amazonfrontlines.org Open in urlscan Pro
23.21.52.182 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://amazonfrontlines.org/
Submission Tags: analytics-framework
Submission: On April 24 via api (April 24th 2023, 2:36:25 pm UTC) from US — Scanned from DE

Summary HTTP 269 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 42 IPs in 5 countries across 30 domains to perform 269 HTTP transactions. The main IP is 23.21.52.182, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is amazonfrontlines.org.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 21st 2022. Valid for: a year.

This is the only time amazonfrontlines.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	23.21.52.182 23.21.52.182	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
20	2600:9000:249... 2600:9000:2490:ce00:14:5590:7e40:21	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
9	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1 14	2606:4700::68... 2606:4700::6812:7115	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:148d	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
13	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20e... 2600:9000:20eb:7200:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400c:c04::9a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
11	2606:4700::68... 2606:4700::6812:843c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	52.143.247.24 52.143.247.24	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6810:7eaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.32.121.38 13.32.121.38	16509 (AMAZON-02) (AMAZON-02)
24	99.86.4.76 99.86.4.76	16509 (AMAZON-02) (AMAZON-02)
1	13.32.27.116 13.32.27.116	16509 (AMAZON-02) (AMAZON-02)
2	2600:1901:0:7... 2600:1901:0:7a0b::	15169 (GOOGLE) (GOOGLE)
11	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
1	2606:4700:440... 2606:4700:4400::6812:2b9e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	44.215.21.224 44.215.21.224	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
54	54.186.23.98 54.186.23.98	16509 (AMAZON-02) (AMAZON-02)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (STACKPATH...) (STACKPATH-CDN)
2	151.101.128.176 151.101.128.176	54113 (FASTLY) (FASTLY)
2	162.247.243.29 162.247.243.29	54113 (FASTLY) (FASTLY)
1	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
1	54.201.215.5 54.201.215.5	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:401... 2a00:1450:4013:c04::5c	15169 (GOOGLE) (GOOGLE)
2	18.202.131.124 18.202.131.124	16509 (AMAZON-02) (AMAZON-02)
20	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
269	42

16 23.21.52.182 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-52-182.compute-1.amazonaws.com

amazonfrontlines.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2600:9000:2490:ce00:14:5590:7e40:21 (United States)

ASN16509 (AMAZON-02, US)

d188lez4s0fwft.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700::6812:7115 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

sdk.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prod-frs.content.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pay.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:148d (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:7200:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c04::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6812:843c (United States)

ASN13335 (CLOUDFLARENET, US)

give.amazonfrontlines.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.143.247.24 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

htp.tokenex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7eaf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-38.fra60.r.cloudfront.net

cdn.plaid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 99.86.4.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-76.fra6.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-116.fra56.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:7a0b:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

sessions.bugsnag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2b9e (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 44.215.21.224 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-215-21-224.compute-1.amazonaws.com

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

54 54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.128.176 (United States)

ASN54113 (FASTLY, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.243.29 (United States)

ASN54113 (FASTLY, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.200 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.201.215.5 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-201-215-5.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4013:c04::5c (Groningen, Netherlands)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.202.131.124 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-131-124.eu-west-1.compute.amazonaws.com

merchant-ui-api.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
81	stripe.com js.stripe.com — Cisco Umbrella Rank: 2411 q.stripe.com — Cisco Umbrella Rank: 20152 m.stripe.com — Cisco Umbrella Rank: 2198 merchant-ui-api.stripe.com — Cisco Umbrella Rank: 15734 r.stripe.com — Cisco Umbrella Rank: 7419	914 KB
33	google.com www.google.com — Cisco Umbrella Rank: 16 region1.analytics.google.com — Cisco Umbrella Rank: 2930 pay.google.com — Cisco Umbrella Rank: 3849 play.google.com — Cisco Umbrella Rank: 74	862 KB
27	amazonfrontlines.org amazonfrontlines.org give.amazonfrontlines.org	736 KB
20	cloudfront.net d188lez4s0fwft.cloudfront.net	4 MB
19	gstatic.com www.gstatic.com fonts.gstatic.com	614 KB
16	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 91 region1.google-analytics.com — Cisco Umbrella Rank: 1718	40 KB
14	classy.org 1 redirects sdk.classy.org — Cisco Umbrella Rank: 210142 www.classy.org — Cisco Umbrella Rank: 197096 prod-frs.content.classy.org — Cisco Umbrella Rank: 143433 pay.classy.org — Cisco Umbrella Rank: 166071 assets.classy.org — Cisco Umbrella Rank: 187530	1 MB
11	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 776	33 KB
7	heapanalytics.com cdn.heapanalytics.com — Cisco Umbrella Rank: 3337 heapanalytics.com — Cisco Umbrella Rank: 2833	40 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	344 KB
5	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 67 stats.g.doubleclick.net — Cisco Umbrella Rank: 166	2 KB
4	google.de www.google.de — Cisco Umbrella Rank: 3425	732 B
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 733 www.linkedin.com — Cisco Umbrella Rank: 779 px4.ads.linkedin.com — Cisco Umbrella Rank: 6554	3 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1159 syndication.twitter.com — Cisco Umbrella Rank: 1451	132 KB
2	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 477	751 B
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 2669	17 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 87	64 KB
2	bugsnag.com sessions.bugsnag.com — Cisco Umbrella Rank: 932	140 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	237 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 189	136 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 119	2 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 997	30 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 882	183 B
1	plaid.com cdn.plaid.com — Cisco Umbrella Rank: 29131	43 KB
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 1180	3 KB
1	tokenex.com htp.tokenex.com — Cisco Umbrella Rank: 31874	5 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 187	16 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1274	7 KB
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1604	376 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1365	5 KB
269	30

	Domain	Requested by
41	r.stripe.com	js.stripe.com
24	js.stripe.com	give.amazonfrontlines.org amazonfrontlines.org js.stripe.com
20	play.google.com	www.gstatic.com
20	d188lez4s0fwft.cloudfront.net	amazonfrontlines.org
16	amazonfrontlines.org	amazonfrontlines.org
13	q.stripe.com	amazonfrontlines.org
13	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com amazonfrontlines.org
11	js-agent.newrelic.com	amazonfrontlines.org
11	give.amazonfrontlines.org	sdk.classy.org give.amazonfrontlines.org amazonfrontlines.org
10	fonts.gstatic.com	fonts.googleapis.com
9	www.gstatic.com	www.google.com pay.google.com www.gstatic.com
8	pay.google.com	js.stripe.com pay.google.com amazonfrontlines.org www.gstatic.com
8	prod-frs.content.classy.org	give.amazonfrontlines.org amazonfrontlines.org prod-frs.content.classy.org
6	heapanalytics.com	amazonfrontlines.org
6	www.googletagmanager.com	amazonfrontlines.org www.googletagmanager.com give.amazonfrontlines.org
4	www.google.de	amazonfrontlines.org
4	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com amazonfrontlines.org
4	www.google.com	amazonfrontlines.org
3	pay.classy.org	amazonfrontlines.org
3	region1.google-analytics.com	www.googletagmanager.com
2	merchant-ui-api.stripe.com	js.stripe.com
2	bam.nr-data.net	amazonfrontlines.org
2	m.stripe.network	js.stripe.com m.stripe.network
2	www.youtube.com	amazonfrontlines.org
2	platform.twitter.com	amazonfrontlines.org
2	sessions.bugsnag.com	amazonfrontlines.org
2	www.facebook.com	amazonfrontlines.org
2	px.ads.linkedin.com	2 redirects
2	connect.facebook.net	amazonfrontlines.org connect.facebook.net
2	fonts.googleapis.com	amazonfrontlines.org
1	m.stripe.com	m.stripe.network
1	syndication.twitter.com	platform.twitter.com
1	code.jquery.com	amazonfrontlines.org
1	assets.classy.org	amazonfrontlines.org
1	geolocation.onetrust.com	amazonfrontlines.org
1	cdn.heapanalytics.com	amazonfrontlines.org
1	cdn.plaid.com	give.amazonfrontlines.org
1	unpkg.com	give.amazonfrontlines.org
1	htp.tokenex.com	give.amazonfrontlines.org
1	www.googleadservices.com	give.amazonfrontlines.org
1	static.cloudflareinsights.com	give.amazonfrontlines.org
1	www.classy.org	1 redirects
1	region1.analytics.google.com	www.googletagmanager.com
1	px4.ads.linkedin.com	amazonfrontlines.org
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	snap.licdn.com
1	snap.licdn.com	amazonfrontlines.org
1	sdk.classy.org	amazonfrontlines.org
1	googleads.g.doubleclick.net	www.googletagmanager.com
269	49

This site contains links to these domains. Also see Links.

Domain
www.instagram.com
www.facebook.com
twitter.com
www.youtube.com
sinangoe.amazonfrontlines.org

Subject Issuer	Validity	Valid
*.amazonfrontlines.org Sectigo RSA Domain Validation Secure Server CA	`2022-05-21` - `2023-05-21`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-31` - `2023-05-01`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
classy.org Cloudflare Inc ECC CA-3	`2023-04-03` - `2024-04-02`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-02-24` - `2023-08-06`	5 months	crt.sh
www.google.de GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
give.amazonfrontlines.org Cloudflare Inc ECC CA-3	`2023-04-08` - `2024-04-07`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
api.tokenex.com Go Daddy Secure Certificate Authority - G2	`2023-02-08` - `2024-01-12`	a year	crt.sh
secure.plaid.com DigiCert EV RSA CA G2	`2023-03-09` - `2024-04-08`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-02-06` - `2023-05-13`	3 months	crt.sh
cdn.heapanalytics.com Amazon RSA 2048 M02	`2023-02-21` - `2023-08-27`	6 months	crt.sh
*.bugsnag.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-19` - `2024-04-12`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-04-13` - `2024-05-14`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
heapanalytics.com Amazon RSA 2048 M02	`2022-12-09` - `2024-01-07`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-06` - `2023-11-06`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-14` - `2023-06-13`	4 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-18` - `2023-12-19`	a year	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-28` - `2023-07-26`	4 months	crt.sh

This page contains 14 frames:

Primary Page: https://amazonfrontlines.org/
Frame ID: EB5083149185472840ECC07EB980A642
Requests: 66 HTTP requests in this frame

Frame: https://give.amazonfrontlines.org/give/313372/
Frame ID: 7BE217740374414A7242C13F14A8A1EA
Requests: 83 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: E777D8C1B9934E71686D8461647EC365
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: 37D0F69212B23C53433967836D905B12
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 5D203EE54D1EB48FE5F8EEA097614F54
Requests: 4 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fgive.amazonfrontlines.org
Frame ID: AC921585E3578FADE59B8EEC8BFA6642
Requests: 2 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-da48732248638df288726a142b6e91f4.html
Frame ID: A540AD83C222C74737FB77D5DF2D6D08
Requests: 29 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-4df80cebba232da48dbcd6f848e79d2f.html
Frame ID: 9BC0A0892ADC0EAB1B03CE971119E350
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-dea8b7bde353fc0f17cd521e4527bbab.html
Frame ID: 3C4087B5D8F453981DF9011CF9E32785
Requests: 5 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-da48732248638df288726a142b6e91f4.html
Frame ID: 595006AC69280BD9C035F228710A65CF
Requests: 24 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-4df80cebba232da48dbcd6f848e79d2f.html
Frame ID: 3AC13B21BD61B95BD7D40BF736D2176E
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-dea8b7bde353fc0f17cd521e4527bbab.html
Frame ID: 0A4B9D3DD27E571B983D9CBEC67E057B
Requests: 5 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 0688CE88A9C9FCC6772CD7ED515233C1
Requests: 13 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 928858C054846D66736F9349D2A828BC
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Amazon Frontlines - Defending indigenous rights to land, life and cultural survival in the Amazon rainforest.

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Heap (Analytics) Expand

Overall confidence: 100%
Detected patterns

heap-\d+\.js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

269
Requests

100 %
HTTPS

64 %
IPv6

30
Domains

49
Subdomains

42
IPs

5
Countries

8858 kB
Transfer

20381 kB
Size

37
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.instagram.com/amazonfrontlines/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/amazonfrontlines/

Search URL Search Domain Scan URL

URL: https://twitter.com/AFrontlines

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCuhEfIrM9DdUiI69gf8DZRg

Search URL Search Domain Scan URL

URL: https://sinangoe.amazonfrontlines.org/content/sinangoe-map/
Title: Sinangoe

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2976970&time=1682346975154&url=https%3A%2F%2Famazonfrontlines.org%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2976970%26time%3D1682346975154%26url%3Dhttps%253A%252F%252Famazonfrontlines.org%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2976970&time=1682346975154&url=https%3A%2F%2Famazonfrontlines.org%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2976970&time=1682346975154&url=https%3A%2F%2Famazonfrontlines.org%2F&liSync=true&e_ipv6=AQLr_k13ko4KzQAAAYezsaFyBet_8_u6IY5Yb1QGtT4faNPV0jRaiKlEUKaaw9PQ

Request Chain 65

https://www.classy.org/give/313372/ HTTP 302
https://give.amazonfrontlines.org/give/313372/

269 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
amazonfrontlines.org/ 73 KB
20 KB 422ms
192ms Document
text/html 23.21.52.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://amazonfrontlines.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.21.52.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-52-182.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: d5fbd8d11f9a310b0f3fc5f45bd79c163cfbd0a81214b06324511633d214d7ce

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=3600, public
content-encoding: gzip
content-length: 20315
content-type: text/html; charset=UTF-8
date: Mon, 24 Apr 2023 14:36:13 GMT
etag: "4f5b-5fa155e234222"
last-modified: Mon, 24 Apr 2023 13:56:04 GMT
pragma: public
referrer-policy: no-referrer-when-downgrade
server: nginx
vary: Accept-Encoding
x-powered-by: PleskLin

GET
H2 200 css2
fonts.googleapis.com/ 8 KB
1 KB 45ms
19ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Manrope:wght@500;700;800&family=Space+Grotesk:wght@700&family=Staatliches&display=swap

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ac01180e608065cc699c50c1517765f00ea1d5a077f1cb895b99881ac3660988

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 24 Apr 2023 14:36:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 14:36:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 24 Apr 2023 14:36:13 GMT

GET
H2 200 57fc2.css
amazonfrontlines.org/wp-content/cache/minify/ 296 KB
43 KB 179ms
178ms Stylesheet
text/css 23.21.52.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://amazonfrontlines.org/wp-content/cache/minify/57fc2.css
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.21.52.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-52-182.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 15700dd8eb8e54e4d06e5a3cb134b175e43b9d1dc3e76bb42f7b1f313bf9cba3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: public
date: Mon, 24 Apr 2023 14:36:13 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 23 Apr 2023 17:54:01 GMT
server: nginx
etag: "aad9-5fa049347fd55"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: text/css
cache-control: public
accept-ranges: bytes
content-length: 43737

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 186 KB
67 KB 127ms
25ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10864905236

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9622648bdeedeba4452bab60b7f1ad2ff3bd9a236f3a3bb9fcc3e4ef59cbc411

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:36:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68602
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 24 Apr 2023 14:36:14 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
876 B 45ms
19ms Script
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

56b6e95b2d7f0ef3499dd72399e73ffe9e08d5a5c9ff3fafe0aae9c5da33ad0b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:36:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 556
x-xss-protection: 1; mode=block
expires: Mon, 24 Apr 2023 14:36:13 GMT

GET
H2 200 749f2.js Show response
amazonfrontlines.org/wp-content/cache/minify/ 245 KB
69 KB 546ms
545ms Script
application/x-javascript 23.21.52.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://amazonfrontlines.org/wp-content/cache/minify/749f2.js
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.21.52.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-52-182.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 25460046e739811aee204eab1b61642c6cfeb603a184bf2f36001e8797129a75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: public
date: Mon, 24 Apr 2023 14:36:13 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 22 Apr 2023 17:53:07 GMT
server: nginx
etag: "1134c-5f9f07234a303"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public
accept-ranges: bytes
content-length: 70476

GET
H2 200 style.min.css
d188lez4s0fwft.cloudfront.net/wp-includes/css/dist/block-library/ 95 KB
96 KB 544ms
497ms Stylesheet
text/css 2600:9000:2490:ce00:14:5590:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d188lez4s0fwft.cloudfront.net/wp-includes/css/dist/block-library/style.min.css?ver=6.2

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:ce00:14:5590:7e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:36:14 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P6
x-powered-by: PleskLin
x-cache: Miss from cloudfront
content-length: 97517
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 30 Mar 2023 06:28:58 GMT
server: nginx
etag: "64252c2a-17ced"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public
accept-ranges: bytes
x-amz-cf-id: _eVYxMju_9xJeqWKNhH71lK0cfEwejj2-te3y4BqOqj4o_YMG-DLbA==

GET
H2 200 classic-themes.min.css
d188lez4s0fwft.cloudfront.net/wp-includes/css/ 291 B
827 B 453ms
406ms Stylesheet
text/css 2600:9000:2490:ce00:14:5590:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d188lez4s0fwft.cloudfront.net/wp-includes/css/classic-themes.min.css?ver=6.2

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:ce00:14:5590:7e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:36:14 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P6
x-powered-by: PleskLin
x-cache: Miss from cloudfront
content-length: 291
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 30 Mar 2023 06:28:58 GMT
server: nginx
x-accel-version: 0.01
etag: "123-5f818352ff409"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public
accept-ranges: bytes
x-amz-cf-id: 4lvyTsojAsNkRa86zgA7dF50VPvBRc3t2xniQXEUkcadrr5cCkmNAQ==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 113 KB
44 KB 22ms
21ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-162643912-1

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bfd4812dd9e62920943aad9e1ddc6d9054c7379112cd4153db6ba4ff68e02bb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:36:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45107
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 24 Apr 2023 14:36:14 GMT

GET
H2 200 logo.png
amazonfrontlines.org/wp-content/themes/amazonfrontlines/assets/img/ 6 KB
6 KB 500ms
500ms Image
image/png 23.21.52.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amazonfrontlines.org/wp-content/themes/amazonfrontlines/assets/img/logo.png
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.21.52.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-52-182.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: f8d31fc95340935f0a1e3f04183511383a0b2ef7cc5b48d7af07aa402d2c6762

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:36:14 GMT
last-modified: Sun, 08 May 2022 01:27:34 GMT
server: nginx
etag: "62771c86-1888"
x-powered-by: PleskLin
content-type: image/png
cache-control: public
accept-ranges: bytes
content-length: 6280

GET
H2 200 home-sign-500x325_3.png
d188lez4s0fwft.cloudfront.net/wp-content/uploads/2022/09/ 156 KB
156 KB 473ms
473ms Image
image/png 2600:9000:2490:ce00:14:5590:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d188lez4s0fwft.cloudfront.net/wp-content/uploads/2022/09/home-sign-500x325_3.png

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:ce00:14:5590:7e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

3e7d859a6809b7a9ee7f54287cae97d2cedb72957e3213f81a2d2dcf73ae3dfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:36:15 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P6
x-powered-by: PleskLin
x-cache: Miss from cloudfront
content-length: 159528
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 27 Sep 2022 22:44:47 GMT
server: nginx
etag: "63337cdf-26f28"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/png
cache-control: public
accept-ranges: bytes
x-amz-cf-id: 5TswM3r9qZ7Uq6WLc9uHzf487EREtM1xp_gOZ7PkkSobabxHSR_nZA==

GET
H2 200 icon-building-solutions.png
d188lez4s0fwft.cloudfront.net/wp-content/uploads/2022/02/ 8 KB
9 KB 388ms
385ms Image
image/png 2600:9000:2490:ce00:14:5590:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d188lez4s0fwft.cloudfront.net/wp-content/uploads/2022/02/icon-building-solutions.png

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:ce00:14:5590:7e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

e248bd1b7cf411f7060c0c10aa8e9b7358c5d751727fced5e5cc0bbd8a5bc3c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:36:15 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P6
x-powered-by: PleskLin
x-cache: Miss from cloudfront
content-length: 8313
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 23 Feb 2022 13:08:37 GMT
server: nginx
etag: "621631d5-2079"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/png
cache-control: public
accept-ranges: bytes
x-amz-cf-id: 91srDjAovhB5ngGEcrLTP1y5E8nCYckHH_rNRNgs-tXmpKK2qQR-Qg==

GET
H2 200 icon-telling-stories.png
d188lez4s0fwft.cloudfront.net/wp-content/uploads/2022/02/ 6 KB
7 KB 162ms
158ms Image
image/png 2600:9000:2490:ce00:14:5590:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d188lez4s0fwft.cloudfront.net/wp-content/uploads/2022/02/icon-telling-stories.png

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:ce00:14:5590:7e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

5e588fef38b35ab5cacf0a93bee333235b844160dae0cca598363a681f49742a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:36:15 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P6
x-powered-by: PleskLin
x-cache: Miss from cloudfront
content-length: 6296
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 23 Feb 2022 13:10:00 GMT
server: nginx
etag: "62163228-1898"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/png
cache-control: public
accept-ranges: bytes
x-amz-cf-id: vRi3_YX_33LOg_BwW9QX5gJdGbpXEKW4LxiwSb7I6jlDVZLd-sr0dw==

GET
H2 200 icon-reviving-culture.png
d188lez4s0fwft.cloudfront.net/wp-content/uploads/2022/02/ 21 KB
21 KB 570ms
566ms Image
image/png 2600:9000:2490:ce00:14:5590:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d188lez4s0fwft.cloudfront.net/wp-content/uploads/2022/02/icon-reviving-culture.png

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:ce00:14:5590:7e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

2c8cb3dd7cbbdc391215448b84492ea93f13bea4798a2df22854d8cbfcf2d464

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:36:15 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P6
x-powered-by: PleskLin
x-cache: Miss from cloudfront
content-length: 21127
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 23 Feb 2022 13:09:04 GMT
server: nginx
etag: "621631f0-5287"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/png
cache-control: public
accept-ranges: bytes
x-amz-cf-id: _4xH9avbG4DybPBn8ZVyZmb6zhct2ruwC5LNEV5Ofk1mU4WuN9l4aw==

GET
H2 200 icon-defending-territory.png
d188lez4s0fwft.cloudfront.net/wp-content/uploads/2022/02/ 13 KB
14 KB 431ms
428ms Image
image/png 2600:9000:2490:ce00:14:5590:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d188lez4s0fwft.cloudfront.net/wp-content/uploads/2022/02/icon-defending-territory.png

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:ce00:14:5590:7e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

f7edf8812e9e7e12c20d41424bfcdaa12bb69631217a1a653282e681b57dee33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:36:15 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P6
x-powered-by: PleskLin
x-cache: Miss from cloudfront
content-length: 13717
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 23 Feb 2022 13:08:10 GMT
server: nginx
etag: "621631ba-3595"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/png
cache-control: public
accept-ranges: bytes
x-amz-cf-id: XrabUha8UQ0nnzTi1tLk3HDJRJB4AsTImr0VQqSQfvm80vsccCr-Qw==

GET
H2 200 home-explore-01.png
d188lez4s0fwft.cloudfront.net/wp-content/uploads/2022/02/ 78 KB
79 KB 560ms
557ms Image
image/png 2600:9000:2490:ce00:14:5590:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d188lez4s0fwft.cloudfront.net/wp-content/uploads/2022/02/home-explore-01.png

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:ce00:14:5590:7e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

c5c19c57f48c707d99edc04f7d3175f82e3f7fb20063d9d3f8d2d77381f4e519

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:36:15 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P6
x-powered-by: PleskLin
x-cache: Miss from cloudfront
content-length: 80147
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 25 Feb 2022 12:00:42 GMT
server: nginx
etag: "6218c4ea-13913"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/png
cache-control: public
accept-ranges: bytes
x-amz-cf-id: 1j14VwjnCmoVZAuZnPT-bfILfU6xsD0ZZRNaqSqMo8LyMg5y2LNl0A==

GET
H2 200 home-explore-02.png
d188lez4s0fwft.cloudfront.net/wp-content/uploads/2022/02/ 83 KB
83 KB 537ms
534ms Image
image/png 2600:9000:2490:ce00:14:5590:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d188lez4s0fwft.cloudfront.net/wp-content/uploads/2022/02/home-explore-02.png

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:ce00:14:5590:7e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

b7d9e93df0e9ed19898260e542dd3ab74302010dfe2a5a4d3fdcceb2d38f9b00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:36:15 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P6
x-powered-by: PleskLin
x-cache: Miss from cloudfront
content-length: 84770
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 25 Feb 2022 12:00:46 GMT
server: nginx
etag: "6218c4ee-14b22"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/png
cache-control: public
accept-ranges: bytes
x-amz-cf-id: -hNctTblY-QGrPjgsf0hLWwYvpXEVCgQiWdU3Z3u-W7W_jIK6QYs-w==

GET
H2 200 home-explore-03.png
d188lez4s0fwft.cloudfront.net/wp-content/uploads/2022/02/ 60 KB
60 KB 535ms
532ms Image
image/png 2600:9000:2490:ce00:14:5590:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d188lez4s0fwft.cloudfront.net/wp-content/uploads/2022/02/home-explore-03.png

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:ce00:14:5590:7e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

f6c2565244a7d2fd5524ea698c9694fd053a99d1955cfdad0658e6acd7feb054

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:36:15 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P6
x-powered-by: PleskLin
x-cache: Miss from cloudfront
content-length: 61204
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 25 Feb 2022 12:00:49 GMT
server: nginx
etag: "6218c4f1-ef14"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/png
cache-control: public
accept-ranges: bytes
x-amz-cf-id: 0e15Q1FMpZQB7ovJAigphy3vs4tbk69GrkfdRKXSB2ffOGH_SwJ6EA==

GET
H2 200 image-footer.png
amazonfrontlines.org/wp-content/themes/amazonfrontlines/assets/img/ 195 KB
196 KB 195ms
192ms Image
image/png 23.21.52.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amazonfrontlines.org/wp-content/themes/amazonfrontlines/assets/img/image-footer.png
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.21.52.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-52-182.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 04492b9fe12b21b73c514216289c8ee03751b335d2750fa77d81b16a50102e4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:36:15 GMT
last-modified: Wed, 02 Mar 2022 14:43:12 GMT
server: nginx
etag: "621f8280-30de3"
x-powered-by: PleskLin
content-type: image/png
cache-control: public
accept-ranges: bytes
content-length: 200163

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 36ms
10ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 24 Apr 2023 14:36:15 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27967
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: kQkjHcn5TMc52y2QtB0GmaYxK9OFuKfJFo058MBBPW09YGVgn6svzPrrMOtNZg4LXo//icb6AbbW4dRftpJfVw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/ 410 KB
165 KB 43ms
11ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f1d9b491b08daadc738115c579f9cc1b85b29078fdefe99ad994f9db0f5da22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://amazonfrontlines.org/
Origin: https://amazonfrontlines.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 13:35:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3649
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168688
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 01:25:41 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 23 Apr 2024 13:35:26 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10864905236/ 2 KB
2 KB 369ms
50ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10864905236/?random=1682346974730&cv=11&fst=1682346974730&bg=ffffff&guid=ON&async=1&gtm=45be34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Famazonfrontlines.org%2F&hn=www.googleadservices.com&frm=0&auid=895686794.1682346975&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10864905236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ec1704383ae140002a62a7af19ba9803d217c68f7fd6145b57aa2904486f791

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 14:36:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1182
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 wp-emoji-release.min.js Show response
d188lez4s0fwft.cloudfront.net/wp-includes/js/ 18 KB
19 KB 528ms
525ms Script
application/x-javascript 2600:9000:2490:ce00:14:5590:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d188lez4s0fwft.cloudfront.net/wp-includes/js/wp-emoji-release.min.js?ver=6.2

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:ce00:14:5590:7e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:36:15 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P6
x-powered-by: PleskLin
x-cache: Miss from cloudfront
content-length: 18692
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 30 Mar 2023 06:28:58 GMT
server: nginx
etag: "64252c2a-4904"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/x-javascript
cache-control: public
accept-ranges: bytes
x-amz-cf-id: sZ7-mx0rIwEAyXUmQVv1OBXwA9yl5pl7PgCKqUJp2xRyHDGW4c4ecw==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 113 KB
44 KB 25ms
23ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-162643912-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10864905236

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

63fd09d8a7d608465463cf87c8ab3f52f0aac5612c9ee1c3e6eea0a9c1970f13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:36:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45120
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 24 Apr 2023 14:36:15 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 205 KB
72 KB 42ms
40ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NM9HNZLLGQ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10864905236

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0e1d4bfeaf7a83908ad372edccb5ebb2fcc9bce7998b0efdf6f374e629fd99ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:36:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 74135
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 24 Apr 2023 14:36:15 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 98 KB
38 KB 29ms
27ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5D7RFVX

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e1b2e557482f04204d26ea80dacee6fa4d88fa76b1da13d3615b669490d34660

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:36:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39036
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 24 Apr 2023 14:36:15 GMT

GET
DATA 200
OK truncated
/ 290 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee43de7f6648dac36980de3bcf1bf0d34f07178fdb8afac80541f5cf1660cc5d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 embedded-giving.js Show response
sdk.classy.org/ 35 KB
9 KB 491ms
445ms Script
application/javascript 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.classy.org/embedded-giving.js

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/wp-content/cache/minify/749f2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1a13f2865f54d88cd9ebcb80da9825501a684285f0e484c21a5f8017b7fe5db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:36:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 20 Apr 2023 17:43:27 GMT
cf-bgj: minify
server: cloudflare
x-amz-request-id: RCYM4P49NVKXPHW9
etag: W/"d55b13efd0aa4a0b8e94579254b75d23"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=60, s-maxage=900, stale-while-revalidate=60
cf-ray: 7bcf13d278f89128-FRA
x-amz-id-2: R1UeRn6nUbvhHYgIQrLCRxVGkBUMsak4kVi4zA3wQNAslg3ubxb3qF6epFuNMwaGB+CKvN+18S0=

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 39ms
9ms Script
application/x-javascript 2a02:26f0:3500:16::215:148d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:148d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:36:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=8873
accept-ranges: bytes
content-length: 4777

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 41ms
8ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-162643912-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 24 Apr 2023 14:35:44 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 31
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Mon, 24 Apr 2023 16:35:44 GMT

GET
H2 200 Nemonte-Nenquimo-x-Vanessa-Kirby-v2-scaled.jpg
d188lez4s0fwft.cloudfront.net/wp-content/uploads/2022/09/ 184 KB
185 KB 526ms
525ms Image
image/jpeg 2600:9000:2490:ce00:14:5590:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d188lez4s0fwft.cloudfront.net/wp-content/uploads/2022/09/Nemonte-Nenquimo-x-Vanessa-Kirby-v2-scaled.jpg

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:ce00:14:5590:7e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

47e7eaea18791ebecf65100410d22246f2c95e839c75a9a588a29aa402b88264

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:36:15 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P6
x-powered-by: PleskLin
x-cache: Miss from cloudfront
content-length: 188805
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 28 Sep 2022 15:07:54 GMT
server: nginx
etag: "6334634a-2e185"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/jpeg
cache-control: public
accept-ranges: bytes
x-amz-cf-id: DIyUODKJ0DyFKr4hWsu1RLf2JSBzOCJuqP2yc8PPxIRyspMfIxVefQ==

GET
H2 200 arrow-long.svg
amazonfrontlines.org/wp-content/themes/amazonfrontlines/assets/img/icons/ 489 B
564 B 871ms
870ms Image
image/svg+xml 23.21.52.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amazonfrontlines.org/wp-content/themes/amazonfrontlines/assets/img/icons/arrow-long.svg
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/wp-content/cache/minify/57fc2.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.21.52.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-52-182.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 0c06c562695b244c211c4dfa162c4dfb527dbf6ac77a81e0d6840392ce16e199

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/wp-content/cache/minify/57fc2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: public
date: Mon, 24 Apr 2023 14:36:15 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 03 Mar 2022 14:55:44 GMT
server: nginx
x-accel-version: 0.01
etag: "1e9-5d95197af9c00-gzip"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public
accept-ranges: bytes
content-length: 289

GET
H2 200 Human-Right-Defenders-under-threat-scaled.jpeg
d188lez4s0fwft.cloudfront.net/wp-content/uploads/2022/08/ 208 KB
209 KB 552ms
551ms Image
image/jpeg 2600:9000:2490:ce00:14:5590:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d188lez4s0fwft.cloudfront.net/wp-content/uploads/2022/08/Human-Right-Defenders-under-threat-scaled.jpeg

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:ce00:14:5590:7e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

cc1a8f5f467a2c40b94e88a74933bf9a9e46b808d69b5bda1e5acb6094f550dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:36:15 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P6
x-powered-by: PleskLin
x-cache: Miss from cloudfront
content-length: 213080
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 05 Aug 2022 18:36:55 GMT
server: nginx
etag: "62ed6347-34058"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/jpeg
cache-control: public
accept-ranges: bytes
x-amz-cf-id: eHQpgURST9rfVZnd5TI8VJeFjlxHm1Vtaf9iN0_xh5AlmcpM2sZpmA==

GET
H2 200 Alex-and-Alexandra-Goldman-Prize-Winners-2022_-1-scaled.jpeg
d188lez4s0fwft.cloudfront.net/wp-content/uploads/2022/05/ 178 KB
179 KB 545ms
544ms Image
image/jpeg 2600:9000:2490:ce00:14:5590:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d188lez4s0fwft.cloudfront.net/wp-content/uploads/2022/05/Alex-and-Alexandra-Goldman-Prize-Winners-2022_-1-scaled.jpeg

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:ce00:14:5590:7e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

6a4d9b4f37862a161cb9a7b7c8b6d4bea495c108be4d8086e3af80aa1493e733

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:36:15 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P6
x-powered-by: PleskLin
x-cache: Miss from cloudfront
content-length: 182437
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 25 May 2022 16:41:25 GMT
server: nginx
etag: "628e5c35-2c8a5"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/jpeg
cache-control: public
accept-ranges: bytes
x-amz-cf-id: 96QMSg7TheemCUKeXDDt9Lz_P_Hu2EsglbbWnT02QeJWeKFiIuESyg==

GET
H2 200 bg-brush.png
amazonfrontlines.org/wp-content/themes/amazonfrontlines/assets/img/shapes/ 263 KB
264 KB 871ms
870ms Image
image/png 23.21.52.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amazonfrontlines.org/wp-content/themes/amazonfrontlines/assets/img/shapes/bg-brush.png
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/wp-content/cache/minify/57fc2.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.21.52.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-52-182.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: e253eb12258cda41bd93412f04cced9cedffd11b6aee1c90391cb043da9dc5d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/wp-content/cache/minify/57fc2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:36:15 GMT
last-modified: Wed, 06 Apr 2022 15:25:10 GMT
server: nginx
etag: "624db0d6-41cac"
x-powered-by: PleskLin
content-type: image/png
cache-control: public
accept-ranges: bytes
content-length: 269484

GET
H2 200 home-about.jpg
d188lez4s0fwft.cloudfront.net/wp-content/uploads/2022/02/ 157 KB
157 KB 539ms
539ms Image
image/jpeg 2600:9000:2490:ce00:14:5590:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d188lez4s0fwft.cloudfront.net/wp-content/uploads/2022/02/home-about.jpg

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:ce00:14:5590:7e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

7287403835f30c5729e1139dd36787dd60b70d00c35e80ed76fee8025b0c29a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:36:15 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P6
x-powered-by: PleskLin
x-cache: Miss from cloudfront
content-length: 160346
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 22 Feb 2022 12:30:24 GMT
server: nginx
etag: "6214d760-2725a"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/jpeg
cache-control: public
accept-ranges: bytes
x-amz-cf-id: UcWoE3wzTcwB8mXC3E7NHttcETZjo91IoBFjFqUgAQdKRIn6e4HLsA==

GET
H2 200 arrow-down.svg
amazonfrontlines.org/wp-content/themes/amazonfrontlines/assets/img/icons/ 284 B
487 B 871ms
871ms Image
image/svg+xml 23.21.52.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amazonfrontlines.org/wp-content/themes/amazonfrontlines/assets/img/icons/arrow-down.svg
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/wp-content/cache/minify/57fc2.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.21.52.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-52-182.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: a5d81cbdf216b4451e07b1de69b6c749c99dbf84d85189eb5825f971bcc68f5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/wp-content/cache/minify/57fc2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: public
date: Mon, 24 Apr 2023 14:36:15 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 03 Mar 2022 14:49:25 GMT
server: nginx
x-accel-version: 0.01
etag: "11c-5d95181188740-gzip"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public
accept-ranges: bytes
content-length: 212

GET
H2 200 arrow-short.svg
amazonfrontlines.org/wp-content/themes/amazonfrontlines/assets/img/icons/ 504 B
571 B 869ms
868ms Image
image/svg+xml 23.21.52.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amazonfrontlines.org/wp-content/themes/amazonfrontlines/assets/img/icons/arrow-short.svg
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/wp-content/cache/minify/57fc2.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.21.52.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-52-182.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 8a111e32f8ac3668f71a163d62aa9465d33bfa641a2df93c636495b3de961f08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/wp-content/cache/minify/57fc2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: public
date: Mon, 24 Apr 2023 14:36:15 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 03 Mar 2022 14:49:27 GMT
server: nginx
x-accel-version: 0.01
etag: "1f8-5d95181370bc0-gzip"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public
accept-ranges: bytes
content-length: 296

GET
H2 200 shape-bottom-light.svg
amazonfrontlines.org/wp-content/themes/amazonfrontlines/assets/img/shapes/ 208 B
461 B 869ms
867ms Image
image/svg+xml 23.21.52.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amazonfrontlines.org/wp-content/themes/amazonfrontlines/assets/img/shapes/shape-bottom-light.svg
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/wp-content/cache/minify/57fc2.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.21.52.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-52-182.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 7af5a08b3fbf0fe91b04a13b11a266b8deef1eaf3f3351d5f708b0d363cfd085

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/wp-content/cache/minify/57fc2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: public
date: Mon, 24 Apr 2023 14:36:15 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 06 Apr 2022 15:25:13 GMT
server: nginx
x-accel-version: 0.01
etag: "d0-5dbfdf7bb2840-gzip"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public
accept-ranges: bytes
content-length: 187

GET
H2 200 home-presentation-1.jpeg
d188lez4s0fwft.cloudfront.net/wp-content/uploads/2022/05/ 382 KB
383 KB 551ms
549ms Image
image/jpeg 2600:9000:2490:ce00:14:5590:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d188lez4s0fwft.cloudfront.net/wp-content/uploads/2022/05/home-presentation-1.jpeg

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:ce00:14:5590:7e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

9c0eb9ed92ce7dc0e6ca22edf64d469e4e63b2746adc0fc9840277f1edcc6de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:36:15 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P6
x-powered-by: PleskLin
x-cache: Miss from cloudfront
content-length: 390900
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 25 May 2022 18:12:27 GMT
server: nginx
etag: "628e718b-5f6f4"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/jpeg
cache-control: public
accept-ranges: bytes
x-amz-cf-id: FAwO3F9FCZUFd0xEm1IRg0tSUSuqknVq3AjCKivOEV1R1RN_J8TKUQ==

GET
H2 200 mask-explore.svg
amazonfrontlines.org/wp-content/themes/amazonfrontlines/assets/img/shapes/ 501 B
626 B 869ms
866ms Image
image/svg+xml 23.21.52.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amazonfrontlines.org/wp-content/themes/amazonfrontlines/assets/img/shapes/mask-explore.svg
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/wp-content/cache/minify/57fc2.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.21.52.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-52-182.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 488c51a30edd1588ceb44a43332fcc4ee5744cb689464f71ca62978092ac115b

Request headers

Referer: https://amazonfrontlines.org/wp-content/cache/minify/57fc2.css
Origin: https://amazonfrontlines.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: public
date: Mon, 24 Apr 2023 14:36:15 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 06 Apr 2022 15:25:11 GMT
server: nginx
x-accel-version: 0.01
etag: "1f5-5dbfdf79ca3c0-gzip"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public
accept-ranges: bytes
content-length: 351

GET
H2 200 home-explore-scaled.jpg
d188lez4s0fwft.cloudfront.net/wp-content/uploads/2022/02/ 292 KB
293 KB 524ms
522ms Image
image/jpeg 2600:9000:2490:ce00:14:5590:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d188lez4s0fwft.cloudfront.net/wp-content/uploads/2022/02/home-explore-scaled.jpg

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:ce00:14:5590:7e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

ef606211a2fb3a2bc5128dd6e67a8e644b2a879dc604b218028e525035e6df1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:36:15 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P6
x-powered-by: PleskLin
x-cache: Miss from cloudfront
content-length: 298754
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 24 Feb 2022 12:53:26 GMT
server: nginx
etag: "62177fc6-48f02"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/jpeg
cache-control: public
accept-ranges: bytes
x-amz-cf-id: m98IoSX-qpGkh1R6OYWy9uXu8CAH5UEEkX7QZmnmzxDXj8nueS4zbw==

GET
H2 200 MG_5380-1024x682.jpg
d188lez4s0fwft.cloudfront.net/wp-content/uploads/2023/04/ 173 KB
174 KB 549ms
547ms Image
image/jpeg 2600:9000:2490:ce00:14:5590:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d188lez4s0fwft.cloudfront.net/wp-content/uploads/2023/04/MG_5380-1024x682.jpg

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:ce00:14:5590:7e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

6719fa0d3554909fe69bc82c22606b28ea8d1bf5cef2e705928dd4f66c17efac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:36:15 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P6
x-powered-by: PleskLin
x-cache: Miss from cloudfront
content-length: 177375
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 04 Apr 2023 17:38:53 GMT
server: nginx
etag: "642c60ad-2b4df"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/jpeg
cache-control: public
accept-ranges: bytes
x-amz-cf-id: 7AaEkn9l1Emh8J5U38rPTiIYzLGBjYSHGVANh0JPhY_kc6fFWed9lQ==

GET
H2 200 3C9A6014_2019_Terr_wao_waoresist_vidacotidiana_NMP_MA-1024x682.png
d188lez4s0fwft.cloudfront.net/wp-content/uploads/2023/02/ 1 MB
1 MB 546ms
544ms Image
image/png 2600:9000:2490:ce00:14:5590:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d188lez4s0fwft.cloudfront.net/wp-content/uploads/2023/02/3C9A6014_2019_Terr_wao_waoresist_vidacotidiana_NMP_MA-1024x682.png

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:ce00:14:5590:7e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

f866d217a96d2683e5a51b091d3ed6db356c3fc1f4bc30712aadce0efc6409c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:36:15 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P6
x-powered-by: PleskLin
x-cache: Miss from cloudfront
content-length: 1450506
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 16 Feb 2023 20:22:19 GMT
server: nginx
etag: "63ee907b-16220a"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/png
cache-control: public
accept-ranges: bytes
x-amz-cf-id: xhpq4z1QaBitXJ-Zsc4RFuiyBEKq1k8cHCOfLyPP1CtreELsPxH7TQ==

GET
H2 200 Siekopai-Wajoya-1024x683.jpg
d188lez4s0fwft.cloudfront.net/wp-content/uploads/2023/02/ 175 KB
176 KB 553ms
551ms Image
image/jpeg 2600:9000:2490:ce00:14:5590:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d188lez4s0fwft.cloudfront.net/wp-content/uploads/2023/02/Siekopai-Wajoya-1024x683.jpg

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:ce00:14:5590:7e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

7839604d7a5c0f2f1b092cc0b9476a4175003bf86d35c6f354225dc58f6e1a1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:36:15 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P6
x-powered-by: PleskLin
x-cache: Miss from cloudfront
content-length: 179053
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 28 Feb 2023 18:50:59 GMT
server: nginx
etag: "63fe4d13-2bb6d"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/jpeg
cache-control: public
accept-ranges: bytes
x-amz-cf-id: vu2RhjTYoXc0fmVb4hUCwvdVS_Msq0M8U7w0DpbIl06WmVFmqYPdAw==

GET
H2 200 arrow-up.svg
amazonfrontlines.org/wp-content/themes/amazonfrontlines/assets/img/icons/ 283 B
486 B 868ms
867ms Image
image/svg+xml 23.21.52.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amazonfrontlines.org/wp-content/themes/amazonfrontlines/assets/img/icons/arrow-up.svg
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/wp-content/cache/minify/57fc2.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.21.52.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-52-182.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 5bfee04f991dacac6d2eeee72cbd9e13f61bdbe19e315e7e9e598d66d1ba2e79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/wp-content/cache/minify/57fc2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: public
date: Mon, 24 Apr 2023 14:36:15 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 03 Mar 2022 14:49:28 GMT
server: nginx
x-accel-version: 0.01
etag: "11b-5d95181464e00-gzip"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public
accept-ranges: bytes
content-length: 211

GET
H2 200 shape-top.svg
amazonfrontlines.org/wp-content/themes/amazonfrontlines/assets/img/shapes/ 475 B
613 B 868ms
867ms Image
image/svg+xml 23.21.52.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amazonfrontlines.org/wp-content/themes/amazonfrontlines/assets/img/shapes/shape-top.svg
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/wp-content/cache/minify/57fc2.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.21.52.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-52-182.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: ea5e960e0f14eea41744b9b0f55e837bd66f6abf20557345ff783dfb10bcf87d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/wp-content/cache/minify/57fc2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: public
date: Mon, 24 Apr 2023 14:36:15 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 06 Apr 2022 15:25:20 GMT
server: nginx
x-accel-version: 0.01
etag: "1db-5dbfdf825f800-gzip"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public
accept-ranges: bytes
content-length: 338

GET
H2 200 xn7gYHE41ni1AdIRggexSg.woff2
fonts.gstatic.com/s/manrope/v13/ 24 KB
24 KB 40ms
9ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/manrope/v13/xn7gYHE41ni1AdIRggexSg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Manrope:wght@500;700;800&family=Space+Grotesk:wght@700&family=Staatliches&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3c9bb0126992129d561e6615234943f04520c69bdba33205c935ca70414c2ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://amazonfrontlines.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 15:11:43 GMT
x-content-type-options: nosniff
age: 170672
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24328
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:14:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 15:11:43 GMT

GET
H2 200 V8mQoQDjQSkFtoMM3T6r8E7mF71Q-gOoraIAEj4PVnskPMA.woff2
fonts.gstatic.com/s/spacegrotesk/v15/ 11 KB
11 KB 50ms
20ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/spacegrotesk/v15/V8mQoQDjQSkFtoMM3T6r8E7mF71Q-gOoraIAEj4PVnskPMA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Manrope:wght@500;700;800&family=Space+Grotesk:wght@700&family=Staatliches&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

751851e72654508ca07678c61bdacd91b772d725f531dd8a6f62e6f941e11ecc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://amazonfrontlines.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 21:11:32 GMT
x-content-type-options: nosniff
age: 149083
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11448
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 21:08:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 21:11:32 GMT

GET
H2 200 HI_OiY8KO6hCsQSoAPmtMYebvpA.woff2
fonts.gstatic.com/s/staatliches/v11/ 15 KB
15 KB 48ms
17ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/staatliches/v11/HI_OiY8KO6hCsQSoAPmtMYebvpA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Manrope:wght@500;700;800&family=Space+Grotesk:wght@700&family=Staatliches&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f17671ce030879a0b89ffce96fc31e6feb1a46b560ec7df7e8fb615682258a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://amazonfrontlines.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 18:04:09 GMT
x-content-type-options: nosniff
age: 160326
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15752
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:09:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 18:04:09 GMT

GET
H2 200 fontawesome-webfont.woff2
amazonfrontlines.org/wp-content/themes/amazonfrontlines/assets/fonts/ 75 KB
76 KB 867ms
867ms Font
application/font-woff2 23.21.52.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://amazonfrontlines.org/wp-content/themes/amazonfrontlines/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/wp-content/cache/minify/57fc2.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.21.52.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-52-182.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://amazonfrontlines.org/wp-content/cache/minify/57fc2.css
Origin: https://amazonfrontlines.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:36:15 GMT
last-modified: Mon, 21 Feb 2022 20:02:12 GMT
server: nginx
etag: "6213efc4-12d68"
x-powered-by: PleskLin
content-type: application/font-woff2
cache-control: public
accept-ranges: bytes
content-length: 77160

GET
H2 200 icon-arrow-back.svg
amazonfrontlines.org/wp-content/themes/amazonfrontlines/assets/img/icons/ 282 B
486 B 825ms
825ms Image
image/svg+xml 23.21.52.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amazonfrontlines.org/wp-content/themes/amazonfrontlines/assets/img/icons/icon-arrow-back.svg
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/wp-content/cache/minify/57fc2.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.21.52.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-52-182.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 775c0d83ab0c95e5349a26584816b075ff88c9ce6ef5d46726aa28f4ededb868

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/wp-content/cache/minify/57fc2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: public
date: Mon, 24 Apr 2023 14:36:15 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 03 Mar 2022 15:19:54 GMT
server: nginx
x-accel-version: 0.01
etag: "11a-5d951ee1cda80-gzip"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public
accept-ranges: bytes
content-length: 212

GET
H2 200 icon-arrow-next.svg
amazonfrontlines.org/wp-content/themes/amazonfrontlines/assets/img/icons/ 279 B
485 B 825ms
825ms Image
image/svg+xml 23.21.52.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amazonfrontlines.org/wp-content/themes/amazonfrontlines/assets/img/icons/icon-arrow-next.svg
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/wp-content/cache/minify/57fc2.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.21.52.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-52-182.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: e5be0cf9e12892e32ca57fd11154fe22c8f57958752e83c22905a194bdc52a7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/wp-content/cache/minify/57fc2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: public
date: Mon, 24 Apr 2023 14:36:15 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 03 Mar 2022 15:23:04 GMT
server: nginx
x-accel-version: 0.01
etag: "117-5d951f9700600-gzip"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public
accept-ranges: bytes
content-length: 210

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/2976970/domain/amazonfrontlines.org/ 36 B
376 B 57ms
12ms XHR
application/json 2600:9000:20eb:7200:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/2976970/domain/amazonfrontlines.org/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:7200:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://amazonfrontlines.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:20:30 GMT
content-encoding: gzip
via: 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 944
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: TlDN2OYZT3a6an_NAjkjpKJfy7QTtV2bwNKrqPZLCMOBFCfS20MdXw==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2976970&time=1682346975154&url=https%3A%2F%2Famazonfrontlines.org%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2976970%26time%3D1682346975154%26url%3Dhttps%253A%252F%252Famazonfrontlines.org%2...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2976970&time=1682346975154&url=https%3A%2F%2Famazonfrontlines.org%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2976970&time=1682346975154&url=https%3A%2F%2Famazonfrontlines.org%2F&liSync=true&e_ipv6=AQLr_k13ko4KzQAAAYezsaFyBet_8_u6IY5Yb1QGtT4faNPV0jRaiKlEU...

0
266 B

217ms
160ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2976970&time=1682346975154&url=https%3A%2F%2Famazonfrontlines.org%2F&liSync=true&e_ipv6=AQLr_k13ko4KzQAAAYezsaFyBet_8_u6IY5Yb1QGtT4faNPV0jRaiKlEUKaaw9PQ
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:36:15 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 5D0AFF8A36704BF785F8079C18B3FB8D Ref B: FRAEDGE1808 Ref C: 2023-04-24T14:36:15Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX6Fe3hwB+RVNDZN5Ko5A==

Redirect headers

date: Mon, 24 Apr 2023 14:36:14 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: E653A0D8AD8246A094257CBC82BFC3EB Ref B: FRAEDGE1212 Ref C: 2023-04-24T14:36:15Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2976970&time=1682346975154&url=https%3A%2F%2Famazonfrontlines.org%2F&liSync=true&e_ipv6=AQLr_k13ko4KzQAAAYezsaFyBet_8_u6IY5Yb1QGtT4faNPV0jRaiKlEUKaaw9PQ
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX6Fe3ejJgug2czYlJPvA==

GET
H2 200 441107926563407 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 90ms
90ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/441107926563407?v=2.9.102&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1eee475401ced2b41622d05d372d5994af2ef888f82d09b6a7507838600819e5

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 24 Apr 2023 14:36:15 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: kB9PZwBuRZ3W5rBNL92K0OCB3CjvMhAVKaI65a6WvzQzfB5DGmuuz2JuapeZOem5IlksPZ+lwtECUefs8NAWGg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
210 B 16ms
15ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&aip=1&a=1634906811&t=pageview&_s=1&dl=https%3A%2F%2Famazonfrontlines.org%2F&ul=en-us&de=UTF-8&dt=Amazon%20Frontlines%20-%20Defending%20indigenous%20rights%20to%20land%2C%20life%20and%20cultural%20survival%20in%20the%20Amazon%20rainforest.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACUABBAAAACAAI~&jid=490106705&gjid=2088943105&cid=1714092457.1682346975&tid=UA-162643912-1&_gid=1521844741.1682346975&_r=1&gtm=457e34j0&did=dZTNiMT&gdid=dZTNiMT&jsscut=1&z=414113437

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://amazonfrontlines.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 14:36:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://amazonfrontlines.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
257 B 56ms
16ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-NM9HNZLLGQ&gtm=45je34j0&_p=1634906811&_gaz=1&gdid=dZTNiMT&cid=1714092457.1682346975&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1682346975&sct=1&seg=0&dl=https%3A%2F%2Famazonfrontlines.org%2F&dt=Amazon%20Frontlines%20-%20Defending%20indigenous%20rights%20to%20land%2C%20life%20and%20cultural%20survival%20in%20the%20Amazon%20rainforest.&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NM9HNZLLGQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 14:36:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://amazonfrontlines.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 64ms
22ms Ping
text/plain 2a00:1450:400c:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-NM9HNZLLGQ&cid=1714092457.1682346975&gtm=45je34j0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NM9HNZLLGQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 14:36:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://amazonfrontlines.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 71ms
46ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-NM9HNZLLGQ&cid=1714092457.1682346975&gtm=45je34j0&aip=1&z=644957522

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 14:36:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
352 B 35ms
22ms XHR
text/plain 2a00:1450:400c:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-162643912-1&cid=1714092457.1682346975&jid=490106705&gjid=2088943105&_gid=1521844741.1682346975&_u=YGBACUAABAAAACAAI~&z=1605360251

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://amazonfrontlines.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 24 Apr 2023 14:36:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://amazonfrontlines.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
296 B 47ms
45ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-162643912-1&cid=1714092457.1682346975&jid=490106705&_u=YGBACUAABAAAACAAI~&z=1948489645

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 14:36:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 46ms
45ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-162643912-1&cid=1714092457.1682346975&jid=490106705&_u=YGBACUAABAAAACAAI~&z=1948489645

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 14:36:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 91ms
8ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=441107926563407&ev=PageView&dl=https%3A%2F%2Famazonfrontlines.org%2F&rl=&if=false&ts=1682346975292&sw=1600&sh=1200&v=2.9.102&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1682346975291.206463299&it=1682346975163&coo=false&rqm=GET

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 24 Apr 2023 14:36:15 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 /
www.google.com/pagead/1p-user-list/10864905236/ 42 B
64 B 21ms
21ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10864905236/?random=1682346974730&cv=11&fst=1682344800000&bg=ffffff&guid=ON&async=1&gtm=45be34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Famazonfrontlines.org%2F&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2140990320&rmt_tld=0&ipr=y

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 14:36:15 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/10864905236/ 42 B
154 B 22ms
22ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10864905236/?random=1682346974730&cv=11&fst=1682344800000&bg=ffffff&guid=ON&async=1&gtm=45be34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Famazonfrontlines.org%2F&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2140990320&rmt_tld=1&ipr=y

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 14:36:15 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/ Show response
give.amazonfrontlines.org/give/313372/ Frame 7BE2
Redirect Chain

https://www.classy.org/give/313372/
https://give.amazonfrontlines.org/give/313372/

134 KB
34 KB

757ms
687ms

Document
text/html

2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.amazonfrontlines.org/give/313372/

Requested by

Host: sdk.classy.org
URL: https://sdk.classy.org/embedded-giving.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96ce5bdbfcd46b0652000b39d09d3175f238dfd4cc5e192dee189de7168ea7c5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.amazonfrontlines.org https://amazonfrontlines.org;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://amazonfrontlines.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 7bcf13da7bed37f0-FRA
content-encoding: br
content-security-policy: frame-ancestors 'self' https://www.amazonfrontlines.org https://amazonfrontlines.org;
content-type: text/html; charset=utf-8
date: Mon, 24 Apr 2023 14:36:17 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 7bcf13d57e2b9128-FRA
content-security-policy: frame-ancestors 'self' https://www.amazonfrontlines.org https://amazonfrontlines.org;
content-type: text/html; charset=utf-8
date: Mon, 24 Apr 2023 14:36:16 GMT
location: https://give.amazonfrontlines.org/give/313372/
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept, Accept-Encoding
x-content-type-options: nosniff

POST
H2 200 / Show response
www.facebook.com/tr/ Frame E777 0
52 B 8ms
8ms Document
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://amazonfrontlines.org
Referer: https://amazonfrontlines.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://amazonfrontlines.org
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Mon, 24 Apr 2023 14:36:15 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 main.css
prod-frs.content.classy.org/prod/18167/static/frs/ Frame 7BE2 1 MB
141 KB 136ms
39ms Stylesheet
text/css 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/18167/static/frs/main.css

Requested by

Host: give.amazonfrontlines.org
URL: https://give.amazonfrontlines.org/give/313372/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

743400827279a748ff4e9c0760b9d878206351259383b9913183294f68bc2871

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:36:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: GD9MG5S37BM76WPZ
age: 54530
cf-polished: origSize=1111771
x-amz-server-side-encryption: AES256
x-amz-id-2: tWPUVmsmq8Jb32jPASOld9CnPOm4W5oMaKfGMDEA51CRgeZ0usVJtgPeVin6Zn7716nHA6huW4H7HuxujqUzeQ==
cf-bgj: minify
last-modified: Tue, 18 Apr 2023 18:05:16 GMT
server: cloudflare
etag: W/"699816fb5249a1fd21c0d75e7b4a14ee"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
cf-ray: 7bcf13e068599128-FRA

GET
H2 200 rocket-loader.min.js Show response
give.amazonfrontlines.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame 7BE2 12 KB
4 KB 12ms
11ms Script
application/javascript 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.amazonfrontlines.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: give.amazonfrontlines.org
URL: https://give.amazonfrontlines.org/give/313372/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/give/313372/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:36:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 18 Apr 2023 16:29:56 GMT
server: cloudflare
content-encoding: gzip
etag: W/"643ec584-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 7bcf13dfcdd437f0-FRA
expires: Wed, 26 Apr 2023 14:36:17 GMT

GET
H2 200 v52afc6f149f6479b8c77fa569edb01181681764108816 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame 7BE2 19 KB
7 KB 75ms
56ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
Requested by: Host: give.amazonfrontlines.org
URL: https://give.amazonfrontlines.org/give/313372/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b

Request headers

Referer: https://give.amazonfrontlines.org/
Origin: https://give.amazonfrontlines.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:36:17 GMT
content-encoding: gzip
last-modified: Mon, 17 Apr 2023 20:41:48 GMT
server: cloudflare
etag: W/2023.4.2
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7bcf13dfede7bb4a-FRA

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame 7BE2 44 KB
16 KB 124ms
83ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: give.amazonfrontlines.org
URL: https://give.amazonfrontlines.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

2a348f9793269ef74e8bd0be51c68f47b76b1bbd1c054b78b8fa3feb0bb82971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:36:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16233
x-xss-protection: 0
server: cafe
etag: 7413974659963572443
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 14:36:17 GMT

GET
H2 200 onetrustConsent-1539020710655.js Show response
prod-frs.content.classy.org/prod/18167/static/onetrust/ Frame 7BE2 50 KB
12 KB 31ms
29ms Script
application/javascript 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/18167/static/onetrust/onetrustConsent-1539020710655.js

Requested by

Host: give.amazonfrontlines.org
URL: https://give.amazonfrontlines.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

987371454c1ad11929a412bd48f8ca28d2a951425e60023e9b1031575980ac9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:36:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: SXWDFQHCWN699VAR
age: 52873
cf-polished: origSize=54583
x-amz-server-side-encryption: AES256
x-amz-id-2: 25t9kSq2OoAipsxb84KKSxUZ2Wqg2a0LkcflTkA2K14kf2sqabP7V24uMdZ9eVKCoFBhW2K4UlIeEM7Nv3972Q==
cf-bgj: minify
last-modified: Tue, 18 Apr 2023 18:05:16 GMT
server: cloudflare
etag: W/"64c3a4446a1c238c4df7f2db78163772"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 7bcf13e0e9419128-FRA

GET
H2 200 iframe-v3.min.js Show response
htp.tokenex.com/iframe/ Frame 7BE2 18 KB
5 KB 720ms
331ms Script
application/javascript 52.143.247.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://htp.tokenex.com/iframe/iframe-v3.min.js

Requested by

Host: give.amazonfrontlines.org
URL: https://give.amazonfrontlines.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.143.247.24 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9e7d595f9089209fce023a961d31ea386f600d32a44094e000d830bc7bdd4e6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 24 Apr 2023 14:36:16 GMT
last-modified: Tue, 27 Dec 2022 16:54:28 GMT
etag: "0fad9e1131ad91:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 4568
x-xss-protection: 1; mode=block

GET
H2 200 paypal-js.legacy.min.js Show response
unpkg.com/@paypal/paypal-js@4.0.8/dist/iife/ Frame 7BE2 7 KB
3 KB 57ms
25ms Script
application/javascript 2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@paypal/paypal-js@4.0.8/dist/iife/paypal-js.legacy.min.js

Requested by

Host: give.amazonfrontlines.org
URL: https://give.amazonfrontlines.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62f42276dddf470e795cc1b1bdcb8fe73a0354188bcfa80e0600e8b8d2a21dcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:36:17 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 5173154
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01FWKTFYANCDM24T97NPXK93TN-fra
server: cloudflare
etag: W/"1b81-IpiDV5HCNI7yT2mRdGuH3F1n0RQ"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7bcf13e11bb56983-FRA

GET
H2 200 module.min.js Show response
prod-frs.content.classy.org/prod/18167/static/frs/donation/ Frame 7BE2 182 KB
37 KB 33ms
32ms Script
application/javascript 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/18167/static/frs/donation/module.min.js

Requested by

Host: give.amazonfrontlines.org
URL: https://give.amazonfrontlines.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e60089421dbb62b7064eb8cc3cb72115dc6ffabdad8835bd131c95de1ed915f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:36:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 18 Apr 2023 18:05:16 GMT
server: cloudflare
x-amz-request-id: QH4JKK5F39HFE9JQ
age: 54350
etag: W/"019a8ddd211c38b1e8b755ee24a0b939"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 7bcf13e0e9459128-FRA
x-amz-id-2: UCs5t3YfjPE1GevZm74DDfWISD/oVmxAJPKSbaUsnM5DpfDVxY99MaK8F4XbzvLQ14Fz98GBsXU=

GET
H2 200 module.min.js Show response
prod-frs.content.classy.org/prod/18167/static/global/ Frame 7BE2 2 MB
376 KB 45ms
44ms Script
application/javascript 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/18167/static/global/module.min.js

Requested by

Host: give.amazonfrontlines.org
URL: https://give.amazonfrontlines.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd8be1f415e873bf9ceec9ccbc8910764e4270c704d004ecb2d636e7604e9032

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:36:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 18 Apr 2023 18:05:16 GMT
server: cloudflare
x-amz-request-id: GD9MKBMQM2SWNC7Z
age: 54530
etag: W/"9b3ebfa8ab4e28b03ce88af64e4ba91f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 7bcf13e0e9499128-FRA
x-amz-id-2: mevtd0CUPv92pIZgUcBS8IwARvjMI+zQvUtsG7ED/IG6QuJqQPKc0dhI9yzcBqzbvf+A+hT889g=

GET
H2 200 libs.min.js Show response
prod-frs.content.classy.org/prod/18167/static/global/ Frame 7BE2 1 MB
430 KB 42ms
41ms Script
application/javascript 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/18167/static/global/libs.min.js

Requested by

Host: give.amazonfrontlines.org
URL: https://give.amazonfrontlines.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b05bc405a4294a1d778025a79275c288477dda7cf50f679c9b621925b0dad5a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:36:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 18 Apr 2023 18:05:16 GMT
server: cloudflare
x-amz-request-id: GD9Z8CWGJ4WKKMXJ
age: 52003
etag: W/"772e1301b871cc2545926cb86ee5965f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 7bcf13e0e94a9128-FRA
x-amz-id-2: 9F/3dTfYJtL1xeNnms48HIOkAbv14nzaHO0S/9wRObSCL/HJZFtGmknOhORiwGdqCzmvQZW2pN0=

GET
H2 200 link-initialize.js Show response
cdn.plaid.com/link/v2/stable/ Frame 7BE2 136 KB
43 KB 68ms
37ms Script
application/javascript 13.32.121.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by: Host: give.amazonfrontlines.org
URL: https://give.amazonfrontlines.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aca0682f2a6967bfe39854cbc9abf550ac57023624336aa699dcd76552afc183

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: SHeiVgw_m0obH2o2b.1WO_dSfxFampjq
content-encoding: gzip
via: 1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront)
date: Mon, 24 Apr 2023 01:41:07 GMT
x-amz-request-id: 36PTQ3E4NZQNXV1C
x-amz-cf-pop: FRA60-P1
x-amz-server-side-encryption: AES256
age: 47065
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-id-2: IcYOspM0Ly3f9lQMozCrtovtn9KwhjC5QpF5A/cCnHPAT5Sko4B0CQmqx3prAeVNWkIrfn10U+3Zc9pyaCGDaQ==
last-modified: Fri, 21 Apr 2023 19:49:42 GMT
server: AmazonS3
etag: W/"35af75bb3a81cec7c3bb257ee20ac496"
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache,must-revalidate,max-age=0
x-amz-cf-id: h0m3olD6GdcJ0pJ6TCc7wSt_HpPWWmMqJEKYdamvAPC_umXtuKrZ8A==

GET
H2 200 / Show response
js.stripe.com/v3/ Frame 7BE2 463 KB
111 KB 58ms
11ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: give.amazonfrontlines.org
URL: https://give.amazonfrontlines.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

6ac48a7c704eb512addd8690ff165f87f9757f986d2ecf6b3f12c2ff077cecbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 24 Apr 2023 14:35:29 GMT
via: 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 48
x-cache: Hit from cloudfront
last-modified: Fri, 21 Apr 2023 20:38:04 GMT
server: Cloudfront
etag: W/"8fda7e60cbb19842ca19415aa6b29ca1"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: xERt7FowmF-ka74lme9X93HN6VTSNQkeb8eP4phbMNDodqe2auBKkg==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 7BE2 223 KB
78 KB 26ms
25ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6HXY58W7SY

Requested by

Host: give.amazonfrontlines.org
URL: https://give.amazonfrontlines.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8f7419386f435834f7b8b646705b2a17db87c1b3d2803101a907a968fd3deb6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:36:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79381
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 24 Apr 2023 14:36:17 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 7BE2 49 KB
20 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 24 Apr 2023 14:35:44 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 33
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Mon, 24 Apr 2023 16:35:44 GMT

GET
H2 200 heap-1566116007.js Show response
cdn.heapanalytics.com/js/ Frame 7BE2 122 KB
39 KB 45ms
10ms Script
application/javascript 13.32.27.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-1566116007.js

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-116.fra56.r.cloudfront.net

Software

nginx / Express

Resource Hash

3af2ac5de2ad426956126f68afe3041e47c431ea76feac341c861a472de91d6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:34:34 GMT
content-encoding: br
via: 1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
x-amz-cf-pop: FRA56-C2
age: 103
x-powered-by: Express
etag: W/"1e701-NzbURUJW1f1RE66SA9PliRYrgaM"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=120
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: IppNNT91CvypE-Awx1qTQRol1ycrxvabiT9doE7Dld7NkzTgXwdetA==

POST
H2 204 collect
region1.google-analytics.com/g/ Frame 7BE2 0
79 B 15ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-6HXY58W7SY&gtm=45je34j0&_p=1878867372&cid=1714092457.1682346975&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1682346977&sct=1&seg=0&dl=https%3A%2F%2Fgive.amazonfrontlines.org%2Fgive%2F313372%2F&dr=https%3A%2F%2Famazonfrontlines.org%2F&dt=Frontlines%20Challenge&en=appv2_default2&_fv=1&_ss=1&_ee=1&ep.allowLinker=true&ep.name=clientTrack
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6HXY58W7SY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 14:36:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.amazonfrontlines.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 /
sessions.bugsnag.com/ Frame 0
0 188ms
156ms Preflight 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method: POST
Origin: https://give.amazonfrontlines.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Mon, 24 Apr 2023 14:36:17 GMT
via: 1.1 google

POST
H2 202 / Show response
sessions.bugsnag.com/ Frame 7BE2 21 B
140 B 265ms
263ms XHR
application/json 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1.0
Referer: https://give.amazonfrontlines.org/
Bugsnag-Sent-At: 2023-04-24T14:36:17.683Z
accept-language: de-DE,de;q=0.9
Bugsnag-Api-Key: ed2f4223afa43ef4870a151ab82d1ac6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Mon, 24 Apr 2023 14:36:17 GMT
via: 1.1 google
bugsnag-session-uuid: a6e22461-ff90-4f06-8b81-79a0d7e6f160
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
content-type: application/json

GET
H2 200 sdk.js Show response
give.amazonfrontlines.org/sso/ Frame 7BE2 25 KB
7 KB 498ms
498ms Script
application/javascript 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.amazonfrontlines.org/sso/sdk.js

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a39c7130747e5795889aa3ee603173b357eb0deade0252622413c78ddbe00350

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/give/313372/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:36:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Mon, 24 Apr 2023 12:31:59 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=1200
cf-ray: 7bcf13e29b4937f0-FRA
expires: Mon, 24 Apr 2023 14:56:18 GMT

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame 37D0 200 B
1 KB 10ms
10ms Document
text/html 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.amazonfrontlines.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2900
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 24 Apr 2023 13:47:58 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Tue, 04 Apr 2023 17:28:14 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-id: eu0P41AK663cRHMt7ggqLCvVQ9_-0cCWb9qIeD_rYSv_AWmVIGY6qg==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 async-api.6c072bf7-1.230.0.min.js Show response
js-agent.newrelic.com/ Frame 7BE2 2 KB
1 KB 41ms
8ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/async-api.6c072bf7-1.230.0.min.js
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b6a613ee9108f1d682a41dbf67bf48474111f09ae1b3f9610371f9e9ab310ba1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: rWoTEmf9ai1ouwS3ToIE043y.yHgDQor
content-encoding: gzip
via: 1.1 varnish
date: Mon, 24 Apr 2023 14:36:18 GMT
x-amz-request-id: HNBA4932RWYBP917
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1210
x-amz-id-2: Qo+iXw/8QSBfr+MSqbtNarMG/qdCu4nkNNBIF840V12GG4RxeDlnSG1lzerfyC5HzB1occV09k8=
x-served-by: cache-hhn-etou8220052-HHN
last-modified: Mon, 10 Apr 2023 17:14:03 GMT
server: AmazonS3
x-timer: S1682346978.183236,VS0,VE0
etag: "a21c5f6b7cdfc3dedc83c2262a56d7cd"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 6853

GET
H2 200 lazy-loader.ff971c03-1.230.0.min.js Show response
js-agent.newrelic.com/ Frame 7BE2 928 B
895 B 40ms
8ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/lazy-loader.ff971c03-1.230.0.min.js
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 16a2fcf59eb7e6f04fe15ad2b13cff5fd8813a3267e7f4c57fdf16d35470f5d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: moNPj5M8w_3ogm1Lwe_Y7qB7rdPjSB51
content-encoding: gzip
via: 1.1 varnish
date: Mon, 24 Apr 2023 14:36:18 GMT
x-amz-request-id: HNB50R21YEDERC1S
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 414
x-amz-id-2: dZHcxpIxVl56hDw16ah5Uh0h3bYcPOQPlE9yFfQshP8jI3Vvkzt/uFAemiq1ZBrQfNuXvaKZIDc=
x-served-by: cache-hhn-etou8220052-HHN
last-modified: Mon, 10 Apr 2023 17:14:03 GMT
server: AmazonS3
x-timer: S1682346978.183251,VS0,VE0
etag: "5c71e603fdc4b5e7eb31a10d4bf90768"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 6871

GET
H2 200 optanon.css
prod-frs.content.classy.org/prod/18167/static/onetrust/skins/3.6.25/default_flat_bottom_two_button_white/v2/css/ Frame 7BE2 22 KB
6 KB 30ms
30ms Stylesheet
text/css 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/18167/static/onetrust/skins/3.6.25/default_flat_bottom_two_button_white/v2/css/optanon.css

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

adf4afee15d307888f52c5c1b8649ba2ef593e9a04e1400b63f80774c0d20176

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:36:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: G4RAHZ9H3SZWDKNC
age: 46319
cf-polished: origSize=22581
x-amz-server-side-encryption: AES256
x-amz-id-2: XTtoxxBLegQW0HwPSKQVPArWlHk3g0RSiPEtQAZaR8l4Fe/khevrJktqGUUzL+BJ5e9J60W7jB8=
cf-bgj: minify
last-modified: Tue, 18 Apr 2023 18:05:16 GMT
server: cloudflare
etag: W/"5ec3a032a0370bd8e3f63adf430b4617"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
cf-ray: 7bcf13e5784e9128-FRA

GET
H2 200 EU Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/countries/ Frame 7BE2 32 B
183 B 75ms
44ms Script
text/javascript 2606:4700:4400::6812:2b9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/countries/EU?callback=jQuery321075507559434499_1682346977560&_=1682346977561

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2b9e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0817a0d6a87f2d42532035e42b20ea55cfaa5ca1092c761f5fc5e734790bdbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:36:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7bcf13e5aeaa2bbe-FRA
content-length: 32
vary: Accept-Encoding
content-type: text/javascript

GET
H2 200 h
heapanalytics.com/ Frame 7BE2 37 B
284 B 312ms
107ms Image
image/gif 44.215.21.224
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1566116007&u=4790208828267260&v=8069255487588060&s=6263976463830238&b=web&tv=4.0&z=0&g=%23!%2Fdonation%2Fcheckout%3Fc_src%3Dweb%26c_src2%3Dhome%26eg%3Dtrue%26egp%3Ddo&h=%2Fgive%2F313372%2F&d=give.amazonfrontlines.org&t=Frontlines%20Challenge&r=https%3A%2F%2Famazonfrontlines.org%2F&ts=1682346978158&st=1682346978160

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.215.21.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-215-21-224.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 14:36:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
access-control-allow-origin: *
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ Frame 7BE2 91 KB
28 KB 78ms
25ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67E2) /
Resource Hash: 392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 14:36:18 GMT
Content-Encoding: gzip
Age: 1379
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27630
Last-Modified: Tue, 24 Jan 2023 21:41:51 GMT
Server: ECS (frb/67E2)
Etag: "9e99725b7a4cd730a934afba2a438bb5+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H2 200 iframe_api Show response
www.youtube.com/ Frame 7BE2 992 B
2 KB 54ms
30ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0a30f94167bc21b61b2417f07dd1ee6a6cf76b83eacaedf1a1704cba3b904c79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:36:18 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Mon, 24 Apr 2023 14:36:18 GMT

GET
H2 200 tax-entities Show response
give.amazonfrontlines.org/frs-api/organizations/67405/ Frame 7BE2 397 B
448 B 470ms
470ms XHR
application/json 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.amazonfrontlines.org/frs-api/organizations/67405/tax-entities

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

700e2283a18e14ed801ad182b3ce69a1ff0b79db0309b367ddf6d9dbfbf085b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: CxHNIJvu--Lg8A3JKuVie6mekT7A2orAL6Rw
tracestate: 423787@nr=0-1-423787-363751183-539ec9a4b1dedbeb----1682346978323
traceparent: 00-ae0804dd84b5d9bcaa10efbb181624e0-539ec9a4b1dedbeb-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI1MzllYzlhNGIxZGVkYmViIiwidHIiOiJhZTA4MDRkZDg0YjVkOWJjYWExMGVmYmIxODE2MjRlMCIsInRpIjoxNjgyMzQ2OTc4MzIzfX0=
Accept: application/json, text/plain, */*
csrf-token: CxHNIJvu--Lg8A3JKuVie6mekT7A2orAL6Rw
Referer: https://give.amazonfrontlines.org/give/313372/

Response headers

date: Mon, 24 Apr 2023 14:36:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"18d-Ai++LgAVXidrmPnOPDu1W3bZ+Hk"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7bcf13e69a5937f0-FRA

GET
H2 200 dropdown-caret.png
prod-frs.content.classy.org/prod/18167/static/global/images/ Frame 7BE2 394 B
665 B 44ms
44ms Image
image/webp 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/18167/static/global/images/dropdown-caret.png

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/18167/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9dc9f15be9644fe661ed74493a4de393418024500fe78cf633bac0a86f29a745

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://prod-frs.content.classy.org/prod/18167/static/frs/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:36:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-amz-request-id: MSFD2AWFM7TNAEGY
age: 51029
cf-polished: origFmt=png, origSize=547
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="dropdown-caret.webp"
content-length: 394
x-amz-id-2: MgiODDhBE9djUxv68/621G3nG1vJmHmzNykMOoVjyc+nJBOWSGMbgtEmFNRs4UxZ5DGC8tAqhuwZhoI0pBjZPA==
cf-bgj: imgq:85,h2pri
last-modified: Tue, 18 Apr 2023 18:05:16 GMT
server: cloudflare
etag: "43da60879cfe0801ed7fc830a628885c"
vary: Accept
content-type: image/webp
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7bcf13e6fa7f9128-FRA

GET
H2 200 fontawesome-webfont.woff2
prod-frs.content.classy.org/prod/18167/static/fonts/ Frame 7BE2 65 KB
66 KB 76ms
39ms Font
binary/octet-stream 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/18167/static/fonts/fontawesome-webfont.woff2?v=4.5.0

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/18167/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://prod-frs.content.classy.org/prod/18167/static/frs/main.css
Origin: https://give.amazonfrontlines.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:36:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-amz-request-id: CHWJBQM7952ME7Z2
age: 7458
x-amz-server-side-encryption: AES256
content-length: 66624
x-amz-id-2: E1lhIUlHpZHxgwDZlnbCHPSSJOPpC880Fdi5Gw3xgTZLVT7acExBTBDm0A8NkoHlm+on6M35pO8=
last-modified: Tue, 18 Apr 2023 18:05:16 GMT
server: cloudflare
etag: "db812d8a70a4e88e888744c1c9a27e89"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7bcf13e72e3a9118-FRA

GET
H2 200 ach-account-routing Show response
give.amazonfrontlines.org/frs-api/organizations/67405/ Frame 7BE2 33 B
168 B 454ms
454ms XHR
application/json 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.amazonfrontlines.org/frs-api/organizations/67405/ach-account-routing

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db35d9942ff3fe390acc214cea81723f9c880cdd53788be8a16d6b3e0aab3965

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: CxHNIJvu--Lg8A3JKuVie6mekT7A2orAL6Rw
tracestate: 423787@nr=0-1-423787-363751183-687acb24d4ceebfe----1682346978405
traceparent: 00-67a3539bc8ceb45f5ae746d625e4b830-687acb24d4ceebfe-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI2ODdhY2IyNGQ0Y2VlYmZlIiwidHIiOiI2N2EzNTM5YmM4Y2ViNDVmNWFlNzQ2ZDYyNWU0YjgzMCIsInRpIjoxNjgyMzQ2OTc4NDA1fX0=
Accept: application/json, text/plain, */*
csrf-token: CxHNIJvu--Lg8A3JKuVie6mekT7A2orAL6Rw
Referer: https://give.amazonfrontlines.org/give/313372/

Response headers

date: Mon, 24 Apr 2023 14:36:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"21-x2mDQC0vzbrt0ZWFDFk/7jYh9jg"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7bcf13e71b2737f0-FRA
content-length: 33

GET
H2 200 currency-conversions Show response
give.amazonfrontlines.org/frs-api/i18n/ Frame 7BE2 75 B
231 B 427ms
427ms XHR
application/json 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.amazonfrontlines.org/frs-api/i18n/currency-conversions?amount=1&from=USD&to=EUR

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f7e21372859a2f6cf237901739dce1bf3f711c18973959a9e624b3735059f59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: CxHNIJvu--Lg8A3JKuVie6mekT7A2orAL6Rw
tracestate: 423787@nr=0-1-423787-363751183-770453e073fade7b----1682346978429
traceparent: 00-465ed3391c811e8c964b909b192c2f90-770453e073fade7b-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI3NzA0NTNlMDczZmFkZTdiIiwidHIiOiI0NjVlZDMzOTFjODExZThjOTY0YjkwOWIxOTJjMmY5MCIsInRpIjoxNjgyMzQ2OTc4NDI5fX0=
Accept: application/json, text/plain, */*
csrf-token: CxHNIJvu--Lg8A3JKuVie6mekT7A2orAL6Rw
Referer: https://give.amazonfrontlines.org/give/313372/

Response headers

date: Mon, 24 Apr 2023 14:36:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"4b-ZyBbzC7AO8QPz2aaINj1e5oHWBo"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7bcf13e73b9237f0-FRA

GET
H2 200 plaid Show response
pay.classy.org/token/ Frame 7BE2 88 B
508 B 432ms
414ms XHR
application/json 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/plaid?applicationId=13381&currency=EUR

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86cb276d0550d189e7dad4800fbbcfe7b5312f7845e0e711115d5aad589b5d27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://give.amazonfrontlines.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:36:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-classypay-version: 1
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-classypay-requestid: 7101d1e8-14c5-4337-84ba-bdd21ce1db50
cf-ray: 7bcf13e75ecd9118-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 user-icon.png
give.amazonfrontlines.org/static/global/images/ Frame 7BE2 2 KB
2 KB 71ms
71ms Image
image/webp 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://give.amazonfrontlines.org/static/global/images/user-icon.png

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c751fe2e3ebe19205c4845af55a79608fcc55109648115357e673bf5dc161b49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/give/313372/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:36:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
age: 191020
cf-polished: origFmt=png, origSize=4588
content-disposition: inline; filename="user-icon.webp"
content-length: 2024
last-modified: Tue, 18 Apr 2023 18:00:38 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "643edac6-11ec"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bcf13e75bb037f0-FRA
expires: Sun, 21 Apr 2024 09:32:38 GMT

GET
H2 200 da5e570c-2a8d-11eb-82d1-0a6be12f22e9.png
assets.classy.org/13434754/ Frame 7BE2 15 KB
15 KB 64ms
54ms Image
image/webp 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/13434754/da5e570c-2a8d-11eb-82d1-0a6be12f22e9.png

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

641e6fc348b4f6de3b8c056930ac32722d5b9e64d5136dbb5c097b3fe57e530c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:36:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: 5CqcSkIOBzgw6oTOWI1cLRiILut6fQ2F
age: 209257
x-amz-cf-pop: FRA6-C1
cf-polished: origFmt=png, origSize=95415
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
content-disposition: inline; filename="da5e570c-2a8d-11eb-82d1-0a6be12f22e9.webp"
content-length: 15342
last-modified: Thu, 19 Nov 2020 17:37:14 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "15336d5b97e1c22678e90202eb3156ed"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public,max-age=31536000
accept-ranges: bytes
cf-ray: 7bcf13e76b109128-FRA
x-amz-cf-id: kP_oxyC3S9QVVR9AMgARNe9fFkWTeUR36mXSK1Es1pHlqKEZLxWT4g==

POST
H2 204 rum Show response
give.amazonfrontlines.org/cdn-cgi/ Frame 7BE2 0
149 B 19ms
19ms XHR
text/plain 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.amazonfrontlines.org/cdn-cgi/rum?

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-009d29f1b2af82cc----1682346978445
traceparent: 00-ff073601e942b7dc99db4577a25906d0-009d29f1b2af82cc-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIwMDlkMjlmMWIyYWY4MmNjIiwidHIiOiJmZjA3MzYwMWU5NDJiN2RjOTlkYjQ1NzdhMjU5MDZkMCIsInRpIjoxNjgyMzQ2OTc4NDQ1fX0=
content-type: application/json
Referer: https://give.amazonfrontlines.org/give/313372/

Response headers

date: Mon, 24 Apr 2023 14:36:18 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://give.amazonfrontlines.org
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7bcf13e75bbb37f0-FRA

POST
H2 200 csp-report
q.stripe.com/ Frame 37D0 0
716 B 557ms
185ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 24 Apr 2023 14:36:18 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682346978918225
x-envoy-upstream-service-time: 7
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1682346978915945
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 37D0 0
717 B 552ms
181ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 24 Apr 2023 14:36:18 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682346978916952
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1682346978916062
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 37D0 631 B
1 KB 17ms
17ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Mon, 24 Apr 2023 14:28:23 GMT
x-content-type-options: nosniff
via: 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1859
x-cache: Hit from cloudfront
content-length: 631
last-modified: Fri, 14 Apr 2023 20:03:32 GMT
server: Cloudfront
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: vQdqfY5qN5Gdjb85E2uFc545lSirHgANN7WmuvP__Cjq9mkx8p9L-A==

GET
H2 200 css
fonts.googleapis.com/ Frame 7BE2 12 KB
829 B 27ms
26ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

520b4b1a4e266fcd8dc4d48f3c5fd89e542b4d164143caf784c93447cccc6709

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 24 Apr 2023 14:36:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 14:23:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 24 Apr 2023 14:36:18 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame 7BE2 4 B
24 B 18ms
18ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1878867372&t=event&_s=1&dl=https%3A%2F%2Fgive.amazonfrontlines.org%2Fgive%2F313372%2F&dr=https%3A%2F%2Famazonfrontlines.org%2F&ul=en-us&de=UTF-8&dt=Donate%20to%20Frontlines%20Challenge&sd=24-bit&sr=1600x1200&vp=420x620&je=0&ec=frs&ea=checkout&el=Begin%20Checkout&_u=CCCACEABBAAAACAAI~&jid=1294182907&gjid=1616923724&cid=1714092457.1682346975&tid=UA-3837893-1&_gid=1521844741.1682346975&_r=1&_slc=1&z=505354464

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.amazonfrontlines.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 14:36:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.amazonfrontlines.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame 7BE2 4 B
24 B 19ms
18ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1878867372&t=event&_s=1&dl=https%3A%2F%2Fgive.amazonfrontlines.org%2Fgive%2F313372%2F&dr=https%3A%2F%2Famazonfrontlines.org%2F&ul=en-us&de=UTF-8&dt=Donate%20to%20Frontlines%20Challenge&sd=24-bit&sr=1600x1200&vp=420x620&je=0&ec=frs&ea=checkout&el=Begin%20Checkout&_u=CCCACEABBAAAACAAI~&jid=1811185839&gjid=1498902819&cid=1714092457.1682346975&tid=UA-163699844-1&_gid=1521844741.1682346975&_r=1&_slc=1&z=1351016280

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.amazonfrontlines.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 14:36:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.amazonfrontlines.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ Frame 7BE2 0
45 B 19ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-6HXY58W7SY&gtm=45je34j0&_p=1878867372&cid=1714092457.1682346975&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1682346977&sct=1&seg=0&dl=https%3A%2F%2Fgive.amazonfrontlines.org%2Fgive%2F313372%2F&dr=https%3A%2F%2Famazonfrontlines.org%2F&dt=Frontlines%20Challenge&en=scroll&ep.allowLinker=true&ep.name=clientTrack&epn.percent_scrolled=90
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6HXY58W7SY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 14:36:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.amazonfrontlines.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 stripePublishableKey Show response
pay.classy.org/token/ Frame 7BE2 44 B
331 B 406ms
406ms XHR
application/json 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/stripePublishableKey

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4f03677f716f1db373f1c115b0199d7d777dd90634465e8e9de07ada8d96036

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://give.amazonfrontlines.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:36:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-classypay-version: 1
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-classypay-requestid: b295c7cb-c590-40d8-9253-57150f4bbfc4
cf-ray: 7bcf13e77f1e9118-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 44

GET
H3 200 collect
www.google-analytics.com/ Frame 7BE2 35 B
55 B 11ms
10ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1878867372&t=timing&_s=2&dl=https%3A%2F%2Fgive.amazonfrontlines.org%2Fgive%2F313372%2F&dr=https%3A%2F%2Famazonfrontlines.org%2F&ul=en-us&de=UTF-8&dt=Donate%20to%20Frontlines%20Challenge&sd=24-bit&sr=1600x1200&vp=420x620&je=0&utc=TT%3A%20latency&utv=fresh&utl=1682346978209&utt=825&_u=SCCACEABBAAAACAAI~&jid=&gjid=&cid=1714092457.1682346975&tid=UA-3837893-1&_gid=1521844741.1682346975&cd1=67405&cd2=Classy%20Pay&cd3=0&cd4=crowdfunding&cd5=313372&cd6=campaign&cd11=recurring%20optimization&z=722919915

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Apr 2023 20:05:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66654
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame 7BE2 35 B
55 B 11ms
10ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1878867372&t=timing&_s=3&dl=https%3A%2F%2Fgive.amazonfrontlines.org%2Fgive%2F313372%2F&dr=https%3A%2F%2Famazonfrontlines.org%2F&ul=en-us&de=UTF-8&dt=Donate%20to%20Frontlines%20Challenge&sd=24-bit&sr=1600x1200&vp=420x620&je=0&utc=TT%3A%20first%20byte&utv=fresh&utl=1682346978209&utt=1512&_u=SCCACEABBAAAACAAI~&jid=&gjid=&cid=1714092457.1682346975&tid=UA-3837893-1&_gid=1521844741.1682346975&cd1=67405&cd2=Classy%20Pay&cd3=0&cd4=crowdfunding&cd5=313372&cd6=campaign&cd11=recurring%20optimization&z=1888006935

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Apr 2023 20:05:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66654
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame 7BE2 35 B
55 B 12ms
11ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1878867372&t=timing&_s=4&dl=https%3A%2F%2Fgive.amazonfrontlines.org%2Fgive%2F313372%2F&dr=https%3A%2F%2Famazonfrontlines.org%2F&ul=en-us&de=UTF-8&dt=Donate%20to%20Frontlines%20Challenge&sd=24-bit&sr=1600x1200&vp=420x620&je=0&utc=TT%3A%20last%20byte&utv=fresh&utl=1682346978209&utt=1672&_u=SCCACEABBAAAACAAI~&jid=&gjid=&cid=1714092457.1682346975&tid=UA-3837893-1&_gid=1521844741.1682346975&cd1=67405&cd2=Classy%20Pay&cd3=0&cd4=crowdfunding&cd5=313372&cd6=campaign&cd11=recurring%20optimization&z=1909837518

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Apr 2023 20:05:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66654
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame 7BE2 35 B
55 B 15ms
14ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1878867372&t=timing&_s=5&dl=https%3A%2F%2Fgive.amazonfrontlines.org%2Fgive%2F313372%2F&dr=https%3A%2F%2Famazonfrontlines.org%2F&ul=en-us&de=UTF-8&dt=Donate%20to%20Frontlines%20Challenge&sd=24-bit&sr=1600x1200&vp=420x620&je=0&utc=TT%3A%20document%20ready&utv=fresh&utl=1682346978209&utt=1866&_u=SCCACEABBAAAACAAI~&jid=&gjid=&cid=1714092457.1682346975&tid=UA-3837893-1&_gid=1521844741.1682346975&cd1=67405&cd2=Classy%20Pay&cd3=0&cd4=crowdfunding&cd5=313372&cd6=campaign&cd11=recurring%20optimization&z=2047659796

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Apr 2023 20:05:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66654
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame 7BE2 35 B
55 B 15ms
14ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1878867372&t=timing&_s=6&dl=https%3A%2F%2Fgive.amazonfrontlines.org%2Fgive%2F313372%2F&dr=https%3A%2F%2Famazonfrontlines.org%2F&ul=en-us&de=UTF-8&dt=Donate%20to%20Frontlines%20Challenge&sd=24-bit&sr=1600x1200&vp=420x620&je=0&utc=TT%3A%20view%20rendered&utv=fresh&utl=1682346978209&utt=2891&_u=SCCACEABBAAAACAAI~&jid=&gjid=&cid=1714092457.1682346975&tid=UA-3837893-1&_gid=1521844741.1682346975&cd1=67405&cd2=Classy%20Pay&cd3=0&cd4=crowdfunding&cd5=313372&cd6=campaign&cd11=recurring%20optimization&z=986818744

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Apr 2023 20:05:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66654
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 telemetry
heapanalytics.com/api/ Frame 7BE2 37 B
283 B 100ms
100ms Image
image/gif 44.215.21.224
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/api/telemetry?a=1566116007&te=type&te=data&te=cm&te=eventPropertiesTelemetry%20-%20added%20new%20properties&te=val&te=8&st=1682346978495&hv=4.19.3

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.215.21.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-215-21-224.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 14:36:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
access-control-allow-origin: *
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 h
heapanalytics.com/ Frame 7BE2 37 B
283 B 101ms
101ms Image
image/gif 44.215.21.224
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1566116007&u=4790208828267260&v=8069255487588060&s=6263976463830238&b=web&tv=4.0&sp=z&sp=0&sp=r&sp=https%3A%2F%2Famazonfrontlines.org%2F&sp=ts&sp=1682346978158&sp=d&sp=give.amazonfrontlines.org&sp=h&sp=%2Fgive%2F313372%2F&sp=t&sp=Frontlines%20Challenge&sp=g&sp=%23!%2Fdonation%2Fcheckout%3Fc_src%3Dweb%26c_src2%3Dhome%26eg%3Dtrue%26egp%3Ddo&pp=d&pp=give.amazonfrontlines.org&pp=h&pp=%2Fgive%2F313372%2F&pp=g&pp=%23!%2Fdonation%2Fcheckout%3Fc_src%3Dweb%26c_src2%3Dhome%26eg%3Dtrue%26egp%3Ddo&pp=t&pp=Frontlines%20Challenge&pp=ts&pp=1682346978158&id0=3093917269963619&k0=environment&k0=prod&k0=organization_id&k0=67405&k0=campaign&k0=313372&k0=campaign_type&k0=crowdfunding&k0=duplicate_fundraisers&k0=false&k0=existing_fundraiser&k0=false&k0=label&k0=Begin%20Checkout&k0=action&k0=checkout&k0=currency&k0=USD&t0=Begin%20Checkout&ts0=1682346978497&st=1682346978497

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.215.21.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-215-21-224.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 14:36:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
access-control-allow-origin: *
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/ Frame 7BE2 27 KB
27 KB 12ms
11ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.amazonfrontlines.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 21:41:16 GMT
x-content-type-options: nosniff
age: 147302
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27428
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 21:41:16 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/ Frame 7BE2 27 KB
27 KB 16ms
15ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.amazonfrontlines.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 21:41:16 GMT
x-content-type-options: nosniff
age: 147302
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27428
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 21:41:16 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/ Frame 7BE2 27 KB
27 KB 17ms
17ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.amazonfrontlines.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 21:41:16 GMT
x-content-type-options: nosniff
age: 147302
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27428
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 21:41:16 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/ Frame 7BE2 27 KB
27 KB 24ms
24ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.amazonfrontlines.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 21:41:16 GMT
x-content-type-options: nosniff
age: 147302
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27428
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 21:41:16 GMT

GET
H2 200 1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v12/ Frame 7BE2 28 KB
29 KB 25ms
24ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Pttg83HX_SGhgqk2jovaqQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d081b1ed15a0074cf2cc7e574123fc85736ef6648ba45c5e6f5a446c9dcc849

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.amazonfrontlines.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 15:35:17 GMT
x-content-type-options: nosniff
age: 169261
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29156
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:01:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 15:35:17 GMT

GET
H2 200 jquery-3.6.1.min.js Show response
code.jquery.com/ Frame 7BE2 88 KB
30 KB 56ms
20ms Script
application/javascript 2001:4de0:ac18::1:a:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.1.min.js
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Request headers

Referer: https://give.amazonfrontlines.org/
Origin: https://give.amazonfrontlines.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:36:18 GMT
content-encoding: gzip
last-modified: Fri, 26 Aug 2022 17:36:05 GMT
server: nginx
etag: W/"63090485-15e40"
vary: Accept-Encoding
x-hw: 1682346978.dop135.fr8.t,1682346978.cds167.fr8.hn,1682346978.cds258.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30957

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 5D20 930 B
1 KB 98ms
58ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 88
cache-control: max-age=300, public
content-encoding: gzip
content-length: 527
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 24 Apr 2023 14:36:18 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 123
x-content-type-options: nosniff
x-request-id: c7a03a66-a515-408b-b0b1-74ec6b600afe
x-served-by: cache-hhn-etou8220031-HHN
x-timer: S1682346979.621541,VS0,VE0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ Frame 7BE2 1 B
94 B 23ms
22ms XHR
text/plain 2a00:1450:400c:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-3837893-1&cid=1714092457.1682346975&jid=1294182907&gjid=1616923724&_gid=1521844741.1682346975&_u=CCCACEAABAAAACAAI~&z=323998332

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.amazonfrontlines.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 24 Apr 2023 14:36:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.amazonfrontlines.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ Frame 7BE2 4 B
70 B 22ms
22ms XHR
text/plain 2a00:1450:400c:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-163699844-1&cid=1714092457.1682346975&jid=1811185839&gjid=1498902819&_gid=1521844741.1682346975&_u=CCCACEABBAAAACAAI~&z=813911300

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.amazonfrontlines.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 24 Apr 2023 14:36:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.amazonfrontlines.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v12/ Frame 7BE2 28 KB
29 KB 18ms
17ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Pttg83HX_SGhgqk2jovaqQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d081b1ed15a0074cf2cc7e574123fc85736ef6648ba45c5e6f5a446c9dcc849

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.amazonfrontlines.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 15:35:17 GMT
x-content-type-options: nosniff
age: 169261
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29156
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:01:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 15:35:17 GMT

GET
H3 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/ Frame 7BE2 27 KB
27 KB 20ms
20ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.amazonfrontlines.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 21:41:16 GMT
x-content-type-options: nosniff
age: 147302
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27428
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 21:41:16 GMT

GET
H2 200 862.9f44b58b-1.230.0.min.js Show response
js-agent.newrelic.com/ Frame 7BE2 9 KB
4 KB 30ms
29ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/862.9f44b58b-1.230.0.min.js
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f6859eb8f0f96a1493a47e0cab0144e6dba46b3c492042660dd5b02b6cec167b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: xRkMl8fpKmpkb8xSPDFwInKFtxpiLeiU
content-encoding: gzip
via: 1.1 varnish
date: Mon, 24 Apr 2023 14:36:18 GMT
x-amz-request-id: HNBB2NDAM6RJJYMC
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3583
x-amz-id-2: wZF07nlFupiKdKNkPZOAmbD9mJCGeQXD9C0YwAzsNaXukkFYYeQZm6OikEao7HVS2S75HSv+lKM=
x-served-by: cache-hhn-etou8220052-HHN
last-modified: Mon, 10 Apr 2023 17:14:03 GMT
server: AmazonS3
x-timer: S1682346979.583050,VS0,VE0
etag: "c4e5d826698f6566f247167a7565c832"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 6772

GET
H2 200 page_view_event-aggregate.75812140-1.230.0.min.js Show response
js-agent.newrelic.com/ Frame 7BE2 10 KB
4 KB 30ms
30ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/page_view_event-aggregate.75812140-1.230.0.min.js
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3c124e8d5cc4a724c0cc1650bbb0c64f90f6cd00807ec75353423d6cb0880390

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: 7bfBjgjP9vhwGKyYNbxNdw69c7w6yepO
content-encoding: gzip
via: 1.1 varnish
date: Mon, 24 Apr 2023 14:36:18 GMT
x-amz-request-id: HNB02ZVV92QY39S0
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3954
x-amz-id-2: +JPOAXfBIVgayRjS5rW3EVGB3wTVny7ipKpN0i953HlDhsC7yQgZ95wP0l8SGw7wQ7NfL4wiD54=
x-served-by: cache-hhn-etou8220052-HHN
last-modified: Mon, 10 Apr 2023 17:14:03 GMT
server: AmazonS3
x-timer: S1682346979.583422,VS0,VE0
etag: "a4978f5fb64e86334a1dbb282220c851"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 6794

GET
H2 200 page_view_timing-aggregate.9590bdab-1.230.0.min.js Show response
js-agent.newrelic.com/ Frame 7BE2 12 KB
5 KB 30ms
29ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/page_view_timing-aggregate.9590bdab-1.230.0.min.js
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ffa12a66b77bcb1fc0cc691ed439b877e084a91bd9f5537e651306fcf6246049

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: Fq.2FKw4tsY9sm_ft7J67YTmHBEmGUpk
content-encoding: gzip
via: 1.1 varnish
date: Mon, 24 Apr 2023 14:36:18 GMT
x-amz-request-id: HNBB5CKEPRRQEC0E
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 4624
x-amz-id-2: DwTPFkNRzLROIf4onPfUKG5HS+Wm/ygQkg+zt7lfm0FgOjTfzjdkq8KExtrKIllLe319K3adQ9Q=
x-served-by: cache-hhn-etou8220052-HHN
last-modified: Mon, 10 Apr 2023 17:14:03 GMT
server: AmazonS3
x-timer: S1682346979.583231,VS0,VE0
etag: "2357140ba2b3c410d01d12937c6269d8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 6773

GET
H2 200 metrics-aggregate.20a08804-1.230.0.min.js Show response
js-agent.newrelic.com/ Frame 7BE2 4 KB
2 KB 30ms
30ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/metrics-aggregate.20a08804-1.230.0.min.js
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9b1fb531c79eb8ce9a6e9f833b9de4a43be31458e9a999dcced9147e0176d601

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: Ue3teI4xiVp879tlCKhGPbDuwtTRksP9
content-encoding: gzip
via: 1.1 varnish
date: Mon, 24 Apr 2023 14:36:18 GMT
x-amz-request-id: HNBCWR8BPBMBPTHK
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1593
x-amz-id-2: mJ3/PRO8pXB363/JL+nC1+zkpcLG3i0dTjR0dXZutrKubkDO939WIcy+S4pPvXf9ETjTpWN1PEI=
x-served-by: cache-hhn-etou8220052-HHN
last-modified: Mon, 10 Apr 2023 17:14:03 GMT
server: AmazonS3
x-timer: S1682346979.583216,VS0,VE0
etag: "2b4287467d6e1c411110556d75fe617a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 6773

GET
H2 200 jserrors-aggregate.9136a849-1.230.0.min.js Show response
js-agent.newrelic.com/ Frame 7BE2 7 KB
3 KB 41ms
41ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/jserrors-aggregate.9136a849-1.230.0.min.js
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 04183289430803326acd6b1535457d8196284cb67186adb767c506c8c69a0fb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: v5HVEhCBGcej47AYKf5XScCvsKds85Ry
content-encoding: gzip
via: 1.1 varnish
date: Mon, 24 Apr 2023 14:36:18 GMT
x-amz-request-id: HNBATQ1JR1BAHYGM
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2699
x-amz-id-2: PPyZARr9I8ARWSIfPCenWibMuBPxsf1f0qDY3NfSx5Bmqfh98ZU71bstWRLm0vMZHWc1h9GCt9s=
x-served-by: cache-hhn-etou8220052-HHN
last-modified: Mon, 10 Apr 2023 17:14:03 GMT
server: AmazonS3
x-timer: S1682346979.603461,VS0,VE0
etag: "105c0b07033e97d2ad5192f22cd2b7be"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 4278

GET
H2 200 ajax-aggregate.bcd562bf-1.230.0.min.js Show response
js-agent.newrelic.com/ Frame 7BE2 5 KB
3 KB 43ms
42ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/ajax-aggregate.bcd562bf-1.230.0.min.js
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 46989843cf6db9b279fe42b1ad1f76e09e30eabc768be16ea6c6bb2f94c67883

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: RGeelkGAT7YETe4MVmUoI6TYFjMgjsll
content-encoding: gzip
via: 1.1 varnish
date: Mon, 24 Apr 2023 14:36:18 GMT
x-amz-request-id: HNB4BYHGSS2T1QRY
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2158
x-amz-id-2: R17AlcWb33n9rc0kCPO+oACLbgm2c5CWyoJgOhlVTFG1xrgUMTXrNGGiN9JRS4IhpqIDOJfG2pw=
x-served-by: cache-hhn-etou8220052-HHN
last-modified: Mon, 10 Apr 2023 17:14:03 GMT
server: AmazonS3
x-timer: S1682346979.603466,VS0,VE0
etag: "9a50be0680ff4e93b2870bc5fa243b5e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 4262

GET
H2 200 session_trace-aggregate.6e2218bf-1.230.0.min.js Show response
js-agent.newrelic.com/ Frame 7BE2 8 KB
3 KB 43ms
42ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/session_trace-aggregate.6e2218bf-1.230.0.min.js
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6bd0f25f74142536db572062ff1ca9e9e244a02c45bf8a1218198553e95bea0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: wKHTxgUg_rL30Au_du4y9trU9sbfu0Pz
content-encoding: gzip
via: 1.1 varnish
date: Mon, 24 Apr 2023 14:36:18 GMT
x-amz-request-id: HNBFFXR930Q6C32V
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3156
x-amz-id-2: LwLaloBF/xhjUwnIEPoZOxB/ECYW83aI9Jk5N3HTUML77w+IPsNzKOKk04KaKbJzFzYlhlngDK0=
x-served-by: cache-hhn-etou8220052-HHN
last-modified: Mon, 10 Apr 2023 17:14:03 GMT
server: AmazonS3
x-timer: S1682346979.603426,VS0,VE0
etag: "309bc51447ad3ded6e5673698a4b93ed"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 4266

GET
H2 200 page_action-aggregate.4d79b951-1.230.0.min.js Show response
js-agent.newrelic.com/ Frame 7BE2 2 KB
1 KB 42ms
41ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/page_action-aggregate.4d79b951-1.230.0.min.js
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 51e416712f2a66c0f2abf8fc2ea4d86df45109a57406156a6ebec14c8138d626

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: 8oQqhsOKIgpIXbVO2KdHKF_AsgqpQxSV
content-encoding: gzip
via: 1.1 varnish
date: Mon, 24 Apr 2023 14:36:18 GMT
x-amz-request-id: HNB3JPAGXS67EK2R
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 983
x-amz-id-2: Q+Wbikj4EurPDIy/fcq9xLzqrzozneugSmndA6A7Jp/9Cyat0+36qiDcJIaBKGdv5PIlEpM3ZK8=
x-served-by: cache-hhn-etou8220052-HHN
last-modified: Mon, 10 Apr 2023 17:14:03 GMT
server: AmazonS3
x-timer: S1682346979.603469,VS0,VE0
etag: "127fe6773a93cca9c6fdbb5ff34d7655"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 4242

GET
H2 200 spa-aggregate.6c038a0a-1.230.0.min.js Show response
js-agent.newrelic.com/ Frame 7BE2 18 KB
7 KB 44ms
44ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/spa-aggregate.6c038a0a-1.230.0.min.js
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 23a830983184102217d5b0f0c01a3ab5f209589914d062cea8fca5dc5d760807

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: _4Kn2_cGnPPNvz5HfVPRzHsDfN15Qlzi
content-encoding: gzip
via: 1.1 varnish
date: Mon, 24 Apr 2023 14:36:18 GMT
x-amz-request-id: HNB9NFBN57NGCNBR
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 6462
x-amz-id-2: slpa04kY53l07ctrldOVycVNqQwDSBW4ZkL7zVUp/pUDqBtcvPyOPZw/GrZg54cgPXv1SkK+yRE=
x-served-by: cache-hhn-etou8220052-HHN
last-modified: Mon, 10 Apr 2023 17:14:03 GMT
server: AmazonS3
x-timer: S1682346979.603961,VS0,VE0
etag: "a224e9f0f0bf1b8714e924a6fe9c4bcd"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 3234

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/d87d581f/www-widgetapi.vflset/ Frame 7BE2 184 KB
62 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d87d581f/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb316b7543de09693b789a31a3cf23d39272ca8a14c2720bd69c2a1eec6c4d23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2007
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63257
x-xss-protection: 0
last-modified: Wed, 19 Apr 2023 02:50:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 23 Apr 2024 14:02:51 GMT

GET
H/1.1 200
OK widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html Show response
platform.twitter.com/widgets/ Frame AC92 320 KB
104 KB 20ms
20ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fgive.amazonfrontlines.org
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6794) /
Resource Hash: 4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer: https://give.amazonfrontlines.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 3433412
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105435
Content-Type: text/html; charset=utf-8
Date: Mon, 24 Apr 2023 14:36:18 GMT
Etag: "95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6794)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H3 200 ga-audiences
www.google.com/ads/ Frame 7BE2 42 B
63 B 53ms
53ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-163699844-1&cid=1714092457.1682346975&jid=1811185839&_u=CCCACEABBAAAACAAI~&z=1019429034

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 14:36:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ Frame 7BE2 42 B
63 B 51ms
51ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-163699844-1&cid=1714092457.1682346975&jid=1811185839&_u=CCCACEABBAAAACAAI~&z=1019429034

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 14:36:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame 7BE2 35 B
55 B 13ms
13ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1878867372&t=timing&_s=7&dl=https%3A%2F%2Fgive.amazonfrontlines.org%2Fgive%2F313372%2F&dr=https%3A%2F%2Famazonfrontlines.org%2F&ul=en-us&de=UTF-8&dt=Donate%20to%20Frontlines%20Challenge&sd=24-bit&sr=1600x1200&vp=420x620&je=0&utc=TT%3A%20fully%20loaded&utv=fresh&utl=1682346978209&utt=3015&_u=SCCACEABBAAAACAAI~&jid=&gjid=&cid=1714092457.1682346975&tid=UA-3837893-1&_gid=1521844741.1682346975&cd1=67405&cd2=Classy%20Pay&cd3=0&cd4=crowdfunding&cd5=313372&cd6=campaign&cd11=recurring%20optimization&z=1972780410

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Apr 2023 20:05:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66654
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 iframeResizer-6bb8ec1b02.js Show response
give.amazonfrontlines.org/sso/ssobuild/js/ Frame 7BE2 22 KB
7 KB 70ms
70ms XHR
application/javascript 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.amazonfrontlines.org/sso/ssobuild/js/iframeResizer-6bb8ec1b02.js

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb92a1ef1cf264bb8eea72c2931c0792c88263258e00e86de118bdd5f1aae997

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-a0f776ffebe0273a----1682346978620
traceparent: 00-f57181f3d8f2d2a39734b85409575c20-a0f776ffebe0273a-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJhMGY3NzZmZmViZTAyNzNhIiwidHIiOiJmNTcxODFmM2Q4ZjJkMmEzOTczNGI4NTQwOTU3NWMyMCIsInRpIjoxNjgyMzQ2OTc4NjIwfX0=
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://give.amazonfrontlines.org/give/313372/
X-Requested-With: XMLHttpRequest

Response headers

date: Mon, 24 Apr 2023 14:36:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 18 Apr 2023 17:59:18 GMT
cf-bgj: minify
server: cloudflare
age: 191020
etag: W/"643eda76-893d"
cf-polished: origSize=35133
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-ray: 7bcf13e86d2537f0-FRA
expires: Sun, 21 Apr 2024 09:32:38 GMT

GET
H/1.1 200
OK 67fe2a1b26 Show response
bam.nr-data.net/1/ Frame 7BE2 49 B
397 B 150ms
118ms Script
text/javascript 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/67fe2a1b26?a=363721230&v=1.230.0&to=ZV0HYUJUCEYEU0QLC1wXIE1ARwNGFlpDTSN3bEoaV1wQUEoKUwMJQlkMUl58Ah8%3D&rst=3055&ck=0&s=30650ccc5cfe637e&ref=https://give.amazonfrontlines.org/give/313372/&ap=191.630301&be=1513&fe=354&dc=340&tt=e634a9b0c0960601&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1682346975567,%22n%22:0,%22f%22:755,%22dn%22:755,%22dne%22:797,%22c%22:797,%22s%22:807,%22ce%22:825,%22rq%22:825,%22rp%22:1512,%22rpe%22:1672,%22dl%22:1515,%22di%22:1675,%22ds%22:1852,%22de%22:1852,%22dc%22:1853,%22l%22:1853,%22le%22:1866%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:36:18 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 49
x-served-by: cache-hhn-etou8220061-HHN

POST
H2 200 csp-report
q.stripe.com/ Frame 5D20 0
491 B 378ms
192ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 24 Apr 2023 14:36:18 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682346978918052
x-envoy-upstream-service-time: 13
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 5
x-stripe-client-envoy-start-time-us: 1682346978916288
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame 5D20 86 KB
16 KB 8ms
8ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Mon, 24 Apr 2023 14:36:18 GMT
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 varnish
age: 29
x-cache: HIT
content-length: 16031
x-request-id: 3e001357-699b-4949-bde0-a9646fbd69eb
x-served-by: cache-hhn-etou8220031-HHN
server: Fastly
x-timer: S1682346979.642363,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 44

GET
H2 200 settings Show response
syndication.twitter.com/ Frame AC92 663 B
604 B 162ms
120ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=120f15e801e4814a336cf5541f54bc15bff7a801

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fgive.amazonfrontlines.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

92747742b0d05de841880d3cad6550593fa08692d26fe086e15d4a5696606a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-response-time: 110
date: Mon, 24 Apr 2023 14:36:18 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Mon, 24 Apr 2023 14:36:18 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 2c75c41184a662c6
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: 1218e268de5596035d0079845348e38f7e8000b3c1f1a35de1d60b303c84cfad
content-length: 284

GET
H2 200 status Show response
give.amazonfrontlines.org/sso/ Frame 7BE2 89 B
1 KB 134ms
134ms XHR
application/javascript 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.amazonfrontlines.org/sso/status?client_id=hkDllBPffAW7sKhdYbpNc5PrwMIVbh&callback=jQuery36103280854898022256_1682346978619&_=1682346978620

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1082c556cc051f6e1b925634603a403da0d11c5319d37f65e47478fcb65e68c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-3066489b977c264f----1682346978696
traceparent: 00-8859459cf8f0bd1fe27c85eed7d8b450-3066489b977c264f-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIzMDY2NDg5Yjk3N2MyNjRmIiwidHIiOiI4ODU5NDU5Y2Y4ZjBiZDFmZTI3Yzg1ZWVkN2Q4YjQ1MCIsInRpIjoxNjgyMzQ2OTc4Njk2fX0=
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://give.amazonfrontlines.org/give/313372/
X-Requested-With: XMLHttpRequest

Response headers

date: Mon, 24 Apr 2023 14:36:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
p3p: CP="Classy does not have a P3P policy."
content-type: application/javascript; charset=utf-8
cache-control: no-cache, private
cf-ray: 7bcf13e8ede537f0-FRA
x-xss-protection: 1; mode=block

POST
H2 200 6 Show response
m.stripe.com/ Frame 5D20 156 B
669 B 562ms
186ms XHR
application/json 54.201.215.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.201.215.5 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-201-215-5.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

9224bb3a408156a2224e42b155bf04de4be4361785b6c6c1c351cfe0f6f6a3ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Mon, 24 Apr 2023 14:36:19 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682346979182454
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1682346979182002
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 h
heapanalytics.com/ Frame 7BE2 37 B
283 B 96ms
96ms Image
image/gif 44.215.21.224
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1566116007&u=4790208828267260&v=8069255487588060&s=6263976463830238&b=web&tv=4.0&sp=r&sp=https%3A%2F%2Famazonfrontlines.org%2F&sp=ts&sp=1682346978158&sp=d&sp=give.amazonfrontlines.org&sp=h&sp=%2Fgive%2F313372%2F&sp=g&sp=%23!%2Fdonation%2Fcheckout%3Fc_src%3Dweb%26c_src2%3Dhome%26eg%3Dtrue%26egp%3Ddo&pp=d&pp=give.amazonfrontlines.org&pp=h&pp=%2Fgive%2F313372%2F&pp=g&pp=%23!%2Fdonation%2Fcheckout%3Fc_src%3Dweb%26c_src2%3Dhome%26eg%3Dtrue%26egp%3Ddo&pp=t&pp=Frontlines%20Challenge&pp=ts&pp=1682346978158&id0=2259539910227105&k0=environment&k0=prod&k0=organization_id&k0=67405&k0=campaign&k0=313372&k0=campaign_type&k0=crowdfunding&k0=duplicate_fundraisers&k0=false&k0=existing_fundraiser&k0=false&k0=page&k0=%2Fgive%2F313372%2F%23!%2Fdonation%2Fcheckout%3Fc_src%3Dweb%26c_src2%3Dhome%26eg%3Dtrue%26egp%3Ddo&k0=title&k0=Donation%20Page&k0=userAgent&k0=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F112.0.5615.121%20Safari%2F537.36&k0=event_id&k0=1682346979.469398838617&k0=environment&k0=prod&k0=is_public&k0=true&t0=Page%20View&ts0=1682346978834&st=1682346978835

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.215.21.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-215-21-224.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 14:36:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
access-control-allow-origin: *
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H3 200 collect
www.google-analytics.com/ Frame 7BE2 35 B
55 B 14ms
13ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1878867372&t=pageview&_s=8&dl=https%3A%2F%2Fgive.amazonfrontlines.org%2Fgive%2F313372%2F&dr=https%3A%2F%2Famazonfrontlines.org%2F&dp=%2Fgive%2F313372%2F%23!%2Fdonation%2Fcheckout%3Fc_src%3Dweb%26c_src2%3Dhome%26eg%3Dtrue%26egp%3Ddo&ul=en-us&de=UTF-8&dt=Donation%20Page&sd=24-bit&sr=1600x1200&vp=420x620&je=0&_u=SCCACEABBAAAACACI~&jid=&gjid=&cid=1714092457.1682346975&tid=UA-3837893-1&_gid=1521844741.1682346975&cd1=67405&cd2=Classy%20Pay&cd3=0&cd4=crowdfunding&cd5=313372&cd6=campaign&cd11=recurring%20optimization&z=1770350061

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Apr 2023 20:05:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66654
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame 7BE2 35 B
55 B 15ms
15ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1878867372&t=pageview&_s=2&dl=https%3A%2F%2Fgive.amazonfrontlines.org%2Fgive%2F313372%2F&dr=https%3A%2F%2Famazonfrontlines.org%2F&dp=%2Fgive%2F313372%2F%23!%2Fdonation%2Fcheckout%3Fc_src%3Dweb%26c_src2%3Dhome%26eg%3Dtrue%26egp%3Ddo&ul=en-us&de=UTF-8&dt=Donation%20Page&sd=24-bit&sr=1600x1200&vp=420x620&je=0&_u=SCCACEABBAAAACACI~&jid=&gjid=&cid=1714092457.1682346975&tid=UA-163699844-1&_gid=1521844741.1682346975&z=1940850633

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Apr 2023 20:05:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66654
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 stripePublishableKey Show response
pay.classy.org/token/ Frame 7BE2 44 B
328 B 123ms
122ms XHR
application/json 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/stripePublishableKey

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4f03677f716f1db373f1c115b0199d7d777dd90634465e8e9de07ada8d96036

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://give.amazonfrontlines.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:36:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-classypay-version: 1
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-classypay-requestid: f98bdd2a-919b-4897-b398-7b34276b2d29
cf-ray: 7bcf13e9fc299118-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 44

GET
H2 200 controller-da48732248638df288726a142b6e91f4.html Show response
js.stripe.com/v3/ Frame A540 325 B
1 KB 9ms
9ms Document
text/html 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-da48732248638df288726a142b6e91f4.html

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

106e4667e7886cd358211fd6ce897e3ceeca0003bac487d9986a64da601ca601

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.amazonfrontlines.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 23
cache-control: max-age=60
content-length: 325
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 24 Apr 2023 14:35:59 GMT
etag: "da48732248638df288726a142b6e91f4"
last-modified: Fri, 21 Apr 2023 20:08:23 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-id: kSf6FPKVqDEuBdGiGJx8sdWl3KEckovMDPtq1FeveDHWWbmNPfWqbw==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 payment-request-inner-google-pay-4df80cebba232da48dbcd6f848e79d2f.html Show response
js.stripe.com/v3/ Frame 9BC0 408 B
1 KB 9ms
9ms Document
text/html 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-4df80cebba232da48dbcd6f848e79d2f.html

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

42da9879df79b772af2ce2bf1a55a86438f777028bfc9d22ab625e5d1f22362a

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.amazonfrontlines.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1157
cache-control: max-age=31536000
content-length: 408
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 24 Apr 2023 14:18:15 GMT
etag: "4df80cebba232da48dbcd6f848e79d2f"
last-modified: Fri, 21 Apr 2023 20:08:36 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-id: kBdpCQcZG6QX4VEH7uAKLQ3MbmtYCjUKcszLUoQ6tz6Dl6vTy6umQQ==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 payment-request-inner-browser-dea8b7bde353fc0f17cd521e4527bbab.html Show response
js.stripe.com/v3/ Frame 3C40 344 B
1 KB 11ms
11ms Document
text/html 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-dea8b7bde353fc0f17cd521e4527bbab.html

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

8c5962cd04b24babf8108ffd61a518f18c2bd86aef0d9d02fa0a6a6f939d2858

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.amazonfrontlines.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 5
cache-control: max-age=60
content-length: 344
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 24 Apr 2023 14:36:18 GMT
etag: "dea8b7bde353fc0f17cd521e4527bbab"
last-modified: Fri, 21 Apr 2023 20:08:36 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-id: yhYw95jsqlLKopf8WqLFCF62xakknm-IebmDBGpyMZQra_KvxrrjiA==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H/1.1 200
OK 67fe2a1b26 Show response
bam.nr-data.net/events/1/ Frame 7BE2 24 B
354 B 113ms
113ms XHR
image/gif 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/67fe2a1b26?a=363721230&v=1.230.0&to=ZV0HYUJUCEYEU0QLC1wXIE1ARwNGFlpDTSN3bEoaV1wQUEoKUwMJQlkMUl58Ah8%3D&rst=3335&ck=0&s=30650ccc5cfe637e&ref=https://give.amazonfrontlines.org/give/313372/
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://give.amazonfrontlines.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 24 Apr 2023 14:36:18 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: image/gif
access-control-allow-origin: https://give.amazonfrontlines.org
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 24
x-served-by: cache-hhn-etou8220061-HHN

POST
H2 200 csp-report
q.stripe.com/ Frame A540 0
716 B 181ms
180ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 24 Apr 2023 14:36:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682346979006458
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1682346979006155
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame A540 403 KB
88 KB 12ms
12ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-da48732248638df288726a142b6e91f4.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

1291012d74c10f8b6a72bb1fddddbe566b7f90af474dc3b470d0876896d3f365

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-da48732248638df288726a142b6e91f4.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 24 Apr 2023 14:11:01 GMT
via: 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1566
x-cache: Hit from cloudfront
last-modified: Fri, 21 Apr 2023 20:08:35 GMT
server: Cloudfront
etag: W/"e03289b7ee1aec82902e21b622541f44"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: aO1dxfMcYvO424lp1nyBYBGqhKdGCC8O0hW4qROJwhRz6YmQFlk0cg==

GET
H2 200 controller-43e51077eca1d80728869bb0659d3c1a.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame A540 448 KB
111 KB 13ms
12ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-43e51077eca1d80728869bb0659d3c1a.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-da48732248638df288726a142b6e91f4.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

9818d0989f4b538a42d1701d5f4ce58b7892164aa53cb9a9597cab6d74f84f9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-da48732248638df288726a142b6e91f4.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 24 Apr 2023 14:10:41 GMT
via: 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1566
x-cache: Hit from cloudfront
last-modified: Fri, 21 Apr 2023 20:08:33 GMT
server: Cloudfront
etag: W/"a1f071644b409fdecffbd51d56493eff"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: H7xnkzosSUmdGp-b9WG_24mFJyBA3QsGaOlbcw19OhSzx2rj8Jp1Sg==

POST
H2 200 csp-report
q.stripe.com/ Frame 9BC0 0
716 B 269ms
268ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 24 Apr 2023 14:36:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682346979093431
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1682346979093234
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 9BC0 0
716 B 269ms
268ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 24 Apr 2023 14:36:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682346979093556
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1682346979093307
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame 9BC0 115 KB
35 KB 125ms
71ms Script
application/javascript 2a00:1450:4013:c04::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-4df80cebba232da48dbcd6f848e79d2f.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4013:c04::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

81847bbab2bddbd1d5482bd8b47e1a77709155d7dfeb4aec2d49ed8b75a4a29e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DppXawhOllw7KDD85Bw1rA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:36:19 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-DppXawhOllw7KDD85Bw1rA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 24 Apr 2023 14:36:19 GMT

GET
H2 200 shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 9BC0 403 KB
88 KB 24ms
23ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-4df80cebba232da48dbcd6f848e79d2f.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

1291012d74c10f8b6a72bb1fddddbe566b7f90af474dc3b470d0876896d3f365

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-4df80cebba232da48dbcd6f848e79d2f.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 24 Apr 2023 14:11:01 GMT
via: 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1566
x-cache: Hit from cloudfront
last-modified: Fri, 21 Apr 2023 20:08:35 GMT
server: Cloudfront
etag: W/"e03289b7ee1aec82902e21b622541f44"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: kXiFWUjgymy-56Te18jvDzxFtSHgiPYZYbg0EOxnSVv9zeQzc9jLbQ==

GET
H2 200 payment-request-inner-google-pay-5d5a3c151af88301237c52da1ab3e7f0.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 9BC0 10 KB
4 KB 12ms
12ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-5d5a3c151af88301237c52da1ab3e7f0.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-4df80cebba232da48dbcd6f848e79d2f.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

c54dcc32bde6c85debc63110e0f15ae9bd336f25ef7e0aa319ce66cb0d25d2af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-4df80cebba232da48dbcd6f848e79d2f.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 24 Apr 2023 13:45:18 GMT
via: 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 3195
x-cache: Hit from cloudfront
last-modified: Wed, 19 Apr 2023 17:04:04 GMT
server: Cloudfront
etag: W/"dba01fde288d91c82ecd5576e4d03f36"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: MrjqOqVCJ97fzoUQgtnLe9TT6bBcKYFFY5_9hL8kULXFo1UXHfT4rw==

POST
H2 200 csp-report
q.stripe.com/ Frame 3C40 0
716 B 263ms
263ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 24 Apr 2023 14:36:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682346979093713
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1682346979093344
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 3C40 0
716 B 261ms
260ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 24 Apr 2023 14:36:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682346979093593
x-envoy-upstream-service-time: 0
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1682346979093346
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 3C40 403 KB
88 KB 16ms
15ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-dea8b7bde353fc0f17cd521e4527bbab.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

1291012d74c10f8b6a72bb1fddddbe566b7f90af474dc3b470d0876896d3f365

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-dea8b7bde353fc0f17cd521e4527bbab.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 24 Apr 2023 14:11:01 GMT
via: 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1566
x-cache: Hit from cloudfront
last-modified: Fri, 21 Apr 2023 20:08:35 GMT
server: Cloudfront
etag: W/"e03289b7ee1aec82902e21b622541f44"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: soolK6lDOCxplnfnEnnpNTybXmu6EzG6pCgIPDwJGHBA9H5vk6Nb3g==

GET
H2 200 payment-request-inner-browser-3d77ea43e56092c1a202e54c77f1ec59.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 3C40 11 KB
5 KB 20ms
20ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-3d77ea43e56092c1a202e54c77f1ec59.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-dea8b7bde353fc0f17cd521e4527bbab.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

8ae6dc26c68d8933cb92ca7c37f0905a07af7c7e9df8aca254d5e7cae6d7bad7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-dea8b7bde353fc0f17cd521e4527bbab.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 24 Apr 2023 14:03:25 GMT
via: 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1999
x-cache: Hit from cloudfront
last-modified: Tue, 21 Mar 2023 17:03:35 GMT
server: Cloudfront
etag: W/"b98a0c1ae5833e6240aeebbd9d197cd1"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: ni3woQ0YEG8G2b9XnNxI4yi_g5eH_EV0H0eyku5AKDAMVyFll8SiMQ==

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame A540 474 B
863 B 31ms
11ms Fetch
application/json 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-76.fra6.r.cloudfront.net
Software: Cloudfront /
Resource Hash: 490615ad51366c681f7127d4e30a49c517e33c80c056b522eadc334dd7269df9

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-da48732248638df288726a142b6e91f4.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 24 Apr 2023 14:36:18 GMT
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
last-modified: Fri, 21 Apr 2023 20:38:06 GMT
server: Cloudfront
x-amz-cf-pop: FRA6-C1
age: 1
etag: "47262d288b15bdcc2c90fc82bc70e59a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: P5O2kBBHIC8VvrqbR5fvm6LMiZuM3q6Rsa_mX7fFyBQ8DSC-f2s6uA==

GET
H2 200 wallet-config Show response
merchant-ui-api.stripe.com/elements/ Frame A540 1 KB
2 KB 274ms
199ms Fetch
application/json 18.202.131.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://merchant-ui-api.stripe.com/elements/wallet-config?key=pk_live_h5ocNWNpicLCfBJvLialXsb900SaJnJscz&request_surface=web_elements_controller&stripe_js_id=1d7f7402-91de-4c2b-8047-0c3ab7e09ba0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.202.131.124 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-202-131-124.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

ad4cbebcd8d72ba42c4dcba1808542f5d021b5d0795a0815fa11e39c13bda054

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 24 Apr 2023 14:36:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682346979138421
content-length: 1124
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
access-control-max-age: 300
access-control-allow-methods: GET, POST, HEAD, OPTIONS, DELETE
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 50
access-control-expose-headers: Request-Id, Stripe-Manage-Version, X-Stripe-External-Auth-Required, X-Stripe-Privileged-Session-Required
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-stripe-client-envoy-start-time-us: 1682346979137683
timing-allow-origin: https://js.stripe.com
x-robots-tag: none
expires: 0

GET
H2 200 controller-da48732248638df288726a142b6e91f4.html Show response
js.stripe.com/v3/ Frame 5950 325 B
1 KB 11ms
10ms Document
text/html 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-da48732248638df288726a142b6e91f4.html

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

106e4667e7886cd358211fd6ce897e3ceeca0003bac487d9986a64da601ca601

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.amazonfrontlines.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 24
cache-control: max-age=60
content-length: 325
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 24 Apr 2023 14:35:59 GMT
etag: "da48732248638df288726a142b6e91f4"
last-modified: Fri, 21 Apr 2023 20:08:23 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-id: hCGtDrVdYQQMqFJuOrJgmOZC-n1ipxe9NS8yB_3WScgkkJ78PhQJIQ==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 payment-request-inner-google-pay-4df80cebba232da48dbcd6f848e79d2f.html Show response
js.stripe.com/v3/ Frame 3AC1 408 B
1 KB 10ms
10ms Document
text/html 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-4df80cebba232da48dbcd6f848e79d2f.html

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

42da9879df79b772af2ce2bf1a55a86438f777028bfc9d22ab625e5d1f22362a

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.amazonfrontlines.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1158
cache-control: max-age=31536000
content-length: 408
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 24 Apr 2023 14:18:15 GMT
etag: "4df80cebba232da48dbcd6f848e79d2f"
last-modified: Fri, 21 Apr 2023 20:08:36 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-id: MFWMOasqAwApsPTWlgms9BBQYn4F73AaQGks6DosJ-PgPi7H9NU3RQ==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 payment-request-inner-browser-dea8b7bde353fc0f17cd521e4527bbab.html Show response
js.stripe.com/v3/ Frame 0A4B 344 B
1 KB 11ms
11ms Document
text/html 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-dea8b7bde353fc0f17cd521e4527bbab.html

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

8c5962cd04b24babf8108ffd61a518f18c2bd86aef0d9d02fa0a6a6f939d2858

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.amazonfrontlines.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 6
cache-control: max-age=60
content-length: 344
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 24 Apr 2023 14:36:18 GMT
etag: "dea8b7bde353fc0f17cd521e4527bbab"
last-modified: Fri, 21 Apr 2023 20:08:36 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-id: 3TCmXK_Pz3RG1qtiO8nktsbSsi9ti6tOgMnonFYjG6JOuPEcIkbAeA==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 0 Show response
r.stripe.com/ Frame A540 0
274 B 361ms
355ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 14:36:19 GMT
x-stripe-server-envoy-start-time-us: 1682346979273321
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1682346979273105
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A540 0
274 B 274ms
268ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 14:36:19 GMT
x-stripe-server-envoy-start-time-us: 1682346979184958
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 6
x-stripe-client-envoy-start-time-us: 1682346979184635
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A540 0
274 B 357ms
352ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 14:36:19 GMT
x-stripe-server-envoy-start-time-us: 1682346979273200
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682346979272712
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A540 0
274 B 268ms
263ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 14:36:19 GMT
x-stripe-server-envoy-start-time-us: 1682346979184656
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682346979184432
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A540 0
274 B 189ms
184ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 14:36:19 GMT
x-stripe-server-envoy-start-time-us: 1682346979104377
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682346979104075
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A540 0
274 B 357ms
352ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 14:36:19 GMT
x-stripe-server-envoy-start-time-us: 1682346979273387
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 1
x-stripe-client-envoy-start-time-us: 1682346979273036
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A540 0
274 B 359ms
355ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 14:36:19 GMT
x-stripe-server-envoy-start-time-us: 1682346979273374
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1682346979272979
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A540 0
274 B 358ms
354ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 14:36:19 GMT
x-stripe-server-envoy-start-time-us: 1682346979273491
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 1
x-stripe-client-envoy-start-time-us: 1682346979272800
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A540 0
274 B 268ms
264ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 14:36:19 GMT
x-stripe-server-envoy-start-time-us: 1682346979184876
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682346979184585
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A540 0
274 B 269ms
265ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 14:36:19 GMT
x-stripe-server-envoy-start-time-us: 1682346979185162
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682346979184543
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A540 0
274 B 270ms
266ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 14:36:19 GMT
x-stripe-server-envoy-start-time-us: 1682346979185298
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1682346979184503
access-control-allow-credentials: true
content-length: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 5950 0
716 B 353ms
353ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 24 Apr 2023 14:36:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682346979274732
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1682346979274438
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 5950 403 KB
88 KB 11ms
10ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-da48732248638df288726a142b6e91f4.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

1291012d74c10f8b6a72bb1fddddbe566b7f90af474dc3b470d0876896d3f365

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-da48732248638df288726a142b6e91f4.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 24 Apr 2023 14:11:01 GMT
via: 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1567
x-cache: Hit from cloudfront
last-modified: Fri, 21 Apr 2023 20:08:35 GMT
server: Cloudfront
etag: W/"e03289b7ee1aec82902e21b622541f44"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 8vp23GRxCcAxmJT3KC3iEEMIlO5vZr1YMscpeG4WJEet00_MJXOM8Q==

GET
H2 200 controller-43e51077eca1d80728869bb0659d3c1a.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 5950 448 KB
111 KB 14ms
14ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-43e51077eca1d80728869bb0659d3c1a.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-da48732248638df288726a142b6e91f4.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

9818d0989f4b538a42d1701d5f4ce58b7892164aa53cb9a9597cab6d74f84f9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-da48732248638df288726a142b6e91f4.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 24 Apr 2023 14:10:41 GMT
via: 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1567
x-cache: Hit from cloudfront
last-modified: Fri, 21 Apr 2023 20:08:33 GMT
server: Cloudfront
etag: W/"a1f071644b409fdecffbd51d56493eff"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: wMB5CurQjgStsm2jk9yLjwXCmeBen5CKYOQ1G2tLjIfO89_lKmWuFw==

POST
H2 200 csp-report
q.stripe.com/ Frame 3AC1 0
716 B 361ms
361ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 24 Apr 2023 14:36:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682346979275445
x-envoy-upstream-service-time: 4
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1682346979275026
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 3AC1 0
717 B 364ms
364ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 24 Apr 2023 14:36:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682346979279278
x-envoy-upstream-service-time: 11
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 5
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1682346979275049
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame 3AC1 115 KB
34 KB 67ms
67ms Script
application/javascript 2a00:1450:4013:c04::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-4df80cebba232da48dbcd6f848e79d2f.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4013:c04::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

81847bbab2bddbd1d5482bd8b47e1a77709155d7dfeb4aec2d49ed8b75a4a29e

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-4jVLp2_VtvbdKhqhL4cYiQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:36:19 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-4jVLp2_VtvbdKhqhL4cYiQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 24 Apr 2023 14:36:19 GMT

GET
H2 200 shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 3AC1 403 KB
88 KB 14ms
14ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-4df80cebba232da48dbcd6f848e79d2f.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

1291012d74c10f8b6a72bb1fddddbe566b7f90af474dc3b470d0876896d3f365

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-4df80cebba232da48dbcd6f848e79d2f.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 24 Apr 2023 14:11:01 GMT
via: 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1567
x-cache: Hit from cloudfront
last-modified: Fri, 21 Apr 2023 20:08:35 GMT
server: Cloudfront
etag: W/"e03289b7ee1aec82902e21b622541f44"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: eMQXvHevlFw62EAam1DIUDzfjEEOkRe4Wz-07XA1cyv0fNOCKe-9OQ==

GET
H2 200 payment-request-inner-google-pay-5d5a3c151af88301237c52da1ab3e7f0.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 3AC1 10 KB
4 KB 11ms
11ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-5d5a3c151af88301237c52da1ab3e7f0.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-4df80cebba232da48dbcd6f848e79d2f.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

c54dcc32bde6c85debc63110e0f15ae9bd336f25ef7e0aa319ce66cb0d25d2af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-4df80cebba232da48dbcd6f848e79d2f.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 24 Apr 2023 13:45:18 GMT
via: 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 3196
x-cache: Hit from cloudfront
last-modified: Wed, 19 Apr 2023 17:04:04 GMT
server: Cloudfront
etag: W/"dba01fde288d91c82ecd5576e4d03f36"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: gRqPSL1yQVJd276l7M_7aF74uUh_w3OK2gU-2MGyM0zETuo0sI-A9A==

POST
H2 200 csp-report
q.stripe.com/ Frame 0A4B 0
718 B 639ms
638ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 24 Apr 2023 14:36:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682346979280717
x-envoy-upstream-service-time: 89
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 41
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1682346979275053
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 0A4B 0
717 B 375ms
374ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 24 Apr 2023 14:36:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682346979279877
x-envoy-upstream-service-time: 16
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 8
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1682346979275064
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 0A4B 403 KB
88 KB 14ms
13ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-dea8b7bde353fc0f17cd521e4527bbab.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

1291012d74c10f8b6a72bb1fddddbe566b7f90af474dc3b470d0876896d3f365

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-dea8b7bde353fc0f17cd521e4527bbab.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 24 Apr 2023 14:11:01 GMT
via: 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1567
x-cache: Hit from cloudfront
last-modified: Fri, 21 Apr 2023 20:08:35 GMT
server: Cloudfront
etag: W/"e03289b7ee1aec82902e21b622541f44"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: _mT3CBasYfbVO8q2TIXkDh7HiHmNZL9Lu1uJnZsxFlNCdKF_I1Q_4A==

GET
H2 200 payment-request-inner-browser-3d77ea43e56092c1a202e54c77f1ec59.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 0A4B 11 KB
5 KB 16ms
16ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-3d77ea43e56092c1a202e54c77f1ec59.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-dea8b7bde353fc0f17cd521e4527bbab.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

8ae6dc26c68d8933cb92ca7c37f0905a07af7c7e9df8aca254d5e7cae6d7bad7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-dea8b7bde353fc0f17cd521e4527bbab.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 24 Apr 2023 14:03:25 GMT
via: 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 2000
x-cache: Hit from cloudfront
last-modified: Tue, 21 Mar 2023 17:03:35 GMT
server: Cloudfront
etag: W/"b98a0c1ae5833e6240aeebbd9d197cd1"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: XZgpq6DWZjdtouKuBd0AIKhDha01GDgzgX7J7H5S8o6n9JhzTWEnAQ==

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 5950 474 B
862 B 11ms
11ms Fetch
application/json 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-76.fra6.r.cloudfront.net
Software: Cloudfront /
Resource Hash: 490615ad51366c681f7127d4e30a49c517e33c80c056b522eadc334dd7269df9

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-da48732248638df288726a142b6e91f4.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 24 Apr 2023 14:36:18 GMT
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
last-modified: Fri, 21 Apr 2023 20:38:06 GMT
server: Cloudfront
x-amz-cf-pop: FRA6-C1
age: 2
etag: "47262d288b15bdcc2c90fc82bc70e59a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: QRCxIP0ZoSQ9ru5f1mtvgNFQLL-exm7uSvJnHmAIschSTFn6cbleVg==

GET
H2 200 wallet-config Show response
merchant-ui-api.stripe.com/elements/ Frame 5950 1 KB
2 KB 224ms
224ms Fetch
application/json 18.202.131.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://merchant-ui-api.stripe.com/elements/wallet-config?key=pk_live_h5ocNWNpicLCfBJvLialXsb900SaJnJscz&request_surface=web_elements_controller&stripe_js_id=1d7f7402-91de-4c2b-8047-0c3ab7e09ba0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.202.131.124 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-202-131-124.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

a7326ce7c8d187779e4b0fc5dc3cf6edef14f228c59b165ad1153a1d15899db5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 24 Apr 2023 14:36:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682346979163617
content-length: 1124
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
access-control-max-age: 300
access-control-allow-methods: GET, POST, HEAD, OPTIONS, DELETE
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 70
access-control-expose-headers: Request-Id, Stripe-Manage-Version, X-Stripe-External-Auth-Required, X-Stripe-Privileged-Session-Required
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-stripe-client-envoy-start-time-us: 1682346979162706
timing-allow-origin: https://js.stripe.com
x-robots-tag: none
expires: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 5950 0
274 B 257ms
256ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 14:36:19 GMT
x-stripe-server-envoy-start-time-us: 1682346979275200
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682346979274627
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 5950 0
274 B 256ms
256ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 14:36:19 GMT
x-stripe-server-envoy-start-time-us: 1682346979274863
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682346979274686
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 5950 0
274 B 256ms
256ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 14:36:19 GMT
x-stripe-server-envoy-start-time-us: 1682346979275179
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682346979274759
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 5950 0
274 B 255ms
255ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 14:36:19 GMT
x-stripe-server-envoy-start-time-us: 1682346979275231
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682346979274875
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 5950 0
274 B 268ms
268ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 14:36:19 GMT
x-stripe-server-envoy-start-time-us: 1682346979286719
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682346979286183
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 5950 0
274 B 266ms
266ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 14:36:19 GMT
x-stripe-server-envoy-start-time-us: 1682346979286568
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682346979286269
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 5950 0
274 B 269ms
269ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 14:36:19 GMT
x-stripe-server-envoy-start-time-us: 1682346979286633
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682346979286402
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 5950 0
274 B 267ms
267ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 14:36:19 GMT
x-stripe-server-envoy-start-time-us: 1682346979286828
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682346979286446
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 5950 0
274 B 276ms
276ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 14:36:19 GMT
x-stripe-server-envoy-start-time-us: 1682346979287247
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682346979286557
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 5950 0
274 B 267ms
267ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 14:36:19 GMT
x-stripe-server-envoy-start-time-us: 1682346979286989
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682346979286561
access-control-allow-credentials: true
content-length: 0

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 0688 18 KB
8 KB 76ms
75ms Document
text/html 2a00:1450:4013:c04::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4013:c04::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

16355d74493531689777a390b1a0d7b87cfaa68600ed691fca1fd5ce8ed674d8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3kQ0YbWc9sk7-LjSsjc1tg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-3kQ0YbWc9sk7-LjSsjc1tg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Mon, 24 Apr 2023 14:36:19 GMT
expires: Mon, 24 Apr 2023 14:36:19 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 9288 18 KB
8 KB 77ms
76ms Document
text/html 2a00:1450:4013:c04::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4013:c04::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2b852eb977b9aec9aa7b5089471d93ec72faf42fb2cbd9d3f1eb2b155512cfde

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Nlj8nvS5lfWZ9KvQYoW21g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Nlj8nvS5lfWZ9KvQYoW21g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Mon, 24 Apr 2023 14:36:19 GMT
expires: Mon, 24 Apr 2023 14:36:19 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A540 0
274 B 261ms
260ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 14:36:19 GMT
x-stripe-server-envoy-start-time-us: 1682346979287069
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682346979286670
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A540 0
274 B 252ms
251ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 14:36:19 GMT
x-stripe-server-envoy-start-time-us: 1682346979287117
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682346979286628
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 5950 0
274 B 252ms
252ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 14:36:19 GMT
x-stripe-server-envoy-start-time-us: 1682346979287029
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682346979286785
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 5950 0
274 B 250ms
250ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 14:36:19 GMT
x-stripe-server-envoy-start-time-us: 1682346979286804
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 1
x-stripe-client-envoy-start-time-us: 1682346979286671
access-control-allow-credentials: true
content-length: 0

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 0688 2 KB
2 KB 125ms
125ms Other
text/html 2a00:1450:4013:c04::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4013:c04::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 24 Apr 2023 14:36:19 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H3 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.W6VuNWHzdWY.es5.O/am=wPEAIA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/r... Frame 0688 157 KB
55 KB 38ms
16ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.W6VuNWHzdWY.es5.O/am=wPEAIA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrihPFgSd5taCsgUFsIJLJb-0ulEtg/m=_b,_tp,_r

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d9df168924d6dea87277229a6f7c34a48f0d66420dfb654955f142271b01f5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 14:07:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174558
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56571
x-xss-protection: 0
last-modified: Wed, 19 Apr 2023 02:23:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sun, 21 Apr 2024 14:07:01 GMT

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 9288 2 KB
2 KB 126ms
126ms Other
text/html 2a00:1450:4013:c04::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4013:c04::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 24 Apr 2023 14:36:19 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H3 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.W6VuNWHzdWY.es5.O/am=wPEAIA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/r... Frame 9288 157 KB
55 KB 27ms
11ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d9df168924d6dea87277229a6f7c34a48f0d66420dfb654955f142271b01f5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 14:07:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174558
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56571
x-xss-protection: 0
last-modified: Wed, 19 Apr 2023 02:23:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sun, 21 Apr 2024 14:07:01 GMT

GET
H3 200 m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.W6VuNWHzdWY.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.t5Q... Frame 0688 70 KB
26 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.W6VuNWHzdWY.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.t5QJuKv34C0.L.B1.O/am=wPEAIA/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrgkT6EExVl-suLLJzpEwvBwFOgFuA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;JsbNhc:Xd8iUd;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;Me32dd:MEeYgc;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/ujg=1/m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.W6VuNWHzdWY.es5.O/am=wPEAIA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrihPFgSd5taCsgUFsIJLJb-0ulEtg/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49f71b872543caf6c6fb6b4ca66572416ffd3b38ab9b14d73a2face8dc009317

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 23:05:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 142243
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26116
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 18:37:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sun, 21 Apr 2024 23:05:36 GMT

GET
H3 200 m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.W6VuNWHzdWY.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.t5Q... Frame 9288 70 KB
26 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49f71b872543caf6c6fb6b4ca66572416ffd3b38ab9b14d73a2face8dc009317

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 23:05:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 142243
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26116
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 18:37:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sun, 21 Apr 2024 23:05:36 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame A540 0
274 B 362ms
362ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 14:36:19 GMT
x-stripe-server-envoy-start-time-us: 1682346979389428
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 1
x-stripe-client-envoy-start-time-us: 1682346979389138
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A540 0
274 B 360ms
360ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 14:36:19 GMT
x-stripe-server-envoy-start-time-us: 1682346979392987
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682346979392631
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A540 0
274 B 360ms
360ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 14:36:19 GMT
x-stripe-server-envoy-start-time-us: 1682346979393201
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682346979392705
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A540 0
274 B 359ms
359ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 14:36:19 GMT
x-stripe-server-envoy-start-time-us: 1682346979395032
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682346979394430
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A540 0
274 B 358ms
358ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 14:36:19 GMT
x-stripe-server-envoy-start-time-us: 1682346979395638
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682346979395301
access-control-allow-credentials: true
content-length: 0

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 0688 1 MB
385 KB 71ms
71ms XHR
text/html 2a00:1450:4013:c04::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4013:c04::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4189b3ba0c732fdddb79c35269aac0618d76827fd2d02a79499d5e04ae2685ed

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mj2LQ9eYZzPYM3L2JwdgSw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:36:19 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-mj2LQ9eYZzPYM3L2JwdgSw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 24 Apr 2023 14:36:19 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.W6VuNWHzdWY.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.t5Q... Frame 0688 23 KB
9 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.W6VuNWHzdWY.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.t5QJuKv34C0.L.B1.O/am=wPEAIA/d=1/exm=Das5Le,IZT63,PrPYRd,ZyYHPb,_b,_r,_tp,hc6Ubd,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrgkT6EExVl-suLLJzpEwvBwFOgFuA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;JsbNhc:Xd8iUd;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;Me32dd:MEeYgc;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/ujg=1/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

463c8cd998ec33964870ec77084a02d4e75ff30cb583167f3a2c4ac3fd95e645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 14:31:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 173109
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9377
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 18:37:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sun, 21 Apr 2024 14:31:10 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.W6VuNWHzdWY.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.t5Q... Frame 0688 35 KB
13 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.W6VuNWHzdWY.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.t5QJuKv34C0.L.B1.O/am=wPEAIA/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,WhJNk,Wt6vjf,ZyYHPb,_b,_r,_tp,hc6Ubd,hhhU8,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrgkT6EExVl-suLLJzpEwvBwFOgFuA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;JsbNhc:Xd8iUd;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;Me32dd:MEeYgc;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/ujg=1/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2974aa7a01b564e60381fddb0c7dc35d24730f427a3d8e413e5ff66623e4f2ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 14:31:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 173109
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13523
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 18:37:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sun, 21 Apr 2024 14:31:10 GMT

POST
H3 200 log Show response
play.google.com/ Frame 0688 131 B
155 B 84ms
48ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 24 Apr 2023 14:36:19 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 24 Apr 2023 14:36:19 GMT

POST
H3 200 log Show response
play.google.com/ Frame 0688 131 B
155 B 86ms
51ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 24 Apr 2023 14:36:19 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 24 Apr 2023 14:36:19 GMT

POST
H3 200 log Show response
play.google.com/ Frame 0688 131 B
155 B 88ms
53ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 24 Apr 2023 14:36:19 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 24 Apr 2023 14:36:19 GMT

POST
H3 200 log Show response
play.google.com/ Frame 0688 131 B
155 B 86ms
52ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 24 Apr 2023 14:36:19 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 24 Apr 2023 14:36:19 GMT

POST
H3 200 log Show response
play.google.com/ Frame 0688 131 B
155 B 85ms
51ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 24 Apr 2023 14:36:19 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 24 Apr 2023 14:36:19 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 9288 1 MB
385 KB 73ms
73ms XHR
text/html 2a00:1450:4013:c04::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4013:c04::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e2fe345d3fc14db760845d780f2639b379d641911651c23efd7203e44cc7f341

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gZGPD8xJSlLtaAhGZzI8bw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:36:19 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-gZGPD8xJSlLtaAhGZzI8bw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 24 Apr 2023 14:36:19 GMT

POST
H3 200 log Show response
play.google.com/ Frame 0688 131 B
155 B 82ms
49ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 24 Apr 2023 14:36:19 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 24 Apr 2023 14:36:19 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame A540 0
274 B 331ms
331ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 14:36:19 GMT
x-stripe-server-envoy-start-time-us: 1682346979423020
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682346979422437
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A540 0
274 B 331ms
330ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 14:36:19 GMT
x-stripe-server-envoy-start-time-us: 1682346979423916
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682346979423411
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 5950 0
274 B 326ms
326ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 14:36:19 GMT
x-stripe-server-envoy-start-time-us: 1682346979431094
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682346979430371
access-control-allow-credentials: true
content-length: 0

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.W6VuNWHzdWY.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.t5Q... Frame 9288 23 KB
9 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.W6VuNWHzdWY.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.t5QJuKv34C0.L.B1.O/am=wPEAIA/d=1/exm=Das5Le,IZT63,PrPYRd,ZyYHPb,_b,_r,_tp,hc6Ubd,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrgkT6EExVl-suLLJzpEwvBwFOgFuA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;JsbNhc:Xd8iUd;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;Me32dd:MEeYgc;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/ujg=1/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

463c8cd998ec33964870ec77084a02d4e75ff30cb583167f3a2c4ac3fd95e645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 14:31:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 173109
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9377
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 18:37:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sun, 21 Apr 2024 14:31:10 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.W6VuNWHzdWY.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.t5Q... Frame 9288 35 KB
13 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.W6VuNWHzdWY.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.t5QJuKv34C0.L.B1.O/am=wPEAIA/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,WhJNk,Wt6vjf,ZyYHPb,_b,_r,_tp,hc6Ubd,hhhU8,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrgkT6EExVl-suLLJzpEwvBwFOgFuA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;JsbNhc:Xd8iUd;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;Me32dd:MEeYgc;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/ujg=1/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2974aa7a01b564e60381fddb0c7dc35d24730f427a3d8e413e5ff66623e4f2ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 14:31:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 173109
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13523
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 18:37:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sun, 21 Apr 2024 14:31:10 GMT

POST
H3 200 log Show response
play.google.com/ Frame 9288 131 B
155 B 79ms
53ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 24 Apr 2023 14:36:19 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 24 Apr 2023 14:36:19 GMT

POST
H3 200 log Show response
play.google.com/ Frame 9288 131 B
155 B 75ms
49ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 24 Apr 2023 14:36:19 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 24 Apr 2023 14:36:19 GMT

POST
H3 200 log Show response
play.google.com/ Frame 9288 131 B
155 B 77ms
51ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 24 Apr 2023 14:36:19 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 24 Apr 2023 14:36:19 GMT

POST
H3 200 log Show response
play.google.com/ Frame 9288 131 B
155 B 74ms
48ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 24 Apr 2023 14:36:19 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 24 Apr 2023 14:36:19 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame A540 0
274 B 317ms
317ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 14:36:19 GMT
x-stripe-server-envoy-start-time-us: 1682346979440139
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682346979439922
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A540 0
274 B 317ms
317ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 14:36:19 GMT
x-stripe-server-envoy-start-time-us: 1682346979441148
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1682346979440798
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 5950 0
274 B 315ms
315ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 14:36:19 GMT
x-stripe-server-envoy-start-time-us: 1682346979444622
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1682346979444236
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 5950 0
274 B 314ms
313ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 14:36:19 GMT
x-stripe-server-envoy-start-time-us: 1682346979445717
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682346979445387
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A540 0
274 B 313ms
311ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 14:36:19 GMT
x-stripe-server-envoy-start-time-us: 1682346979450053
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682346979449726
access-control-allow-credentials: true
content-length: 0

GET
H2 200 h
heapanalytics.com/ Frame 7BE2 37 B
283 B 105ms
96ms Image
image/gif 44.215.21.224
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1566116007&u=4790208828267260&v=8069255487588060&s=6263976463830238&b=web&tv=4.0&sp=r&sp=https%3A%2F%2Famazonfrontlines.org%2F&sp=ts&sp=1682346978158&sp=d&sp=give.amazonfrontlines.org&sp=h&sp=%2Fgive%2F313372%2F&sp=g&sp=%23!%2Fdonation%2Fcheckout%3Fc_src%3Dweb%26c_src2%3Dhome%26eg%3Dtrue%26egp%3Ddo&pp=d&pp=give.amazonfrontlines.org&pp=h&pp=%2Fgive%2F313372%2F&pp=g&pp=%23!%2Fdonation%2Fcheckout%3Fc_src%3Dweb%26c_src2%3Dhome%26eg%3Dtrue%26egp%3Ddo&pp=t&pp=Frontlines%20Challenge&pp=ts&pp=1682346978158&id0=4990550016063819&k0=environment&k0=prod&k0=organization_id&k0=67405&k0=campaign&k0=313372&k0=campaign_type&k0=crowdfunding&k0=duplicate_fundraisers&k0=false&k0=existing_fundraiser&k0=false&k0=digitalWalletsLoaded&k0=true&k0=event_id&k0=1682346979.774776094254&t0=Donation%20Page%20-%20View%20Page%20-%20Digital%20Wallet&ts0=1682346979346&st=1682346979347

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.215.21.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-215-21-224.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 14:36:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
access-control-allow-origin: *
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 GooglePay-logo.svg
give.amazonfrontlines.org/static/global/images/digitalWallets/ Frame 7BE2 3 KB
1 KB 408ms
399ms Image
image/svg+xml 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://give.amazonfrontlines.org/static/global/images/digitalWallets/GooglePay-logo.svg

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee8b513e01e58127f81cb40ae5909a16a8eb0f8185efa32fd0a9104a7deb2c78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/give/313372/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:36:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 18 Apr 2023 18:00:38 GMT
server: cloudflare
etag: W/"643edac6-b41"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7bcf13ed0c6f37f0-FRA
expires: Tue, 23 Apr 2024 14:36:19 GMT

GET
H2 200 h
heapanalytics.com/ Frame 7BE2 37 B
283 B 99ms
97ms Image
image/gif 44.215.21.224
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1566116007&u=4790208828267260&v=8069255487588060&s=6263976463830238&b=web&tv=4.0&sp=r&sp=https%3A%2F%2Famazonfrontlines.org%2F&sp=ts&sp=1682346978158&sp=d&sp=give.amazonfrontlines.org&sp=h&sp=%2Fgive%2F313372%2F&sp=g&sp=%23!%2Fdonation%2Fcheckout%3Fc_src%3Dweb%26c_src2%3Dhome%26eg%3Dtrue%26egp%3Ddo&pp=d&pp=give.amazonfrontlines.org&pp=h&pp=%2Fgive%2F313372%2F&pp=g&pp=%23!%2Fdonation%2Fcheckout%3Fc_src%3Dweb%26c_src2%3Dhome%26eg%3Dtrue%26egp%3Ddo&pp=t&pp=Frontlines%20Challenge&pp=ts&pp=1682346978158&id0=5047469523200659&k0=environment&k0=prod&k0=organization_id&k0=67405&k0=campaign&k0=313372&k0=campaign_type&k0=crowdfunding&k0=duplicate_fundraisers&k0=false&k0=existing_fundraiser&k0=false&k0=digitalWalletsLoaded&k0=true&k0=event_id&k0=1682346979.689457194069&t0=Donation%20Page%20-%20View%20Page%20-%20Digital%20Wallet&ts0=1682346979359&st=1682346979361

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.215.21.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-215-21-224.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 14:36:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
access-control-allow-origin: *
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

POST
H2 200 0 Show response
r.stripe.com/ Frame 5950 0
274 B 297ms
296ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 14:36:19 GMT
x-stripe-server-envoy-start-time-us: 1682346979461642
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682346979460961
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 5950 0
274 B 297ms
296ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 14:36:19 GMT
x-stripe-server-envoy-start-time-us: 1682346979461681
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682346979461022
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 5950 0
274 B 297ms
296ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-108bf8bcd8407d2e6f5530a69ee9e7d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 24 Apr 2023 14:36:19 GMT
x-stripe-server-envoy-start-time-us: 1682346979462545
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682346979462210
access-control-allow-credentials: true
content-length: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 149ms
64ms Preflight
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 24 Apr 2023 14:36:19 GMT
expires: Mon, 24 Apr 2023 14:36:19 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 149ms
64ms Preflight
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 24 Apr 2023 14:36:19 GMT
expires: Mon, 24 Apr 2023 14:36:19 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 148ms
64ms Preflight
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 24 Apr 2023 14:36:19 GMT
expires: Mon, 24 Apr 2023 14:36:19 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 146ms
63ms Preflight
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 24 Apr 2023 14:36:19 GMT
expires: Mon, 24 Apr 2023 14:36:19 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 158ms
46ms Preflight
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 24 Apr 2023 14:36:19 GMT
expires: Mon, 24 Apr 2023 14:36:19 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 167ms
56ms Preflight
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 24 Apr 2023 14:36:19 GMT
expires: Mon, 24 Apr 2023 14:36:19 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 167ms
56ms Preflight
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 24 Apr 2023 14:36:19 GMT
expires: Mon, 24 Apr 2023 14:36:19 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 165ms
57ms Preflight
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 24 Apr 2023 14:36:19 GMT
expires: Mon, 24 Apr 2023 14:36:19 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 165ms
57ms Preflight
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 24 Apr 2023 14:36:19 GMT
expires: Mon, 24 Apr 2023 14:36:19 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 155ms
57ms Preflight
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 24 Apr 2023 14:36:19 GMT
expires: Mon, 24 Apr 2023 14:36:19 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 204 collect
region1.google-analytics.com/g/ Frame 7BE2 0
17 B 18ms
18ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-6HXY58W7SY&gtm=45je34j0&_p=1878867372&cid=1714092457.1682346975&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1682346977&sct=1&seg=0&dl=https%3A%2F%2Fgive.amazonfrontlines.org%2Fgive%2F313372%2F&dr=https%3A%2F%2Famazonfrontlines.org%2F&dt=Donate%20to%20Frontlines%20Challenge&_s=3
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6HXY58W7SY
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://give.amazonfrontlines.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 14:36:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.amazonfrontlines.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 trusted-types-checker-239db17d86d6320632b024ca9e43ba9c.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 7BE2 295 B
794 B 13ms
13ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-239db17d86d6320632b024ca9e43ba9c.js

Requested by

Host: amazonfrontlines.org
URL: https://amazonfrontlines.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

0ea220d4ad1c32f2b9c3fb1c5c2cce3df57496e54556f092e0f201d4d8622849

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.amazonfrontlines.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Mon, 24 Apr 2023 14:27:34 GMT
x-content-type-options: nosniff
via: 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 535
x-cache: Hit from cloudfront
content-length: 295
last-modified: Fri, 31 Mar 2023 20:02:37 GMT
server: Cloudfront
etag: "477956b204dfd45e10334fc060914d4b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: K-owm8xwzB6ZjFubbwIVzTgfTwu9lB-AqAIMIQtRcmmrUkucRpU-sA==

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

37 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.amazonfrontlines.org/	1970-01-20 13:28:42	Name: _gcl_au Value: 1.1.895686794.1682346975
amazonfrontlines.org/	1970-01-20 20:04:42	Name: pll_language Value: en
.amazonfrontlines.org/	1970-01-20 11:20:33	Name: _gid Value: GA1.2.1521844741.1682346975
.amazonfrontlines.org/	1970-01-20 11:19:07	Name: _gat_gtag_UA_162643912_1 Value: 1
.amazonfrontlines.org/	1970-01-20 20:55:06	Name: _ga_NM9HNZLLGQ Value: GS1.1.1682346975.1.0.1682346975.60.0.0
amazonfrontlines.org/	1970-01-20 11:20:33	Name: ln_or Value: eyIyOTc2OTcwIjoiZCJ9
.amazonfrontlines.org/	1970-01-20 13:28:42	Name: _fbp Value: fb.1.1682346975291.206463299
.linkedin.com/	1970-01-20 12:02:18	Name: UserMatchHistory Value: AQJzb8x5TsVmzwAAAYezsaAiDOPhXfa1-xKSUeemS_opp5Ae1uYeG-8HBGrB_MjlC2FAYLQBJl_i-Q
.linkedin.com/	1970-01-20 12:02:18	Name: AnalyticsSyncHistory Value: AQKUKjEC0-DAXQAAAYezsaAjUxRB1XUR15w77RFwanc7KE2PAsT2NKmL1RtpmmFHyCvaR2adUPTT7DQPXruZiw
.linkedin.com/	1970-01-20 20:04:42	Name: bcookie Value: "v=2&55b648aa-9cb6-4fc9-8902-8492a58a83cc"
.linkedin.com/	1970-01-20 11:20:33	Name: lidc Value: "b=TGST04:s=T:r=T:a=T:p=T:g=2930:u=1:x=1:i=1682346975:t=1682433375:v=2:sig=AQGa_EXkTNdByF-LYhf0EIpLXcODc_EM"
.doubleclick.net/	1970-01-20 11:19:07	Name: test_cookie Value: CheckForPermission
.www.linkedin.com/	1970-01-20 20:04:42	Name: bscookie Value: "v=1&2023042414361516ef70c8-5a4c-4d8b-8e62-4a310a9a3110AQHZjzclL1sTYghv27CvKQOj0zy3Ieof"
.linkedin.com/	1970-01-20 15:38:18	Name: li_gc Value: MTswOzE2ODIzNDY5NzU7MjswMjGxDbJBsqeOZkgyvo++amRQTZjPZ59m/KnodeWAVJLUjA==
.classy.org/	1970-01-20 11:19:08	Name: __cf_bm Value: mKpULOjcPry5EmC1BlVN5qi3NFD6T672HO4flom0It0-1682346975-0-AQ7BmvCvim1pHoI+D93CTyoIDkHOeLPp5jXXEG8MktD/9Iggs0OILw8sgyD6xqHe2nJhp4uTdOGgC/awBa5nwjs=
.classy.org/	1969-12-31 23:59:59	Name: __cfruid Value: 5a92dc39729fd40b7f7ed9920dbc61602c9db016-1682346976
give.amazonfrontlines.org/	1970-01-20 20:55:06	Name: connect.sid Value: s%3A9afwK4QVOHmnI2n2zBxSQGdAlfwK5TC3.qqg5NLhKn8UdFCjhSQPYoEiQMtV0j3IK2zNhVnLlOAY
.give.amazonfrontlines.org/	1970-01-20 11:19:08	Name: __cf_bm Value: YBKS9v9ZsGE2oi3nlmIsPo7JBHoFWdqvpN4XAIexM0Y-1682346977-0-ATc8oa/PMW4ItXE7JxNooSV//eVZ+G4o3Bjmg/Sf3dj6meesHIRYf5BZuaqELLZT/nds6xNbGrnk3aw8auumqwY=
.give.amazonfrontlines.org/	1969-12-31 23:59:59	Name: __cfruid Value: dc6f502b50e5e32c8860404cf2c2a972c0b386ca-1682346977
.amazonfrontlines.org/	1970-01-20 20:55:06	Name: _ga Value: GA1.1.1714092457.1682346975
.amazonfrontlines.org/	1970-01-20 20:47:04	Name: _hp2_id.1566116007 Value: %7B%22userId%22%3A%224790208828267260%22%2C%22pageviewId%22%3A%228069255487588060%22%2C%22sessionId%22%3A%226263976463830238%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
give.amazonfrontlines.org/	1970-01-20 11:39:16	Name: c_src Value: {"313372":[{"c_src":"web","c_src2":"home","referrer":"https://amazonfrontlines.org/","timestamp":1682346978209}]}
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: iiLUgp_env8
.youtube.com/	1970-01-20 15:38:18	Name: VISITOR_INFO1_LIVE Value: 1UPNY20iYQ8
.amazonfrontlines.org/	1970-01-20 11:19:07	Name: _gat_classyTrack Value: 1
.amazonfrontlines.org/	1970-01-20 11:19:07	Name: _gat_clientTrack Value: 1
.amazonfrontlines.org/	1970-01-20 20:47:04	Name: _hp2_props.1566116007 Value: %7B%22environment%22%3A%22prod%22%2C%22organization_id%22%3A67405%2C%22payment_processor%22%3Anull%2C%22campaign%22%3A313372%2C%22campaign_type%22%3A%22crowdfunding%22%2C%22duplicate_fundraisers%22%3Afalse%2C%22existing_fundraiser%22%3Afalse%7D
.amazonfrontlines.org/	1970-01-20 11:19:08	Name: _hp2_ses_props.1566116007 Value: %7B%22r%22%3A%22https%3A%2F%2Famazonfrontlines.org%2F%22%2C%22ts%22%3A1682346978158%2C%22d%22%3A%22give.amazonfrontlines.org%22%2C%22h%22%3A%22%2Fgive%2F313372%2F%22%2C%22g%22%3A%22%23!%2Fdonation%2Fcheckout%3Fc_src%3Dweb%26c_src2%3Dhome%26eg%3Dtrue%26egp%3Ddo%22%7D
.give.amazonfrontlines.org/	1970-01-20 20:04:42	Name: OptanonConsent Value: landingPath=https%3A%2F%2Fgive.amazonfrontlines.org%2Fgive%2F313372%2F%23!%2Fdonation%2Fcheckout%3Fc_src%3Dweb%26c_src2%3Dhome%26eg%3Dtrue%26egp%3Ddo&datestamp=Mon+Apr+24+2023+14%3A36%3A18+GMT%2B0000+(GMT)&version=3.6.25&EuOnly=true
give.amazonfrontlines.org/	1970-01-20 11:19:07	Name: XSRF-TOKEN Value: eyJpdiI6IjZzUzVadExLNWZnbmF2V2YxZDBkM1E9PSIsInZhbHVlIjoia3Y3Z1hUWlUyQnd2SnhwXC9DYVdrZmZlaWx0emYwZlYyZTZ6Nytqb1lHb1ZrNzZ6SytRMlwvdGxBWHVLcDFIa0lKbFJCNEVncVRobWtWeUdZdHhZSWpncjVuYU1pRlhYQWwwbVRyTlUwczlLUkFEVWdhVnhtXC9xMVI5XC95b0YrN2YzIiwibWFjIjoiOGI4OGRiZWY0ZDQ0Y2JjMzY5N2FjOTg4ZjIwNWJlYTQ0ZmE2OWUzYzhhYjVhNjYzNjdmOTE2NTZkZDcyNWMyNSJ9
give.amazonfrontlines.org/	1969-12-31 23:59:59	Name: sid Value: eyJpdiI6Ik5JZWdzWmRFODVpZVlZTk85ZW9rV0E9PSIsInZhbHVlIjoiUitjejlzMzhWQzZxUFRUK3BURzZ3YjJndTNSV2JVSVoxQVdBRU51RTJcL2diSVl5SmxBNCtiMW4zblMzSkJlS3YwTG5pbWE5ZXJHM3RKWWNhaFRBSWU5bFI4XC9QUjZEMVl4RUoyM2Z4eFBVdjgycTBHa2tCMEJTN0dYemlqMVBYeSIsIm1hYyI6ImFlZmRkYjI2NDc5ODFhYWVkMWZiZjFmMjRkZDI3NTExYjA1NWY4YzczMDU3N2VmYzU2YmI1MzFkMDc0NGEwYmUifQ%3D%3D
.amazonfrontlines.org/	1970-01-20 20:55:06	Name: _ga_6HXY58W7SY Value: GS1.1.1682346977.1.1.1682346978.0.0.0
give.amazonfrontlines.org/	1969-12-31 23:59:59	Name: CSRF-TOKEN Value: jJAfD7Oh-TSg4H14M9vLLX4stG7gjAFw7MVw
.google.com/	1970-01-20 15:42:38	Name: NID Value: 511=pATPIyaKSMXrxCAN2fPVdStKKdYHsZJtCfbT_TzgXcpDZWCBt3-com31oGrXKT_CCO0zU1h5NiQxBgIN5bIvXzDM-HgLZtRcSIM7LrYiVFi9WwVBdLY8J4V_kkZPJhntcl4ZC_8JqaIF2nnh-vn7SEhCXgaT4ATwKKcsfUfy7Dk
m.stripe.com/	1970-01-20 20:55:06	Name: m Value: 6cdd0af5-f4e8-48b3-8001-fa2d3bc99cc8ffaab8
.give.amazonfrontlines.org/	1970-01-20 20:04:42	Name: __stripe_mid Value: a6278b0f-d426-4d8e-9cf6-d9adf9b22c069f55f9
.give.amazonfrontlines.org/	1970-01-20 11:19:08	Name: __stripe_sid Value: acf78973-9520-421a-a214-759899c4c7f2cec9e7

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amazonfrontlines.org
assets.classy.org
bam.nr-data.net
cdn.heapanalytics.com
cdn.linkedin.oribi.io
cdn.plaid.com
code.jquery.com
connect.facebook.net
d188lez4s0fwft.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
give.amazonfrontlines.org
googleads.g.doubleclick.net
heapanalytics.com
htp.tokenex.com
js-agent.newrelic.com
js.stripe.com
m.stripe.com
m.stripe.network
merchant-ui-api.stripe.com
pay.classy.org
pay.google.com
platform.twitter.com
play.google.com
prod-frs.content.classy.org
px.ads.linkedin.com
px4.ads.linkedin.com
q.stripe.com
r.stripe.com
region1.analytics.google.com
region1.google-analytics.com
sdk.classy.org
sessions.bugsnag.com
snap.licdn.com
static.cloudflareinsights.com
stats.g.doubleclick.net
syndication.twitter.com
unpkg.com
www.classy.org
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.youtube.com
104.244.42.200
13.107.42.14
13.32.121.38
13.32.27.116
142.250.186.34
151.101.128.176
151.101.130.137
162.247.243.29
18.202.131.124
2001:4860:4802:32::36
2001:4de0:ac18::1:a:1b
23.21.52.182
2600:1901:0:7a0b::
2600:9000:20eb:7200:2:53b2:240:93a1
2600:9000:2490:ce00:14:5590:7e40:21
2606:2800:234:59:254c:406:2366:268c
2606:4700:4400::6812:2b9e
2606:4700::6810:3965
2606:4700::6810:7eaf
2606:4700::6812:7115
2606:4700::6812:843c
2620:1ec:21::14
2a00:1450:4001:801::2003
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:810::200e
2a00:1450:4001:812::2003
2a00:1450:4001:812::200a
2a00:1450:4001:813::2008
2a00:1450:4001:827::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2004
2a00:1450:400c:c04::9a
2a00:1450:4013:c04::5c
2a02:26f0:3500:16::215:148d
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
44.215.21.224
52.143.247.24
54.186.23.98
54.201.215.5
99.86.4.76
04183289430803326acd6b1535457d8196284cb67186adb767c506c8c69a0fb1
04492b9fe12b21b73c514216289c8ee03751b335d2750fa77d81b16a50102e4f
091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b
0a30f94167bc21b61b2417f07dd1ee6a6cf76b83eacaedf1a1704cba3b904c79
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0c06c562695b244c211c4dfa162c4dfb527dbf6ac77a81e0d6840392ce16e199
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0e1d4bfeaf7a83908ad372edccb5ebb2fcc9bce7998b0efdf6f374e629fd99ea
0ea220d4ad1c32f2b9c3fb1c5c2cce3df57496e54556f092e0f201d4d8622849
106e4667e7886cd358211fd6ce897e3ceeca0003bac487d9986a64da601ca601
1291012d74c10f8b6a72bb1fddddbe566b7f90af474dc3b470d0876896d3f365
13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b
15700dd8eb8e54e4d06e5a3cb134b175e43b9d1dc3e76bb42f7b1f313bf9cba3
16355d74493531689777a390b1a0d7b87cfaa68600ed691fca1fd5ce8ed674d8
16a2fcf59eb7e6f04fe15ad2b13cff5fd8813a3267e7f4c57fdf16d35470f5d8
1eee475401ced2b41622d05d372d5994af2ef888f82d09b6a7507838600819e5
23a830983184102217d5b0f0c01a3ab5f209589914d062cea8fca5dc5d760807
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
25460046e739811aee204eab1b61642c6cfeb603a184bf2f36001e8797129a75
2974aa7a01b564e60381fddb0c7dc35d24730f427a3d8e413e5ff66623e4f2ef
2a348f9793269ef74e8bd0be51c68f47b76b1bbd1c054b78b8fa3feb0bb82971
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b852eb977b9aec9aa7b5089471d93ec72faf42fb2cbd9d3f1eb2b155512cfde
2c8cb3dd7cbbdc391215448b84492ea93f13bea4798a2df22854d8cbfcf2d464
2e60089421dbb62b7064eb8cc3cb72115dc6ffabdad8835bd131c95de1ed915f
2f1d9b491b08daadc738115c579f9cc1b85b29078fdefe99ad994f9db0f5da22
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
3af2ac5de2ad426956126f68afe3041e47c431ea76feac341c861a472de91d6f
3c124e8d5cc4a724c0cc1650bbb0c64f90f6cd00807ec75353423d6cb0880390
3e7d859a6809b7a9ee7f54287cae97d2cedb72957e3213f81a2d2dcf73ae3dfc
3ec1704383ae140002a62a7af19ba9803d217c68f7fd6145b57aa2904486f791
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
4189b3ba0c732fdddb79c35269aac0618d76827fd2d02a79499d5e04ae2685ed
42da9879df79b772af2ce2bf1a55a86438f777028bfc9d22ab625e5d1f22362a
463c8cd998ec33964870ec77084a02d4e75ff30cb583167f3a2c4ac3fd95e645
46989843cf6db9b279fe42b1ad1f76e09e30eabc768be16ea6c6bb2f94c67883
47e7eaea18791ebecf65100410d22246f2c95e839c75a9a588a29aa402b88264
488c51a30edd1588ceb44a43332fcc4ee5744cb689464f71ca62978092ac115b
490615ad51366c681f7127d4e30a49c517e33c80c056b522eadc334dd7269df9
49f71b872543caf6c6fb6b4ca66572416ffd3b38ab9b14d73a2face8dc009317
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
51e416712f2a66c0f2abf8fc2ea4d86df45109a57406156a6ebec14c8138d626
520b4b1a4e266fcd8dc4d48f3c5fd89e542b4d164143caf784c93447cccc6709
56b6e95b2d7f0ef3499dd72399e73ffe9e08d5a5c9ff3fafe0aae9c5da33ad0b
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5bfee04f991dacac6d2eeee72cbd9e13f61bdbe19e315e7e9e598d66d1ba2e79
5e588fef38b35ab5cacf0a93bee333235b844160dae0cca598363a681f49742a
5f17671ce030879a0b89ffce96fc31e6feb1a46b560ec7df7e8fb615682258a5
62f42276dddf470e795cc1b1bdcb8fe73a0354188bcfa80e0600e8b8d2a21dcb
63fd09d8a7d608465463cf87c8ab3f52f0aac5612c9ee1c3e6eea0a9c1970f13
641e6fc348b4f6de3b8c056930ac32722d5b9e64d5136dbb5c097b3fe57e530c
6719fa0d3554909fe69bc82c22606b28ea8d1bf5cef2e705928dd4f66c17efac
6a4d9b4f37862a161cb9a7b7c8b6d4bea495c108be4d8086e3af80aa1493e733
6ac48a7c704eb512addd8690ff165f87f9757f986d2ecf6b3f12c2ff077cecbf
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bd0f25f74142536db572062ff1ca9e9e244a02c45bf8a1218198553e95bea0e
700e2283a18e14ed801ad182b3ce69a1ff0b79db0309b367ddf6d9dbfbf085b4
7287403835f30c5729e1139dd36787dd60b70d00c35e80ed76fee8025b0c29a7
743400827279a748ff4e9c0760b9d878206351259383b9913183294f68bc2871
751851e72654508ca07678c61bdacd91b772d725f531dd8a6f62e6f941e11ecc
775c0d83ab0c95e5349a26584816b075ff88c9ce6ef5d46726aa28f4ededb868
7839604d7a5c0f2f1b092cc0b9476a4175003bf86d35c6f354225dc58f6e1a1b
7af5a08b3fbf0fe91b04a13b11a266b8deef1eaf3f3351d5f708b0d363cfd085
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7d081b1ed15a0074cf2cc7e574123fc85736ef6648ba45c5e6f5a446c9dcc849
7d9df168924d6dea87277229a6f7c34a48f0d66420dfb654955f142271b01f5c
7f7e21372859a2f6cf237901739dce1bf3f711c18973959a9e624b3735059f59
81847bbab2bddbd1d5482bd8b47e1a77709155d7dfeb4aec2d49ed8b75a4a29e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86cb276d0550d189e7dad4800fbbcfe7b5312f7845e0e711115d5aad589b5d27
8a111e32f8ac3668f71a163d62aa9465d33bfa641a2df93c636495b3de961f08
8ae6dc26c68d8933cb92ca7c37f0905a07af7c7e9df8aca254d5e7cae6d7bad7
8c5962cd04b24babf8108ffd61a518f18c2bd86aef0d9d02fa0a6a6f939d2858
8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e
8f7419386f435834f7b8b646705b2a17db87c1b3d2803101a907a968fd3deb6e
9224bb3a408156a2224e42b155bf04de4be4361785b6c6c1c351cfe0f6f6a3ec
92747742b0d05de841880d3cad6550593fa08692d26fe086e15d4a5696606a54
9622648bdeedeba4452bab60b7f1ad2ff3bd9a236f3a3bb9fcc3e4ef59cbc411
96ce5bdbfcd46b0652000b39d09d3175f238dfd4cc5e192dee189de7168ea7c5
9818d0989f4b538a42d1701d5f4ce58b7892164aa53cb9a9597cab6d74f84f9f
987371454c1ad11929a412bd48f8ca28d2a951425e60023e9b1031575980ac9c
9b1fb531c79eb8ce9a6e9f833b9de4a43be31458e9a999dcced9147e0176d601
9c0eb9ed92ce7dc0e6ca22edf64d469e4e63b2746adc0fc9840277f1edcc6de2
9dc9f15be9644fe661ed74493a4de393418024500fe78cf633bac0a86f29a745
9e7d595f9089209fce023a961d31ea386f600d32a44094e000d830bc7bdd4e6d
a39c7130747e5795889aa3ee603173b357eb0deade0252622413c78ddbe00350
a3c9bb0126992129d561e6615234943f04520c69bdba33205c935ca70414c2ef
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a4f03677f716f1db373f1c115b0199d7d777dd90634465e8e9de07ada8d96036
a5d81cbdf216b4451e07b1de69b6c749c99dbf84d85189eb5825f971bcc68f5a
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a7326ce7c8d187779e4b0fc5dc3cf6edef14f228c59b165ad1153a1d15899db5
ac01180e608065cc699c50c1517765f00ea1d5a077f1cb895b99881ac3660988
aca0682f2a6967bfe39854cbc9abf550ac57023624336aa699dcd76552afc183
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
ad4cbebcd8d72ba42c4dcba1808542f5d021b5d0795a0815fa11e39c13bda054
adf4afee15d307888f52c5c1b8649ba2ef593e9a04e1400b63f80774c0d20176
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b05bc405a4294a1d778025a79275c288477dda7cf50f679c9b621925b0dad5a4
b0817a0d6a87f2d42532035e42b20ea55cfaa5ca1092c761f5fc5e734790bdbf
b6a613ee9108f1d682a41dbf67bf48474111f09ae1b3f9610371f9e9ab310ba1
b7d9e93df0e9ed19898260e542dd3ab74302010dfe2a5a4d3fdcceb2d38f9b00
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bfd4812dd9e62920943aad9e1ddc6d9054c7379112cd4153db6ba4ff68e02bb6
c1082c556cc051f6e1b925634603a403da0d11c5319d37f65e47478fcb65e68c
c1a13f2865f54d88cd9ebcb80da9825501a684285f0e484c21a5f8017b7fe5db
c54dcc32bde6c85debc63110e0f15ae9bd336f25ef7e0aa319ce66cb0d25d2af
c5c19c57f48c707d99edc04f7d3175f82e3f7fb20063d9d3f8d2d77381f4e519
c751fe2e3ebe19205c4845af55a79608fcc55109648115357e673bf5dc161b49
cc1a8f5f467a2c40b94e88a74933bf9a9e46b808d69b5bda1e5acb6094f550dc
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d5fbd8d11f9a310b0f3fc5f45bd79c163cfbd0a81214b06324511633d214d7ce
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
db35d9942ff3fe390acc214cea81723f9c880cdd53788be8a16d6b3e0aab3965
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e1b2e557482f04204d26ea80dacee6fa4d88fa76b1da13d3615b669490d34660
e248bd1b7cf411f7060c0c10aa8e9b7358c5d751727fced5e5cc0bbd8a5bc3c7
e253eb12258cda41bd93412f04cced9cedffd11b6aee1c90391cb043da9dc5d3
e2fe345d3fc14db760845d780f2639b379d641911651c23efd7203e44cc7f341
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5be0cf9e12892e32ca57fd11154fe22c8f57958752e83c22905a194bdc52a7d
ea5e960e0f14eea41744b9b0f55e837bd66f6abf20557345ff783dfb10bcf87d
eb316b7543de09693b789a31a3cf23d39272ca8a14c2720bd69c2a1eec6c4d23
ee43de7f6648dac36980de3bcf1bf0d34f07178fdb8afac80541f5cf1660cc5d
ee8b513e01e58127f81cb40ae5909a16a8eb0f8185efa32fd0a9104a7deb2c78
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef606211a2fb3a2bc5128dd6e67a8e644b2a879dc604b218028e525035e6df1c
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f6859eb8f0f96a1493a47e0cab0144e6dba46b3c492042660dd5b02b6cec167b
f6c2565244a7d2fd5524ea698c9694fd053a99d1955cfdad0658e6acd7feb054
f7edf8812e9e7e12c20d41424bfcdaa12bb69631217a1a653282e681b57dee33
f866d217a96d2683e5a51b091d3ed6db356c3fc1f4bc30712aadce0efc6409c7
f8d31fc95340935f0a1e3f04183511383a0b2ef7cc5b48d7af07aa402d2c6762
fb92a1ef1cf264bb8eea72c2931c0792c88263258e00e86de118bdd5f1aae997
fd8be1f415e873bf9ceec9ccbc8910764e4270c704d004ecb2d636e7604e9032
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
ffa12a66b77bcb1fc0cc691ed439b877e084a91bd9f5537e651306fcf6246049

amazonfrontlines.org Open in urlscan Pro 23.21.52.182 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

269 Requests

100 %HTTPS

64 %IPv6

30 Domains

49 Subdomains

42 IPs

5 Countries

8858 kBTransfer

20381 kBSize

37 Cookies

5 Outgoing links

Redirected requests

269 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

amazonfrontlines.org Open in urlscan Pro
23.21.52.182 Public Scan

Screenshot
Live screenshot

Full Image

269
Requests

100 %
HTTPS

64 %
IPv6

30
Domains

49
Subdomains

42
IPs

5
Countries

8858 kB
Transfer

20381 kB
Size

37
Cookies

269 HTTP transactions
1 data transactions