129666d07d48c0504aef71cbc9f4d85fd3d589a51f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-a3yPIV_lNrKr3UpTWeednA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 13:09:00 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-a3yPIV_lNrKr3UpTWeednA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="InstantbuyFrontendHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"InstantbuyFrontendHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendHttp/external"}]}
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 24 Apr 2023 13:09:00 GMT

GET
H2 200 shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame A31B 403 KB
88 KB 32ms
32ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-4df80cebba232da48dbcd6f848e79d2f.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

1291012d74c10f8b6a72bb1fddddbe566b7f90af474dc3b470d0876896d3f365

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-4df80cebba232da48dbcd6f848e79d2f.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 24 Apr 2023 12:11:04 GMT
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 3528
x-cache: Hit from cloudfront
last-modified: Fri, 21 Apr 2023 20:08:35 GMT
server: Cloudfront
etag: W/"e03289b7ee1aec82902e21b622541f44"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: -34LF7nhzxyCh-IIXPIzY-7CDvSzmtGLQzauw_iZoYVUO57CIBbt8A==

GET
H2 200 payment-request-inner-google-pay-5d5a3c151af88301237c52da1ab3e7f0.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame A31B 10 KB
4 KB 11ms
9ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-5d5a3c151af88301237c52da1ab3e7f0.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-4df80cebba232da48dbcd6f848e79d2f.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

c54dcc32bde6c85debc63110e0f15ae9bd336f25ef7e0aa319ce66cb0d25d2af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-4df80cebba232da48dbcd6f848e79d2f.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 24 Apr 2023 12:44:34 GMT
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1557
x-cache: Hit from cloudfront
last-modified: Wed, 19 Apr 2023 17:04:04 GMT
server: Cloudfront
etag: W/"dba01fde288d91c82ecd5576e4d03f36"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: uXzqhhwqEFi8GCNJiP8Y0s2jFVucqJ45IyR_HVaPnB6rJzwk_JTlLg==

POST
H2 200 csp-report
q.stripe.com/ Frame B219 0
716 B 255ms
254ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 24 Apr 2023 13:09:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682341740363005
x-envoy-upstream-service-time: 9
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1682341740361356
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame B219 0
716 B 253ms
252ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 24 Apr 2023 13:09:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682341740364090
x-envoy-upstream-service-time: 8
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 4
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1682341740361998
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame B219 403 KB
88 KB 35ms
34ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-dea8b7bde353fc0f17cd521e4527bbab.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

1291012d74c10f8b6a72bb1fddddbe566b7f90af474dc3b470d0876896d3f365

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-dea8b7bde353fc0f17cd521e4527bbab.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 24 Apr 2023 12:11:04 GMT
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 3528
x-cache: Hit from cloudfront
last-modified: Fri, 21 Apr 2023 20:08:35 GMT
server: Cloudfront
etag: W/"e03289b7ee1aec82902e21b622541f44"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: ASkaQv3S6HaUEH9OouWrukCKPO-8-_lVhtP7jxVkz6plHj8BdRiAJA==

GET
H2 200 payment-request-inner-browser-3d77ea43e56092c1a202e54c77f1ec59.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame B219 11 KB
5 KB 37ms
37ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-3d77ea43e56092c1a202e54c77f1ec59.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-dea8b7bde353fc0f17cd521e4527bbab.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

8ae6dc26c68d8933cb92ca7c37f0905a07af7c7e9df8aca254d5e7cae6d7bad7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-dea8b7bde353fc0f17cd521e4527bbab.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 24 Apr 2023 13:04:36 GMT
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 361
x-cache: Hit from cloudfront
last-modified: Tue, 21 Mar 2023 17:03:35 GMT
server: Cloudfront
etag: W/"b98a0c1ae5833e6240aeebbd9d197cd1"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 8IPuz-FFXq5Q1Sslg8U5U26ZxG1IFq5CbeV6RG8ykYMPFTnxVStocA==

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 1DA1 474 B
862 B 35ms
12ms Fetch
application/json 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-99.fra6.r.cloudfront.net
Software: Cloudfront /
Resource Hash: 490615ad51366c681f7127d4e30a49c517e33c80c056b522eadc334dd7269df9

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-da48732248638df288726a142b6e91f4.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 24 Apr 2023 13:08:13 GMT
via: 1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
last-modified: Fri, 21 Apr 2023 20:38:06 GMT
server: Cloudfront
x-amz-cf-pop: FRA6-C1
age: 47
etag: "47262d288b15bdcc2c90fc82bc70e59a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: WGT8PROg2xH0_qnomon3J4mua1n083rcQLsJDHgQH8rtN2asUPqaBA==

GET
H2 200 wallet-config Show response
merchant-ui-api.stripe.com/elements/ Frame 1DA1 1 KB
2 KB 381ms
221ms Fetch
application/json 18.202.131.124

General

Check archive.org

Show headers Download Go to

Full URL

https://merchant-ui-api.stripe.com/elements/wallet-config?key=pk_live_h5ocNWNpicLCfBJvLialXsb900SaJnJscz&request_surface=web_elements_controller&stripe_js_id=078bf0b9-794f-48c0-ab9a-884e996a1fa9

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.202.131.124 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

d33d384e2dbefbefb155b543483484924ea5a4f8d4ab28bba0aca7c9f8231a5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 24 Apr 2023 13:09:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682341740588730
content-length: 1126
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
access-control-max-age: 300
access-control-allow-methods: GET, POST, HEAD, OPTIONS, DELETE
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 54
access-control-expose-headers: Request-Id, Stripe-Manage-Version, X-Stripe-External-Auth-Required, X-Stripe-Privileged-Session-Required
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-stripe-client-envoy-start-time-us: 1682341740588061
timing-allow-origin: https://js.stripe.com
x-robots-tag: none
expires: 0

GET
H2 200 h
heapanalytics.com/ Frame 218E 37 B
283 B 107ms
106ms Image
image/gif 34.231.49.196
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1566116007&u=813113933522097&v=4054604701673755&s=6293430835976536&b=web&tv=4.0&sp=r&sp=https%3A%2F%2Famazonfrontlines.org%2F&sp=ts&sp=1682341739702&sp=d&sp=give.amazonfrontlines.org&sp=h&sp=%2Fgive%2F313372%2F&sp=g&sp=%23!%2Fdonation%2Fcheckout%3Fc_src%3Dweb%26c_src2%3Dhome%26eg%3Dtrue%26egp%3Ddo&pp=d&pp=give.amazonfrontlines.org&pp=h&pp=%2Fgive%2F313372%2F&pp=g&pp=%23!%2Fdonation%2Fcheckout%3Fc_src%3Dweb%26c_src2%3Dhome%26eg%3Dtrue%26egp%3Ddo&pp=t&pp=Donate%20to%20Frontlines%20Challenge&pp=ts&pp=1682341739702&id0=1696743065954334&k0=environment&k0=prod&k0=organization_id&k0=67405&k0=campaign&k0=313372&k0=campaign_type&k0=crowdfunding&k0=duplicate_fundraisers&k0=false&k0=existing_fundraiser&k0=false&k0=page&k0=%2Fgive%2F313372%2F%23!%2Fdonation%2Fcheckout%3Fc_src%3Dweb%26c_src2%3Dhome%26eg%3Dtrue%26egp%3Ddo&k0=title&k0=Donation%20Page&k0=userAgent&k0=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F112.0.5615.121%20Safari%2F537.36&k0=event_id&k0=1682341740.102730949124&k0=environment&k0=prod&k0=is_public&k0=true&t0=Page%20View&ts0=1682341740376&st=1682341740376

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.231.49.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-231-49-196.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 13:09:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
access-control-allow-origin: *
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 controller-da48732248638df288726a142b6e91f4.html Show response
js.stripe.com/v3/ Frame 7F91 325 B
1 KB 11ms
10ms Document
text/html 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-da48732248638df288726a142b6e91f4.html

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

106e4667e7886cd358211fd6ce897e3ceeca0003bac487d9986a64da601ca601

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.amazonfrontlines.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 8
cache-control: max-age=60
content-length: 325
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 24 Apr 2023 13:08:56 GMT
etag: "da48732248638df288726a142b6e91f4"
last-modified: Fri, 21 Apr 2023 20:08:23 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
x-amz-cf-id: MbO76i66Zm9Lu14blYHsyT3K6v88-karph_MbvCHIidZ8qkq1VlPuw==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 payment-request-inner-google-pay-4df80cebba232da48dbcd6f848e79d2f.html Show response
js.stripe.com/v3/ Frame 1206 408 B
1 KB 11ms
11ms Document
text/html 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-4df80cebba232da48dbcd6f848e79d2f.html

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

42da9879df79b772af2ce2bf1a55a86438f777028bfc9d22ab625e5d1f22362a

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.amazonfrontlines.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 3120
cache-control: max-age=31536000
content-length: 408
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 24 Apr 2023 12:17:01 GMT
etag: "4df80cebba232da48dbcd6f848e79d2f"
last-modified: Fri, 21 Apr 2023 20:08:36 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
x-amz-cf-id: BezLFWqWsoHa1u9NaYObNF1RQiRjv5jZrX0EUtVToTjKZPiuYioxYg==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 payment-request-inner-browser-dea8b7bde353fc0f17cd521e4527bbab.html Show response
js.stripe.com/v3/ Frame 2238 344 B
1 KB 12ms
11ms Document
text/html 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-dea8b7bde353fc0f17cd521e4527bbab.html

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

8c5962cd04b24babf8108ffd61a518f18c2bd86aef0d9d02fa0a6a6f939d2858

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.amazonfrontlines.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 47
cache-control: max-age=60
content-length: 344
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 24 Apr 2023 13:08:17 GMT
etag: "dea8b7bde353fc0f17cd521e4527bbab"
last-modified: Fri, 21 Apr 2023 20:08:36 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
x-amz-cf-id: gt8UP5iNOUx46Y-VxhWNrWvkHMzMmcPrx6bc-4fqCBhgHlIyCw9zEQ==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H3 200 collect
www.google-analytics.com/ Frame 218E 35 B
55 B 8ms
7ms Image
image/gif 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1163752989&t=pageview&_s=8&dl=https%3A%2F%2Fgive.amazonfrontlines.org%2Fgive%2F313372%2F&dr=https%3A%2F%2Famazonfrontlines.org%2F&dp=%2Fgive%2F313372%2F%23!%2Fdonation%2Fcheckout%3Fc_src%3Dweb%26c_src2%3Dhome%26eg%3Dtrue%26egp%3Ddo&ul=en-us&de=UTF-8&dt=Donation%20Page&sd=24-bit&sr=1600x1200&vp=420x620&je=0&_u=SCCACEABBAAAACACI~&jid=&gjid=&cid=244419417.1682341737&tid=UA-3837893-1&_gid=4931597.1682341737&cd1=67405&cd2=Classy%20Pay&cd3=0&cd4=crowdfunding&cd5=313372&cd6=campaign&cd11=recurring%20optimization&z=1952048023

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 02:12:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 39414
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame 218E 35 B
55 B 8ms
8ms Image
image/gif 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1163752989&t=pageview&_s=2&dl=https%3A%2F%2Fgive.amazonfrontlines.org%2Fgive%2F313372%2F&dr=https%3A%2F%2Famazonfrontlines.org%2F&dp=%2Fgive%2F313372%2F%23!%2Fdonation%2Fcheckout%3Fc_src%3Dweb%26c_src2%3Dhome%26eg%3Dtrue%26egp%3Ddo&ul=en-us&de=UTF-8&dt=Donation%20Page&sd=24-bit&sr=1600x1200&vp=420x620&je=0&_u=SCCACEABBAAAACACI~&jid=&gjid=&cid=244419417.1682341737&tid=UA-163699844-1&_gid=4931597.1682341737&z=171838858

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 02:12:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 39414
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 1DA1 0
274 B 243ms
215ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 13:09:00 GMT
x-stripe-server-envoy-start-time-us: 1682341740542206
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682341740541985
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 1DA1 0
274 B 212ms
184ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 13:09:00 GMT
x-stripe-server-envoy-start-time-us: 1682341740517873
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682341740517586
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 1DA1 0
274 B 215ms
188ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 13:09:00 GMT
x-stripe-server-envoy-start-time-us: 1682341740517756
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682341740517549
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 1DA1 0
274 B 241ms
214ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 13:09:00 GMT
x-stripe-server-envoy-start-time-us: 1682341740542019
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682341740541850
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 1DA1 0
274 B 212ms
185ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 13:09:00 GMT
x-stripe-server-envoy-start-time-us: 1682341740517731
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682341740517478
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 1DA1 0
274 B 216ms
190ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 13:09:00 GMT
x-stripe-server-envoy-start-time-us: 1682341740517374
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1682341740517275
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 1DA1 0
274 B 214ms
188ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 13:09:00 GMT
x-stripe-server-envoy-start-time-us: 1682341740517654
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682341740517426
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 1DA1 0
274 B 241ms
215ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 13:09:00 GMT
x-stripe-server-envoy-start-time-us: 1682341740541974
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1682341740541790
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 1DA1 0
274 B 241ms
216ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 13:09:00 GMT
x-stripe-server-envoy-start-time-us: 1682341740542197
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1682341740541925
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 1DA1 0
274 B 214ms
189ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 13:09:00 GMT
x-stripe-server-envoy-start-time-us: 1682341740518329
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682341740517661
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 1DA1 0
274 B 240ms
216ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 13:09:00 GMT
x-stripe-server-envoy-start-time-us: 1682341740542246
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1682341740542130
access-control-allow-credentials: true
content-length: 0

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 6C90 18 KB
8 KB 85ms
79ms Document
text/html 2a00:1450:400c:c09::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

464a6ba7d766705a6634206a559ba8930d2e85b12ff84ea839d81a7fe63a9abc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4WGnbFAQWsFzS3mzrexw3g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-4WGnbFAQWsFzS3mzrexw3g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin; report-to="InstantbuyFrontendBuyflowPayframeUi"
cross-origin-resource-policy: same-site
date: Mon, 24 Apr 2023 13:09:00 GMT
expires: Mon, 24 Apr 2023 13:09:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"InstantbuyFrontendBuyflowPayframeUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendBuyflowPayframeUi/external"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 1DA1 0
274 B 215ms
215ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 13:09:00 GMT
x-stripe-server-envoy-start-time-us: 1682341740542663
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682341740542306
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 1DA1 0
274 B 214ms
214ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 13:09:00 GMT
x-stripe-server-envoy-start-time-us: 1682341740542525
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682341740542349
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK 67fe2a1b26 Show response
bam.nr-data.net/events/1/ Frame 218E 24 B
413 B 255ms
255ms XHR
image/gif 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/67fe2a1b26?a=363721230&v=1.230.0&to=ZV0HYUJUCEYEU0QLC1wXIE1ARwNGFlpDTSN3bEoaV1wQUEoKUwMJQlkMUl58Ah8%3D&rst=3526&ck=0&s=792bb35b16ced7da&ref=https://give.amazonfrontlines.org/give/313372/
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://give.amazonfrontlines.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type: text/plain

Response headers

Date: Mon, 24 Apr 2023 13:09:00 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://give.amazonfrontlines.org
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 7bce9405bd713664-FRA
Content-Length: 24

POST
H2 200 csp-report
q.stripe.com/ Frame 7F91 0
716 B 459ms
458ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 24 Apr 2023 13:09:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682341740698078
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1682341740697910
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 7F91 403 KB
88 KB 18ms
17ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-da48732248638df288726a142b6e91f4.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

1291012d74c10f8b6a72bb1fddddbe566b7f90af474dc3b470d0876896d3f365

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-da48732248638df288726a142b6e91f4.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 24 Apr 2023 12:11:04 GMT
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 3528
x-cache: Hit from cloudfront
last-modified: Fri, 21 Apr 2023 20:08:35 GMT
server: Cloudfront
etag: W/"e03289b7ee1aec82902e21b622541f44"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: GvCgHQ-T83Pk_3y81iCH_yY2WE9p9oJBK1hK4m-CDhSc9vj7yR3hPA==

GET
H2 200 controller-43e51077eca1d80728869bb0659d3c1a.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 7F91 448 KB
111 KB 26ms
25ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-43e51077eca1d80728869bb0659d3c1a.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-da48732248638df288726a142b6e91f4.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

9818d0989f4b538a42d1701d5f4ce58b7892164aa53cb9a9597cab6d74f84f9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-da48732248638df288726a142b6e91f4.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 24 Apr 2023 12:10:16 GMT
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 3528
x-cache: Hit from cloudfront
last-modified: Fri, 21 Apr 2023 20:08:33 GMT
server: Cloudfront
etag: W/"a1f071644b409fdecffbd51d56493eff"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: dUfuJLFlJ0IG_4UNdeibCv9MmFwvD9OV6p7Ee-TOjAzmCz-3hdEGxQ==

POST
H2 200 csp-report
q.stripe.com/ Frame 1206 0
716 B 458ms
458ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 24 Apr 2023 13:09:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682341740699247
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1682341740698062
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 1206 0
716 B 458ms
458ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 24 Apr 2023 13:09:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682341740702163
x-envoy-upstream-service-time: 5
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1682341740698089
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame 1206 115 KB
34 KB 71ms
71ms Script
application/javascript 2a00:1450:400c:c09::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-4df80cebba232da48dbcd6f848e79d2f.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

db9aa809494d9ff4fd4154129666d07d48c0504aef71cbc9f4d85fd3d589a51f

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-O9hGV-Cc0Xhasnd1v7eIsQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 13:09:00 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-O9hGV-Cc0Xhasnd1v7eIsQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="InstantbuyFrontendHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"InstantbuyFrontendHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendHttp/external"}]}
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 24 Apr 2023 13:09:00 GMT

GET
H2 200 shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 1206 403 KB
88 KB 20ms
20ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-4df80cebba232da48dbcd6f848e79d2f.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

1291012d74c10f8b6a72bb1fddddbe566b7f90af474dc3b470d0876896d3f365

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-4df80cebba232da48dbcd6f848e79d2f.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 24 Apr 2023 12:11:04 GMT
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 3528
x-cache: Hit from cloudfront
last-modified: Fri, 21 Apr 2023 20:08:35 GMT
server: Cloudfront
etag: W/"e03289b7ee1aec82902e21b622541f44"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: sqPnfDOCae9KZlRM-ay9zQ30h8jOvc772iyrDwC3MNx2b7wH_Jnl_A==

GET
H2 200 payment-request-inner-google-pay-5d5a3c151af88301237c52da1ab3e7f0.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 1206 10 KB
4 KB 13ms
12ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-5d5a3c151af88301237c52da1ab3e7f0.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-4df80cebba232da48dbcd6f848e79d2f.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

c54dcc32bde6c85debc63110e0f15ae9bd336f25ef7e0aa319ce66cb0d25d2af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-4df80cebba232da48dbcd6f848e79d2f.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 24 Apr 2023 12:44:34 GMT
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1557
x-cache: Hit from cloudfront
last-modified: Wed, 19 Apr 2023 17:04:04 GMT
server: Cloudfront
etag: W/"dba01fde288d91c82ecd5576e4d03f36"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: bl4Y3DEBHlM8RAyC9X5QblSuFCBf6b0mllWbvywcnw7UWzD8XInXXA==

POST
H2 200 csp-report
q.stripe.com/ Frame 2238 0
716 B 450ms
450ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 24 Apr 2023 13:09:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682341740698637
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1682341740698070
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 2238 0
716 B 449ms
449ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 24 Apr 2023 13:09:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682341740698388
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1682341740698218
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 2238 403 KB
88 KB 48ms
47ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-dea8b7bde353fc0f17cd521e4527bbab.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

1291012d74c10f8b6a72bb1fddddbe566b7f90af474dc3b470d0876896d3f365

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-dea8b7bde353fc0f17cd521e4527bbab.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 24 Apr 2023 12:11:04 GMT
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 3528
x-cache: Hit from cloudfront
last-modified: Fri, 21 Apr 2023 20:08:35 GMT
server: Cloudfront
etag: W/"e03289b7ee1aec82902e21b622541f44"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 5j6JPrrPE8CNO3D_FPtf38qzGZqVsHWVPgq9iik2eG2ETP9wEdvw7A==

GET
H2 200 payment-request-inner-browser-3d77ea43e56092c1a202e54c77f1ec59.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 2238 11 KB
5 KB 47ms
46ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-3d77ea43e56092c1a202e54c77f1ec59.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-dea8b7bde353fc0f17cd521e4527bbab.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

8ae6dc26c68d8933cb92ca7c37f0905a07af7c7e9df8aca254d5e7cae6d7bad7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-dea8b7bde353fc0f17cd521e4527bbab.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 24 Apr 2023 13:04:36 GMT
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 361
x-cache: Hit from cloudfront
last-modified: Tue, 21 Mar 2023 17:03:35 GMT
server: Cloudfront
etag: W/"b98a0c1ae5833e6240aeebbd9d197cd1"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: DKNCkb3-IQE5EZsVuFtAC2puBhdzKusFpRdttiy4VF_24b4Dh3oCyA==

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 7F91 474 B
862 B 22ms
22ms Fetch
application/json 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-99.fra6.r.cloudfront.net
Software: Cloudfront /
Resource Hash: 490615ad51366c681f7127d4e30a49c517e33c80c056b522eadc334dd7269df9

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-da48732248638df288726a142b6e91f4.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 24 Apr 2023 13:08:13 GMT
via: 1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
last-modified: Fri, 21 Apr 2023 20:38:06 GMT
server: Cloudfront
x-amz-cf-pop: FRA6-C1
age: 47
etag: "47262d288b15bdcc2c90fc82bc70e59a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: 1Fmgssfiq4ydggQr6vW-ss5CfpD538N8I6gMBQGpX9T4NL4iwZq7ow==

GET
H2 200 wallet-config Show response
merchant-ui-api.stripe.com/elements/ Frame 7F91 1 KB
2 KB 241ms
238ms Fetch
application/json 18.202.131.124

General

Check archive.org

Show headers Download Go to

Full URL

https://merchant-ui-api.stripe.com/elements/wallet-config?key=pk_live_h5ocNWNpicLCfBJvLialXsb900SaJnJscz&request_surface=web_elements_controller&stripe_js_id=078bf0b9-794f-48c0-ab9a-884e996a1fa9

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.202.131.124 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

ff38bd9fe946a695a2e0c2f177099a5d4b705887c5aecef236bb5bbacda574d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 24 Apr 2023 13:09:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682341740674798
content-length: 1126
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
access-control-max-age: 300
access-control-allow-methods: GET, POST, HEAD, OPTIONS, DELETE
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 65
access-control-expose-headers: Request-Id, Stripe-Manage-Version, X-Stripe-External-Auth-Required, X-Stripe-Privileged-Session-Required
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-stripe-client-envoy-start-time-us: 1682341740673826
timing-allow-origin: https://js.stripe.com
x-robots-tag: none
expires: 0

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 6C90 2 KB
2 KB 127ms
126ms Other
text/html 2a00:1450:400c:c09::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c09::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 24 Apr 2023 13:09:00 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H3 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.W6VuNWHzdWY.es5.O/am=wPEAIA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/r... Frame 6C90 157 KB
55 KB 41ms
19ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.W6VuNWHzdWY.es5.O/am=wPEAIA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrihPFgSd5taCsgUFsIJLJb-0ulEtg/m=_b,_tp,_r

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d9df168924d6dea87277229a6f7c34a48f0d66420dfb654955f142271b01f5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 14:07:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169319
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56571
x-xss-protection: 0
last-modified: Wed, 19 Apr 2023 02:23:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sun, 21 Apr 2024 14:07:01 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 7F91 0
274 B 393ms
393ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 13:09:00 GMT
x-stripe-server-envoy-start-time-us: 1682341740712952
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1682341740712727
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 7F91 0
273 B 369ms
369ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 13:09:00 GMT
x-stripe-server-envoy-start-time-us: 1682341740713000
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682341740712880
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 7F91 0
273 B 369ms
369ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 13:09:00 GMT
x-stripe-server-envoy-start-time-us: 1682341740713212
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 1
x-stripe-client-envoy-start-time-us: 1682341740712939
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 7F91 0
274 B 369ms
369ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 13:09:00 GMT
x-stripe-server-envoy-start-time-us: 1682341740713286
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682341740713143
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 7F91 0
274 B 369ms
369ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 13:09:00 GMT
x-stripe-server-envoy-start-time-us: 1682341740713435
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682341740713297
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 7F91 0
274 B 396ms
395ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 13:09:00 GMT
x-stripe-server-envoy-start-time-us: 1682341740713495
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1682341740713384
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 7F91 0
274 B 369ms
368ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 13:09:00 GMT
x-stripe-server-envoy-start-time-us: 1682341740713621
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 1
x-stripe-client-envoy-start-time-us: 1682341740713434
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 7F91 0
274 B 394ms
394ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 13:09:00 GMT
x-stripe-server-envoy-start-time-us: 1682341740713607
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682341740713484
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 7F91 0
274 B 391ms
391ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 13:09:00 GMT
x-stripe-server-envoy-start-time-us: 1682341740713871
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682341740713568
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 7F91 0
274 B 390ms
390ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 13:09:00 GMT
x-stripe-server-envoy-start-time-us: 1682341740713883
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 1
x-stripe-client-envoy-start-time-us: 1682341740713685
access-control-allow-credentials: true
content-length: 0

GET
H3 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 52EC 18 KB
7 KB 76ms
76ms Document
text/html 2a00:1450:400c:c09::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c09::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab622ce173d66cab677bb316ef55df2c26059b840a81bc13f7e5fcfa4fa7997b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NhIo_XTmBT6Px5IM-pz46Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-NhIo_XTmBT6Px5IM-pz46Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin; report-to="InstantbuyFrontendBuyflowPayframeUi"
cross-origin-resource-policy: same-site
date: Mon, 24 Apr 2023 13:09:00 GMT
expires: Mon, 24 Apr 2023 13:09:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"InstantbuyFrontendBuyflowPayframeUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendBuyflowPayframeUi/external"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 7F91 0
274 B 371ms
371ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 13:09:00 GMT
x-stripe-server-envoy-start-time-us: 1682341740736708
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682341740736515
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 7F91 0
274 B 370ms
370ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 13:09:00 GMT
x-stripe-server-envoy-start-time-us: 1682341740737921
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 5
x-stripe-client-envoy-start-time-us: 1682341740737826
access-control-allow-credentials: true
content-length: 0

GET
H3 200 m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.W6VuNWHzdWY.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.t5Q... Frame 6C90 70 KB
26 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.W6VuNWHzdWY.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.t5QJuKv34C0.L.B1.O/am=wPEAIA/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrgkT6EExVl-suLLJzpEwvBwFOgFuA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;JsbNhc:Xd8iUd;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;Me32dd:MEeYgc;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/ujg=1/m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.W6VuNWHzdWY.es5.O/am=wPEAIA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrihPFgSd5taCsgUFsIJLJb-0ulEtg/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49f71b872543caf6c6fb6b4ca66572416ffd3b38ab9b14d73a2face8dc009317

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 23:05:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 137004
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26116
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 18:37:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sun, 21 Apr 2024 23:05:36 GMT

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 52EC 2 KB
2 KB 145ms
139ms Other
text/html 2a00:1450:400c:c09::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c09::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 24 Apr 2023 13:09:00 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H3 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.W6VuNWHzdWY.es5.O/am=wPEAIA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/r... Frame 52EC 157 KB
55 KB 18ms
15ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d9df168924d6dea87277229a6f7c34a48f0d66420dfb654955f142271b01f5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 14:07:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169319
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56571
x-xss-protection: 0
last-modified: Wed, 19 Apr 2023 02:23:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sun, 21 Apr 2024 14:07:01 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 6C90 1 MB
385 KB 108ms
106ms XHR
text/html 2a00:1450:400c:c09::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c09::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aef05e1af4c604a0a5ce9a0acb08aa61ae82fde87b3f53f5c378fad548d67507

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gMKHbyyzcW7WwsVa446RAQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 13:09:00 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-gMKHbyyzcW7WwsVa446RAQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none; report-to="InstantbuyFrontendBuyflowPayUi"
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
report-to: {"group":"InstantbuyFrontendBuyflowPayUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendBuyflowPayUi/external"}]}
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 24 Apr 2023 13:09:00 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 1DA1 0
274 B 257ms
256ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 13:09:00 GMT
x-stripe-server-envoy-start-time-us: 1682341740861080
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682341740860669
access-control-allow-credentials: true
content-length: 0

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.W6VuNWHzdWY.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.t5Q... Frame 6C90 23 KB
9 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.W6VuNWHzdWY.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.t5QJuKv34C0.L.B1.O/am=wPEAIA/d=1/exm=Das5Le,IZT63,PrPYRd,ZyYHPb,_b,_r,_tp,hc6Ubd,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrgkT6EExVl-suLLJzpEwvBwFOgFuA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;JsbNhc:Xd8iUd;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;Me32dd:MEeYgc;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/ujg=1/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

463c8cd998ec33964870ec77084a02d4e75ff30cb583167f3a2c4ac3fd95e645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 14:31:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 167870
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9377
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 18:37:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sun, 21 Apr 2024 14:31:10 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.W6VuNWHzdWY.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.t5Q... Frame 6C90 35 KB
13 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.W6VuNWHzdWY.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.t5QJuKv34C0.L.B1.O/am=wPEAIA/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,WhJNk,Wt6vjf,ZyYHPb,_b,_r,_tp,hc6Ubd,hhhU8,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrgkT6EExVl-suLLJzpEwvBwFOgFuA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;JsbNhc:Xd8iUd;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;Me32dd:MEeYgc;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/ujg=1/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2974aa7a01b564e60381fddb0c7dc35d24730f427a3d8e413e5ff66623e4f2ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 14:31:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 167870
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13523
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 18:37:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sun, 21 Apr 2024 14:31:10 GMT

POST
H3 200 log Show response
play.google.com/ Frame 6C90 131 B
155 B 103ms
62ms XHR
text/plain 2a00:1450:4001:827::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 24 Apr 2023 13:09:00 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 24 Apr 2023 13:09:00 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 118ms
49ms Preflight
text/plain 2a00:1450:4001:827::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 24 Apr 2023 13:09:00 GMT
expires: Mon, 24 Apr 2023 13:09:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 6C90 131 B
155 B 100ms
62ms XHR
text/plain 2a00:1450:4001:827::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 24 Apr 2023 13:09:00 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 24 Apr 2023 13:09:00 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 117ms
50ms Preflight
text/plain 2a00:1450:4001:827::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 24 Apr 2023 13:09:00 GMT
expires: Mon, 24 Apr 2023 13:09:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 6C90 131 B
155 B 100ms
61ms XHR
text/plain 2a00:1450:4001:827::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 24 Apr 2023 13:09:00 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 24 Apr 2023 13:09:00 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 115ms
49ms Preflight
text/plain 2a00:1450:4001:827::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 24 Apr 2023 13:09:00 GMT
expires: Mon, 24 Apr 2023 13:09:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 6C90 131 B
155 B 101ms
62ms XHR
text/plain 2a00:1450:4001:827::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 24 Apr 2023 13:09:00 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 24 Apr 2023 13:09:00 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 108ms
49ms Preflight
text/plain 2a00:1450:4001:827::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 24 Apr 2023 13:09:00 GMT
expires: Mon, 24 Apr 2023 13:09:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 1DA1 0
274 B 236ms
233ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 13:09:00 GMT
x-stripe-server-envoy-start-time-us: 1682341740877124
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682341740877049
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 1DA1 0
274 B 237ms
233ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 13:09:00 GMT
x-stripe-server-envoy-start-time-us: 1682341740877696
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682341740877009
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 1DA1 0
273 B 229ms
228ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 13:09:00 GMT
x-stripe-server-envoy-start-time-us: 1682341740881000
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682341740880700
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 1DA1 0
274 B 227ms
227ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 13:09:00 GMT
x-stripe-server-envoy-start-time-us: 1682341740883343
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682341740883149
access-control-allow-credentials: true
content-length: 0

POST
H3 200 log Show response
play.google.com/ Frame 6C90 131 B
155 B 60ms
21ms XHR
text/plain 2a00:1450:4001:827::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 24 Apr 2023 13:09:00 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 24 Apr 2023 13:09:00 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 96ms
50ms Preflight
text/plain 2a00:1450:4001:827::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 24 Apr 2023 13:09:00 GMT
expires: Mon, 24 Apr 2023 13:09:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 86ms
50ms Preflight
text/plain 2a00:1450:4001:827::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 24 Apr 2023 13:09:00 GMT
expires: Mon, 24 Apr 2023 13:09:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 6C90 131 B
155 B 100ms
62ms XHR
text/plain 2a00:1450:4001:827::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 24 Apr 2023 13:09:00 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 24 Apr 2023 13:09:00 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 1DA1 0
274 B 214ms
213ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 13:09:00 GMT
x-stripe-server-envoy-start-time-us: 1682341740907600
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682341740907060
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 1DA1 0
274 B 213ms
213ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 13:09:00 GMT
x-stripe-server-envoy-start-time-us: 1682341740907459
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682341740907157
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 1DA1 0
273 B 212ms
212ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 13:09:00 GMT
x-stripe-server-envoy-start-time-us: 1682341740907467
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1682341740907202
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 1DA1 0
274 B 210ms
210ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 13:09:00 GMT
x-stripe-server-envoy-start-time-us: 1682341740907456
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682341740907259
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 1DA1 0
274 B 205ms
203ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 13:09:00 GMT
x-stripe-server-envoy-start-time-us: 1682341740907826
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682341740907762
access-control-allow-credentials: true
content-length: 0

GET
H2 200 h
heapanalytics.com/ Frame 218E 37 B
283 B 115ms
112ms Image
image/gif 34.231.49.196
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1566116007&u=813113933522097&v=4054604701673755&s=6293430835976536&b=web&tv=4.0&sp=r&sp=https%3A%2F%2Famazonfrontlines.org%2F&sp=ts&sp=1682341739702&sp=d&sp=give.amazonfrontlines.org&sp=h&sp=%2Fgive%2F313372%2F&sp=g&sp=%23!%2Fdonation%2Fcheckout%3Fc_src%3Dweb%26c_src2%3Dhome%26eg%3Dtrue%26egp%3Ddo&pp=d&pp=give.amazonfrontlines.org&pp=h&pp=%2Fgive%2F313372%2F&pp=g&pp=%23!%2Fdonation%2Fcheckout%3Fc_src%3Dweb%26c_src2%3Dhome%26eg%3Dtrue%26egp%3Ddo&pp=t&pp=Donate%20to%20Frontlines%20Challenge&pp=ts&pp=1682341739702&id0=7132613335367924&k0=environment&k0=prod&k0=organization_id&k0=67405&k0=campaign&k0=313372&k0=campaign_type&k0=crowdfunding&k0=duplicate_fundraisers&k0=false&k0=existing_fundraiser&k0=false&k0=digitalWalletsLoaded&k0=true&k0=event_id&k0=1682341741.276959749727&t0=Donation%20Page%20-%20View%20Page%20-%20Digital%20Wallet&ts0=1682341740819&st=1682341740825

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.231.49.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-231-49-196.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 13:09:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
access-control-allow-origin: *
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 GooglePay-logo.svg
give.amazonfrontlines.org/static/global/images/digitalWallets/ Frame 218E 3 KB
1 KB 412ms
409ms Image
image/svg+xml 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://give.amazonfrontlines.org/static/global/images/digitalWallets/GooglePay-logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee8b513e01e58127f81cb40ae5909a16a8eb0f8185efa32fd0a9104a7deb2c78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/give/313372/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 13:09:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 18 Apr 2023 18:00:38 GMT
server: cloudflare
etag: W/"643edac6-b41"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7bce94083e3d926b-FRA
expires: Tue, 23 Apr 2024 13:09:01 GMT

GET
H3 200 m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.W6VuNWHzdWY.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.t5Q... Frame 52EC 70 KB
26 KB 25ms
23ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49f71b872543caf6c6fb6b4ca66572416ffd3b38ab9b14d73a2face8dc009317

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 23:05:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 137004
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26116
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 18:37:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sun, 21 Apr 2024 23:05:36 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 7F91 0
274 B 194ms
185ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 13:09:00 GMT
x-stripe-server-envoy-start-time-us: 1682341740949192
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 1
x-stripe-client-envoy-start-time-us: 1682341740948667
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 7F91 0
274 B 198ms
184ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 13:09:00 GMT
x-stripe-server-envoy-start-time-us: 1682341740954006
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682341740953911
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 7F91 0
274 B 200ms
186ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 13:09:00 GMT
x-stripe-server-envoy-start-time-us: 1682341740954462
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682341740953977
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 7F91 0
274 B 202ms
194ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 13:09:00 GMT
x-stripe-server-envoy-start-time-us: 1682341740962244
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682341740962004
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 7F91 0
274 B 274ms
266ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 13:09:00 GMT
x-stripe-server-envoy-start-time-us: 1682341740962582
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682341740962074
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 7F91 0
274 B 202ms
195ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 13:09:00 GMT
x-stripe-server-envoy-start-time-us: 1682341740962430
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682341740962144
access-control-allow-credentials: true
content-length: 0

GET
H2 200 h
heapanalytics.com/ Frame 218E 37 B
283 B 123ms
115ms Image
image/gif 34.231.49.196
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1566116007&u=813113933522097&v=4054604701673755&s=6293430835976536&b=web&tv=4.0&sp=r&sp=https%3A%2F%2Famazonfrontlines.org%2F&sp=ts&sp=1682341739702&sp=d&sp=give.amazonfrontlines.org&sp=h&sp=%2Fgive%2F313372%2F&sp=g&sp=%23!%2Fdonation%2Fcheckout%3Fc_src%3Dweb%26c_src2%3Dhome%26eg%3Dtrue%26egp%3Ddo&pp=d&pp=give.amazonfrontlines.org&pp=h&pp=%2Fgive%2F313372%2F&pp=g&pp=%23!%2Fdonation%2Fcheckout%3Fc_src%3Dweb%26c_src2%3Dhome%26eg%3Dtrue%26egp%3Ddo&pp=t&pp=Donate%20to%20Frontlines%20Challenge&pp=ts&pp=1682341739702&id0=8687880648092286&k0=environment&k0=prod&k0=organization_id&k0=67405&k0=campaign&k0=313372&k0=campaign_type&k0=crowdfunding&k0=duplicate_fundraisers&k0=false&k0=existing_fundraiser&k0=false&k0=digitalWalletsLoaded&k0=true&k0=event_id&k0=1682341741.767056731797&t0=Donation%20Page%20-%20View%20Page%20-%20Digital%20Wallet&ts0=1682341740874&st=1682341740874

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.231.49.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-231-49-196.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 13:09:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
access-control-allow-origin: *
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 52EC 1 MB
385 KB 73ms
72ms XHR
text/html 2a00:1450:400c:c09::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c09::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ad66531d81737c747271c0ee0ce77a29cf62e2241eba5c06d55f5edd973ca1de

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vev9IDMFQ5L9EayQ4_3PpA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 13:09:00 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-vev9IDMFQ5L9EayQ4_3PpA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none; report-to="InstantbuyFrontendBuyflowPayUi"
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
report-to: {"group":"InstantbuyFrontendBuyflowPayUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendBuyflowPayUi/external"}]}
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 24 Apr 2023 13:09:00 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.W6VuNWHzdWY.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.t5Q... Frame 52EC 23 KB
9 KB 20ms
16ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.W6VuNWHzdWY.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.t5QJuKv34C0.L.B1.O/am=wPEAIA/d=1/exm=Das5Le,IZT63,PrPYRd,ZyYHPb,_b,_r,_tp,hc6Ubd,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrgkT6EExVl-suLLJzpEwvBwFOgFuA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;JsbNhc:Xd8iUd;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;Me32dd:MEeYgc;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/ujg=1/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

463c8cd998ec33964870ec77084a02d4e75ff30cb583167f3a2c4ac3fd95e645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 14:31:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 167870
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9377
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 18:37:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sun, 21 Apr 2024 14:31:10 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.W6VuNWHzdWY.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.t5Q... Frame 52EC 35 KB
13 KB 22ms
18ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.W6VuNWHzdWY.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.t5QJuKv34C0.L.B1.O/am=wPEAIA/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,WhJNk,Wt6vjf,ZyYHPb,_b,_r,_tp,hc6Ubd,hhhU8,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrgkT6EExVl-suLLJzpEwvBwFOgFuA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;JsbNhc:Xd8iUd;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;Me32dd:MEeYgc;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/ujg=1/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2974aa7a01b564e60381fddb0c7dc35d24730f427a3d8e413e5ff66623e4f2ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 14:31:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 167870
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13523
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 18:37:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sun, 21 Apr 2024 14:31:10 GMT

POST
H3 200 log Show response
play.google.com/ Frame 52EC 131 B
155 B 53ms
52ms XHR
text/plain 2a00:1450:4001:827::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 24 Apr 2023 13:09:00 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 24 Apr 2023 13:09:00 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 46ms
39ms Preflight
text/plain 2a00:1450:4001:827::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 24 Apr 2023 13:09:00 GMT
expires: Mon, 24 Apr 2023 13:09:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 52EC 131 B
155 B 72ms
62ms XHR
text/plain 2a00:1450:4001:827::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 24 Apr 2023 13:09:00 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 24 Apr 2023 13:09:00 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 24ms
19ms Preflight
text/plain 2a00:1450:4001:827::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 24 Apr 2023 13:09:00 GMT
expires: Mon, 24 Apr 2023 13:09:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 52EC 131 B
155 B 49ms
48ms XHR
text/plain 2a00:1450:4001:827::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 24 Apr 2023 13:09:00 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 24 Apr 2023 13:09:00 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 46ms
42ms Preflight
text/plain 2a00:1450:4001:827::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 24 Apr 2023 13:09:00 GMT
expires: Mon, 24 Apr 2023 13:09:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 52EC 131 B
155 B 30ms
30ms XHR
text/plain 2a00:1450:4001:827::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 24 Apr 2023 13:09:00 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 24 Apr 2023 13:09:00 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 44ms
42ms Preflight
text/plain 2a00:1450:4001:827::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 24 Apr 2023 13:09:00 GMT
expires: Mon, 24 Apr 2023 13:09:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

37 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.amazonfrontlines.org/	1970-01-20 13:28:37	Name: _gcl_au Value: 1.1.189807465.1682341736
amazonfrontlines.org/	1970-01-20 20:04:37	Name: pll_language Value: en
.doubleclick.net/	1970-01-20 11:19:02	Name: test_cookie Value: CheckForPermission
.amazonfrontlines.org/	1970-01-20 11:20:28	Name: _gid Value: GA1.2.4931597.1682341737
.amazonfrontlines.org/	1970-01-20 11:19:01	Name: _gat_gtag_UA_162643912_1 Value: 1
.amazonfrontlines.org/	1970-01-20 20:55:01	Name: _ga_NM9HNZLLGQ Value: GS1.1.1682341736.1.0.1682341736.60.0.0
.amazonfrontlines.org/	1970-01-20 13:28:37	Name: _fbp Value: fb.1.1682341736632.2039063096
.linkedin.com/	1970-01-20 12:02:13	Name: UserMatchHistory Value: AQIuUfoN4b0RHgAAAYezYbEKhxBups41J6miFDRX-bP8AKOxmbM4-CKCOdeqM5_Z9BuYPl9DMOqUug
.linkedin.com/	1970-01-20 12:02:13	Name: AnalyticsSyncHistory Value: AQIeoSFvWpUq4AAAAYezYbEK_Hwz7qplNXHiQX0Rm5zF4ox-I-cMJokSRKDbIdcpih1tZIpnC_Vi4ycpgnduLQ
.linkedin.com/	1970-01-20 20:04:37	Name: bcookie Value: "v=2&2342868e-7d21-4678-88d6-f42add94a374"
.linkedin.com/	1970-01-20 11:20:28	Name: lidc Value: "b=OGST06:s=O:r=O:a=O:p=O:g=2647:u=1:x=1:i=1682341736:t=1682428136:v=2:sig=AQFRpObwk2TjlAfHalbnQw1GhWHPCWrA"
amazonfrontlines.org/	1970-01-20 11:20:28	Name: ln_or Value: eyIyOTc2OTcwIjoiZCJ9
.classy.org/	1970-01-20 11:19:03	Name: __cf_bm Value: xrRCsr1zSeTJs5KSv9uxcs0Wd8oMziJGxFGm8cc9R00-1682341736-0-Afmz9qKfzHJkQK/GphMD4B5VoiZP8nAL7PzdSoRev7K1DUU+/ip2buF4f2CnedHR51hO4hlOEKu0O36y3qaQyTY=
.www.linkedin.com/	1970-01-20 20:04:37	Name: bscookie Value: "v=1&20230424130856cdc2cdd0-bead-4481-8b1c-7a33b6d15ed9AQGxs5VvEwJKeYKOz0o5EUBfu6Ub9VHr"
.linkedin.com/	1970-01-20 15:38:13	Name: li_gc Value: MTswOzE2ODIzNDE3MzY7MjswMjFwQiOo3EULpyCWbd+vJWWmaeCfS+PHi0RWQcFVyg4jVA==
.classy.org/	1969-12-31 23:59:59	Name: __cfruid Value: a8ed35fa17a003454d589ae2a872e364389481bf-1682341737
give.amazonfrontlines.org/	1970-01-20 20:55:01	Name: connect.sid Value: s%3A-E7d7NYnTbBQLbK5l4tJHKp3YjWUegXK.W5HLqGB4xxztgj0x%2ByivfC8TLWbUu4WpqL3YZhXnYD0
.give.amazonfrontlines.org/	1970-01-20 11:19:03	Name: __cf_bm Value: DpTB1h2ZVZ60JREsbCljmX.HZbTKEVPGSHV7vCpaecY-1682341738-0-AYlQa7EcomDgw9gvV08W5BKKhQPKirfaq31nCr+xz4FaLO9rGaqJ8UoifFEmOcdxQlJD0rG4/W5ZmWlTgOjEOVA=
.give.amazonfrontlines.org/	1969-12-31 23:59:59	Name: __cfruid Value: c08704df73e32b38bc757683d1f0fd7c2ad9d9c5-1682341738
.amazonfrontlines.org/	1970-01-20 20:55:01	Name: _ga Value: GA1.2.244419417.1682341737
give.amazonfrontlines.org/	1970-01-20 11:39:11	Name: c_src Value: {"313372":[{"c_src":"web","c_src2":"home","referrer":"https://amazonfrontlines.org/","timestamp":1682341739402}]}
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: -SXDTBJLjII
.youtube.com/	1970-01-20 15:38:13	Name: VISITOR_INFO1_LIVE Value: fBtPYlsUjcs
.amazonfrontlines.org/	1970-01-20 20:46:59	Name: _hp2_id.1566116007 Value: %7B%22userId%22%3A%22813113933522097%22%2C%22pageviewId%22%3A%224054604701673755%22%2C%22sessionId%22%3A%226293430835976536%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.amazonfrontlines.org/	1970-01-20 11:19:01	Name: _gat_classyTrack Value: 1
.amazonfrontlines.org/	1970-01-20 11:19:01	Name: _gat_clientTrack Value: 1
.amazonfrontlines.org/	1970-01-20 20:46:59	Name: _hp2_props.1566116007 Value: %7B%22environment%22%3A%22prod%22%2C%22organization_id%22%3A67405%2C%22payment_processor%22%3Anull%2C%22campaign%22%3A313372%2C%22campaign_type%22%3A%22crowdfunding%22%2C%22duplicate_fundraisers%22%3Afalse%2C%22existing_fundraiser%22%3Afalse%7D
.give.amazonfrontlines.org/	1970-01-20 20:04:37	Name: OptanonConsent Value: landingPath=https%3A%2F%2Fgive.amazonfrontlines.org%2Fgive%2F313372%2F%23!%2Fdonation%2Fcheckout%3Fc_src%3Dweb%26c_src2%3Dhome%26eg%3Dtrue%26egp%3Ddo&datestamp=Mon+Apr+24+2023+13%3A08%3A59+GMT%2B0000+(GMT)&version=3.6.25&EuOnly=true
.amazonfrontlines.org/	1970-01-20 11:19:03	Name: _hp2_ses_props.1566116007 Value: %7B%22r%22%3A%22https%3A%2F%2Famazonfrontlines.org%2F%22%2C%22ts%22%3A1682341739702%2C%22d%22%3A%22give.amazonfrontlines.org%22%2C%22h%22%3A%22%2Fgive%2F313372%2F%22%2C%22g%22%3A%22%23!%2Fdonation%2Fcheckout%3Fc_src%3Dweb%26c_src2%3Dhome%26eg%3Dtrue%26egp%3Ddo%22%7D
give.amazonfrontlines.org/	1969-12-31 23:59:59	Name: CSRF-TOKEN Value: 5wxoBPkY-VET0vjz8if_MHimch24Rmm57iC4
.google.com/	1970-01-20 15:42:32	Name: NID Value: 511=kzQ4M7MUJUp29jxqS4v2vJKXCAcJw4i-3_qIVqCCanIzNlE2ZK-sR70e2v7fwoERbKWKBfGCmGWp2wijWvnhD-Qz4P7WiBDyYpG0U8xRXglKBvigjBACMWazT8nh2XW9GAJzd6JYBETLFlumzBkWryKKwLXjVGMAA_5FPfnOfec
give.amazonfrontlines.org/	1970-01-20 11:19:02	Name: XSRF-TOKEN Value: eyJpdiI6ImFVXC9KODF2M0VUQm1pM0ZWMWswREVBPT0iLCJ2YWx1ZSI6IkJOcG9ucURcL3RrWHMrVmxUMUVWYU8rc0EraXRWTUt1bVJaV0twSlZKTkFjbys0MGxnSDMrKzJvYkw0eDNKVSs4dWY5RGZGWFFna3ljc201azhPV0swdHlCeDlEZ0UrR1o4bGU4bm90QUJMdzlycnVteFJEc0ZWVTd6TkFCYVd0TCIsIm1hYyI6ImYxYzc2ZWU4ZjE3OWFlMjY2OTUyNDhkZGIyOGM4NjdhYjcyNzM3MTkzOTJjMDdhZmY4ZDExNjhmOGZhNmM5MDUifQ%3D%3D
give.amazonfrontlines.org/	1969-12-31 23:59:59	Name: sid Value: eyJpdiI6Ikdra1ZWWFBjekM5RmdBMVFBQ1FveWc9PSIsInZhbHVlIjoiVkVLN1FaY3VHenNMMHVrOEFaREs4blNPdU5VWEJBWjVJRjlSWm90bVA5dGhIRXNhQWRwb2t1UFMwRDg0V0JZSEYxSUZYSStrQldGYmF4N3FFTXBGN1dIZ2RraUd2cUVTSzRSdjc5VjFLbFFzV09qVE9EbjF2b1I0Tk9NTVZmN3oiLCJtYWMiOiJkNGRkYjU5NDc2NTg0Y2JhZmRlZGIxZjgxYWU1MTU4MWJhYWRjZTIyZWU5MGQxNzNiZjk1MDc3ZGM1YWQ4ZGI1In0%3D
.amazonfrontlines.org/	1970-01-20 20:55:01	Name: _ga_6HXY58W7SY Value: GS1.1.1682341738.1.1.1682341740.0.0.0
m.stripe.com/	1970-01-20 20:55:01	Name: m Value: 51d489bd-3060-4705-af56-1fa9e178e9fe354b40
.give.amazonfrontlines.org/	1970-01-20 20:04:37	Name: __stripe_mid Value: e7b26d82-1f84-45a6-bbe8-f9751c73e57baf9298
.give.amazonfrontlines.org/	1970-01-20 11:19:03	Name: __stripe_sid Value: d84e15ac-be14-40f2-8c36-853fc451a41d362400

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amazonfrontlines.org
assets.classy.org
bam.nr-data.net
cdn.heapanalytics.com
cdn.linkedin.oribi.io
cdn.plaid.com
code.jquery.com
connect.facebook.net
d188lez4s0fwft.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
give.amazonfrontlines.org
googleads.g.doubleclick.net
heapanalytics.com
htp.tokenex.com
js-agent.newrelic.com
js.stripe.com
m.stripe.com
m.stripe.network
merchant-ui-api.stripe.com
pay.classy.org
pay.google.com
platform.twitter.com
play.google.com
prod-frs.content.classy.org
px.ads.linkedin.com
px4.ads.linkedin.com
q.stripe.com
r.stripe.com
region1.analytics.google.com
region1.google-analytics.com
sdk.classy.org
sessions.bugsnag.com
snap.licdn.com
static.cloudflareinsights.com
stats.g.doubleclick.net
syndication.twitter.com
unpkg.com
www.classy.org
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.google.dz
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.youtube.com
104.244.42.8
13.107.42.14
13.32.121.78
13.32.27.35
142.250.185.226
151.101.0.176
151.101.194.137
162.247.241.14
18.202.131.124
2001:4860:4802:32::36
2001:4860:4802:34::178
2001:4de0:ac18::1:a:1a
23.21.52.182
2600:1901:0:7a0b::
2600:9000:20eb:d600:2:53b2:240:93a1
2600:9000:2182:b600:14:5590:7e40:21
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:4400::ac40:9062
2606:4700::6810:3865
2606:4700::6810:7baf
2606:4700::6812:843c
2620:1ec:21::14
2a00:1450:4001:806::2003
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2003
2a00:1450:4001:811::200a
2a00:1450:4001:827::200e
2a00:1450:4001:830::2008
2a00:1450:4001:831::2002
2a00:1450:400c:c09::5c
2a00:1450:400c:c09::9d
2a02:26f0:480:e::210:f108
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
34.231.49.196
52.143.247.24
52.42.94.138
54.186.23.98
99.86.4.99
04183289430803326acd6b1535457d8196284cb67186adb767c506c8c69a0fb1
04492b9fe12b21b73c514216289c8ee03751b335d2750fa77d81b16a50102e4f
091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b
0a30f94167bc21b61b2417f07dd1ee6a6cf76b83eacaedf1a1704cba3b904c79
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0c06c562695b244c211c4dfa162c4dfb527dbf6ac77a81e0d6840392ce16e199
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
106e4667e7886cd358211fd6ce897e3ceeca0003bac487d9986a64da601ca601
1291012d74c10f8b6a72bb1fddddbe566b7f90af474dc3b470d0876896d3f365
13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b
15700dd8eb8e54e4d06e5a3cb134b175e43b9d1dc3e76bb42f7b1f313bf9cba3
16a2fcf59eb7e6f04fe15ad2b13cff5fd8813a3267e7f4c57fdf16d35470f5d8
1eee475401ced2b41622d05d372d5994af2ef888f82d09b6a7507838600819e5
23a830983184102217d5b0f0c01a3ab5f209589914d062cea8fca5dc5d760807
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
25460046e739811aee204eab1b61642c6cfeb603a184bf2f36001e8797129a75
2974aa7a01b564e60381fddb0c7dc35d24730f427a3d8e413e5ff66623e4f2ef
2a348f9793269ef74e8bd0be51c68f47b76b1bbd1c054b78b8fa3feb0bb82971
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c8cb3dd7cbbdc391215448b84492ea93f13bea4798a2df22854d8cbfcf2d464
2e60089421dbb62b7064eb8cc3cb72115dc6ffabdad8835bd131c95de1ed915f
2f1d9b491b08daadc738115c579f9cc1b85b29078fdefe99ad994f9db0f5da22
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
3c124e8d5cc4a724c0cc1650bbb0c64f90f6cd00807ec75353423d6cb0880390
3e7d859a6809b7a9ee7f54287cae97d2cedb72957e3213f81a2d2dcf73ae3dfc
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
42da9879df79b772af2ce2bf1a55a86438f777028bfc9d22ab625e5d1f22362a
463c8cd998ec33964870ec77084a02d4e75ff30cb583167f3a2c4ac3fd95e645
464a6ba7d766705a6634206a559ba8930d2e85b12ff84ea839d81a7fe63a9abc
46989843cf6db9b279fe42b1ad1f76e09e30eabc768be16ea6c6bb2f94c67883
47e7eaea18791ebecf65100410d22246f2c95e839c75a9a588a29aa402b88264
488c51a30edd1588ceb44a43332fcc4ee5744cb689464f71ca62978092ac115b
490615ad51366c681f7127d4e30a49c517e33c80c056b522eadc334dd7269df9
49f71b872543caf6c6fb6b4ca66572416ffd3b38ab9b14d73a2face8dc009317
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
51e416712f2a66c0f2abf8fc2ea4d86df45109a57406156a6ebec14c8138d626
520b4b1a4e266fcd8dc4d48f3c5fd89e542b4d164143caf784c93447cccc6709
56b6e95b2d7f0ef3499dd72399e73ffe9e08d5a5c9ff3fafe0aae9c5da33ad0b
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5bfee04f991dacac6d2eeee72cbd9e13f61bdbe19e315e7e9e598d66d1ba2e79
5c5cd66261191becb2ce1bbaa772686a17b892c5fe8560f8f4fdc126c58777c7
5c7352b597156cd3a4225b34385715ed3871ba3a69e9229bfc2fa07d6d826806
5e588fef38b35ab5cacf0a93bee333235b844160dae0cca598363a681f49742a
5f17671ce030879a0b89ffce96fc31e6feb1a46b560ec7df7e8fb615682258a5
62f42276dddf470e795cc1b1bdcb8fe73a0354188bcfa80e0600e8b8d2a21dcb
641e6fc348b4f6de3b8c056930ac32722d5b9e64d5136dbb5c097b3fe57e530c
6719fa0d3554909fe69bc82c22606b28ea8d1bf5cef2e705928dd4f66c17efac
696b52ea04ef71ff87bf17e66f80a482f72fe6f63469f1eed0da4345c74c09a0
6a4d9b4f37862a161cb9a7b7c8b6d4bea495c108be4d8086e3af80aa1493e733
6ac48a7c704eb512addd8690ff165f87f9757f986d2ecf6b3f12c2ff077cecbf
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bd0f25f74142536db572062ff1ca9e9e244a02c45bf8a1218198553e95bea0e
700e2283a18e14ed801ad182b3ce69a1ff0b79db0309b367ddf6d9dbfbf085b4
7287403835f30c5729e1139dd36787dd60b70d00c35e80ed76fee8025b0c29a7
743400827279a748ff4e9c0760b9d878206351259383b9913183294f68bc2871
751851e72654508ca07678c61bdacd91b772d725f531dd8a6f62e6f941e11ecc
775c0d83ab0c95e5349a26584816b075ff88c9ce6ef5d46726aa28f4ededb868
7839604d7a5c0f2f1b092cc0b9476a4175003bf86d35c6f354225dc58f6e1a1b
7af5a08b3fbf0fe91b04a13b11a266b8deef1eaf3f3351d5f708b0d363cfd085
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7cc928714a5c9f6a5b87e6cf5d0493b41c859d25f626e3f7a0ec9ff9fa1e8971
7d081b1ed15a0074cf2cc7e574123fc85736ef6648ba45c5e6f5a446c9dcc849
7d9df168924d6dea87277229a6f7c34a48f0d66420dfb654955f142271b01f5c
7f7e21372859a2f6cf237901739dce1bf3f711c18973959a9e624b3735059f59
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86cb276d0550d189e7dad4800fbbcfe7b5312f7845e0e711115d5aad589b5d27
8a111e32f8ac3668f71a163d62aa9465d33bfa641a2df93c636495b3de961f08
8ae6dc26c68d8933cb92ca7c37f0905a07af7c7e9df8aca254d5e7cae6d7bad7
8c5962cd04b24babf8108ffd61a518f18c2bd86aef0d9d02fa0a6a6f939d2858
8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e
92747742b0d05de841880d3cad6550593fa08692d26fe086e15d4a5696606a54
9818d0989f4b538a42d1701d5f4ce58b7892164aa53cb9a9597cab6d74f84f9f
987371454c1ad11929a412bd48f8ca28d2a951425e60023e9b1031575980ac9c
9b1fb531c79eb8ce9a6e9f833b9de4a43be31458e9a999dcced9147e0176d601
9c0eb9ed92ce7dc0e6ca22edf64d469e4e63b2746adc0fc9840277f1edcc6de2
9dc9f15be9644fe661ed74493a4de393418024500fe78cf633bac0a86f29a745
9e7d595f9089209fce023a961d31ea386f600d32a44094e000d830bc7bdd4e6d
a39c7130747e5795889aa3ee603173b357eb0deade0252622413c78ddbe00350
a3c9bb0126992129d561e6615234943f04520c69bdba33205c935ca70414c2ef
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a4f03677f716f1db373f1c115b0199d7d777dd90634465e8e9de07ada8d96036
a5d81cbdf216b4451e07b1de69b6c749c99dbf84d85189eb5825f971bcc68f5a
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
ab622ce173d66cab677bb316ef55df2c26059b840a81bc13f7e5fcfa4fa7997b
ac01180e608065cc699c50c1517765f00ea1d5a077f1cb895b99881ac3660988
aca0682f2a6967bfe39854cbc9abf550ac57023624336aa699dcd76552afc183
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
ad66531d81737c747271c0ee0ce77a29cf62e2241eba5c06d55f5edd973ca1de
adf4afee15d307888f52c5c1b8649ba2ef593e9a04e1400b63f80774c0d20176
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aef05e1af4c604a0a5ce9a0acb08aa61ae82fde87b3f53f5c378fad548d67507
b05bc405a4294a1d778025a79275c288477dda7cf50f679c9b621925b0dad5a4
b0817a0d6a87f2d42532035e42b20ea55cfaa5ca1092c761f5fc5e734790bdbf
b6a613ee9108f1d682a41dbf67bf48474111f09ae1b3f9610371f9e9ab310ba1
b7d9e93df0e9ed19898260e542dd3ab74302010dfe2a5a4d3fdcceb2d38f9b00
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c1a13f2865f54d88cd9ebcb80da9825501a684285f0e484c21a5f8017b7fe5db
c54dcc32bde6c85debc63110e0f15ae9bd336f25ef7e0aa319ce66cb0d25d2af
c5c19c57f48c707d99edc04f7d3175f82e3f7fb20063d9d3f8d2d77381f4e519
c751fe2e3ebe19205c4845af55a79608fcc55109648115357e673bf5dc161b49
c8fbcb4c0f9a9e4538d31bbfb9549daa8955f86a63502a87841276b5f9bf1c50
cc1a8f5f467a2c40b94e88a74933bf9a9e46b808d69b5bda1e5acb6094f550dc
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d33d384e2dbefbefb155b543483484924ea5a4f8d4ab28bba0aca7c9f8231a5a
d5fbd8d11f9a310b0f3fc5f45bd79c163cfbd0a81214b06324511633d214d7ce
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
db35d9942ff3fe390acc214cea81723f9c880cdd53788be8a16d6b3e0aab3965
db9aa809494d9ff4fd4154129666d07d48c0504aef71cbc9f4d85fd3d589a51f
dc67425c35cc38b15f4de4d9f64ca62ec7744eed33a50bf02bd5b4f9a3e31449
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e2135bdfae392d1cae00214207650e96f90eca12a931bdff24b7115fc85423e2
e248bd1b7cf411f7060c0c10aa8e9b7358c5d751727fced5e5cc0bbd8a5bc3c7
e253eb12258cda41bd93412f04cced9cedffd11b6aee1c90391cb043da9dc5d3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5be0cf9e12892e32ca57fd11154fe22c8f57958752e83c22905a194bdc52a7d
ea5e960e0f14eea41744b9b0f55e837bd66f6abf20557345ff783dfb10bcf87d
eb11e7592e7b935bec5839c64add5577ea9d892dd96c0e20851e4fe4aac73774
eb316b7543de09693b789a31a3cf23d39272ca8a14c2720bd69c2a1eec6c4d23
ee43de7f6648dac36980de3bcf1bf0d34f07178fdb8afac80541f5cf1660cc5d
ee8b513e01e58127f81cb40ae5909a16a8eb0f8185efa32fd0a9104a7deb2c78
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef606211a2fb3a2bc5128dd6e67a8e644b2a879dc604b218028e525035e6df1c
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f23919d80b8e1ef191cc819204a9f5da658468b28e448d5294d05ae39094d39a
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f6859eb8f0f96a1493a47e0cab0144e6dba46b3c492042660dd5b02b6cec167b
f6c2565244a7d2fd5524ea698c9694fd053a99d1955cfdad0658e6acd7feb054
f7edf8812e9e7e12c20d41424bfcdaa12bb69631217a1a653282e681b57dee33
f866d217a96d2683e5a51b091d3ed6db356c3fc1f4bc30712aadce0efc6409c7
f8d31fc95340935f0a1e3f04183511383a0b2ef7cc5b48d7af07aa402d2c6762
fb92a1ef1cf264bb8eea72c2931c0792c88263258e00e86de118bdd5f1aae997
fc0ed88882d4d98312c5ca2593f1045ed68d625a5eda165d77d6608cc29d428d
fd8be1f415e873bf9ceec9ccbc8910764e4270c704d004ecb2d636e7604e9032
ff38bd9fe946a695a2e0c2f177099a5d4b705887c5aecef236bb5bbacda574d1
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
ffa12a66b77bcb1fc0cc691ed439b877e084a91bd9f5537e651306fcf6246049

amazonfrontlines.org Open in urlscan Pro 23.21.52.182 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

266 Requests

100 %HTTPS

63 %IPv6

31 Domains

50 Subdomains

41 IPs

4 Countries

8815 kBTransfer

20269 kBSize

37 Cookies

5 Outgoing links

Redirected requests

266 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

amazonfrontlines.org Open in urlscan Pro
23.21.52.182 Public Scan

Screenshot
Live screenshot

Full Image

266
Requests

100 %
HTTPS

63 %
IPv6

31
Domains

50
Subdomains

41
IPs

4
Countries

8815 kB
Transfer

20269 kB
Size

37
Cookies

266 HTTP transactions
1 data transactions