donate.wfp.org Open in urlscan Pro
34.117.85.67  Public Scan

8 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://u.mg.wfp.org/3wxEQbUq HTTP 301
   https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

• https://5499309.fls.doubleclick.net/activityi;src=5499309;type=sitev00;cat=wfpor0;ord=1006834892700;auiddc=993957948.1696959481;gtm=45He3a90h2;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3479%26utm_source%3Dsupportercare%26utm_medium%3Dsms%26utm_campaign%3D231009_Afghanistan_Emergency%26utm_cid%3D7014y000001RTUHAA4 HTTP 302
• https://5499309.fls.doubleclick.net/activityi;dc_pre=COeiudiC7IEDFV8KogMdIuYDSQ;src=5499309;type=sitev00;cat=wfpor0;ord=1006834892700;auiddc=993957948.1696959481;gtm=45He3a90h2;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3479%26utm_source%3Dsupportercare%26utm_medium%3Dsms%26utm_campaign%3D231009_Afghanistan_Emergency%26utm_cid%3D7014y000001RTUHAA4

Request Chain 39

• https://10390555.fls.doubleclick.net/activityi;src=10390555;type=rem0;cat=allp;ord=6093208976511;auiddc=993957948.1696959481;gtm=45fe3a40;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3479%26utm_source%3Dsupportercare%26utm_medium%3Dsms%26utm_campaign%3D231009_Afghanistan_Emergency%26utm_cid%3D7014y000001RTUHAA4 HTTP 302
• https://10390555.fls.doubleclick.net/activityi;dc_pre=CLy50diC7IEDFSMUogMdq30LJA;src=10390555;type=rem0;cat=allp;ord=6093208976511;auiddc=993957948.1696959481;gtm=45fe3a40;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3479%26utm_source%3Dsupportercare%26utm_medium%3Dsms%26utm_campaign%3D231009_Afghanistan_Emergency%26utm_cid%3D7014y000001RTUHAA4

Request Chain 40

• https://adservice.google.de/ddm/fls/i/dc_pre=COeiudiC7IEDFV8KogMdIuYDSQ;src=5499309;type=sitev00;cat=wfpor0;ord=1006834892700;auiddc=993957948.1696959481;gtm=45He3a90h2;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3479%26utm_source%3Dsupportercare%26utm_medium%3Dsms%26utm_campaign%3D231009_Afghanistan_Emergency%26utm_cid%3D7014y000001RTUHAA4 HTTP 302
• https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=COeiudiC7IEDFV8KogMdIuYDSQ;src=5499309;type=sitev00;cat=wfpor0;ord=1006834892700;auiddc=993957948.1696959481;gtm=45He3a90h2;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3479%26utm_source%3Dsupportercare%26utm_medium%3Dsms%26utm_campaign%3D231009_Afghanistan_Emergency%26utm_cid%3D7014y000001RTUHAA4

Request Chain 52

• https://googleads.g.doubleclick.net/pagead/viewthroughconversion/481751819/?random=1971596368&cv=9&fst=1696959481713&num=1&npa=1&label=5IJhCIaT_O0BEIvm2-UB&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F10390555.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCLy50diC7IEDFSMUogMdq30LJA%3Bsrc%3D10390555%3Btype%3Drem0%3Bcat%3Dallp%3Bord%3D6093208976511%3Bauiddc%3D993957948.1696959481%3Bgtm%3D45fe3a40%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fdonate.wfp.org%252F1244%252Fdonation%252Fsingle%252F%253Fcampaign%253D3479%2526utm_source%253Dsupportercare%2526utm_medium%253Dsms%2526utm_campaign%253D231009_Afghanistan_Emergency%2526utm_cid%253D7014y000001RTUHAA4%3F&ref=https%3A%2F%2Fdonate.wfp.org%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=-YslZYP6LOeB7_UPqJyziAI&sscte=1&crd=&pscrd=IhMIw9rt2ILsgQMV58C7CB0ozgwh HTTP 302
• https://www.google.com/pagead/1p-conversion/481751819/?random=1971596368&cv=9&fst=1696959481713&num=1&npa=1&label=5IJhCIaT_O0BEIvm2-UB&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F10390555.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCLy50diC7IEDFSMUogMdq30LJA%3Bsrc%3D10390555%3Btype%3Drem0%3Bcat%3Dallp%3Bord%3D6093208976511%3Bauiddc%3D993957948.1696959481%3Bgtm%3D45fe3a40%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fdonate.wfp.org%252F1244%252Fdonation%252Fsingle%252F%253Fcampaign%253D3479%2526utm_source%253Dsupportercare%2526utm_medium%253Dsms%2526utm_campaign%253D231009_Afghanistan_Emergency%2526utm_cid%253D7014y000001RTUHAA4%3F&ref=https%3A%2F%2Fdonate.wfp.org%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIw9rt2ILsgQMV58C7CB0ozgwh&is_vtc=1&ocp_id=-YslZYP6LOeB7_UPqJyziAI&cid=CAQSKQDICaaNuM6nKtz-81ogqgqecqJmIsa3khohETItqNxLnftaqBVVE5Uz&random=2276730280&resp=GooglemKTybQhCsO HTTP 302
• https://www.google.de/pagead/1p-conversion/481751819/?random=1971596368&cv=9&fst=1696959481713&num=1&npa=1&label=5IJhCIaT_O0BEIvm2-UB&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F10390555.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCLy50diC7IEDFSMUogMdq30LJA%3Bsrc%3D10390555%3Btype%3Drem0%3Bcat%3Dallp%3Bord%3D6093208976511%3Bauiddc%3D993957948.1696959481%3Bgtm%3D45fe3a40%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fdonate.wfp.org%252F1244%252Fdonation%252Fsingle%252F%253Fcampaign%253D3479%2526utm_source%253Dsupportercare%2526utm_medium%253Dsms%2526utm_campaign%253D231009_Afghanistan_Emergency%2526utm_cid%253D7014y000001RTUHAA4%3F&ref=https%3A%2F%2Fdonate.wfp.org%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIw9rt2ILsgQMV58C7CB0ozgwh&is_vtc=1&ocp_id=-YslZYP6LOeB7_UPqJyziAI&cid=CAQSKQDICaaNuM6nKtz-81ogqgqecqJmIsa3khohETItqNxLnftaqBVVE5Uz&random=2276730280&resp=GooglemKTybQhCsO&ipr=y

Request Chain 78

• https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559730232247334&referrer=https%3A%2F%2Fadservice.google.com%2F&forward= HTTP 302
• https://p.rfihub.com/cm?pub=39342&in=0&userid=a68f995c-9421-407a-afea-7a5bc558a85a%3A1696959483.0453238&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Da68f995c-9421-407a-afea-7a5bc558a85a%253A1696959483.0453238%26_%3D1696959483.046488&cb=1696959483.0465178 HTTP 302
• https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559730232247334&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Da68f995c-9421-407a-afea-7a5bc558a85a%253A1696959483.0453238%26_%3D1696959483.046488 HTTP 302
• https://idsync.rlcdn.com/501709.gif?partner_uid=a68f995c-9421-407a-afea-7a5bc558a85a%3A1696959483.0453238&_=1696959483.046488

Request Chain 79

• https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEwODU1OTczMDIzMjI0NzMzNA==&forward= HTTP 302
• https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEBWMHrJqQV-0KnBe9VNPfzY&google_cver=1 HTTP 302
• https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559730232247334&referrer={encSite}&forward= HTTP 302
• https://p.rfihub.com/cm?pub=39342&in=0&userid=a68f995c-9421-407a-afea-7a5bc558a85a%3A1696959483.0453238&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Da68f995c-9421-407a-afea-7a5bc558a85a%253A1696959483.0453238%26_%3D1696959483.7255244&cb=1696959483.725552 HTTP 302
• https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559730232247334&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Da68f995c-9421-407a-afea-7a5bc558a85a%253A1696959483.0453238%26_%3D1696959483.7255244 HTTP 302
• https://idsync.rlcdn.com/501709.gif?partner_uid=a68f995c-9421-407a-afea-7a5bc558a85a%3A1696959483.0453238&_=1696959483.7255244

Request Chain 80

• https://ib.adnxs.com/setuid?entity=18&code=5108559730232247334 HTTP 307
• https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5108559730232247334

Request Chain 81

• https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5108559730232247334&redir= HTTP 302
• https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5108559730232247334&redir=

Request Chain 84

• https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
• https://ps.eyeota.net/match?uid=5108559730232247334&bid=omt9pi0

Request Chain 87

• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5108559730232247334&forward= HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5108559730232247334&forward=&C=1

Request Chain 94

• https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
• https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=ZSWL_wAWwUESQwA_ HTTP 302
• https://p.rfihub.com/cm?in=1&pub=21653&userid=ZSWL_wAWwUESQwA_&_test=ZSWL_wAWwUESQwA_

297 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response donate.wfp.org/1244/donation/single/ Redirect Chain https://u.mg.wfp.org/3wxEQbUq https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4	2 MB 150 KB	1184ms 1125ms	Document text/html	34.117.85.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.85.117.34.bc.googleusercontent.com Software Google Frontend / Express Resource Hash ce33f377fd06db8e7148f6f2c5e9fc4747fb4e58c03c36f9cf391d9a3f35a559 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges none access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control max-age=5,stale-when-revalidate=5 content-encoding gzip content-type text/html; charset=utf-8 date Tue, 10 Oct 2023 17:38:00 GMT etag "1e0feb-shUp99RmibqOHqwC8m2UoXUTfC4" server Google Frontend vary User-Agent, Accept-Encoding via 1.1 google x-powered-by Express Redirect headers content-length 0 date Tue, 10 Oct 2023 17:38:00 GMT location https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 server AmazonS3 via 1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront) x-amz-cf-id btAYBpW_JEOJiG-l0JbfdYaNsBoHnn11-89AQuskKvKtLhHPVlEI6g== x-amz-cf-pop FRA60-P3 x-cache Miss from cloudfront
GET H2	200	optimize.js Show response www.googleoptimize.com/	127 KB 50 KB	103ms 34ms	Script application/javascript	2a00:1450:4001:82b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleoptimize.com/optimize.js?id=OPT-P2GL7X7 Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 2baf11798d3dd277c1995d94bbe748eb403c71f77d3b5722dab12ae7dc84d6f6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://donate.wfp.org/ Origin https://donate.wfp.org accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 17:38:00 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 50468 x-xss-protection 0 last-modified Tue, 10 Oct 2023 16:05:37 GMT server Google Tag Manager vary Origin, Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin https://donate.wfp.org cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 10 Oct 2023 17:38:00 GMT
GET H2	200	ad8a60b.modern.js Show response donate.wfp.org/_wfp/	3 KB 1 KB	50ms 46ms	Script application/javascript	34.117.85.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://donate.wfp.org/_wfp/ad8a60b.modern.js Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.85.117.34.bc.googleusercontent.com Software Google Frontend / Resource Hash 41d1b8f8141f92ca18368fff1a1caf9f18ea12dcb8c527e738f6199017f67914 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Thu, 21 Sep 2023 13:07:40 GMT content-encoding gzip via 1.1 google last-modified Wed, 20 Sep 2023 09:42:47 GMT server Google Frontend age 1657820 etag W/"a24-18ab1f87dd8" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1314
GET H2	200	13bb4f0.modern.js Show response donate.wfp.org/_wfp/	232 KB 66 KB	51ms 48ms	Script application/javascript	34.117.85.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://donate.wfp.org/_wfp/13bb4f0.modern.js Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.85.117.34.bc.googleusercontent.com Software Google Frontend / Resource Hash f3cb3c087377fcd1ff6696de65730b49d301d4f18c962818b4e353f4f304295b Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Thu, 21 Sep 2023 13:07:40 GMT content-encoding br via 1.1 google last-modified Wed, 20 Sep 2023 09:42:47 GMT server Google Frontend age 1657820 etag W/"10954-18ab1f87dd8" vary Accept-Encoding content-type application/javascript; charset=UTF-8 x-cloud-trace-context 081e91db19035da8b73c850e64066e1b cache-control public, max-age=31536000 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 67924
GET H2	200	78441d1.css donate.wfp.org/_wfp/css/	25 KB 2 KB	39ms 36ms	Stylesheet text/css	34.117.85.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://donate.wfp.org/_wfp/css/78441d1.css Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.85.117.34.bc.googleusercontent.com Software Google Frontend / Resource Hash 8a8d4136dabd1cf4aa79d26dfc7ff9a04b8c381eca79f2898529dff1fad43c1c Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Mon, 02 Oct 2023 11:21:29 GMT content-encoding br via 1.1 google last-modified Wed, 27 Sep 2023 16:46:12 GMT server Google Frontend age 713791 etag W/"8bd-18ad788a820" vary Accept-Encoding content-type text/css; charset=UTF-8 x-cloud-trace-context eaa8f663a41e11bca60c318562943a65 cache-control public, max-age=31536000 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2237
GET H2	200	54c3c1e.modern.js Show response donate.wfp.org/_wfp/	160 KB 29 KB	52ms 49ms	Script application/javascript	34.117.85.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://donate.wfp.org/_wfp/54c3c1e.modern.js Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.85.117.34.bc.googleusercontent.com Software Google Frontend / Resource Hash f3891231957919cc4ac6ac8e20b5df99d6bbf47d69507657ba0f5b79fd79b026 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Mon, 02 Oct 2023 11:22:59 GMT content-encoding br via 1.1 google last-modified Wed, 27 Sep 2023 16:46:12 GMT server Google Frontend age 713701 etag W/"7270-18ad788a820" vary Accept-Encoding content-type application/javascript; charset=UTF-8 x-cloud-trace-context c3d5c2b264dfd2200858fcab7a4210c4 cache-control public, max-age=31536000 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29296
GET H2	200	e5c9029.css donate.wfp.org/_wfp/css/	335 KB 42 KB	33ms 30ms	Stylesheet text/css	34.117.85.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://donate.wfp.org/_wfp/css/e5c9029.css Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.85.117.34.bc.googleusercontent.com Software Google Frontend / Resource Hash 85e0445d24cfa83afcc9f008f279842a3f908626f8526de2dfff8830a82d7968 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Thu, 21 Sep 2023 13:06:52 GMT content-encoding br via 1.1 google last-modified Wed, 20 Sep 2023 09:42:47 GMT server Google Frontend age 1657868 etag W/"a804-18ab1f87dd8" vary Accept-Encoding content-type text/css; charset=UTF-8 x-cloud-trace-context edd28974ac9bbbf9ab792658833d1953 cache-control public, max-age=31536000 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43012
GET H2	200	a24d6a1.modern.js Show response donate.wfp.org/_wfp/	537 KB 124 KB	57ms 56ms	Script application/javascript	34.117.85.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://donate.wfp.org/_wfp/a24d6a1.modern.js Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.85.117.34.bc.googleusercontent.com Software Google Frontend / Resource Hash ff60aef58a855a5d32864dd2e14d8ca5eacd712d84b4cbc390a1ebcbf18ff81c Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Mon, 02 Oct 2023 11:22:59 GMT content-encoding br via 1.1 google last-modified Wed, 27 Sep 2023 16:46:12 GMT server Google Frontend age 713701 etag W/"1efc3-18ad788a820" vary Accept-Encoding content-type application/javascript; charset=UTF-8 x-cloud-trace-context 201403a3769756b1ff04e4a1b71d0765 cache-control public, max-age=31536000 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 126915
GET H2	200	gtm.js Show response www.googletagmanager.com/	342 KB 105 KB	153ms 66ms	Script application/javascript	2a00:1450:4001:803::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-KN3K8D Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e1cc372876702bcaef198210038ce1522eddcf96e49f43c0dfc1cc1e5af68f7e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://donate.wfp.org/ Origin https://donate.wfp.org accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 17:38:00 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 106841 x-xss-protection 0 last-modified Tue, 10 Oct 2023 17:12:12 GMT server Google Tag Manager vary Origin, Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin https://donate.wfp.org cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 10 Oct 2023 17:38:00 GMT
GET H3	200	Open_Sans-400-latin48.a09c41f.woff2 donate.wfp.org/_wfp/fonts/	44 KB 44 KB	28ms 27ms	Font font/woff2	34.117.85.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://donate.wfp.org/_wfp/fonts/Open_Sans-400-latin48.a09c41f.woff2 Requested by Host: donate.wfp.org URL: https://donate.wfp.org/_wfp/css/78441d1.css Protocol H3 Security QUIC, , AES_128_GCM Server 34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.85.117.34.bc.googleusercontent.com Software Google Frontend / Resource Hash a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0 Request headers Referer https://donate.wfp.org/_wfp/css/78441d1.css Origin https://donate.wfp.org accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Mon, 11 Sep 2023 18:53:34 GMT via 1.1 google last-modified Mon, 04 Sep 2023 16:46:26 GMT server Google Frontend age 2501066 etag W/"af00-18a61169ad0" content-type font/woff2 x-cloud-trace-context 848f237feda1ca1a663847d47bdc70d7 cache-control public, max-age=31536000 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 44800
GET H2	200	activityi;dc_pre=COeiudiC7IEDFV8KogMdIuYDSQ;src=5499309;type=sitev00;cat=wfpor0;ord=1006834892700;auiddc=993957948.1696959481;gtm=45He3a90h2;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~o... Show response 5499309.fls.doubleclick.net/ Frame 47D6 Redirect Chain https://5499309.fls.doubleclick.net/activityi;src=5499309;type=sitev00;cat=wfpor0;ord=1006834892700;auiddc=993957948.1696959481;gtm=45He3a90h2;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;... https://5499309.fls.doubleclick.net/activityi;dc_pre=COeiudiC7IEDFV8KogMdIuYDSQ;src=5499309;type=sitev00;cat=wfpor0;ord=1006834892700;auiddc=993957948.1696959481;gtm=45He3a90h2;uaa=;uab=;uafvl=;uam...	707 B 575 B	62ms 61ms	Document text/html	142.250.186.38 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://5499309.fls.doubleclick.net/activityi;dc_pre=COeiudiC7IEDFV8KogMdIuYDSQ;src=5499309;type=sitev00;cat=wfpor0;ord=1006834892700;auiddc=993957948.1696959481;gtm=45He3a90h2;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3479%26utm_source%3Dsupportercare%26utm_medium%3Dsms%26utm_campaign%3D231009_Afghanistan_Emergency%26utm_cid%3D7014y000001RTUHAA4? Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KN3K8D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.38 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f6.1e100.net Software cafe / Resource Hash e6423ab8547b99189df5aaef44e9a2e43bd31559f6f049483ee927887a75400b Security Headers Name Value Strict-Transport-Security max-age=21600 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://donate.wfp.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-encoding br content-length 399 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 10 Oct 2023 17:38:00 GMT expires Fri, 01 Jan 1990 00:00:00 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 10 Oct 2023 17:38:00 GMT expires Fri, 01 Jan 1990 00:00:00 GMT follow-only-when-prerender-shown 1 location https://5499309.fls.doubleclick.net/activityi;dc_pre=COeiudiC7IEDFV8KogMdIuYDSQ;src=5499309;type=sitev00;cat=wfpor0;ord=1006834892700;auiddc=993957948.1696959481;gtm=45He3a90h2;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3479%26utm_source%3Dsupportercare%26utm_medium%3Dsms%26utm_campaign%3D231009_Afghanistan_Emergency%26utm_cid%3D7014y000001RTUHAA4? p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	122ms 36ms	Script text/javascript	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KN3K8D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Tue, 10 Oct 2023 15:51:33 GMT last-modified Mon, 12 Jun 2023 18:23:07 GMT server Golfe2 age 6387 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Tue, 10 Oct 2023 17:51:33 GMT
GET H2	200	bat.js Show response bat.bing.com/	44 KB 13 KB	135ms 52ms	Script application/javascript	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/bat.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KN3K8D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash a236aed5086b9c24d3cc94944d4349e9ce469f325ac23bafcaa5fe3659b15fd1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip date Tue, 10 Oct 2023 17:38:00 GMT last-modified Wed, 06 Sep 2023 22:41:28 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 1A8FCC53098B40D191BFCD75624DEE99 Ref B: FRA31EDGE0514 Ref C: 2023-10-10T17:38:00Z etag "09cc4613e1d91:0" vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript cache-control private,max-age=1800 accept-ranges bytes content-length 12981
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	198 KB 53 KB	99ms 29ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 325fab5a06017764ab5ff18c3e5d6c1625d3524cb2a077e58b902fb8f26d1c9a Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Tue, 10 Oct 2023 17:38:00 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 53364 x-xss-protection 0 pragma public x-fb-debug +LRaX7YjH/WTdcPMaVQZrCufaBFOgImEqKprMuMCFaVEHni4ZpNFVuIBMZtvzi61fCklx3FHUhFYkSRV6+nusA== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	192 KB 70 KB	119ms 51ms	Script application/javascript	2a00:1450:4001:803::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-597680250 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KN3K8D Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 1084b1111e19017ed7d96e21b9327f9e4e3e395314d25ae0e5338d3b377a4a46 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 17:38:00 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 72023 x-xss-protection 0 last-modified Tue, 10 Oct 2023 16:05:37 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 10 Oct 2023 17:38:00 GMT
GET H2	200	adalyser.js Show response c5.adalyser.com/	30 KB 10 KB	299ms 98ms	Script application/javascript	54.77.153.154 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c5.adalyser.com/adalyser.js?cid=wfp Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.77.153.154 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-77-153-154.eu-west-1.compute.amazonaws.com Software / Express Resource Hash e51fc1d194ae40ce2db4ba6abce427ad95cc98d505a4e7346c0c6f6eae33b1c9 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 17:38:00 GMT content-encoding gzip x-powered-by Express etag "c45b12ad070ae9f57c6c09ebf86fe40d82a75110" p3p CP="ADMa OUR IND DSP NON COR" access-control-allow-origin * content-type application/javascript cache-control public, max-age=21600 access-control-allow-credentials true access-control-allow-headers origin, content-type, accept content-length 10207
GET H3	200	js Show response www.googletagmanager.com/gtag/	277 KB 92 KB	120ms 54ms	Script application/javascript	2a00:1450:4001:803::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-TL7TXTVCYL&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KN3K8D Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 8b6cee25e4dea6158182639c2b44ea962d589ba7e7e10fbed73387982381b291 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 17:38:00 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 94238 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 10 Oct 2023 17:38:00 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	16 B 221 B	42ms 32ms	XHR text/plain	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=543556405&t=pageview&_s=1&dl=https%3A%2F%2Fdonate.wfp.org%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3479%26utm_source%3Dsupportercare%26utm_medium%3Dsms%26utm_campaign%3D231009_Afghanistan_Emergency%26utm_cid%3D7014y000001RTUHAA4&ul=en-us&de=UTF-8&dt=Donate%20Now%20%7C%20United%20Nations%20World%20Food%20Programme&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=191831480&gjid=1315119562&cid=1157176061.1696959481&tid=UA-127155074-1&_gid=2117925464.1696959481&_r=1&_slc=1&gtm=45He3a90h2n71KN3K8D&z=1185546786 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 523ccc05bf563e4086b1e1ffbf44fa63b0777f85d40b0119e8739a3aaeec900b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://donate.wfp.org/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 10 Oct 2023 17:38:00 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://donate.wfp.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	3 B 70 B	37ms 33ms	XHR text/plain	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=543556405&t=pageview&_s=1&dl=https%3A%2F%2Fdonate.wfp.org%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3479%26utm_source%3Dsupportercare%26utm_medium%3Dsms%26utm_campaign%3D231009_Afghanistan_Emergency%26utm_cid%3D7014y000001RTUHAA4&ul=en-us&de=UTF-8&dt=Donate%20Now%20%7C%20United%20Nations%20World%20Food%20Programme&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAiEABBAAAACAAI~&jid=1036808127&gjid=186155696&cid=1157176061.1696959481&tid=UA-2556524-1&_gid=2117925464.1696959481&_slc=1&gtm=45He3a90h2n71KN3K8D&z=1993050636 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://donate.wfp.org/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 10 Oct 2023 17:38:00 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://donate.wfp.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 348 B	96ms 30ms	XHR text/plain	2a00:1450:400c:c0b::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-2556524-1&cid=1157176061.1696959481&jid=1036808127&gjid=186155696&_gid=2117925464.1696959481&_u=YGDAiEABBAAAAGAAI~&z=852828424 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://donate.wfp.org/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Tue, 10 Oct 2023 17:38:00 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://donate.wfp.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	15 B 83 B	40ms 39ms	XHR text/plain	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=543556405&t=pageview&_s=1&dl=https%3A%2F%2Fdonate.wfp.org%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3479%26utm_source%3Dsupportercare%26utm_medium%3Dsms%26utm_campaign%3D231009_Afghanistan_Emergency%26utm_cid%3D7014y000001RTUHAA4&ul=en-us&de=UTF-8&dt=Donate%20Now%20%7C%20United%20Nations%20World%20Food%20Programme&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACEABBAAAAGAAI~&jid=640077646&gjid=717447806&cid=1157176061.1696959481&tid=UA-2556524-57&_gid=2117925464.1696959481&_r=1&_slc=1&gtm=45He3a90h2n71KN3K8D&z=164613950 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 9ee1bc4923dc7344b0c712352a782fcadcd1bbeda8b3a7059f60944a7e1305b0 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://donate.wfp.org/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 10 Oct 2023 17:38:00 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://donate.wfp.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	1877519415676647 Show response connect.facebook.net/signals/config/	132 KB 35 KB	28ms 26ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1877519415676647?v=2.9.133&r=stable&domain=donate.wfp.org Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 7c61858771d4b4509940a29a6fc2be59cae49e0be60279eca7c8cda8a0ee6cea Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Tue, 10 Oct 2023 17:38:00 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 35079 x-xss-protection 0 pragma public x-fb-debug HY8mDw+x1M5iJStYbCGNPSxM2MKEPthicUGz0ccHjMjc3Uj2eRxxhW+U9nqcgW7UCr9shfoxNexTVZ+vXTWS9w== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	204	22021902.js Show response bat.bing.com/p/action/	0 117 B	49ms 48ms	Script text/plain	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/action/22021902.js Requested by Host: bat.bing.com URL: https://bat.bing.com/bat.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control private,max-age=1800 date Tue, 10 Oct 2023 17:38:00 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: EC294D7CA0584EF4AB3112AD7B728327 Ref B: FRA31EDGE0514 Ref C: 2023-10-10T17:38:00Z x-cache CONFIG_NOCACHE
POST H2	200	collect Show response stats.g.doubleclick.net/j/	1 B 69 B	58ms 33ms	XHR text/plain	2a00:1450:400c:c0b::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-127155074-1&cid=1157176061.1696959481&jid=191831480&gjid=1315119562&_gid=2117925464.1696959481&_u=YEBAAEAAAAAAACAAI~&z=224181393 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://donate.wfp.org/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Tue, 10 Oct 2023 17:38:00 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://donate.wfp.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	227 KB 81 KB	38ms 37ms	Script application/javascript	2a00:1450:4001:803::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-7B8MHJ3Q6W&cx=c&_slc=1 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash c6c4a6e1efbc71439dd09c40dee6a27d2b57705f789ea13717ef048b84b27b43 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 17:38:00 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 82956 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 10 Oct 2023 17:38:00 GMT
POST H2	204	collect region1.analytics.google.com/g/	0 244 B	93ms 37ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-TL7TXTVCYL&gtm=45je3a40h1&_p=543556405&_gaz=1&cid=1157176061.1696959481&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696959480&sct=1&seg=0&dl=https%3A%2F%2Fdonate.wfp.org%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3479%26utm_source%3Dsupportercare%26utm_medium%3Dsms%26utm_campaign%3D231009_Afghanistan_Emergency%26utm_cid%3D7014y000001RTUHAA4&dt=Donate%20Now%20%7C%20United%20Nations%20World%20Food%20Programme&en=page_view&_fv=1&_ss=1&_c=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-TL7TXTVCYL&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Tue, 10 Oct 2023 17:38:01 GMT server Golfe2 content-type text/plain access-control-allow-origin https://donate.wfp.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 56 B	39ms 38ms	Ping text/plain	2a00:1450:400c:c0b::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-TL7TXTVCYL&cid=1157176061.1696959481&gtm=45je3a40h1&aip=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-TL7TXTVCYL&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Tue, 10 Oct 2023 17:38:01 GMT server Golfe2 content-type text/plain access-control-allow-origin https://donate.wfp.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 408 B	120ms 62ms	Image image/gif	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-TL7TXTVCYL&cid=1157176061.1696959481&gtm=45je3a40h1&aip=1&z=1282276973 Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Tue, 10 Oct 2023 17:38:01 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/597680250/	3 KB 2 KB	126ms 48ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/597680250/?random=1696959481000&cv=11&fst=1696959481000&bg=ffffff&guid=ON&async=1&gtm=45be3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fdonate.wfp.org%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3479%26utm_source%3Dsupportercare%26utm_medium%3Dsms%26utm_campaign%3D231009_Afghanistan_Emergency%26utm_cid%3D7014y000001RTUHAA4&hn=www.googleadservices.com&frm=0&tiba=Donate%20Now%20%7C%20United%20Nations%20World%20Food%20Programme&auid=993957948.1696959481&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-597680250 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e78ad68fd74aad1f4184e5f1e08075964ba4e053bc61a1fed4d4483b371c7d12 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Tue, 10 Oct 2023 17:38:01 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1435 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	227 KB 81 KB	41ms 40ms	Script application/javascript	2a00:1450:4001:803::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-C9S5DE8LYK&cx=c&_slc=1 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 958734c512bc660e21bddaafde68ae77c87030546140a138edec2d935f09d4af Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 17:38:01 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 82984 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 10 Oct 2023 17:38:01 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 408 B	124ms 58ms	Image image/gif	2a00:1450:4001:803::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-2556524-1&cid=1157176061.1696959481&jid=1036808127&_u=YGDAiEABBAAAAGAAI~&z=868484884 Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Tue, 10 Oct 2023 17:38:01 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 107 B	76ms 63ms	Image image/gif	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-2556524-1&cid=1157176061.1696959481&jid=1036808127&_u=YGDAiEABBAAAAGAAI~&z=868484884 Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Tue, 10 Oct 2023 17:38:01 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	dc_pre=COeiudiC7IEDFV8KogMdIuYDSQ;src=5499309;type=sitev00;cat=wfpor0;ord=1006834892700;auiddc=993957948.1696959481;gtm=45He3a90h2;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%... Show response adservice.google.com/ddm/fls/i/ Frame 4DEB	706 B 778 B	140ms 62ms	Document text/html	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/ddm/fls/i/dc_pre=COeiudiC7IEDFV8KogMdIuYDSQ;src=5499309;type=sitev00;cat=wfpor0;ord=1006834892700;auiddc=993957948.1696959481;gtm=45He3a90h2;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3479%26utm_source%3Dsupportercare%26utm_medium%3Dsms%26utm_campaign%3D231009_Afghanistan_Emergency%26utm_cid%3D7014y000001RTUHAA4 Requested by Host: 5499309.fls.doubleclick.net URL: https://5499309.fls.doubleclick.net/activityi;dc_pre=COeiudiC7IEDFV8KogMdIuYDSQ;src=5499309;type=sitev00;cat=wfpor0;ord=1006834892700;auiddc=993957948.1696959481;gtm=45He3a90h2;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3479%26utm_source%3Dsupportercare%26utm_medium%3Dsms%26utm_campaign%3D231009_Afghanistan_Emergency%26utm_cid%3D7014y000001RTUHAA4? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash d90e78cee64ac8b4126649e41ebde13ed200a8f985eaaee8ff8340bc790a25ff Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://5499309.fls.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-encoding br content-length 403 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 10 Oct 2023 17:38:01 GMT expires Fri, 01 Jan 1990 00:00:00 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" pragma no-cache server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	/ www.facebook.com/tr/	0 185 B	86ms 25ms	Image text/plain	2a03:2880:f176:84:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1877519415676647&ev=PageView&dl=https%3A%2F%2Fdonate.wfp.org%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3479%26utm_source%3Dsupportercare%26utm_medium%3Dsms%26utm_campaign%3D231009_Afghanistan_Emergency%26utm_cid%3D7014y000001RTUHAA4&rl=&if=false&ts=1696959481053&sw=1600&sh=1200&v=2.9.133&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1696959481052.1625182723&ler=empty&it=1696959480927&coo=false&rqm=GET Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Tue, 10 Oct 2023 17:38:01 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	p c5.adalyser.com/tracking/track/v3/	43 B 341 B	47ms 47ms	Image image/gif	54.77.153.154 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://c5.adalyser.com/tracking/track/v3/p?stm=1696959481064&e=lce1&url=https%3A%2F%2Fdonate.wfp.org%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3479%26utm_source%3Dsupportercare%26utm_medium%3Dsms%26utm_campaign%3D231009_Afghanistan_Emergency%26utm_cid%3D7014y000001RTUHAA4&cid=wfp&p=%7B%22et%22%3A1696959481061%2C%22nr%22%3A%22New%22%2C%22cg%22%3A%22Unknown%22%2C%22dt%22%3A%22desktop%22%2C%22so%22%3A%22supportercare%22%2C%22me%22%3A%22sms%22%2C%22ca%22%3A%22231009_Afghanistan_Emergency%22%2C%22co%22%3A%22(not%20set)%22%2C%22ke%22%3A%22(not%20set)%22%2C%22vid%22%3A2%2C%22sid%22%3A%22a85b985d-c82e-49ad-827e-c16216b16e7a%22%2C%22duid%22%3A%2286a59283-1384-48bc-88a1-971e5e7fddfb%22%2C%22cw%22%3A1696959481061%2C%22lp%22%3A%22https%3A%2F%2Fdonate.wfp.org%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3479%26utm_source%3Dsupportercare%26utm_medium%3Dsms%26utm_campaign%3D231009_Afghanistan_Emergency%26utm_cid%3D7014y000001RTUHAA4%22%7D&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F117.0.5938.149%20Safari%2F537.36&domain=donate.wfp.org Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.77.153.154 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-77-153-154.eu-west-1.compute.amazonaws.com Software / Express Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Tue, 10 Oct 2023 17:38:01 GMT x-powered-by Express etag W/"2b-B//0C13UlayirE4cP7xgqg" p3p CP="ADMa OUR IND DSP NON COR" access-control-allow-origin * content-type image/gif cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true access-control-allow-headers origin, content-type, accept content-length 43 expires 0
POST H2	204	collect region1.google-analytics.com/g/	0 45 B	32ms 30ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-7B8MHJ3Q6W&gtm=45je3a40&_p=543556405&ul=en-us&sr=1600x1200&cid=1157176061.1696959481&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fdonate.wfp.org%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3479%26utm_source%3Dsupportercare%26utm_medium%3Dsms%26utm_campaign%3D231009_Afghanistan_Emergency%26utm_cid%3D7014y000001RTUHAA4&dt=Donate%20Now%20%7C%20United%20Nations%20World%20Food%20Programme&sid=1696959481&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-7B8MHJ3Q6W&cx=c&_slc=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Tue, 10 Oct 2023 17:38:01 GMT server Golfe2 content-type text/plain access-control-allow-origin https://donate.wfp.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	destination Show response www.googletagmanager.com/gtag/	179 KB 66 KB	45ms 45ms	Script application/javascript	2a00:1450:4001:803::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/destination?id=DC-10390555&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-C9S5DE8LYK&cx=c&_slc=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 9fa6dce8735f9f8f29080e6b14a258ca6945c3d3c0c1d2602366de80e97a2552 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 17:38:01 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 67238 x-xss-protection 0 last-modified Tue, 10 Oct 2023 16:05:37 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 10 Oct 2023 17:38:01 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 54 B	30ms 30ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-C9S5DE8LYK&gtm=45je3a40&_p=543556405&ul=en-us&sr=1600x1200&cid=1157176061.1696959481&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fdonate.wfp.org%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3479%26utm_source%3Dsupportercare%26utm_medium%3Dsms%26utm_campaign%3D231009_Afghanistan_Emergency%26utm_cid%3D7014y000001RTUHAA4&dt=Donate%20Now%20%7C%20United%20Nations%20World%20Food%20Programme&sid=1696959481&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-C9S5DE8LYK&cx=c&_slc=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Tue, 10 Oct 2023 17:38:01 GMT server Golfe2 content-type text/plain access-control-allow-origin https://donate.wfp.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/597680250/	42 B 154 B	38ms 36ms	Image image/gif	2a00:1450:4001:803::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/597680250/?random=1696959481000&cv=11&fst=1696957200000&bg=ffffff&guid=ON&async=1&gtm=45be3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fdonate.wfp.org%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3479%26utm_source%3Dsupportercare%26utm_medium%3Dsms%26utm_campaign%3D231009_Afghanistan_Emergency%26utm_cid%3D7014y000001RTUHAA4&frm=0&tiba=Donate%20Now%20%7C%20United%20Nations%20World%20Food%20Programme&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=679089296&rmt_tld=0&ipr=y Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Tue, 10 Oct 2023 17:38:01 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/597680250/	42 B 154 B	39ms 38ms	Image image/gif	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/597680250/?random=1696959481000&cv=11&fst=1696957200000&bg=ffffff&guid=ON&async=1&gtm=45be3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fdonate.wfp.org%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3479%26utm_source%3Dsupportercare%26utm_medium%3Dsms%26utm_campaign%3D231009_Afghanistan_Emergency%26utm_cid%3D7014y000001RTUHAA4&frm=0&tiba=Donate%20Now%20%7C%20United%20Nations%20World%20Food%20Programme&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=679089296&rmt_tld=1&ipr=y Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Tue, 10 Oct 2023 17:38:01 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activityi;dc_pre=CLy50diC7IEDFSMUogMdq30LJA;src=10390555;type=rem0;cat=allp;ord=6093208976511;auiddc=993957948.1696959481;gtm=45fe3a40;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=ht... Show response 10390555.fls.doubleclick.net/ Frame AE34 Redirect Chain https://10390555.fls.doubleclick.net/activityi;src=10390555;type=rem0;cat=allp;ord=6093208976511;auiddc=993957948.1696959481;gtm=45fe3a40;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref... https://10390555.fls.doubleclick.net/activityi;dc_pre=CLy50diC7IEDFSMUogMdq30LJA;src=10390555;type=rem0;cat=allp;ord=6093208976511;auiddc=993957948.1696959481;gtm=45fe3a40;uaa=;uab=;uafvl=;uamb=0;u...	1 KB 627 B	67ms 67ms	Document text/html	142.250.186.38 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://10390555.fls.doubleclick.net/activityi;dc_pre=CLy50diC7IEDFSMUogMdq30LJA;src=10390555;type=rem0;cat=allp;ord=6093208976511;auiddc=993957948.1696959481;gtm=45fe3a40;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3479%26utm_source%3Dsupportercare%26utm_medium%3Dsms%26utm_campaign%3D231009_Afghanistan_Emergency%26utm_cid%3D7014y000001RTUHAA4? Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/destination?id=DC-10390555&l=dataLayer&cx=c Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.38 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f6.1e100.net Software cafe / Resource Hash baae09748f0c0d9bc0ccff51966c9f794eee30330469711b01a9628e6ce00c49 Security Headers Name Value Strict-Transport-Security max-age=21600 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://donate.wfp.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=0 content-encoding br content-length 604 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 10 Oct 2023 17:38:01 GMT expires Tue, 10 Oct 2023 17:38:01 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 10 Oct 2023 17:38:01 GMT expires Fri, 01 Jan 1990 00:00:00 GMT follow-only-when-prerender-shown 1 location https://10390555.fls.doubleclick.net/activityi;dc_pre=CLy50diC7IEDFSMUogMdq30LJA;src=10390555;type=rem0;cat=allp;ord=6093208976511;auiddc=993957948.1696959481;gtm=45fe3a40;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3479%26utm_source%3Dsupportercare%26utm_medium%3Dsms%26utm_campaign%3D231009_Afghanistan_Emergency%26utm_cid%3D7014y000001RTUHAA4? p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	dc_pre=COeiudiC7IEDFV8KogMdIuYDSQ;src=5499309;type=sitev00;cat=wfpor0;ord=1006834892700;auiddc=993957948.1696959481;gtm=45He3a90h2;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%... Show response 5499309.fls.doubleclick.net/ddm/fls/r/ Frame C1FE Redirect Chain https://adservice.google.de/ddm/fls/i/dc_pre=COeiudiC7IEDFV8KogMdIuYDSQ;src=5499309;type=sitev00;cat=wfpor0;ord=1006834892700;auiddc=993957948.1696959481;gtm=45He3a90h2;uaa=;uab=;uafvl=;uamb=0;uam=... https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=COeiudiC7IEDFV8KogMdIuYDSQ;src=5499309;type=sitev00;cat=wfpor0;ord=1006834892700;auiddc=993957948.1696959481;gtm=45He3a90h2;uaa=;uab=;uafvl=;uam...	1 KB 511 B	63ms 63ms	Document text/html	142.250.186.38 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=COeiudiC7IEDFV8KogMdIuYDSQ;src=5499309;type=sitev00;cat=wfpor0;ord=1006834892700;auiddc=993957948.1696959481;gtm=45He3a90h2;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3479%26utm_source%3Dsupportercare%26utm_medium%3Dsms%26utm_campaign%3D231009_Afghanistan_Emergency%26utm_cid%3D7014y000001RTUHAA4 Requested by Host: adservice.google.com URL: https://adservice.google.com/ddm/fls/i/dc_pre=COeiudiC7IEDFV8KogMdIuYDSQ;src=5499309;type=sitev00;cat=wfpor0;ord=1006834892700;auiddc=993957948.1696959481;gtm=45He3a90h2;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3479%26utm_source%3Dsupportercare%26utm_medium%3Dsms%26utm_campaign%3D231009_Afghanistan_Emergency%26utm_cid%3D7014y000001RTUHAA4 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.38 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f6.1e100.net Software cafe / Resource Hash df5d146d67dd5df6e12591d713c113c910aff7a5106133ccc341fcc9f8ff9caf Security Headers Name Value Strict-Transport-Security max-age=21600 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adservice.google.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=0 content-encoding br content-length 488 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 10 Oct 2023 17:38:01 GMT expires Tue, 10 Oct 2023 17:38:01 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 10 Oct 2023 17:38:01 GMT expires Fri, 01 Jan 1990 00:00:00 GMT location https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=COeiudiC7IEDFV8KogMdIuYDSQ;src=5499309;type=sitev00;cat=wfpor0;ord=1006834892700;auiddc=993957948.1696959481;gtm=45He3a90h2;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3479%26utm_source%3Dsupportercare%26utm_medium%3Dsms%26utm_campaign%3D231009_Afghanistan_Emergency%26utm_cid%3D7014y000001RTUHAA4 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" pragma no-cache server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	conversion.js Show response www.googleadservices.com/pagead/ Frame AE34	50 KB 19 KB	182ms 68ms	Script text/javascript	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion.js Requested by Host: 10390555.fls.doubleclick.net URL: https://10390555.fls.doubleclick.net/activityi;dc_pre=CLy50diC7IEDFSMUogMdq30LJA;src=10390555;type=rem0;cat=allp;ord=6093208976511;auiddc=993957948.1696959481;gtm=45fe3a40;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3479%26utm_source%3Dsupportercare%26utm_medium%3Dsms%26utm_campaign%3D231009_Afghanistan_Emergency%26utm_cid%3D7014y000001RTUHAA4? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software cafe / Resource Hash 9d4e281396b31c49f11066c0b5b6b4df80952f7d9cbe8debd41777e06ddab070 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://10390555.fls.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 17:38:01 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 18630 x-xss-protection 0 server cafe etag 7951265875426957259 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Tue, 10 Oct 2023 17:38:01 GMT
GET H2	200	dc_pre=CLy50diC7IEDFSMUogMdq30LJA;src=10390555;type=rem0;cat=allp;ord=6093208976511;auiddc=*;gtm=45fe3a40;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F... adservice.google.com/ddm/fls/z/ Frame AE34	42 B 118 B	66ms 66ms	Image image/gif	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://adservice.google.com/ddm/fls/z/dc_pre=CLy50diC7IEDFSMUogMdq30LJA;src=10390555;type=rem0;cat=allp;ord=6093208976511;auiddc=*;gtm=45fe3a40;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3479%26utm_source%3Dsupportercare%26utm_medium%3Dsms%26utm_campaign%3D231009_Afghanistan_Emergency%26utm_cid%3D7014y000001RTUHAA4 Requested by Host: 10390555.fls.doubleclick.net URL: https://10390555.fls.doubleclick.net/activityi;dc_pre=CLy50diC7IEDFSMUogMdq30LJA;src=10390555;type=rem0;cat=allp;ord=6093208976511;auiddc=993957948.1696959481;gtm=45fe3a40;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3479%26utm_source%3Dsupportercare%26utm_medium%3Dsms%26utm_campaign%3D231009_Afghanistan_Emergency%26utm_cid%3D7014y000001RTUHAA4? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://10390555.fls.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Tue, 10 Oct 2023 17:38:01 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	0 bat.bing.com/action/	0 287 B	51ms 51ms	Image text/plain	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=22021902&tm=gtm002&Ver=2&mid=5c980f0a-97b8-469c-bb6e-0df66b9f99cb&sid=c27af8a0679311eea5e87dc8c8b0223e&vid=c27b2c10679311ee9243a15b6a31be15&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Donate%20Now%20%7C%20United%20Nations%20World%20Food%20Programme&p=https%3A%2F%2Fdonate.wfp.org%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3479%26utm_source%3Dsupportercare%26utm_medium%3Dsms%26utm_campaign%3D231009_Afghanistan_Emergency%26utm_cid%3D7014y000001RTUHAA4&r=&lt=2558&evt=pageLoad&sv=1&rn=631185 Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 10 Oct 2023 17:38:01 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: C9BE7C0E3D6A4FF2A4E0B03F846C18DE Ref B: FRA31EDGE0514 Ref C: 2023-10-10T17:38:01Z x-cache CONFIG_NOCACHE access-control-allow-origin * cache-control no-cache, must-revalidate expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	tc.min.js Show response c1.rfihub.net/js/ Frame C1FE	19 KB 6 KB	144ms 23ms	Script application/x-javascript	2600:9000:214f:1c00:1:76cf:fe80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c1.rfihub.net/js/tc.min.js Requested by Host: 5499309.fls.doubleclick.net URL: https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=COeiudiC7IEDFV8KogMdIuYDSQ;src=5499309;type=sitev00;cat=wfpor0;ord=1006834892700;auiddc=993957948.1696959481;gtm=45He3a90h2;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3479%26utm_source%3Dsupportercare%26utm_medium%3Dsms%26utm_campaign%3D231009_Afghanistan_Emergency%26utm_cid%3D7014y000001RTUHAA4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:1c00:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Jetty(9.4.51.v20230217) / Resource Hash 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f Request headers accept-language de-DE,de;q=0.9 Referer https://5499309.fls.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 17:37:45 GMT content-encoding gzip via 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront) last-modified Tue, 10 Oct 2023 17:37:35 GMT server Jetty(9.4.51.v20230217) x-amz-cf-pop FRA53-C1 age 16 x-cache Hit from cloudfront content-type application/x-javascript p3p CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" cache-control public, max-age=3600 content-length 6162 x-amz-cf-id DWB6_J8ETIBMiS-EQ9XDfjjVyeRDNgE_dGELTOTQabap53R-4x819g== expires Tue, 10 Oct 2023 18:37:45 GMT
GET H3	200	c5986ca.modern.js Show response donate.wfp.org/_wfp/	24 KB 6 KB	42ms 40ms	Script application/javascript	34.117.85.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://donate.wfp.org/_wfp/c5986ca.modern.js Requested by Host: donate.wfp.org URL: https://donate.wfp.org/_wfp/ad8a60b.modern.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.85.117.34.bc.googleusercontent.com Software Google Frontend / Resource Hash 25d5acbd565a779e657c50e2f5a1e8e3ef50725b90f23348b51ab2882bae385d Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Thu, 21 Sep 2023 13:06:47 GMT content-encoding br via 1.1 google last-modified Wed, 20 Sep 2023 09:42:47 GMT server Google Frontend age 1657874 etag W/"170c-18ab1f87dd8" vary Accept-Encoding content-type application/javascript; charset=UTF-8 x-cloud-trace-context 3bd77ba495e215f5055f24e6dc09bc4e cache-control public, max-age=31536000 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5900
GET H3	200	e87ce1e.modern.js Show response donate.wfp.org/_wfp/	139 B 156 B	41ms 40ms	Script application/javascript	34.117.85.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://donate.wfp.org/_wfp/e87ce1e.modern.js Requested by Host: donate.wfp.org URL: https://donate.wfp.org/_wfp/ad8a60b.modern.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.85.117.34.bc.googleusercontent.com Software Google Frontend / Resource Hash 8dc5232f0ce9d4a84d95b6d83cf77c20b788accdaee706e57c5030a36faa19e8 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Thu, 21 Sep 2023 13:06:21 GMT content-encoding gzip via 1.1 google last-modified Wed, 20 Sep 2023 09:42:47 GMT server Google Frontend age 1657900 etag W/"8b-18ab1f87dd8" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 135
GET H2	200	/ Show response www.googleadservices.com/pagead/conversion/481751819/ Frame AE34	3 KB 2 KB	40ms 39ms	Script text/javascript	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion/481751819/?random=1696959481713&cv=9&fst=1696959481713&num=1&npa=1&label=5IJhCIaT_O0BEIvm2-UB&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F10390555.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCLy50diC7IEDFSMUogMdq30LJA%3Bsrc%3D10390555%3Btype%3Drem0%3Bcat%3Dallp%3Bord%3D6093208976511%3Bauiddc%3D993957948.1696959481%3Bgtm%3D45fe3a40%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fdonate.wfp.org%252F1244%252Fdonation%252Fsingle%252F%253Fcampaign%253D3479%2526utm_source%253Dsupportercare%2526utm_medium%253Dsms%2526utm_campaign%253D231009_Afghanistan_Emergency%2526utm_cid%253D7014y000001RTUHAA4%3F&ref=https%3A%2F%2Fdonate.wfp.org%2F&hn=www.googleadservices.com&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software cafe / Resource Hash 34a77b742971cdf93f2eafcad43ce8d792f1893b2b17dad6cf6c3736f22d3cd6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://10390555.fls.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Tue, 10 Oct 2023 17:38:01 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1675 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	v3 Show response js.stripe.com/	538 KB 134 KB	130ms 38ms	Script text/javascript	13.227.219.27 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3 Requested by Host: donate.wfp.org URL: https://donate.wfp.org/_wfp/c5986ca.modern.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.27 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-27.ams54.r.cloudfront.net Software Cloudfront / Resource Hash 438603a9b403511ae8bd1b2099c67d0fbdd6082a397a8ddfe96b2c99ab1ff25d Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff date Tue, 10 Oct 2023 17:37:38 GMT via 1.1 2dc050ab05a5052054de7d000d6c5f50.cloudfront.net (CloudFront) x-amz-cf-pop AMS54-C1 age 24 x-cache Hit from cloudfront last-modified Tue, 10 Oct 2023 17:35:55 GMT server Cloudfront etag W/"94bbccf37dbc1c8da8e0b667ea768cdf" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=60 timing-allow-origin * x-amz-cf-id jyLgoTadN0pFk8eTAa3uNaGBU4z-HjowKddz2Wd2tXP7r-wRLpsMIQ==
GET H3	200	1244 Show response donate.wfp.org/_content/get/pages/en-gb/	11 KB 1 KB	36ms 35ms	XHR application/json	34.117.85.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://donate.wfp.org/_content/get/pages/en-gb/1244 Requested by Host: donate.wfp.org URL: https://donate.wfp.org/_wfp/13bb4f0.modern.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.85.117.34.bc.googleusercontent.com Software Google Frontend / Express Resource Hash 6d00c37d8b1612f42089455b3ec6badc684d460347dc041d0473a468e5292048 Request headers Accept application/json, text/plain, */* Referer https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 17:37:53 GMT content-encoding gzip via 1.1 google server Google Frontend age 8 x-powered-by Express etag W/"2b7c-/f46pJIGxG32J0Bob1aFURWoHHQ" vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * x-cloud-trace-context fbcf1370bebf02f86f99c9718a15a831 cache-control max-age=60 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1463
GET H3	200	translations Show response donate.wfp.org/_content/get/bundle/en-gb/	78 KB 9 KB	36ms 36ms	XHR application/json	34.117.85.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://donate.wfp.org/_content/get/bundle/en-gb/translations Requested by Host: donate.wfp.org URL: https://donate.wfp.org/_wfp/13bb4f0.modern.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.85.117.34.bc.googleusercontent.com Software Google Frontend / Express Resource Hash 842704bedc3e044a418500c49766bfc4dd32b19d3a2344dfd85a26030587cdd9 Request headers Accept application/json, text/plain, */* Referer https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 17:37:56 GMT content-encoding gzip via 1.1 google server Google Frontend age 5 x-powered-by Express etag W/"139b9-HONYhYruJneU71C5KmU26bHI8Cc" vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * x-cloud-trace-context 09d8409895514eee8abc76592557289b cache-control max-age=60 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9009
GET H/1.1	200 OK	ca.html Show response 20777079p.rfihub.com/ Frame DF80	2 KB 3 KB	268ms 42ms	Document text/html	193.0.160.130 ROCKETFUEL
General Check archive.org Show headers Download Go to Full URL https://20777079p.rfihub.com/ca.html?ver=9&rb=27244&ca=20777079&_o=27244&_t=20777079&pe=https%3A%2F%2F5499309.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCOeiudiC7IEDFV8KogMdIuYDSQ%3Bsrc%3D5499309%3Btype%3Dsitev00%3Bcat%3Dwfpor0%3Bord%3D1006834892700%3Bauiddc%3D993957948.1696959481%3Bgtm%3D45He3a90h2%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B%7Eoref%3Dhttps%253A%252F%252Fdonate.wfp.org%252F1244%252Fdonation%252Fsingle%252F%253Fcampaign%253D3479%2526utm_source%253Dsupportercare%2526utm_medium%253Dsms%2526utm_campaign%253D231009_Afghanistan_Emergency%2526utm_cid%253D7014y000001RTUHAA4&pf=https%3A%2F%2Fadservice.google.com%2F&ra=37953407046638876 Requested by Host: c1.rfihub.net URL: https://c1.rfihub.net/js/tc.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.0.160.130 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.4.51.v20230217) / Resource Hash 1b6cf9b565d68b5d89adc36790e920ad45bc70caa8f4499eea0a2772f251161c Request headers Referer https://5499309.fls.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-cache Content-Length 2546 Content-Type text/html;charset=utf-8 Date Tue, 10 Oct 2023 17:38:02 GMT P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Server Jetty(9.4.51.v20230217)
GET H3	200	/ www.google.de/pagead/1p-conversion/481751819/ Frame AE34 Redirect Chain https://googleads.g.doubleclick.net/pagead/viewthroughconversion/481751819/?random=1971596368&cv=9&fst=1696959481713&num=1&npa=1&label=5IJhCIaT_O0BEIvm2-UB&guid=ON&resp=GooglemKTybQhCsO&eid=3756032... https://www.google.com/pagead/1p-conversion/481751819/?random=1971596368&cv=9&fst=1696959481713&num=1&npa=1&label=5IJhCIaT_O0BEIvm2-UB&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C5122... https://www.google.de/pagead/1p-conversion/481751819/?random=1971596368&cv=9&fst=1696959481713&num=1&npa=1&label=5IJhCIaT_O0BEIvm2-UB&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C51224...	42 B 64 B	41ms 40ms	Image image/gif	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-conversion/481751819/?random=1971596368&cv=9&fst=1696959481713&num=1&npa=1&label=5IJhCIaT_O0BEIvm2-UB&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F10390555.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCLy50diC7IEDFSMUogMdq30LJA%3Bsrc%3D10390555%3Btype%3Drem0%3Bcat%3Dallp%3Bord%3D6093208976511%3Bauiddc%3D993957948.1696959481%3Bgtm%3D45fe3a40%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fdonate.wfp.org%252F1244%252Fdonation%252Fsingle%252F%253Fcampaign%253D3479%2526utm_source%253Dsupportercare%2526utm_medium%253Dsms%2526utm_campaign%253D231009_Afghanistan_Emergency%2526utm_cid%253D7014y000001RTUHAA4%3F&ref=https%3A%2F%2Fdonate.wfp.org%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIw9rt2ILsgQMV58C7CB0ozgwh&is_vtc=1&ocp_id=-YslZYP6LOeB7_UPqJyziAI&cid=CAQSKQDICaaNuM6nKtz-81ogqgqecqJmIsa3khohETItqNxLnftaqBVVE5Uz&random=2276730280&resp=GooglemKTybQhCsO&ipr=y Requested by Host: 10390555.fls.doubleclick.net URL: https://10390555.fls.doubleclick.net/activityi;dc_pre=CLy50diC7IEDFSMUogMdq30LJA;src=10390555;type=rem0;cat=allp;ord=6093208976511;auiddc=993957948.1696959481;gtm=45fe3a40;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3479%26utm_source%3Dsupportercare%26utm_medium%3Dsms%26utm_campaign%3D231009_Afghanistan_Emergency%26utm_cid%3D7014y000001RTUHAA4? Protocol H3 Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://10390555.fls.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Tue, 10 Oct 2023 17:38:02 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Tue, 10 Oct 2023 17:38:01 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" location https://www.google.de/pagead/1p-conversion/481751819/?random=1971596368&cv=9&fst=1696959481713&num=1&npa=1&label=5IJhCIaT_O0BEIvm2-UB&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F10390555.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCLy50diC7IEDFSMUogMdq30LJA%3Bsrc%3D10390555%3Btype%3Drem0%3Bcat%3Dallp%3Bord%3D6093208976511%3Bauiddc%3D993957948.1696959481%3Bgtm%3D45fe3a40%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fdonate.wfp.org%252F1244%252Fdonation%252Fsingle%252F%253Fcampaign%253D3479%2526utm_source%253Dsupportercare%2526utm_medium%253Dsms%2526utm_campaign%253D231009_Afghanistan_Emergency%2526utm_cid%253D7014y000001RTUHAA4%3F&ref=https%3A%2F%2Fdonate.wfp.org%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIw9rt2ILsgQMV58C7CB0ozgwh&is_vtc=1&ocp_id=-YslZYP6LOeB7_UPqJyziAI&cid=CAQSKQDICaaNuM6nKtz-81ogqgqecqJmIsa3khohETItqNxLnftaqBVVE5Uz&random=2276730280&resp=GooglemKTybQhCsO&ipr=y content-type image/gif cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	7eb7061.modern.js Show response donate.wfp.org/_wfp/	1 KB 414 B	22ms 21ms	Script application/javascript	34.117.85.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://donate.wfp.org/_wfp/7eb7061.modern.js Requested by Host: donate.wfp.org URL: https://donate.wfp.org/_wfp/ad8a60b.modern.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.85.117.34.bc.googleusercontent.com Software Google Frontend / Resource Hash 607f124f180d0722361dbf030fb56190ab6bc2a8695661eb101a0fee1efa55c6 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Thu, 21 Sep 2023 13:06:47 GMT content-encoding gzip via 1.1 google last-modified Wed, 20 Sep 2023 09:42:47 GMT server Google Frontend age 1657874 etag W/"403-18ab1f87dd8" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 393
GET H3	200	960d92a.modern.js Show response donate.wfp.org/_wfp/	15 KB 5 KB	34ms 33ms	Script application/javascript	34.117.85.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://donate.wfp.org/_wfp/960d92a.modern.js Requested by Host: donate.wfp.org URL: https://donate.wfp.org/_wfp/ad8a60b.modern.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.85.117.34.bc.googleusercontent.com Software Google Frontend / Resource Hash 3a726662d35cda6fc724a47636793e28aeca63ad7fd7586edd53db4815def981 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sat, 30 Sep 2023 05:57:08 GMT content-encoding br via 1.1 google last-modified Tue, 26 Sep 2023 12:06:24 GMT server Google Frontend age 906054 etag W/"146e-18ad1622200" vary Accept-Encoding content-type application/javascript; charset=UTF-8 x-cloud-trace-context 7d0c28eb02995062c65767ca785f8aa8 cache-control public, max-age=31536000 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5230
GET H3	200	46073b0.modern.js Show response donate.wfp.org/_wfp/	411 KB 88 KB	38ms 37ms	Script application/javascript	34.117.85.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://donate.wfp.org/_wfp/46073b0.modern.js Requested by Host: donate.wfp.org URL: https://donate.wfp.org/_wfp/ad8a60b.modern.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.85.117.34.bc.googleusercontent.com Software Google Frontend / Resource Hash ac8aa96e1da838f3af3d354dce527e833927ec4f40dfaed294b22b72eb41821b Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Thu, 28 Sep 2023 18:34:52 GMT content-encoding br via 1.1 google last-modified Tue, 26 Sep 2023 12:06:24 GMT server Google Frontend age 1033390 etag W/"1613a-18ad1622200" vary Accept-Encoding content-type application/javascript; charset=UTF-8 x-cloud-trace-context 1f4705ee259d74a6b56a82e70b6fac8a cache-control public, max-age=31536000 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 90426
GET H3	200	241bc23.modern.js Show response donate.wfp.org/_wfp/	18 KB 4 KB	40ms 39ms	Script application/javascript	34.117.85.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://donate.wfp.org/_wfp/241bc23.modern.js Requested by Host: donate.wfp.org URL: https://donate.wfp.org/_wfp/ad8a60b.modern.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.85.117.34.bc.googleusercontent.com Software Google Frontend / Resource Hash fb8a5407a4d6d3f2f75b3accb0e27248a053efeb437dcffce147fe941d2a3071 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 03 Oct 2023 09:04:55 GMT content-encoding br via 1.1 google last-modified Wed, 27 Sep 2023 16:46:12 GMT server Google Frontend age 635587 etag W/"115e-18ad788a820" vary Accept-Encoding content-type application/javascript; charset=UTF-8 x-cloud-trace-context 2957fc130b7c61373a099b034563ab3b cache-control public, max-age=31536000 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4446
GET H2	200	api.js Show response www.recaptcha.net/recaptcha/	1 KB 1 KB	98ms 37ms	Script text/javascript	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.recaptcha.net/recaptcha/api.js?render=6LcW0K4kAAAAAIvAD4LnnB0XoYSHPXpH6MuedSFw Requested by Host: donate.wfp.org URL: https://donate.wfp.org/_wfp/a24d6a1.modern.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 99e954e0630f425924d7bedc3f2db2cea2b2782c87be38c1d9279d1a62bee43d Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 17:38:02 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Tue, 10 Oct 2023 17:38:02 GMT
GET H2	200	hotjar-2048364.js Show response static.hotjar.com/c/	15 KB 5 KB	151ms 52ms	Script application/javascript	18.239.83.65 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-2048364.js?sv=7 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KN3K8D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.239.83.65 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-239-83-65.ams58.r.cloudfront.net Software / Resource Hash 41ae4fad8414619c2f94deaee15de483581edf8e9c0132ea320bd72cc75c0bfe Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers strict-transport-security max-age=2592000; includeSubDomains content-encoding br x-content-type-options nosniff date Tue, 10 Oct 2023 17:38:02 GMT via 1.1 8bb90d44758ce70476efdf577c8bd268.cloudfront.net (CloudFront) x-amz-cf-pop AMS58-P5 age 18 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin etag W/56d1a345dd36661037736f610316f610 vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * x-cache-hit 1 cache-control max-age=60 x-amz-cf-id ggAE8kmqMnyAAAQnmXqrFH9P8HnOq8pNg63pQFO5eKpjWAna7ZfUmw==
GET H3	200	Open_Sans-700-latin72.a09c41f.woff2 donate.wfp.org/_wfp/fonts/	44 KB 44 KB	30ms 29ms	Font font/woff2	34.117.85.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://donate.wfp.org/_wfp/fonts/Open_Sans-700-latin72.a09c41f.woff2 Requested by Host: donate.wfp.org URL: https://donate.wfp.org/_wfp/css/78441d1.css Protocol H3 Security QUIC, , AES_128_GCM Server 34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.85.117.34.bc.googleusercontent.com Software Google Frontend / Resource Hash a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0 Request headers Referer https://donate.wfp.org/_wfp/css/78441d1.css Origin https://donate.wfp.org accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Mon, 11 Sep 2023 16:03:15 GMT via 1.1 google last-modified Mon, 04 Sep 2023 16:46:26 GMT server Google Frontend age 2511287 etag W/"af00-18a61169ad0" content-type font/woff2 x-cloud-trace-context d2b9efafeb018815aac04c8c4744b566 cache-control public, max-age=31536000 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 44800
GET H3	200	Open_Sans-800-latin80.a09c41f.woff2 donate.wfp.org/_wfp/fonts/	44 KB 44 KB	36ms 35ms	Font font/woff2	34.117.85.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://donate.wfp.org/_wfp/fonts/Open_Sans-800-latin80.a09c41f.woff2 Requested by Host: donate.wfp.org URL: https://donate.wfp.org/_wfp/css/78441d1.css Protocol H3 Security QUIC, , AES_128_GCM Server 34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.85.117.34.bc.googleusercontent.com Software Google Frontend / Resource Hash a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0 Request headers Referer https://donate.wfp.org/_wfp/css/78441d1.css Origin https://donate.wfp.org accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 13 Sep 2023 17:10:55 GMT via 1.1 google last-modified Mon, 04 Sep 2023 16:46:26 GMT server Google Frontend age 2334427 etag W/"af00-18a61169ad0" content-type font/woff2 x-cloud-trace-context 081fe919e0b79481d4d214d42e0c719f cache-control public, max-age=31536000 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 44800
POST H3	200	collect Show response www.google-analytics.com/j/	2 B 22 B	35ms 35ms	XHR text/plain	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=543556405&t=event&ni=1&_s=1&dl=https%3A%2F%2Fdonate.wfp.org%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3479%26utm_source%3Dsupportercare%26utm_medium%3Dsms%26utm_campaign%3D231009_Afghanistan_Emergency%26utm_cid%3D7014y000001RTUHAA4&ul=en-us&de=UTF-8&dt=Donate%20Now%20%7C%20United%20Nations%20World%20Food%20Programme&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=IG%20Forms&ea=Donation%20Page%20View&_u=aGDACEABBAAAAGAAI~&jid=1325069222&gjid=203002814&cid=1157176061.1696959481&tid=UA-2556524-1&_gid=2117925464.1696959481&_r=1&gtm=45He3a90h2n71KN3K8D&z=245003928 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://donate.wfp.org/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 10 Oct 2023 17:38:02 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://donate.wfp.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	xwk0klq7.js Show response l.getsitecontrol.com/	433 B 1 KB	111ms 26ms	Script text/javascript	2400:52e0:1e00::1081:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://l.getsitecontrol.com/xwk0klq7.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KN3K8D Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1081 / Resource Hash 7dd394c401138f8120a30565d9b89bc3c87d104dc3a7b87bdc87472675356aa5 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 17:38:02 GMT content-encoding br cdn-edgestorageid 1080 x-amz-request-id 80W99F7S5MSFEESZ x-amz-server-side-encryption AES256 cdn-cachedat 09/22/2023 12:16:33 cdn-pullzone 89704 cross-origin-resource-policy cross-origin x-amz-id-2 Z9yLwe8sM9tQPVgRRu/eKHSaLqUzJnJvnbRKtCCfo4ni90pFizLIt9DRjxq8B50za2+xGh5rgQc= last-modified Thu, 21 Sep 2023 10:48:56 GMT server BunnyCDN-DE1-1081 cdn-proxyver 1.04 cdn-requestpullcode 200 etag W/"65858d798385904d45c9bb1aa3a5e720" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid e3a1246b-2fdd-4153-9207-6ca707c9379d access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=0 cdn-requestid 0abff78dc6cca1c1e502aef923e1e996 cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	loader.json Show response cdn.sparkcentral.com/rtm/web/1.25.7/	80 B 593 B	179ms 33ms	XHR application/json	2600:9000:2057:9000:14:56a0:4680:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.sparkcentral.com/rtm/web/1.25.7/loader.json Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:9000:14:56a0:4680:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 9909925d4ab51d22ae9bab97f369a550542efa7ed88b3282980b8ce816d16677 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 09:12:27 GMT via 1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront) x-amz-cf-pop FRA6-C1 age 44249 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-meta-lastmodified 2020-03-16 15:17:38 +0000 UTC content-length 80 last-modified Fri, 19 Feb 2021 16:46:29 GMT server AmazonS3 etag "f404840dc69a65c5380c1f11207d1c15" access-control-max-age 3000 access-control-allow-methods GET content-type application/json access-control-allow-origin * vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method accept-ranges bytes x-amz-cf-id ihd7IrS51vctMaXivcFsAjsOhmd6-RLbW3H6DtQ1WHynfp8wxAdMxQ==
GET H3	200	wf1631712_20220725_afg_192x128.webp donate.wfp.org/media/768/uvjhnpwt/3x4/	7 KB 7 KB	67ms 65ms	Image image/webp	34.117.85.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://donate.wfp.org/media/768/uvjhnpwt/3x4/wf1631712_20220725_afg_192x128.webp Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol H3 Security QUIC, , AES_128_GCM Server 34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.85.117.34.bc.googleusercontent.com Software UploadServer / Resource Hash c0fb27aee9da0337ec54c4ee427b51ae1cf5159cfa66c501662af1c9630581a4 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 17:38:02 GMT age 0 x-guploader-uploadid ADPycdtph5iJBCVlVVroz89XPC55-Kc6E1IHxsNRlBAoGVjpzqLmyh4PzuzexVTYriMX3yC3ptBre589nrwZmKh9PExaShVDszH6 x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7040 last-modified Fri, 12 May 2023 14:36:27 GMT server UploadServer etag "f2d0d78582486f48d4a78588e9aa83ab" x-goog-generation 1683902187023989 x-goog-hash crc32c=KhUOew==, md5=8tDXhYJIb0jUp4WI6aqDqw== content-type image/webp cache-control public,max-age=3600 x-goog-stored-content-length 7040 accept-ranges bytes
GET H3	200	wf1631712_20220725_afg_370x232.webp donate.wfp.org/media/768/o2hnmzdl/3x4/	16 KB 16 KB	66ms 64ms	Image image/webp	34.117.85.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://donate.wfp.org/media/768/o2hnmzdl/3x4/wf1631712_20220725_afg_370x232.webp Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol H3 Security QUIC, , AES_128_GCM Server 34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.85.117.34.bc.googleusercontent.com Software UploadServer / Resource Hash 232d1ca06bc4e99bee7eb6b952e557f6d094eac4d7c3fddcaf7ed6494a89b02b Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 17:38:02 GMT age 0 x-guploader-uploadid ADPycdseRJv9VGXn0GV7DfHrePPXP9X4mue9aLjXRCkLMfY_BKNA9s0YfAB1Ux0Rx7lBa7j6THb9AsgEt93JBzBTjZJLLVJuSolN x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16316 last-modified Fri, 12 May 2023 13:15:40 GMT server UploadServer etag "dc91c1abe7106836336dce4ed40c2f01" x-goog-generation 1683897340312670 x-goog-hash crc32c=2eeu5Q==, md5=3JHBq+cQaDYzbc5O1AwvAQ== content-type image/webp cache-control public,max-age=3600 x-goog-stored-content-length 16316 accept-ranges bytes
GET H3	200	wf1799652_20231008_afg_1280x280.jpg donate.wfp.org/media/ch5huffr/	243 KB 243 KB	65ms 64ms	Image image/jpeg	34.117.85.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://donate.wfp.org/media/ch5huffr/wf1799652_20231008_afg_1280x280.jpg Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol H3 Security QUIC, , AES_128_GCM Server 34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.85.117.34.bc.googleusercontent.com Software UploadServer / Resource Hash 1263f8ddf482ada6d52d35a077659122fa0ac423573b595f9b63082ae2c80382 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 17:38:02 GMT age 0 x-guploader-uploadid ADPycdtkAUZJs245uNKiIAKlOsMjsyKpMWDapXQU7-AKAQDPQGX7lO14eaVR8xjK7cje90dLuFtUhFw0Sa2mLiniJk7NhyN5R3z4 x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 249096 last-modified Mon, 09 Oct 2023 10:27:17 GMT server UploadServer etag "371644b9d66894c487dc31eb7ac27966" x-goog-generation 1696847237085168 x-goog-hash crc32c=8PGIOQ==, md5=NxZEudZolMSH3DHresJ5Zg== content-type image/jpeg cache-control public,max-age=3600 x-goog-stored-content-length 249096 accept-ranges bytes
GET H3	200	Open_Sans-500-latin56.a09c41f.woff2 donate.wfp.org/_wfp/fonts/	44 KB 44 KB	35ms 34ms	Font font/woff2	34.117.85.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://donate.wfp.org/_wfp/fonts/Open_Sans-500-latin56.a09c41f.woff2 Requested by Host: donate.wfp.org URL: https://donate.wfp.org/_wfp/css/78441d1.css Protocol H3 Security QUIC, , AES_128_GCM Server 34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.85.117.34.bc.googleusercontent.com Software Google Frontend / Resource Hash a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0 Request headers Referer https://donate.wfp.org/_wfp/css/78441d1.css Origin https://donate.wfp.org accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 13 Sep 2023 20:55:21 GMT via 1.1 google last-modified Mon, 04 Sep 2023 16:46:26 GMT server Google Frontend age 2320961 etag W/"af00-18a61169ad0" content-type font/woff2 x-cloud-trace-context 65a7e7cef8bbd9d699c7efb495bac91e cache-control public, max-age=31536000 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 44800
GET H3	200	hearts.png donate.wfp.org/assets/img/icons/	3 KB 3 KB	50ms 49ms	Image image/png	34.117.85.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://donate.wfp.org/assets/img/icons/hearts.png Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol H3 Security QUIC, , AES_128_GCM Server 34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.85.117.34.bc.googleusercontent.com Software Google Frontend / Resource Hash 428941d3e89cc8f1333768f46d03ad981f32dd43ac0dfb0cbdb9cfdf7b8175a9 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 17:38:02 GMT via 1.1 google last-modified Wed, 27 Sep 2023 16:43:45 GMT server Google Frontend etag W/"dae-18ad78669e8" content-type image/png x-cloud-trace-context 76aba6288506269e47a4e5eb5c2d7d8b cache-control public, max-age=0 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3502
GET H3	200	unwfpde.webp donate.wfp.org/media/320/v43ehpwf/	12 KB 12 KB	34ms 32ms	Image image/webp	34.117.85.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://donate.wfp.org/media/320/v43ehpwf/unwfpde.webp Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol H3 Security QUIC, , AES_128_GCM Server 34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.85.117.34.bc.googleusercontent.com Software UploadServer / Resource Hash 255f4d4f93f28e66a913e6b6ccd458f17367ff79b032e220115e61810fa93c34 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 17:02:51 GMT age 2111 x-guploader-uploadid ADPycdsJ476bvoZ7QULFKlxDiIs8XD6tor2LtSCbEgVL2YHTu8N5SfyulEzSM-KQSFJH4c2tuFDNPl-Q8eI365egOrAMYZByP-h5 x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12172 last-modified Tue, 11 Oct 2022 13:21:25 GMT server UploadServer etag "9eaf91c3b68addd37cd1d02756955629" x-goog-generation 1665494485935388 x-goog-hash crc32c=ZpySnA==, md5=nq+Rw7aK3dN80dAnVpVWKQ== content-type image/webp cache-control public,max-age=3600 x-goog-stored-content-length 12172 accept-ranges bytes
GET H3	200	unwfp-standard-black-rgb-en.png donate.wfp.org/media/5gzfbyox/	7 KB 7 KB	34ms 32ms	Image image/png	34.117.85.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://donate.wfp.org/media/5gzfbyox/unwfp-standard-black-rgb-en.png Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol H3 Security QUIC, , AES_128_GCM Server 34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.85.117.34.bc.googleusercontent.com Software UploadServer / Resource Hash e612830c72c5254782cf85d0a3a9a776dd3b8ded34b0aa4a09ed5393729b103a Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 17:14:08 GMT age 1434 x-guploader-uploadid ADPycdsOb2O3-Vp2MPdDIP6-6Dj0H6U6uZZSROFeTqwwg23PHLK3mXY6ZtB8C1Rj3xKywqkkKFQS-JPIR79eMKSzIi9JSIMQIyvI x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7370 last-modified Tue, 18 Oct 2022 16:09:23 GMT server UploadServer etag "5eb6d92587747e39c57d5bad3dd093f2" x-goog-generation 1666109363864446 x-goog-hash crc32c=LEaDNQ==, md5=XrbZJYd0fjnFfVutPdCT8g== content-type image/png cache-control public,max-age=3600 x-goog-stored-content-length 7370 accept-ranges bytes
GET H3	200	email-t.svg donate.wfp.org/media/qsnbnjsm/	761 B 792 B	35ms 33ms	Image image/svg+xml	34.117.85.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://donate.wfp.org/media/qsnbnjsm/email-t.svg Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol H3 Security QUIC, , AES_128_GCM Server 34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.85.117.34.bc.googleusercontent.com Software UploadServer / Resource Hash 15c5c05e1c7787a5caacde914ea0316bfaa79d8e0d027d4e1f555252b4658654 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 16:42:59 GMT age 3303 x-guploader-uploadid ADPycdsCllEYNhC-JCgsCtBmGJFY9tLXnRXzSVW3NNSwrmVp-VEaNsHh19Gf5OjwU45ud_tLNsRyCSfWkHwsTyeGIk_0Y7FISfpw x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 761 last-modified Wed, 17 Aug 2022 14:48:46 GMT server UploadServer etag "d3a5551ded7ee06303ce091b41922983" x-goog-generation 1660747726973559 x-goog-hash crc32c=mQQ7WA==, md5=06VVHe1+4GMDzgkbQZIpgw== content-type image/svg+xml cache-control public,max-age=3600 x-goog-stored-content-length 761 accept-ranges bytes
GET H3	200	microsoftteams-image.png donate.wfp.org/media/55cp51ue/	9 KB 9 KB	32ms 31ms	Image image/png	34.117.85.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://donate.wfp.org/media/55cp51ue/microsoftteams-image.png Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol H3 Security QUIC, , AES_128_GCM Server 34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.85.117.34.bc.googleusercontent.com Software UploadServer / Resource Hash fc9e37fabc51947d3aaa8597bdc3df4aafd79759730b995d6e70686fca30ac8d Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 17:14:08 GMT age 1434 x-guploader-uploadid ADPycdtbxeuG0_2T7dfutzcXSvY5zQB7gZApKdUsw50eCxZPHml5BEW6q7xcA5jd0xnqRb0GrHaRndmr5KsniZfJGD1bPX9HB_7P x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9214 last-modified Wed, 23 Nov 2022 08:52:43 GMT server UploadServer etag "df1562ba666dd8a3beaa254fbaa5ed1a" x-goog-generation 1669193563934111 x-goog-hash crc32c=L0NwhQ==, md5=3xViumZt2KO+qiVPuqXtGg== content-type image/png cache-control public,max-age=3600 x-goog-stored-content-length 9214 accept-ranges bytes
GET H3	200	twitter.svg donate.wfp.org/assets/img/icons/	758 B 459 B	57ms 55ms	Image image/svg+xml	34.117.85.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://donate.wfp.org/assets/img/icons/twitter.svg Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol H3 Security QUIC, , AES_128_GCM Server 34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.85.117.34.bc.googleusercontent.com Software Google Frontend / Resource Hash 54907da2e52379025c2f40b252a1954bcae7e19c5f871e3977652e4da48f621d Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 17:38:02 GMT content-encoding gzip via 1.1 google last-modified Wed, 27 Sep 2023 16:43:45 GMT server Google Frontend etag W/"2f6-18ad78669e8" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=0 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H3	200	facebook.svg donate.wfp.org/assets/img/icons/	552 B 383 B	58ms 56ms	Image image/svg+xml	34.117.85.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://donate.wfp.org/assets/img/icons/facebook.svg Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol H3 Security QUIC, , AES_128_GCM Server 34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.85.117.34.bc.googleusercontent.com Software Google Frontend / Resource Hash c6034e158d46463cf39b67667d1f14fc3767042d02244d98335189291184e3a6 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 17:38:02 GMT content-encoding gzip via 1.1 google last-modified Wed, 27 Sep 2023 16:43:45 GMT server Google Frontend etag W/"228-18ad78669e8" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=0 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H3	200	instagram.svg donate.wfp.org/assets/img/icons/	2 KB 751 B	56ms 54ms	Image image/svg+xml	34.117.85.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://donate.wfp.org/assets/img/icons/instagram.svg Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol H3 Security QUIC, , AES_128_GCM Server 34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.85.117.34.bc.googleusercontent.com Software Google Frontend / Resource Hash bf190f53b34ca5a0445da2fbd9ff9a7155487c067c907fa7540d855e603fb807 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 17:38:02 GMT content-encoding gzip via 1.1 google last-modified Wed, 27 Sep 2023 16:43:45 GMT server Google Frontend etag W/"74b-18ad78669e8" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=0 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H3	200	linkedin.svg donate.wfp.org/assets/img/icons/	616 B 396 B	49ms 48ms	Image image/svg+xml	34.117.85.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://donate.wfp.org/assets/img/icons/linkedin.svg Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol H3 Security QUIC, , AES_128_GCM Server 34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.85.117.34.bc.googleusercontent.com Software Google Frontend / Resource Hash 0f9aa279fa08f83278e9ae8de1c27ba480c6cb8a6c41e017b7b71e86305f13fc Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 17:38:02 GMT content-encoding gzip via 1.1 google last-modified Wed, 27 Sep 2023 16:43:45 GMT server Google Frontend etag W/"268-18ad78669e8" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=0 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H3	200	youtube.svg donate.wfp.org/assets/img/icons/	547 B 327 B	50ms 48ms	Image image/svg+xml	34.117.85.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://donate.wfp.org/assets/img/icons/youtube.svg Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol H3 Security QUIC, , AES_128_GCM Server 34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.85.117.34.bc.googleusercontent.com Software Google Frontend / Resource Hash 9812cb6d54877fc4bf9e7129b85d16475af9b00b367ad8e812a7365c48867a8f Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 17:38:02 GMT content-encoding gzip via 1.1 google last-modified Wed, 27 Sep 2023 16:43:45 GMT server Google Frontend etag W/"223-18ad78669e8" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=0 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H2	451	501709.gif idsync.rlcdn.com/ Frame DF80 Redirect Chain https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559730232247334&referrer=https%3A%2F%2Fadservice.google.com%2F&forward= https://p.rfihub.com/cm?pub=39342&in=0&userid=a68f995c-9421-407a-afea-7a5bc558a85a%3A1696959483.0453238&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Da68f995c-9421-407a-afea-7a5bc55... https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559730232247334&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Da68f995c-9421-407a-af... https://idsync.rlcdn.com/501709.gif?partner_uid=a68f995c-9421-407a-afea-7a5bc558a85a%3A1696959483.0453238&_=1696959483.046488	0 42 B	32ms 31ms	Image text/plain	35.244.174.68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/501709.gif?partner_uid=a68f995c-9421-407a-afea-7a5bc558a85a%3A1696959483.0453238&_=1696959483.046488 Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol H2 Server 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20777079p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 17:38:04 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 Redirect headers date Tue, 10 Oct 2023 17:38:03 GMT via 1.1 fdc45b521af7652438141328494a79d2.cloudfront.net (CloudFront) server lighttpd/1.4.69 x-amz-cf-pop FRA56-C2 vary Cookie x-cache Miss from cloudfront content-type text/html; charset=utf-8 location https://idsync.rlcdn.com/501709.gif?partner_uid=a68f995c-9421-407a-afea-7a5bc558a85a%3A1696959483.0453238&_=1696959483.046488 content-length 445 x-amz-cf-id otseNzotuJu5QxNZ99ylFPOwHF6Nfo8sJGj_3YsjzDZh9OwCQbiaFQ==
GET H3	451	501709.gif idsync.rlcdn.com/ Frame DF80 Redirect Chain https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEwODU1OTczMDIzMjI0NzMzNA==&forward= https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEBWMHrJqQV-0KnBe9VNPfzY&google_cver=1 https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559730232247334&referrer={encSite}&forward= https://p.rfihub.com/cm?pub=39342&in=0&userid=a68f995c-9421-407a-afea-7a5bc558a85a%3A1696959483.0453238&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Da68f995c-9421-407a-afea-7a5bc55... https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559730232247334&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Da68f995c-9421-407a-af... https://idsync.rlcdn.com/501709.gif?partner_uid=a68f995c-9421-407a-afea-7a5bc558a85a%3A1696959483.0453238&_=1696959483.7255244	0 9 B	41ms 34ms	Image text/plain	35.244.174.68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/501709.gif?partner_uid=a68f995c-9421-407a-afea-7a5bc558a85a%3A1696959483.0453238&_=1696959483.7255244 Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol H3 Server 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20777079p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 17:38:04 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 Redirect headers date Tue, 10 Oct 2023 17:38:04 GMT via 1.1 fdc45b521af7652438141328494a79d2.cloudfront.net (CloudFront) server lighttpd/1.4.69 x-amz-cf-pop FRA56-C2 vary Cookie x-cache Miss from cloudfront content-type text/html; charset=utf-8 location https://idsync.rlcdn.com/501709.gif?partner_uid=a68f995c-9421-407a-afea-7a5bc558a85a%3A1696959483.0453238&_=1696959483.7255244 content-length 447 x-amz-cf-id mMclhgvsRa4oFLWC5NwOt_yKsg8J9YrgEn12OwDndGbkSv58prd5dg==
GET H2	200	bounce ib.adnxs.com/ Frame DF80 Redirect Chain https://ib.adnxs.com/setuid?entity=18&code=5108559730232247334 https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5108559730232247334	43 B 884 B	39ms 37ms	Image image/gif	185.89.210.212 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5108559730232247334 Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol H2 Server 185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://20777079p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Tue, 10 Oct 2023 17:38:02 GMT an-x-request-uuid 554f6d4b-43bb-4c7b-b3b4-512df57f26b3 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 217.114.218.26; 217.114.218.26; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Tue, 10 Oct 2023 17:38:02 GMT an-x-request-uuid a363779f-effc-49ee-acc5-c2449f5ee334 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 location https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5108559730232247334 cache-control no-store, no-cache, private x-proxy-origin 217.114.218.26; 217.114.218.26; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	demconf.jpg dpm.demdex.net/ Frame DF80 Redirect Chain https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5108559730232247334&redir= https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5108559730232247334&redir=	42 B 942 B	52ms 52ms	Image image/gif	99.80.170.99 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5108559730232247334&redir= Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol HTTP/1.1 Server 99.80.170.99 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-99-80-170-99.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://20777079p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers DCS dcs-prod-irl1-2-v052-06d0aaa59.edge-irl1.demdex.com 3 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID cJxBR7ZxS2w= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Content-Type image/gif Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers DCS dcs-prod-irl1-2-v052-0e4457417.edge-irl1.demdex.com 0 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains X-TID 2bG88RHWThg= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Location https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5108559730232247334&redir= Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 UTC
GET H2	200	Pug image2.pubmatic.com/AdServer/ Frame DF80	42 B 425 B	156ms 49ms	Image image/gif	198.47.127.205 GTT-BACKBONE GTT
General Check archive.org Show headers Download Go to Show image Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw==&piggybackCookie=5108559730232247334&r= Requested by Host: 5499309.fls.doubleclick.net URL: https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=COeiudiC7IEDFV8KogMdIuYDSQ;src=5499309;type=sitev00;cat=wfpor0;ord=1006834892700;auiddc=993957948.1696959481;gtm=45He3a90h2;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3479%26utm_source%3Dsupportercare%26utm_medium%3Dsms%26utm_campaign%3D231009_Afghanistan_Emergency%26utm_cid%3D7014y000001RTUHAA4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language de-DE,de;q=0.9 Referer https://20777079p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers content-type image/gif; charset=utf-8 date Tue, 10 Oct 2023 17:38:02 GMT cache-control no-store, no-cache, private server nginx content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
GET H2	200	sd us-u.openx.net/w/1.0/ Frame DF80	43 B 273 B	103ms 31ms	Image image/gif	34.98.64.218 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?id=537073062&val=5108559730232247334&r= Requested by Host: 5499309.fls.doubleclick.net URL: https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=COeiudiC7IEDFV8KogMdIuYDSQ;src=5499309;type=sitev00;cat=wfpor0;ord=1006834892700;auiddc=993957948.1696959481;gtm=45He3a90h2;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3479%26utm_source%3Dsupportercare%26utm_medium%3Dsms%26utm_campaign%3D231009_Afghanistan_Emergency%26utm_cid%3D7014y000001RTUHAA4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 218.64.98.34.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language de-DE,de;q=0.9 Referer https://20777079p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Tue, 10 Oct 2023 17:38:02 GMT via 1.1 google server OXGW/0.0.0 vary Accept content-type image/gif p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT
GET H/1.1	200 OK	match ps.eyeota.net/ Frame DF80 Redirect Chain https://p.rfihub.com/cm?pub=24472&in=1 https://ps.eyeota.net/match?uid=5108559730232247334&bid=omt9pi0	0 344 B	132ms 27ms	Image text/plain	3.125.70.222 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ps.eyeota.net/match?uid=5108559730232247334&bid=omt9pi0 Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol HTTP/1.1 Server 3.125.70.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-125-70-222.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20777079p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Date Tue, 10 Oct 2023 17:38:03 GMT Content-Length 0 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml" Redirect headers Location https://ps.eyeota.net/match?uid=5108559730232247334&bid=omt9pi0 Date Tue, 10 Oct 2023 17:38:02 GMT Server Jetty(9.4.51.v20230217) Content-Length 0 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H2	200	cksync.php contextual.media.net/ Frame DF80	53 B 615 B	1543ms 1440ms	Image image/gif	95.101.200.23 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5108559730232247334 Requested by Host: 5499309.fls.doubleclick.net URL: https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=COeiudiC7IEDFV8KogMdIuYDSQ;src=5499309;type=sitev00;cat=wfpor0;ord=1006834892700;auiddc=993957948.1696959481;gtm=45He3a90h2;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3479%26utm_source%3Dsupportercare%26utm_medium%3Dsms%26utm_campaign%3D231009_Afghanistan_Emergency%26utm_cid%3D7014y000001RTUHAA4 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.101.200.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a95-101-200-23.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://20777079p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000 date Tue, 10 Oct 2023 17:38:04 GMT server Apache p3p CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA content-type image/gif cache-control max-age=0, no-cache, no-store content-length 53 x-mnet-hl2 E expires Tue, 10 Oct 2023 17:38:04 GMT
GET H2	200	/ bpi.rtactivate.com/tag/ Frame DF80	43 B 109 B	479ms 163ms	Image image/gif	3.217.114.50 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://bpi.rtactivate.com/tag/?id=11017&user_id=5108559730232247334 Requested by Host: 5499309.fls.doubleclick.net URL: https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=COeiudiC7IEDFV8KogMdIuYDSQ;src=5499309;type=sitev00;cat=wfpor0;ord=1006834892700;auiddc=993957948.1696959481;gtm=45He3a90h2;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3479%26utm_source%3Dsupportercare%26utm_medium%3Dsms%26utm_campaign%3D231009_Afghanistan_Emergency%26utm_cid%3D7014y000001RTUHAA4 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.217.114.50 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-217-114-50.compute-1.amazonaws.com Software awselb/2.0 / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://20777079p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 17:38:03 GMT server awselb/2.0 content-length 43 content-type image/gif
GET H2	200	rum dsum-sec.casalemedia.com/ Frame DF80 Redirect Chain https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5108559730232247334&forward= https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5108559730232247334&forward=&C=1	43 B 336 B	47ms 43ms	Image image/gif	104.18.27.193 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5108559730232247334&forward=&C=1 Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol H2 Server 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://20777079p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Tue, 10 Oct 2023 17:38:02 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h4eXsVxH3K6E8Go%2FBin%2FEz5s5QbKljBrHxSSWog8kZN1vPrhGlYCkPyvK%2BIIohVrO02Ig9SKySu5EaujM02iXC92JJUSmHlW9QuzfIFbh73vBjAnfD82Mt6e3ewL1A9GgnoD4dbi9TRAjQ%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 8140a2807e588fc5-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Tue, 10 Oct 2023 17:38:02 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n7SKGepxbgTHxtERzRdzsdRb%2Bbu%2FkCu6gqcrbae9Oic9FK3qDq%2Fi2b3Cbech6Fi0JxxuqS8xoUpPEHZof8K4IRqQnIv602h2X7KA7SOUpwH9hhdY7vVO0Plakv9ZHaemwHfJX1QD92c1dg%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" location /rum?cm_dsp_id=57&external_user_id=5108559730232247334&forward=&C=1 cache-control no-cache cf-ray 8140a27fed6b8fc5-FRA alt-svc h3=":443"; ma=86400 content-length 0 expires 0
GET H2	451	360947.gif idsync.rlcdn.com/ Frame DF80	0 98 B	132ms 42ms	Image text/plain	35.244.174.68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/360947.gif?partner_uid=5108559730232247334 Requested by Host: 5499309.fls.doubleclick.net URL: https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=COeiudiC7IEDFV8KogMdIuYDSQ;src=5499309;type=sitev00;cat=wfpor0;ord=1006834892700;auiddc=993957948.1696959481;gtm=45He3a90h2;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3479%26utm_source%3Dsupportercare%26utm_medium%3Dsms%26utm_campaign%3D231009_Afghanistan_Emergency%26utm_cid%3D7014y000001RTUHAA4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20777079p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 17:38:02 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	rocketfuel_sync x.dlx.addthis.com/e/ Frame DF80	43 B 182 B	284ms 168ms	Image image/gif	88.221.168.166 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5108559730232247334 Requested by Host: 5499309.fls.doubleclick.net URL: https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=COeiudiC7IEDFV8KogMdIuYDSQ;src=5499309;type=sitev00;cat=wfpor0;ord=1006834892700;auiddc=993957948.1696959481;gtm=45He3a90h2;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3479%26utm_source%3Dsupportercare%26utm_medium%3Dsms%26utm_campaign%3D231009_Afghanistan_Emergency%26utm_cid%3D7014y000001RTUHAA4 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 88.221.168.166 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a88-221-168-166.deploy.static.akamaitechnologies.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=2628000 Request headers accept-language de-DE,de;q=0.9 Referer https://20777079p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers expires Tue, 10 Oct 2023 17:38:03 GMT pragma no-cache date Tue, 10 Oct 2023 17:38:03 GMT cache-control max-age=0, no-cache, no-store strict-transport-security max-age=2628000 content-length 43 content-type image/gif
GET H2	200	sync partners.tremorhub.com/ Frame DF80	43 B 175 B	378ms 112ms	Image image/gif	2600:1f18:612b:4200:987f:3c55:826c:2eba AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://partners.tremorhub.com/sync?UIRF=5108559730232247334&r=koL3JgRmaQPd Requested by Host: 5499309.fls.doubleclick.net URL: https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=COeiudiC7IEDFV8KogMdIuYDSQ;src=5499309;type=sitev00;cat=wfpor0;ord=1006834892700;auiddc=993957948.1696959481;gtm=45He3a90h2;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3479%26utm_source%3Dsupportercare%26utm_medium%3Dsms%26utm_campaign%3D231009_Afghanistan_Emergency%26utm_cid%3D7014y000001RTUHAA4 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:612b:4200:987f:3c55:826c:2eba Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language de-DE,de;q=0.9 Referer https://20777079p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers p3p CP='This is not a P3P policy. See https://telaria.com/privacy-policy/' date Tue, 10 Oct 2023 17:38:03 GMT server nginx content-type image/gif
GET H2	200	g.pixel aa.agkn.com/adscores/ Frame DF80	43 B 377 B	226ms 49ms	Image image/gif	54.154.110.236 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5108559730232247334 Requested by Host: 5499309.fls.doubleclick.net URL: https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=COeiudiC7IEDFV8KogMdIuYDSQ;src=5499309;type=sitev00;cat=wfpor0;ord=1006834892700;auiddc=993957948.1696959481;gtm=45He3a90h2;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3479%26utm_source%3Dsupportercare%26utm_medium%3Dsms%26utm_campaign%3D231009_Afghanistan_Emergency%26utm_cid%3D7014y000001RTUHAA4 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.154.110.236 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-154-110-236.eu-west-1.compute.amazonaws.com Software AAWebServer / Resource Hash 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a Request headers accept-language de-DE,de;q=0.9 Referer https://20777079p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Tue, 10 Oct 2023 17:38:03 GMT server AAWebServer access-control-allow-methods GET, POST, OPTIONS p3p policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID" content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate access-control-allow-headers accept, cache-control, origin, x-requested-with, x-file-name, content-type content-length 43 expires 0
GET H2	204	usermatch.gif beacon.krxd.net/ Frame DF80	0 338 B	202ms 52ms	Image text/plain	52.210.15.67 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5108559730232247334 Requested by Host: 5499309.fls.doubleclick.net URL: https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=COeiudiC7IEDFV8KogMdIuYDSQ;src=5499309;type=sitev00;cat=wfpor0;ord=1006834892700;auiddc=993957948.1696959481;gtm=45He3a90h2;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3479%26utm_source%3Dsupportercare%26utm_medium%3Dsms%26utm_campaign%3D231009_Afghanistan_Emergency%26utm_cid%3D7014y000001RTUHAA4 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.210.15.67 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-210-15-67.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20777079p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers x-served-by beacon-n024-dub-prod.krxd.net date Tue, 10 Oct 2023 17:38:03 GMT cache-control private, no-cache, no-store x-request-time D=32 t=1696959483 p3p policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
GET H2	200	sync x.bidswitch.net/ Frame DF80	43 B 146 B	108ms 22ms	Image image/gif	52.57.217.9 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/sync?dsp_id=119&user_id=5108559730232247334&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD} Requested by Host: 5499309.fls.doubleclick.net URL: https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=COeiudiC7IEDFV8KogMdIuYDSQ;src=5499309;type=sitev00;cat=wfpor0;ord=1006834892700;auiddc=993957948.1696959481;gtm=45He3a90h2;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3479%26utm_source%3Dsupportercare%26utm_medium%3Dsms%26utm_campaign%3D231009_Afghanistan_Emergency%26utm_cid%3D7014y000001RTUHAA4 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.57.217.9 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-57-217-9.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language de-DE,de;q=0.9 Referer https://20777079p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 17:38:03 GMT cache-control no-cache, no-store, must-revalidate content-length 43 content-type image/gif
GET H/1.1	200 OK	cm p.rfihub.com/ Frame DF80 Redirect Chain https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=ZSWL_wAWwUESQwA_ https://p.rfihub.com/cm?in=1&pub=21653&userid=ZSWL_wAWwUESQwA_&_test=ZSWL_wAWwUESQwA_	42 B 1 KB	31ms 31ms	Image image/gif	193.0.160.130 ROCKETFUEL
General Check archive.org Show headers Download Go to Show image Full URL https://p.rfihub.com/cm?in=1&pub=21653&userid=ZSWL_wAWwUESQwA_&_test=ZSWL_wAWwUESQwA_ Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol HTTP/1.1 Server 193.0.160.130 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.4.51.v20230217) / Resource Hash 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292 Request headers accept-language de-DE,de;q=0.9 Referer https://20777079p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Content-Type image/gif Date Tue, 10 Oct 2023 17:38:03 GMT Cache-Control no-cache Server Jetty(9.4.51.v20230217) Content-Length 42 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers x-served-by cache-fra-eddf8230138-FRA pragma no-cache date Tue, 10 Oct 2023 17:38:03 GMT via 1.1 varnish server Varnish x-timer S1696959484.644311,VS0,VE0 x-cache HIT location https://p.rfihub.com/cm?in=1&pub=21653&userid=ZSWL_wAWwUESQwA_&_test=ZSWL_wAWwUESQwA_ cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 70 B	35ms 29ms	XHR text/plain	2a00:1450:400c:c0b::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-2556524-1&cid=1157176061.1696959481&jid=1325069222&gjid=203002814&_gid=2117925464.1696959481&_u=aGDACEABBAAAAGAAI~&z=1761700695 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://donate.wfp.org/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Tue, 10 Oct 2023 17:38:02 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://donate.wfp.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sparkcentral.1.25.7.min.js Show response cdn.sparkcentral.com/rtm/web/1.25.7/	9 KB 4 KB	77ms 28ms	Script application/javascript	2600:9000:2057:9000:14:56a0:4680:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.sparkcentral.com/rtm/web/1.25.7/sparkcentral.1.25.7.min.js Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:9000:14:56a0:4680:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 3fc75d058624330c6f1611633822e4023b960fad6a3f35876046f3adaa6349c9 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 05:01:42 GMT content-encoding gzip via 1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront) last-modified Fri, 19 Feb 2021 16:46:30 GMT server AmazonS3 x-amz-cf-pop FRA6-C1 age 45430 x-amz-server-side-encryption AES256 etag W/"cd3c7f973f6b72e066d3f3f23b53d94f" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-meta-lastmodified 2020-03-16 15:17:38 +0000 UTC x-amz-cf-id ojF7KEAJtZqqhUY1sPVlYUxV6oUn4LCQhIlQ4fIr81XWMlkIfg5BAQ==
GET H3	200	ga-audiences www.google.com/ads/	42 B 63 B	78ms 77ms	Image image/gif	2a00:1450:4001:803::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-2556524-1&cid=1157176061.1696959481&jid=1325069222&_u=aGDACEABBAAAAGAAI~&z=866541600 Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Tue, 10 Oct 2023 17:38:02 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.de/ads/	42 B 63 B	78ms 77ms	Image image/gif	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-2556524-1&cid=1157176061.1696959481&jid=1325069222&_u=aGDACEABBAAAAGAAI~&z=866541600 Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Tue, 10 Oct 2023 17:38:02 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/	466 KB 187 KB	99ms 29ms	Script text/javascript	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/recaptcha__de.js Requested by Host: www.recaptcha.net URL: https://www.recaptcha.net/recaptcha/api.js?render=6LcW0K4kAAAAAIvAD4LnnB0XoYSHPXpH6MuedSFw Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e57ecbca07885a20fc56dbae51642fe0e95b58c96dba6ea1c5cbb15417b9a0df Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://donate.wfp.org/ Origin https://donate.wfp.org accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 14:43:12 GMT content-encoding gzip x-content-type-options nosniff age 183291 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 190978 x-xss-protection 0 last-modified Mon, 02 Oct 2023 04:05:03 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 07 Oct 2024 14:43:12 GMT
GET H2	200	initialise.js Show response pay.gocardless.com/billing/static/dropin/v2/	3 KB 2 KB	147ms 39ms	Script application/javascript	2606:4700:10::6814:8b22 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pay.gocardless.com/billing/static/dropin/v2/initialise.js Requested by Host: donate.wfp.org URL: https://donate.wfp.org/_wfp/54c3c1e.modern.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:8b22 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 100082a5a528e4e7117b02aa04631420999caaa3823cad14addb139ba07622bf Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 17:38:03 GMT content-encoding gzip via 1.1 google cf-cache-status HIT age 2412 x-guploader-uploadid ADPycdsTlcUAtMt9WergXIH9Ri_vcGAju-iSisycS1VqJSBO08xIXhpK3ZdaaDxzJWAgi-P_neqbxThe7l8fq05oz8u3Vw x-goog-storage-class REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip content-length 1384 last-modified Tue, 26 Sep 2023 15:56:32 GMT server cloudflare etag "bfe4acaca79d9ff4f75632dfea89d06a" vary Accept-Encoding x-goog-generation 1695743792443893 content-type application/javascript x-goog-hash crc32c=YCECfQ==, md5=v+SsrKedn/T3VjLf6onQag== cache-control public, max-age=3600 x-goog-stored-content-length 1384 accept-ranges bytes cf-ray 8140a2814f505d90-FRA expires Tue, 10 Oct 2023 17:57:51 GMT
GET H2	200	js Show response www.paypal.com/sdk/	273 KB 77 KB	149ms 48ms	Script application/javascript	151.101.193.21 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.paypal.com/sdk/js?client-id=AbyrqEp_MW1nDeGIuU7pGYUNi85B7a9Gdcf8tpWgcHrn6mtIMPNruc31B06UJw7DHDdOd10ZCGh2bAth&disable-funding=card,credit,bancontact,blik,eps,giropay,ideal,mercadopago,mybank,p24,sepa,sofort,venmo&currency=EUR Requested by Host: donate.wfp.org URL: https://donate.wfp.org/_wfp/c5986ca.modern.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.193.21 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash ed66fd3e95f4d455fb402ea6fba9f125d29e3412fd2ddf3d79a815a24344f859 Security Headers Name Value Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-qhqKu2c94jkRTp9L0Vagxg72DUR5vRiBaAhZynLvefnO61wI' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-qhqKu2c94jkRTp9L0Vagxg72DUR5vRiBaAhZynLvefnO61wI' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers content-security-policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-qhqKu2c94jkRTp9L0Vagxg72DUR5vRiBaAhZynLvefnO61wI' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-qhqKu2c94jkRTp9L0Vagxg72DUR5vRiBaAhZynLvefnO61wI' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp content-encoding gzip x-content-type-options nosniff disable-set-cookie true via 1.1 varnish, 1.1 varnish date Tue, 10 Oct 2023 17:38:03 GMT age 2180 strict-transport-security max-age=63072000; includeSubDomains; preload x-cache HIT, MISS p3p true paypal-debug-id f55655942c008 server-timing "traceparent;desc="00-0000000000000000000f55655942c008-6974d34643620a58-01"";content-encoding;desc="gzip",x-cdn;desc="fastly" dc ccg11-origin-www-1.paypal.com content-length 76490 x-xss-protection 1; mode=block x-served-by cache-fra-eddf8230110-FRA, cache-fra-eddf8230110-FRA accept-ch sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64 traceparent 00-0000000000000000000f55655942c008-28d69b4fc6b8131d-01 x-timer S1696959483.110388,VS0,VE7 etag W/"12aca-BamTfWHPKlf8mzANq4zXgL9Iqjg" x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers Server-Timing cache-control public, max-age=3600, s-maxage=10800 origin-trial AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ== permissions-policy ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com") accept-ranges bytes x-cache-hits 2, 0
GET H3	200	pb-stripe.svg donate.wfp.org/assets/img/icons/	4 KB 2 KB	62ms 57ms	Image image/svg+xml	34.117.85.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://donate.wfp.org/assets/img/icons/pb-stripe.svg Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol H3 Security QUIC, , AES_128_GCM Server 34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.85.117.34.bc.googleusercontent.com Software Google Frontend / Resource Hash 3f39956e5e5efe0dc248d9574a7a7071f5ac512ae3d553d3f949653cb8147962 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 17:38:03 GMT content-encoding gzip via 1.1 google last-modified Wed, 27 Sep 2023 16:43:45 GMT server Google Frontend etag W/"f81-18ad78669e8" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=0 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H2	200	controller-4386a06b63108a4ca146f151a0943cf1.html Show response js.stripe.com/v3/ Frame 39A9	325 B 1 KB	35ms 32ms	Document text/html	13.227.219.27 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/controller-4386a06b63108a4ca146f151a0943cf1.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.27 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-27.ams54.r.cloudfront.net Software Cloudfront / Resource Hash d50b6cb3cd9734f8fc2f4193cbbc0419356f0777363647805f9a2f90e81536f3 Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://donate.wfp.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 23 cache-control max-age=60 content-length 325 content-security-policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Tue, 10 Oct 2023 17:37:41 GMT etag "4386a06b63108a4ca146f151a0943cf1" last-modified Tue, 10 Oct 2023 17:07:04 GMT server Cloudfront strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 2dc050ab05a5052054de7d000d6c5f50.cloudfront.net (CloudFront) x-amz-cf-id LgEZicWdqzIdxpVn-tLxXq_54TjzpgcYDKHU_OfxHqymmn1REFF9XQ== x-amz-cf-pop AMS54-C1 x-cache Hit from cloudfront x-content-type-options nosniff
GET H2	200	payment-request-inner-google-pay-c922c111bc8a5239ec5908908c0afb4f.html Show response js.stripe.com/v3/ Frame 086E	408 B 1 KB	30ms 29ms	Document text/html	13.227.219.27 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/payment-request-inner-google-pay-c922c111bc8a5239ec5908908c0afb4f.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.27 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-27.ams54.r.cloudfront.net Software Cloudfront / Resource Hash 9e30dc5c9be65a1d3b5d41f4205094e24d1dd1fb2c741005a14d0d29065bd727 Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://donate.wfp.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 1715 cache-control max-age=31536000 content-length 408 content-security-policy base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report content-security-policy-report-only base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Tue, 10 Oct 2023 17:09:29 GMT etag "c922c111bc8a5239ec5908908c0afb4f" last-modified Tue, 10 Oct 2023 17:07:21 GMT server Cloudfront strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 2dc050ab05a5052054de7d000d6c5f50.cloudfront.net (CloudFront) x-amz-cf-id KJkPelsAuOv7Gd_AEObFe6UcQZ7T86uSbJ03wvQOV9SrpFdVCVaomQ== x-amz-cf-pop AMS54-C1 x-cache Hit from cloudfront x-content-type-options nosniff
GET H2	200	payment-request-inner-browser-c7912ec5fcd5be18216440cc8d2782ec.html Show response js.stripe.com/v3/ Frame 75D8	344 B 1 KB	49ms 35ms	Document text/html	13.227.219.27 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/payment-request-inner-browser-c7912ec5fcd5be18216440cc8d2782ec.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.27 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-27.ams54.r.cloudfront.net Software Cloudfront / Resource Hash 75ca9178ae245b1c573060f1a4e296ae3ad8b10e035a820cf779459726ae3c9a Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://donate.wfp.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 28 cache-control max-age=60 content-length 344 content-security-policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report content-security-policy-report-only base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Tue, 10 Oct 2023 17:37:36 GMT etag "c7912ec5fcd5be18216440cc8d2782ec" last-modified Tue, 10 Oct 2023 17:07:21 GMT server Cloudfront strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 2dc050ab05a5052054de7d000d6c5f50.cloudfront.net (CloudFront) x-amz-cf-id GmK_G-kmS2LxLhM6cetu1Qt33Ip4Ay5Cea2p58ByPffJXoiHhYcdnA== x-amz-cf-pop AMS54-C1 x-cache Hit from cloudfront x-content-type-options nosniff
GET H2	200	controller-4386a06b63108a4ca146f151a0943cf1.html Show response js.stripe.com/v3/ Frame A6CF	325 B 1 KB	45ms 31ms	Document text/html	13.227.219.27 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/controller-4386a06b63108a4ca146f151a0943cf1.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.27 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-27.ams54.r.cloudfront.net Software Cloudfront / Resource Hash d50b6cb3cd9734f8fc2f4193cbbc0419356f0777363647805f9a2f90e81536f3 Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://donate.wfp.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 23 cache-control max-age=60 content-length 325 content-security-policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Tue, 10 Oct 2023 17:37:41 GMT etag "4386a06b63108a4ca146f151a0943cf1" last-modified Tue, 10 Oct 2023 17:07:04 GMT server Cloudfront strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 2dc050ab05a5052054de7d000d6c5f50.cloudfront.net (CloudFront) x-amz-cf-id 0dNgRsNQVFCS54noRVLSv8eCfRVAag_JPBOA3lK25mSMSxEe3at5CA== x-amz-cf-pop AMS54-C1 x-cache Hit from cloudfront x-content-type-options nosniff
GET H2	200	elements-inner-card-e7649e9a7bbd8ef9d0afced32e791783.html Show response js.stripe.com/v3/ Frame 1129	798 B 2 KB	51ms 38ms	Document text/html	13.227.219.27 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/elements-inner-card-e7649e9a7bbd8ef9d0afced32e791783.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.27 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-27.ams54.r.cloudfront.net Software Cloudfront / Resource Hash 4f6d2d585130eff84ceb9bd411e5c15607852ed6b6891eb83094bac8e1d3942e Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://donate.wfp.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 1394 cache-control max-age=31536000 content-length 798 content-security-policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report content-security-policy-report-only base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Tue, 10 Oct 2023 17:14:50 GMT etag "e7649e9a7bbd8ef9d0afced32e791783" last-modified Tue, 10 Oct 2023 17:07:04 GMT server Cloudfront strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 2dc050ab05a5052054de7d000d6c5f50.cloudfront.net (CloudFront) x-amz-cf-id 5nFXwUVkZJr2a1ecTi2vEhIspgK-GAQC-ej5slsZGkwLVzBXwv4dcQ== x-amz-cf-pop AMS54-C1 x-cache Hit from cloudfront x-content-type-options nosniff
GET H2	200	elements-inner-card-e7649e9a7bbd8ef9d0afced32e791783.html Show response js.stripe.com/v3/ Frame A94F	798 B 2 KB	47ms 39ms	Document text/html	13.227.219.27 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/elements-inner-card-e7649e9a7bbd8ef9d0afced32e791783.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.27 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-27.ams54.r.cloudfront.net Software Cloudfront / Resource Hash 4f6d2d585130eff84ceb9bd411e5c15607852ed6b6891eb83094bac8e1d3942e Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://donate.wfp.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 1715 cache-control max-age=31536000 content-length 798 content-security-policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report content-security-policy-report-only base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Tue, 10 Oct 2023 17:09:29 GMT etag "e7649e9a7bbd8ef9d0afced32e791783" last-modified Tue, 10 Oct 2023 17:07:04 GMT server Cloudfront strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 2dc050ab05a5052054de7d000d6c5f50.cloudfront.net (CloudFront) x-amz-cf-id iAP6fQ8UhtNMmZhoKLdY1tON96DrSRLHAXE2UFQlQe8Ij0oAD8sGOg== x-amz-cf-pop AMS54-C1 x-cache Hit from cloudfront x-content-type-options nosniff
GET H2	200	elements-inner-card-e7649e9a7bbd8ef9d0afced32e791783.html Show response js.stripe.com/v3/ Frame C830	798 B 2 KB	47ms 40ms	Document text/html	13.227.219.27 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/elements-inner-card-e7649e9a7bbd8ef9d0afced32e791783.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.27 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-27.ams54.r.cloudfront.net Software Cloudfront / Resource Hash 4f6d2d585130eff84ceb9bd411e5c15607852ed6b6891eb83094bac8e1d3942e Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://donate.wfp.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 1715 cache-control max-age=31536000 content-length 798 content-security-policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report content-security-policy-report-only base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Tue, 10 Oct 2023 17:09:29 GMT etag "e7649e9a7bbd8ef9d0afced32e791783" last-modified Tue, 10 Oct 2023 17:07:04 GMT server Cloudfront strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 2dc050ab05a5052054de7d000d6c5f50.cloudfront.net (CloudFront) x-amz-cf-id 0vIGMuBeofoy9r8Mn56wiNynx3Rc6_96Px9A6ji3xAEFOHJMUrnb-Q== x-amz-cf-pop AMS54-C1 x-cache Hit from cloudfront x-content-type-options nosniff
GET H3	200	credit-card.png donate.wfp.org/assets/img/icons/	407 B 429 B	66ms 59ms	Image image/png	34.117.85.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://donate.wfp.org/assets/img/icons/credit-card.png Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol H3 Security QUIC, , AES_128_GCM Server 34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.85.117.34.bc.googleusercontent.com Software Google Frontend / Resource Hash 2a6ab45df9e4d7ba1661e98f9e57c9ae68ed0475f05f23117746c78d2e4fc43b Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 17:38:03 GMT via 1.1 google last-modified Wed, 27 Sep 2023 16:43:45 GMT server Google Frontend etag W/"197-18ad78669e8" content-type image/png x-cloud-trace-context c509f85fa2aff80615dc1872f1c83591 cache-control public, max-age=0 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 407
GET H2	200	modules.3cb89fdee82cce4ad9b3.js Show response script.hotjar.com/	225 KB 55 KB	98ms 28ms	Script application/javascript	13.32.27.107 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.3cb89fdee82cce4ad9b3.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-2048364.js?sv=7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.107 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-107.fra56.r.cloudfront.net Software / Resource Hash ae2849fe8677f8485afddd849dc1aa7e27f447c993bba3cae7c067ac7532780b Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 10:41:06 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 753f415578c1ca010e51a83aef192330.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-C2 age 25017 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 55975 last-modified Tue, 10 Oct 2023 10:41:03 GMT etag "39d8b64fc948fc5ebdedc8f69ab2299d" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes x-robots-tag none x-amz-cf-id ztuZiwKzyO0O3sh_SDNXbGUH7ol0wYUWTV2EZYxu5rQKtNfhxuCy-Q==
GET H2	200	xwk0klq7.json Show response l.getsitecontrol.com/	24 KB 6 KB	190ms 123ms	XHR application/json	2400:52e0:1e00::1081:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://l.getsitecontrol.com/xwk0klq7.json Requested by Host: l.getsitecontrol.com URL: https://l.getsitecontrol.com/xwk0klq7.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1081 / Resource Hash 500cafb8e11eb67632e831133006d698657c39c57305c96bd364a313adb84263 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 17:38:03 GMT content-encoding br cdn-edgestorageid 1082 x-amz-request-id KV5YJ4AP8F316ZV7 x-amz-server-side-encryption AES256 cdn-cachedat 09/21/2023 10:49:25 cdn-pullzone 89704 cross-origin-resource-policy cross-origin x-amz-id-2 g+Vbkg8NHdT7NkaQSko+mpzyJdtgP+mHkFwfdK9ILOMHBSKLJ4ISHJcw++TCOX7iCey1ch7D0Ww= last-modified Thu, 21 Sep 2023 10:48:56 GMT server BunnyCDN-DE1-1081 cdn-proxyver 1.04 cdn-requestpullcode 200 etag W/"575ee7b158f51c42ff491c1fb494a0e6" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/json; charset=utf-8 access-control-allow-origin * cdn-cache REVALIDATED cdn-uid e3a1246b-2fdd-4153-9207-6ca707c9379d access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=0 access-control-max-age 3000 cdn-requestid a4ebf1b2ee793f469a4f1443e9aea5f9 cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	shared-3b6a66eef9f15e42ebb3729fea20fc13.js Show response js.stripe.com/v3/fingerprinted/js/ Frame 39A9	513 KB 122 KB	31ms 30ms	Script text/javascript	13.227.219.27 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/controller-4386a06b63108a4ca146f151a0943cf1.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.27 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-27.ams54.r.cloudfront.net Software Cloudfront / Resource Hash 84a32942de704cbad346426ef8464f2d76a9a500d8a0d9ca72ffb239e876e0b0 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/controller-4386a06b63108a4ca146f151a0943cf1.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 17:08:36 GMT strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff content-encoding gzip x-amz-cf-pop AMS54-C1 age 1768 via 1.1 2dc050ab05a5052054de7d000d6c5f50.cloudfront.net (CloudFront) x-cache Hit from cloudfront last-modified Tue, 10 Oct 2023 17:07:19 GMT server Cloudfront etag W/"4cab16e21e6e44b6d52f5bae4d3197df" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id J7_NzHx8tG5RP7126B8-exrWSEBnPsbQg68jLOFcDB6k5tmQ_m1zpg==
GET H2	200	controller-338e4a2cd54e0417c74e574ab3eb0f00.js Show response js.stripe.com/v3/fingerprinted/js/ Frame 39A9	613 KB 162 KB	45ms 44ms	Script text/javascript	13.227.219.27 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/controller-338e4a2cd54e0417c74e574ab3eb0f00.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/controller-4386a06b63108a4ca146f151a0943cf1.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.27 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-27.ams54.r.cloudfront.net Software Cloudfront / Resource Hash 1f929a8fd115e884f14e698212f4be17270a57a1bdec52ba0f326df1caa8ded6 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/controller-4386a06b63108a4ca146f151a0943cf1.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 17:08:36 GMT strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff content-encoding gzip x-amz-cf-pop AMS54-C1 age 1768 via 1.1 2dc050ab05a5052054de7d000d6c5f50.cloudfront.net (CloudFront) x-cache Hit from cloudfront last-modified Tue, 10 Oct 2023 17:07:16 GMT server Cloudfront etag W/"beaf712e68f0b804affbd85d181094b3" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id fFugaiqnW-Xhq_zMGs4RbiiAgj7FJrzRzU2WdYZa3rgHczxRG1iKYg==
GET H2	200	pay.js Show response pay.google.com/gp/p/js/ Frame 086E	117 KB 36 KB	215ms 81ms	Script application/javascript	2a00:1450:400c:c04::5c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pay.google.com/gp/p/js/pay.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/payment-request-inner-google-pay-c922c111bc8a5239ec5908908c0afb4f.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c04::5c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 1cb146a6294f46b5d58de858134694c25c9bbd944c25ef47c259cddc7f4d60a8 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-o3vB2_pHzP24muEnm1xnRw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 17:38:03 GMT strict-transport-security max-age=31536000 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-o3vB2_pHzP24muEnm1xnRw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport x-content-type-options nosniff p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control private, max-age=600 permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* expires Tue, 10 Oct 2023 17:38:03 GMT
GET H2	200	shared-3b6a66eef9f15e42ebb3729fea20fc13.js Show response js.stripe.com/v3/fingerprinted/js/ Frame 086E	513 KB 122 KB	65ms 64ms	Script text/javascript	13.227.219.27 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/payment-request-inner-google-pay-c922c111bc8a5239ec5908908c0afb4f.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.27 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-27.ams54.r.cloudfront.net Software Cloudfront / Resource Hash 84a32942de704cbad346426ef8464f2d76a9a500d8a0d9ca72ffb239e876e0b0 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/payment-request-inner-google-pay-c922c111bc8a5239ec5908908c0afb4f.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 17:08:36 GMT strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff content-encoding gzip x-amz-cf-pop AMS54-C1 age 1768 via 1.1 2dc050ab05a5052054de7d000d6c5f50.cloudfront.net (CloudFront) x-cache Hit from cloudfront last-modified Tue, 10 Oct 2023 17:07:19 GMT server Cloudfront etag W/"4cab16e21e6e44b6d52f5bae4d3197df" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id Arwu1Jy6IK_HG8G4nAOIiDTCZ2TunECZQsaX6363oUjjhPK4hdn65g==
GET H2	200	payment-request-inner-google-pay-c1393017a41a9a55f1972b366ff43e92.js Show response js.stripe.com/v3/fingerprinted/js/ Frame 086E	10 KB 4 KB	32ms 32ms	Script text/javascript	13.227.219.27 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-c1393017a41a9a55f1972b366ff43e92.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/payment-request-inner-google-pay-c922c111bc8a5239ec5908908c0afb4f.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.27 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-27.ams54.r.cloudfront.net Software Cloudfront / Resource Hash f05a075dfa9cee7ab76b28bf5ebb367646493c4c3712ad1fb6bff0378f49a573 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/payment-request-inner-google-pay-c922c111bc8a5239ec5908908c0afb4f.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff date Tue, 10 Oct 2023 16:45:08 GMT via 1.1 2dc050ab05a5052054de7d000d6c5f50.cloudfront.net (CloudFront) x-amz-cf-pop AMS54-C1 age 3177 x-cache Hit from cloudfront last-modified Fri, 06 Oct 2023 20:54:32 GMT server Cloudfront etag W/"8f9acb52354218d5f45674debf56b2bd" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id 86dk_wbXkKx3worp05Fi5o2V5ANiosqcEFv-aSgJnzY5NCv0guIIUg==
GET H2	200	shared-3b6a66eef9f15e42ebb3729fea20fc13.js Show response js.stripe.com/v3/fingerprinted/js/ Frame A6CF	513 KB 122 KB	75ms 74ms	Script text/javascript	13.227.219.27 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/controller-4386a06b63108a4ca146f151a0943cf1.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.27 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-27.ams54.r.cloudfront.net Software Cloudfront / Resource Hash 84a32942de704cbad346426ef8464f2d76a9a500d8a0d9ca72ffb239e876e0b0 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/controller-4386a06b63108a4ca146f151a0943cf1.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 17:08:36 GMT strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff content-encoding gzip x-amz-cf-pop AMS54-C1 age 1768 via 1.1 2dc050ab05a5052054de7d000d6c5f50.cloudfront.net (CloudFront) x-cache Hit from cloudfront last-modified Tue, 10 Oct 2023 17:07:19 GMT server Cloudfront etag W/"4cab16e21e6e44b6d52f5bae4d3197df" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id tIolUy7oDA1vfzmqSivevK-HqeajwQMBsBfzYy6Dr4Djou8fKZhv4g==
GET H2	200	controller-338e4a2cd54e0417c74e574ab3eb0f00.js Show response js.stripe.com/v3/fingerprinted/js/ Frame A6CF	613 KB 162 KB	88ms 87ms	Script text/javascript	13.227.219.27 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/controller-338e4a2cd54e0417c74e574ab3eb0f00.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/controller-4386a06b63108a4ca146f151a0943cf1.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.27 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-27.ams54.r.cloudfront.net Software Cloudfront / Resource Hash 1f929a8fd115e884f14e698212f4be17270a57a1bdec52ba0f326df1caa8ded6 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/controller-4386a06b63108a4ca146f151a0943cf1.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 17:08:36 GMT strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff content-encoding gzip x-amz-cf-pop AMS54-C1 age 1768 via 1.1 2dc050ab05a5052054de7d000d6c5f50.cloudfront.net (CloudFront) x-cache Hit from cloudfront last-modified Tue, 10 Oct 2023 17:07:16 GMT server Cloudfront etag W/"beaf712e68f0b804affbd85d181094b3" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id XnyPleTsdZtaVnun625tdFEmp0Z72XTeUZJqmGv0EEdN8pPaJG8-eA==
GET H2	200	shared-3b6a66eef9f15e42ebb3729fea20fc13.js Show response js.stripe.com/v3/fingerprinted/js/ Frame 75D8	513 KB 122 KB	113ms 113ms	Script text/javascript	13.227.219.27 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/payment-request-inner-browser-c7912ec5fcd5be18216440cc8d2782ec.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.27 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-27.ams54.r.cloudfront.net Software Cloudfront / Resource Hash 84a32942de704cbad346426ef8464f2d76a9a500d8a0d9ca72ffb239e876e0b0 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/payment-request-inner-browser-c7912ec5fcd5be18216440cc8d2782ec.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 17:08:36 GMT strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff content-encoding gzip x-amz-cf-pop AMS54-C1 age 1768 via 1.1 2dc050ab05a5052054de7d000d6c5f50.cloudfront.net (CloudFront) x-cache Hit from cloudfront last-modified Tue, 10 Oct 2023 17:07:19 GMT server Cloudfront etag W/"4cab16e21e6e44b6d52f5bae4d3197df" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id gRjLV4AFFBdJwQO1Lt8jd8XV4vh4-OczRf-2acOQawVGpe-FjhQ9Rw==
GET H2	200	payment-request-inner-browser-be0e242b8c475d6fe5c6b08997031928.js Show response js.stripe.com/v3/fingerprinted/js/ Frame 75D8	12 KB 5 KB	128ms 128ms	Script text/javascript	13.227.219.27 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-be0e242b8c475d6fe5c6b08997031928.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/payment-request-inner-browser-c7912ec5fcd5be18216440cc8d2782ec.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.27 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-27.ams54.r.cloudfront.net Software Cloudfront / Resource Hash 2cd5192ff8b020b1b320397711a8d5fb40be5e2954fff09a707e092713b7fc03 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/payment-request-inner-browser-c7912ec5fcd5be18216440cc8d2782ec.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff date Tue, 10 Oct 2023 16:39:27 GMT via 1.1 2dc050ab05a5052054de7d000d6c5f50.cloudfront.net (CloudFront) x-amz-cf-pop AMS54-C1 age 3517 x-cache Hit from cloudfront last-modified Fri, 06 Oct 2023 20:54:32 GMT server Cloudfront etag W/"330666bb238cf77ae96a867563ebc09a" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id Bm6NWmnSC5Nrosiz2_1sX3z6b6guZPb3t_2z7H-n_sZmL9D6sX7HVg==
GET H2	200	shared-3b6a66eef9f15e42ebb3729fea20fc13.js Show response js.stripe.com/v3/fingerprinted/js/ Frame 1129	513 KB 122 KB	131ms 130ms	Script text/javascript	13.227.219.27 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-card-e7649e9a7bbd8ef9d0afced32e791783.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.27 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-27.ams54.r.cloudfront.net Software Cloudfront / Resource Hash 84a32942de704cbad346426ef8464f2d76a9a500d8a0d9ca72ffb239e876e0b0 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-card-e7649e9a7bbd8ef9d0afced32e791783.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 17:08:36 GMT strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff content-encoding gzip x-amz-cf-pop AMS54-C1 age 1768 via 1.1 2dc050ab05a5052054de7d000d6c5f50.cloudfront.net (CloudFront) x-cache Hit from cloudfront last-modified Tue, 10 Oct 2023 17:07:19 GMT server Cloudfront etag W/"4cab16e21e6e44b6d52f5bae4d3197df" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id h3NOyFbbwtf4vuBOfW791PLibOVu5kZTxHbTtyuc1b56sH4cH-mSXg==
GET H2	200	ui-shared-599e1ca01f6778ad6abced84908de26f.js Show response js.stripe.com/v3/fingerprinted/js/ Frame 1129	314 KB 89 KB	164ms 163ms	Script text/javascript	13.227.219.27 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/ui-shared-599e1ca01f6778ad6abced84908de26f.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-card-e7649e9a7bbd8ef9d0afced32e791783.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.27 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-27.ams54.r.cloudfront.net Software Cloudfront / Resource Hash 4035f4af9266bc942f69480dc38f4d4d2ec78c53a484da1c6b3b8045b657cd89 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-card-e7649e9a7bbd8ef9d0afced32e791783.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff date Tue, 10 Oct 2023 17:24:50 GMT via 1.1 2dc050ab05a5052054de7d000d6c5f50.cloudfront.net (CloudFront) x-amz-cf-pop AMS54-C1 age 794 x-cache Hit from cloudfront last-modified Mon, 09 Oct 2023 20:07:20 GMT server Cloudfront etag W/"e1ec5cf23ba8a3a30e6670d5b5ed4cd7" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id Em_MehT7jIvA-RcaOMKc_5qqYtnNUb-6c3BPCDItK8JOJCumqZxNMA==
GET H2	200	elements-inner-card-653bf1fb57a3087f5f2a7d9dbcbea86a.js Show response js.stripe.com/v3/fingerprinted/js/ Frame 1129	48 KB 12 KB	152ms 151ms	Script text/javascript	13.227.219.27 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-653bf1fb57a3087f5f2a7d9dbcbea86a.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-card-e7649e9a7bbd8ef9d0afced32e791783.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.27 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-27.ams54.r.cloudfront.net Software Cloudfront / Resource Hash f5de089e2e1bc2b1eb60038938b55265a9319db9bc4ba05c514e3c6c5e0a1dc4 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-card-e7649e9a7bbd8ef9d0afced32e791783.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Tue, 10 Oct 2023 17:29:41 GMT via 1.1 2dc050ab05a5052054de7d000d6c5f50.cloudfront.net (CloudFront) x-amz-cf-pop AMS54-C1 age 727 x-cache Hit from cloudfront last-modified Fri, 06 Oct 2023 20:54:30 GMT server Cloudfront etag W/"22d87b243a0968066ce40d600a6f5fa6" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id 8GJDv_TPoOtofuMikYpE5UhCAkdYe2JiqLjnEgvER6Lyw0theB6Bow==
GET H2	200	ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css js.stripe.com/v3/fingerprinted/css/ Frame 1129	20 KB 3 KB	137ms 136ms	Stylesheet text/css	13.227.219.27 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-card-e7649e9a7bbd8ef9d0afced32e791783.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.27 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-27.ams54.r.cloudfront.net Software Cloudfront / Resource Hash 394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-card-e7649e9a7bbd8ef9d0afced32e791783.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff date Tue, 10 Oct 2023 17:22:25 GMT via 1.1 2dc050ab05a5052054de7d000d6c5f50.cloudfront.net (CloudFront) x-amz-cf-pop AMS54-C1 age 947 x-cache Hit from cloudfront last-modified Fri, 06 Oct 2023 20:54:19 GMT server Cloudfront etag W/"b361d7109e9925ca18e32c9da528520f" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id NKx9CXRmmIyLHYEX3JquECsxyDdgBH7FiNal6b-qKASBs-9nXX9OoQ==
GET H2	200	elements-inner-card-1c7bee4785d93019a11fa1aa4aadb4ae.css js.stripe.com/v3/fingerprinted/css/ Frame 1129	12 KB 2 KB	137ms 137ms	Stylesheet text/css	13.227.219.27 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-1c7bee4785d93019a11fa1aa4aadb4ae.css Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-card-e7649e9a7bbd8ef9d0afced32e791783.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.27 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-27.ams54.r.cloudfront.net Software Cloudfront / Resource Hash 53d6eb6e1878802f013e9ba10e391922ffd1debb6f528c3b65a9c6bd24aaac03 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-card-e7649e9a7bbd8ef9d0afced32e791783.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff date Tue, 10 Oct 2023 17:29:41 GMT via 1.1 2dc050ab05a5052054de7d000d6c5f50.cloudfront.net (CloudFront) x-amz-cf-pop AMS54-C1 age 729 x-cache Hit from cloudfront last-modified Fri, 06 Oct 2023 20:54:19 GMT server Cloudfront etag W/"c70a6ce921e821338c031d05a48eb659" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id 2jkXUu-lkAoA4I-b1XtJU2KMB1PPcJ-t5pd2aLxf6IM1vM-Z2iR59w==
GET H2	200	shared-3b6a66eef9f15e42ebb3729fea20fc13.js Show response js.stripe.com/v3/fingerprinted/js/ Frame A94F	513 KB 122 KB	137ms 136ms	Script text/javascript	13.227.219.27 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-card-e7649e9a7bbd8ef9d0afced32e791783.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.27 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-27.ams54.r.cloudfront.net Software Cloudfront / Resource Hash 84a32942de704cbad346426ef8464f2d76a9a500d8a0d9ca72ffb239e876e0b0 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-card-e7649e9a7bbd8ef9d0afced32e791783.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 17:08:36 GMT strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff content-encoding gzip x-amz-cf-pop AMS54-C1 age 1768 via 1.1 2dc050ab05a5052054de7d000d6c5f50.cloudfront.net (CloudFront) x-cache Hit from cloudfront last-modified Tue, 10 Oct 2023 17:07:19 GMT server Cloudfront etag W/"4cab16e21e6e44b6d52f5bae4d3197df" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id akCq8V7Dm8M0Otx3wcvSedaTPYAHqWY2htV7cFZ4e3WThjNrp0kkNw==
GET H2	200	ui-shared-599e1ca01f6778ad6abced84908de26f.js Show response js.stripe.com/v3/fingerprinted/js/ Frame A94F	314 KB 89 KB	145ms 145ms	Script text/javascript	13.227.219.27 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/ui-shared-599e1ca01f6778ad6abced84908de26f.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-card-e7649e9a7bbd8ef9d0afced32e791783.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.27 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-27.ams54.r.cloudfront.net Software Cloudfront / Resource Hash 4035f4af9266bc942f69480dc38f4d4d2ec78c53a484da1c6b3b8045b657cd89 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-card-e7649e9a7bbd8ef9d0afced32e791783.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff date Tue, 10 Oct 2023 17:24:50 GMT via 1.1 2dc050ab05a5052054de7d000d6c5f50.cloudfront.net (CloudFront) x-amz-cf-pop AMS54-C1 age 794 x-cache Hit from cloudfront last-modified Mon, 09 Oct 2023 20:07:20 GMT server Cloudfront etag W/"e1ec5cf23ba8a3a30e6670d5b5ed4cd7" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id M9g3BF1FH7_2K3_ozw9fwjeuox9XzSs7iA1b0YgEaLumzIboc5ZLDA==
GET H2	200	elements-inner-card-653bf1fb57a3087f5f2a7d9dbcbea86a.js Show response js.stripe.com/v3/fingerprinted/js/ Frame A94F	48 KB 12 KB	152ms 151ms	Script text/javascript	13.227.219.27 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-653bf1fb57a3087f5f2a7d9dbcbea86a.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-card-e7649e9a7bbd8ef9d0afced32e791783.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.27 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-27.ams54.r.cloudfront.net Software Cloudfront / Resource Hash f5de089e2e1bc2b1eb60038938b55265a9319db9bc4ba05c514e3c6c5e0a1dc4 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-card-e7649e9a7bbd8ef9d0afced32e791783.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Tue, 10 Oct 2023 17:29:41 GMT via 1.1 2dc050ab05a5052054de7d000d6c5f50.cloudfront.net (CloudFront) x-amz-cf-pop AMS54-C1 age 727 x-cache Hit from cloudfront last-modified Fri, 06 Oct 2023 20:54:30 GMT server Cloudfront etag W/"22d87b243a0968066ce40d600a6f5fa6" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id bVsVoSSXW2AChfb4i6c-epNg6byAC0YkxRouBYk0dzoJGqcJ1EbuDw==
GET H2	200	ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css js.stripe.com/v3/fingerprinted/css/ Frame A94F	20 KB 3 KB	141ms 140ms	Stylesheet text/css	13.227.219.27 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-card-e7649e9a7bbd8ef9d0afced32e791783.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.27 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-27.ams54.r.cloudfront.net Software Cloudfront / Resource Hash 394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-card-e7649e9a7bbd8ef9d0afced32e791783.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff date Tue, 10 Oct 2023 17:22:25 GMT via 1.1 2dc050ab05a5052054de7d000d6c5f50.cloudfront.net (CloudFront) x-amz-cf-pop AMS54-C1 age 947 x-cache Hit from cloudfront last-modified Fri, 06 Oct 2023 20:54:19 GMT server Cloudfront etag W/"b361d7109e9925ca18e32c9da528520f" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id aCvhaH1jQh2XXVnFWNTllMBZ5JmTtDKmAdxRuUM_MlGJmW4LHQl8_Q==
GET H2	200	elements-inner-card-1c7bee4785d93019a11fa1aa4aadb4ae.css js.stripe.com/v3/fingerprinted/css/ Frame A94F	12 KB 2 KB	143ms 143ms	Stylesheet text/css	13.227.219.27 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-1c7bee4785d93019a11fa1aa4aadb4ae.css Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-card-e7649e9a7bbd8ef9d0afced32e791783.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.27 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-27.ams54.r.cloudfront.net Software Cloudfront / Resource Hash 53d6eb6e1878802f013e9ba10e391922ffd1debb6f528c3b65a9c6bd24aaac03 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-card-e7649e9a7bbd8ef9d0afced32e791783.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff date Tue, 10 Oct 2023 17:29:41 GMT via 1.1 2dc050ab05a5052054de7d000d6c5f50.cloudfront.net (CloudFront) x-amz-cf-pop AMS54-C1 age 729 x-cache Hit from cloudfront last-modified Fri, 06 Oct 2023 20:54:19 GMT server Cloudfront etag W/"c70a6ce921e821338c031d05a48eb659" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id Q3tllDF1ZST5fUeVfARYL-3cAx2fYJ6iItn72D4I1RQLwwBl6OHevg==
GET H2	200	shared-3b6a66eef9f15e42ebb3729fea20fc13.js Show response js.stripe.com/v3/fingerprinted/js/ Frame C830	513 KB 122 KB	154ms 154ms	Script text/javascript	13.227.219.27 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-card-e7649e9a7bbd8ef9d0afced32e791783.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.27 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-27.ams54.r.cloudfront.net Software Cloudfront / Resource Hash 84a32942de704cbad346426ef8464f2d76a9a500d8a0d9ca72ffb239e876e0b0 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-card-e7649e9a7bbd8ef9d0afced32e791783.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 17:08:36 GMT strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff content-encoding gzip x-amz-cf-pop AMS54-C1 age 1768 via 1.1 2dc050ab05a5052054de7d000d6c5f50.cloudfront.net (CloudFront) x-cache Hit from cloudfront last-modified Tue, 10 Oct 2023 17:07:19 GMT server Cloudfront etag W/"4cab16e21e6e44b6d52f5bae4d3197df" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id 8TnZVwCxNE1ElySzUTY4wyJt1sQSPkloVcimBmSHuZemwr46Gdxk6Q==
GET H2	200	ui-shared-599e1ca01f6778ad6abced84908de26f.js Show response js.stripe.com/v3/fingerprinted/js/ Frame C830	314 KB 89 KB	150ms 150ms	Script text/javascript	13.227.219.27 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/ui-shared-599e1ca01f6778ad6abced84908de26f.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-card-e7649e9a7bbd8ef9d0afced32e791783.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.27 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-27.ams54.r.cloudfront.net Software Cloudfront / Resource Hash 4035f4af9266bc942f69480dc38f4d4d2ec78c53a484da1c6b3b8045b657cd89 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-card-e7649e9a7bbd8ef9d0afced32e791783.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff date Tue, 10 Oct 2023 17:24:50 GMT via 1.1 2dc050ab05a5052054de7d000d6c5f50.cloudfront.net (CloudFront) x-amz-cf-pop AMS54-C1 age 794 x-cache Hit from cloudfront last-modified Mon, 09 Oct 2023 20:07:20 GMT server Cloudfront etag W/"e1ec5cf23ba8a3a30e6670d5b5ed4cd7" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id knHUd1OqgcREyOWlNrLyEDAZ5GW_zLd6pKurl-tazezGJ_ad-UBhaA==
GET H2	200	elements-inner-card-653bf1fb57a3087f5f2a7d9dbcbea86a.js Show response js.stripe.com/v3/fingerprinted/js/ Frame C830	48 KB 12 KB	152ms 151ms	Script text/javascript	13.227.219.27 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-653bf1fb57a3087f5f2a7d9dbcbea86a.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-card-e7649e9a7bbd8ef9d0afced32e791783.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.27 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-27.ams54.r.cloudfront.net Software Cloudfront / Resource Hash f5de089e2e1bc2b1eb60038938b55265a9319db9bc4ba05c514e3c6c5e0a1dc4 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-card-e7649e9a7bbd8ef9d0afced32e791783.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Tue, 10 Oct 2023 17:29:41 GMT via 1.1 2dc050ab05a5052054de7d000d6c5f50.cloudfront.net (CloudFront) x-amz-cf-pop AMS54-C1 age 727 x-cache Hit from cloudfront last-modified Fri, 06 Oct 2023 20:54:30 GMT server Cloudfront etag W/"22d87b243a0968066ce40d600a6f5fa6" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id vJ-zqaejUgFf_j9pwam82JVnqeTxJntHWDcTgpMGhpkNg4Q5St1tLw==
GET H2	200	ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css js.stripe.com/v3/fingerprinted/css/ Frame C830	20 KB 3 KB	148ms 148ms	Stylesheet text/css	13.227.219.27 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-card-e7649e9a7bbd8ef9d0afced32e791783.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.27 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-27.ams54.r.cloudfront.net Software Cloudfront / Resource Hash 394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-card-e7649e9a7bbd8ef9d0afced32e791783.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff date Tue, 10 Oct 2023 17:22:25 GMT via 1.1 2dc050ab05a5052054de7d000d6c5f50.cloudfront.net (CloudFront) x-amz-cf-pop AMS54-C1 age 947 x-cache Hit from cloudfront last-modified Fri, 06 Oct 2023 20:54:19 GMT server Cloudfront etag W/"b361d7109e9925ca18e32c9da528520f" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id vBuwi1MIQ-W70TJww5rhlhVSBBKKyGIkY7DEv5tyRxr3maqNBLaWIg==
GET H2	200	elements-inner-card-1c7bee4785d93019a11fa1aa4aadb4ae.css js.stripe.com/v3/fingerprinted/css/ Frame C830	12 KB 2 KB	149ms 149ms	Stylesheet text/css	13.227.219.27 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-1c7bee4785d93019a11fa1aa4aadb4ae.css Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-card-e7649e9a7bbd8ef9d0afced32e791783.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.27 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-27.ams54.r.cloudfront.net Software Cloudfront / Resource Hash 53d6eb6e1878802f013e9ba10e391922ffd1debb6f528c3b65a9c6bd24aaac03 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-card-e7649e9a7bbd8ef9d0afced32e791783.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff date Tue, 10 Oct 2023 17:29:41 GMT via 1.1 2dc050ab05a5052054de7d000d6c5f50.cloudfront.net (CloudFront) x-amz-cf-pop AMS54-C1 age 729 x-cache Hit from cloudfront last-modified Fri, 06 Oct 2023 20:54:19 GMT server Cloudfront etag W/"c70a6ce921e821338c031d05a48eb659" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id VoNQOl3Gkv0rhAXjfVqA7_LC-RIIoOtrdU7GD7q2LBA0MDnWnPtNdg==
GET H2	200	runtime.913ffdb.js Show response s2.getsitecontrol.com/widgets/es6/	150 KB 52 KB	147ms 24ms	Script text/javascript	2400:52e0:1e00::1078:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://s2.getsitecontrol.com/widgets/es6/runtime.913ffdb.js Requested by Host: l.getsitecontrol.com URL: https://l.getsitecontrol.com/xwk0klq7.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1078:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1078 / Resource Hash 5446fad7f9f36f6c65eec0a8b3baec1ffc55dafb94aa7ee316ab1afb19bc33e6 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 17:38:03 GMT content-encoding br cdn-edgestorageid 755 x-amz-request-id T2VDXETXDYJ4ZC1W x-amz-server-side-encryption AES256 cdn-cachedat 09/07/2023 12:50:25 cdn-pullzone 83560 cross-origin-resource-policy cross-origin x-amz-id-2 KSJj89WeE0ELPyeeONKcMoxVCF7bG655+n73cAuT6csMCaaBV3Mb9GDkAM7PTVw1p5Uzv8OeGzI= last-modified Thu, 07 Sep 2023 12:47:15 GMT server BunnyCDN-DE1-1078 cdn-proxyver 1.04 cdn-requestpullcode 200 etag W/"3b7d2578a1e1d337732f2e445368ad4c" vary Accept-Encoding, Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid e3a1246b-2fdd-4153-9207-6ca707c9379d access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=22809600 cdn-requestid 49858b9940ea3e40a5f3252ed6a5957e cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	pptm.js Show response www.paypal.com/tagmanager/	14 KB 5 KB	32ms 31ms	Script application/x-javascript	151.101.193.21 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.paypal.com/tagmanager/pptm.js?id=donate.wfp.org&t=xo&v=5.0.401&source=payments_sdk&client_id=AbyrqEp_MW1nDeGIuU7pGYUNi85B7a9Gdcf8tpWgcHrn6mtIMPNruc31B06UJw7DHDdOd10ZCGh2bAth&disableSetCookie=true&vault=false Requested by Host: www.paypal.com URL: https://www.paypal.com/sdk/js?client-id=AbyrqEp_MW1nDeGIuU7pGYUNi85B7a9Gdcf8tpWgcHrn6mtIMPNruc31B06UJw7DHDdOd10ZCGh2bAth&disable-funding=card,credit,bancontact,blik,eps,giropay,ideal,mercadopago,mybank,p24,sepa,sofort,venmo&currency=EUR Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.193.21 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 452b6675505bec57095370cf0a168682c81eb804fa07ebe637e865dc74e45144 Security Headers Name Value Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-0zxQlt9plszx2wYQjHvmJDP9pBMWaqM15acz0IB2If6AGOuD' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com; Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers content-security-policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-0zxQlt9plszx2wYQjHvmJDP9pBMWaqM15acz0IB2If6AGOuD' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com; content-encoding gzip x-content-type-options nosniff date Tue, 10 Oct 2023 17:38:03 GMT via 1.1 varnish, 1.1 varnish strict-transport-security max-age=63072000; includeSubDomains; preload age 81640 x-cache HIT, MISS paypal-debug-id f76166873bf7d server-timing content-encoding;desc="gzip",x-cdn;desc="fastly" dc ccg11-origin-www-1.paypal.com content-length 4778 x-xss-protection 1; mode=block x-served-by cache-fra-eddf8230110-FRA, cache-fra-eddf8230110-FRA accept-ch sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64 traceparent 00-0000000000000000000f76166873bf7d-b46fb6ea5c4797b8-01 x-timer S1696959484.551197,VS0,VE7 etag W/"366d-RLISnMLCzUCjXX7id9JutT9wgKI" x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/x-javascript; charset=utf-8 cache-control public, max-age=3600 origin-trial AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ== permissions-policy ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com") accept-ranges bytes x-cache-hits 2, 0
GET H2	200	buttons Show response www.paypal.com/smart/ Frame 89BC	398 KB 102 KB	452ms 437ms	Document text/html	151.101.193.21 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=blue&style.shape=rect&style.tagline=false&style.height=45&style.menuPlacement=below&sdkVersion=5.0.401&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJ5cnFFcF9NVzFuRGVHSXVVN3BHWVVOaTg1QjdhOUdkY2Y4dHBXZ2NIcm42bXRJTVBOcnVjMzFCMDZVSnc3REhEZE9kMTBaQ0doMmJBdGgmZGlzYWJsZS1mdW5kaW5nPWNhcmQsY3JlZGl0LGJhbmNvbnRhY3QsYmxpayxlcHMsZ2lyb3BheSxpZGVhbCxtZXJjYWRvcGFnbyxteWJhbmsscDI0LHNlcGEsc29mb3J0LHZlbm1vJmN1cnJlbmN5PUVVUiIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX2xxa3h0cWthaWZyamZnd2lzYXVnZWJqdWlvbWJqayJ9fQ&clientID=AbyrqEp_MW1nDeGIuU7pGYUNi85B7a9Gdcf8tpWgcHrn6mtIMPNruc31B06UJw7DHDdOd10ZCGh2bAth&sdkCorrelationID=07a911bbb1602&storageID=uid_6e3ca5133d_mtc6mzg6mdm&sessionID=uid_8feced09cc_mtc6mzg6mdm&buttonSessionID=uid_3fb3729cc1_mtc6mzg6mdm&env=production&buttonSize=medium&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=EUR&intent=capture&commit=true&vault=false&disableFunding.0=card&disableFunding.1=credit&disableFunding.2=bancontact&disableFunding.3=blik&disableFunding.4=eps&disableFunding.5=giropay&disableFunding.6=ideal&disableFunding.7=mercadopago&disableFunding.8=mybank&disableFunding.9=p24&disableFunding.10=sepa&disableFunding.11=sofort&disableFunding.12=venmo&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true&experimentation.experience=107634&experimentation.treatment=135612 Requested by Host: www.paypal.com URL: https://www.paypal.com/sdk/js?client-id=AbyrqEp_MW1nDeGIuU7pGYUNi85B7a9Gdcf8tpWgcHrn6mtIMPNruc31B06UJw7DHDdOd10ZCGh2bAth&disable-funding=card,credit,bancontact,blik,eps,giropay,ideal,mercadopago,mybank,p24,sepa,sofort,venmo&currency=EUR Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.193.21 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 54ef628fa7c9c96451cfe1b43e6d65bc64875282aaccbc33848932aa9da13330 Security Headers Name Value Content-Security-Policy form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://donate.wfp.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ch sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64 accept-ranges bytes access-control-expose-headers Server-Timing cache-control max-age=0, no-cache, no-store, must-revalidate content-disposition inline content-encoding gzip content-security-policy form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp content-type text/html; charset=utf-8 date Tue, 10 Oct 2023 17:38:04 GMT dc ccg11-origin-www-1.paypal.com etag W/"6367b-3NKIflaXy2N4bgejHZEu0uEzKFI" origin-trial AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ== p3p true paypal-debug-id f58510977f146 permissions-policy ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com") server-timing "traceparent;desc="00-0000000000000000000f58510977f146-d0f800e6d237550e-01"";content-encoding;desc="gzip",x-cdn;desc="fastly" strict-transport-security max-age=63072000; includeSubDomains; preload traceparent 00-0000000000000000000f58510977f146-3f080080ba5dd29e-01 vary Accept-Encoding via 1.1 varnish, 1.1 varnish x-cache MISS, MISS x-cache-hits 0, 0 x-content-type-options nosniff x-csrf-jwt __blank__ x-served-by cache-fra-eddf8230110-FRA, cache-fra-eddf8230110-FRA x-timer S1696959484.642304,VS0,VE415 x-xss-protection 1; mode=block
GET H2	200	paypal-white.svg www.paypalobjects.com/js-sdk-logos/2.2.7/ Frame 3569	3 KB 2 KB	381ms 102ms	Image image/svg+xml	151.101.130.133 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://www.paypalobjects.com/js-sdk-logos/2.2.7/paypal-white.svg Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.130.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 3f8c62b36198124e39fe0d48535fef486d0eb6174159c5c72b0fcaede72222f2 Security Headers Name Value Strict-Transport-Security max-age=31557600 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 17:38:03 GMT content-encoding br via 1.1 varnish, 1.1 varnish x-content-type-options nosniff log-origin shield=SJC,src_ip=157.52.96.43,alternate_path=0,ip=157.52.96.43,port=443,name=shield_ssl_cache_sjc10043_SJC,status=200,reason=OK,method=GET,url="/js-sdk-logos/2.2.7/paypal-white.svg",host=www.paypalobjects.com strict-transport-security max-age=31557600 log-timing fetch=149519,misspass=152,do_stream=0 x-cache HIT, HIT paypal-debug-id 26f7afd896667 dc ccg11-origin-www-1.paypal.com content-length 1139 x-served-by cache-sjc10043-SJC, cache-fra-eddf8230093-FRA last-modified Tue, 04 Apr 2023 21:46:19 GMT traceparent 00-000000000000000000026f7afd896667-74a99f5766150911-01 x-timer S1696959484.907271,VS0,VE0 etag W/"642c9aab-cc2" vary Accept-Encoding, Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control s-maxage=31536000, public,max-age=3600 accept-ranges bytes timing-allow-origin https://www.paypal.com,https://www.sandbox.paypal.com x-cache-hits 3295, 6255
GET H2	200	preact-incoming-feedback.39f1c2b9c609573c7ea1.js Show response script.hotjar.com/	200 KB 43 KB	26ms 25ms	Script application/javascript	13.32.27.107 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/preact-incoming-feedback.39f1c2b9c609573c7ea1.js Requested by Host: script.hotjar.com URL: https://script.hotjar.com/modules.3cb89fdee82cce4ad9b3.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.107 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-107.fra56.r.cloudfront.net Software / Resource Hash 5ffe3ac3cb71e5d98e865425d7e3061e592acb3397c6576be00282d29b8b9db1 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Mon, 09 Oct 2023 13:27:06 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 753f415578c1ca010e51a83aef192330.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-C2 age 101457 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 43792 last-modified Mon, 09 Oct 2023 13:26:27 GMT etag "39f58e93005abda1763b76ebf29ba630" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes x-robots-tag none x-amz-cf-id oS8MjD2e3tLxX6cCFbFijn19sd7M4vYiKgOaurEdKMlEFWoSbUqZow==
GET H2	200	anchor Show response www.recaptcha.net/recaptcha/api2/ Frame 58EC	57 KB 33 KB	59ms 45ms	Document text/html	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcW0K4kAAAAAIvAD4LnnB0XoYSHPXpH6MuedSFw&co=aHR0cHM6Ly9kb25hdGUud2ZwLm9yZzo0NDM.&hl=de&v=lLirU0na9roYU3wDDisGJEVT&size=invisible&cb=iuk5mgs2frm Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/recaptcha__de.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 584cf38e74eb9440666ed39e9e431a3fe2ada4bb99294eb06359a746c3953056 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-_B7rwpTi-3FgERBBGZMb8Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://donate.wfp.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-_B7rwpTi-3FgERBBGZMb8Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Tue, 10 Oct 2023 17:38:03 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
POST H2	200	csp-report q.stripe.com/ Frame 39A9	0 717 B	806ms 361ms	Other text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/csp-report Response headers date Tue, 10 Oct 2023 17:38:04 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1696959484481068 x-envoy-upstream-service-time 1 content-length 0 x-stripe-bg-intended-route-color blue pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS x-stripe-server-envoy-upstream-service-time-ms 0 access-control-allow-origin https://js.stripe.com x-stripe-client-envoy-start-time-us 1696959484480516 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-expose-headers Server, Range, Content-Type x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
POST H2	200	csp-report q.stripe.com/ Frame A6CF	0 716 B	861ms 417ms	Other text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/csp-report Response headers date Tue, 10 Oct 2023 17:38:04 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1696959484510462 x-envoy-upstream-service-time 7 content-length 0 x-stripe-bg-intended-route-color blue pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS x-stripe-server-envoy-upstream-service-time-ms 4 access-control-allow-origin https://js.stripe.com x-stripe-client-envoy-start-time-us 1696959484507758 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-expose-headers Server, Range, Content-Type x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
GET H2	200	.deploy_status_henson.json Show response js.stripe.com/v3/ Frame 39A9	474 B 847 B	96ms 33ms	Fetch application/json	13.227.219.27 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/.deploy_status_henson.json Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.27 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-27.ams54.r.cloudfront.net Software Cloudfront / Resource Hash 393babd32eb805a5bf0d1367465bad0285f88b60e6f73ee6119d570e3e3d800d Request headers Accept application/json Referer https://js.stripe.com/v3/controller-4386a06b63108a4ca146f151a0943cf1.html accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Tue, 10 Oct 2023 17:37:17 GMT via 1.1 8a5da1dacdf44356dd0f5d8a61106c9a.cloudfront.net (CloudFront) last-modified Tue, 10 Oct 2023 17:37:15 GMT server Cloudfront x-amz-cf-pop AMS54-C1 age 47 etag "cc3e9a93cc5ea6a51b67a33d1bb9ca2d" x-cache Hit from cloudfront content-type application/json access-control-allow-origin * cache-control max-age=60 accept-ranges bytes content-length 474 x-amz-cf-id uGJ3SQz7KA6I4MA9BZf6K9OpqW0lCQyaDO1_ClfK71CMaQgiv5-6qg==
GET H2	200	.deploy_status_henson.json Show response js.stripe.com/v3/ Frame 39A9	474 B 847 B	84ms 34ms	Fetch application/json	13.227.219.27 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/.deploy_status_henson.json Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.27 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-27.ams54.r.cloudfront.net Software Cloudfront / Resource Hash 393babd32eb805a5bf0d1367465bad0285f88b60e6f73ee6119d570e3e3d800d Request headers Accept application/json Referer https://js.stripe.com/v3/controller-4386a06b63108a4ca146f151a0943cf1.html accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Tue, 10 Oct 2023 17:37:17 GMT via 1.1 8a5da1dacdf44356dd0f5d8a61106c9a.cloudfront.net (CloudFront) last-modified Tue, 10 Oct 2023 17:37:15 GMT server Cloudfront x-amz-cf-pop AMS54-C1 age 47 etag "cc3e9a93cc5ea6a51b67a33d1bb9ca2d" x-cache Hit from cloudfront content-type application/json access-control-allow-origin * cache-control max-age=60 accept-ranges bytes content-length 474 x-amz-cf-id fw-VVCNWm9EjhLvschmKkNIDwYP2qSGAEfpLxiGGI717BwTHCVr9dQ==
GET H2	200	.deploy_status_henson.json Show response js.stripe.com/v3/ Frame A6CF	474 B 847 B	67ms 35ms	Fetch application/json	13.227.219.27 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/.deploy_status_henson.json Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.27 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-27.ams54.r.cloudfront.net Software Cloudfront / Resource Hash 393babd32eb805a5bf0d1367465bad0285f88b60e6f73ee6119d570e3e3d800d Request headers Accept application/json Referer https://js.stripe.com/v3/controller-4386a06b63108a4ca146f151a0943cf1.html accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Tue, 10 Oct 2023 17:37:17 GMT via 1.1 8a5da1dacdf44356dd0f5d8a61106c9a.cloudfront.net (CloudFront) last-modified Tue, 10 Oct 2023 17:37:15 GMT server Cloudfront x-amz-cf-pop AMS54-C1 age 47 etag "cc3e9a93cc5ea6a51b67a33d1bb9ca2d" x-cache Hit from cloudfront content-type application/json access-control-allow-origin * cache-control max-age=60 accept-ranges bytes content-length 474 x-amz-cf-id HaSDjGdZm8nO3uZWlQ-FpVSmac1QJqqHQCXcdiRzlM6mTK-0vQ_HFA==
GET H2	200	.deploy_status_henson.json Show response js.stripe.com/v3/ Frame A6CF	474 B 845 B	62ms 36ms	Fetch application/json	13.227.219.27 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/.deploy_status_henson.json Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.27 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-27.ams54.r.cloudfront.net Software Cloudfront / Resource Hash 393babd32eb805a5bf0d1367465bad0285f88b60e6f73ee6119d570e3e3d800d Request headers Accept application/json Referer https://js.stripe.com/v3/controller-4386a06b63108a4ca146f151a0943cf1.html accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Tue, 10 Oct 2023 17:37:17 GMT via 1.1 8a5da1dacdf44356dd0f5d8a61106c9a.cloudfront.net (CloudFront) last-modified Tue, 10 Oct 2023 17:37:15 GMT server Cloudfront x-amz-cf-pop AMS54-C1 age 47 etag "cc3e9a93cc5ea6a51b67a33d1bb9ca2d" x-cache Hit from cloudfront content-type application/json access-control-allow-origin * cache-control max-age=60 accept-ranges bytes content-length 474 x-amz-cf-id xRke34w4Ev2NAuS8hswbif66ebcWpTQp-89Uq8pzoonA4wx-7ZhoNA==
POST H2	200	csp-report q.stripe.com/ Frame 75D8	0 716 B	717ms 397ms	Other text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/csp-report Response headers date Tue, 10 Oct 2023 17:38:04 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1696959484510043 x-envoy-upstream-service-time 2 content-length 0 x-stripe-bg-intended-route-color blue pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS x-stripe-server-envoy-upstream-service-time-ms 0 access-control-allow-origin https://js.stripe.com x-stripe-client-envoy-start-time-us 1696959484509521 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-expose-headers Server, Range, Content-Type x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
POST H2	200	csp-report q.stripe.com/ Frame 75D8	0 716 B	735ms 416ms	Other text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/csp-report Response headers date Tue, 10 Oct 2023 17:38:04 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1696959484511121 x-envoy-upstream-service-time 5 content-length 0 x-stripe-bg-intended-route-color blue pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS x-stripe-server-envoy-upstream-service-time-ms 2 access-control-allow-origin https://js.stripe.com x-stripe-client-envoy-start-time-us 1696959484509551 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-expose-headers Server, Range, Content-Type x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
POST H2	200	csp-report q.stripe.com/ Frame 1129	0 716 B	697ms 404ms	Other text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/csp-report Response headers date Tue, 10 Oct 2023 17:38:04 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1696959484509979 x-envoy-upstream-service-time 3 content-length 0 x-stripe-bg-intended-route-color blue pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS x-stripe-server-envoy-upstream-service-time-ms 1 access-control-allow-origin https://js.stripe.com x-stripe-client-envoy-start-time-us 1696959484509579 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-expose-headers Server, Range, Content-Type x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
POST H2	200	csp-report q.stripe.com/ Frame 1129	0 716 B	695ms 403ms	Other text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/csp-report Response headers date Tue, 10 Oct 2023 17:38:04 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1696959484510150 x-envoy-upstream-service-time 2 content-length 0 x-stripe-bg-intended-route-color blue pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS x-stripe-server-envoy-upstream-service-time-ms 1 access-control-allow-origin https://js.stripe.com x-stripe-client-envoy-start-time-us 1696959484509547 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-expose-headers Server, Range, Content-Type x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
POST H2	200	csp-report q.stripe.com/ Frame A94F	0 716 B	684ms 396ms	Other text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/csp-report Response headers date Tue, 10 Oct 2023 17:38:04 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1696959484510198 x-envoy-upstream-service-time 2 content-length 0 x-stripe-bg-intended-route-color blue pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS x-stripe-server-envoy-upstream-service-time-ms 0 access-control-allow-origin https://js.stripe.com x-stripe-client-envoy-start-time-us 1696959484509583 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-expose-headers Server, Range, Content-Type x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
POST H2	200	csp-report q.stripe.com/ Frame A94F	0 716 B	702ms 415ms	Other text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/csp-report Response headers date Tue, 10 Oct 2023 17:38:04 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1696959484511732 x-envoy-upstream-service-time 5 content-length 0 x-stripe-bg-intended-route-color blue pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS x-stripe-server-envoy-upstream-service-time-ms 2 access-control-allow-origin https://js.stripe.com x-stripe-client-envoy-start-time-us 1696959484509529 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-expose-headers Server, Range, Content-Type x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
POST H2	200	csp-report q.stripe.com/ Frame C830	0 716 B	665ms 392ms	Other text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/csp-report Response headers date Tue, 10 Oct 2023 17:38:04 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1696959484509949 x-envoy-upstream-service-time 1 content-length 0 x-stripe-bg-intended-route-color blue pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS x-stripe-server-envoy-upstream-service-time-ms 0 access-control-allow-origin https://js.stripe.com x-stripe-client-envoy-start-time-us 1696959484509582 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-expose-headers Server, Range, Content-Type x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
POST H2	200	csp-report q.stripe.com/ Frame C830	0 716 B	677ms 405ms	Other text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/csp-report Response headers date Tue, 10 Oct 2023 17:38:04 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1696959484510307 x-envoy-upstream-service-time 3 content-length 0 x-stripe-bg-intended-route-color blue pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS x-stripe-server-envoy-upstream-service-time-ms 1 access-control-allow-origin https://js.stripe.com x-stripe-client-envoy-start-time-us 1696959484509541 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-expose-headers Server, Range, Content-Type x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
GET H2	200	.deploy_status_henson.json Show response js.stripe.com/v3/ Frame A94F	474 B 846 B	28ms 27ms	Fetch application/json	13.227.219.27 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/.deploy_status_henson.json Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.27 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-27.ams54.r.cloudfront.net Software Cloudfront / Resource Hash 393babd32eb805a5bf0d1367465bad0285f88b60e6f73ee6119d570e3e3d800d Request headers Accept application/json Referer https://js.stripe.com/v3/elements-inner-card-e7649e9a7bbd8ef9d0afced32e791783.html accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Tue, 10 Oct 2023 17:37:17 GMT via 1.1 8a5da1dacdf44356dd0f5d8a61106c9a.cloudfront.net (CloudFront) last-modified Tue, 10 Oct 2023 17:37:15 GMT server Cloudfront x-amz-cf-pop AMS54-C1 age 47 etag "cc3e9a93cc5ea6a51b67a33d1bb9ca2d" x-cache Hit from cloudfront content-type application/json access-control-allow-origin * cache-control max-age=60 accept-ranges bytes content-length 474 x-amz-cf-id RyHwhMiiwkVhz2VuVnYEIo8AzVOumtdVNnzm2WPd4PilPv00Vl96HQ==
GET H2	200	.deploy_status_henson.json Show response js.stripe.com/v3/ Frame C830	474 B 848 B	28ms 27ms	Fetch application/json	13.227.219.27 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/.deploy_status_henson.json Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.27 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-27.ams54.r.cloudfront.net Software Cloudfront / Resource Hash 393babd32eb805a5bf0d1367465bad0285f88b60e6f73ee6119d570e3e3d800d Request headers Accept application/json Referer https://js.stripe.com/v3/elements-inner-card-e7649e9a7bbd8ef9d0afced32e791783.html accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Tue, 10 Oct 2023 17:37:17 GMT via 1.1 8a5da1dacdf44356dd0f5d8a61106c9a.cloudfront.net (CloudFront) last-modified Tue, 10 Oct 2023 17:37:15 GMT server Cloudfront x-amz-cf-pop AMS54-C1 age 48 etag "cc3e9a93cc5ea6a51b67a33d1bb9ca2d" x-cache Hit from cloudfront content-type application/json access-control-allow-origin * cache-control max-age=60 accept-ranges bytes content-length 474 x-amz-cf-id vjQma-HTGnT6ME0EXCW-WRYIwz586IreObggHWLkGLjVn2yCkOVYLQ==
GET H2	200	.deploy_status_henson.json Show response js.stripe.com/v3/ Frame 1129	474 B 846 B	28ms 28ms	Fetch application/json	13.227.219.27 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/.deploy_status_henson.json Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.27 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-27.ams54.r.cloudfront.net Software Cloudfront / Resource Hash 393babd32eb805a5bf0d1367465bad0285f88b60e6f73ee6119d570e3e3d800d Request headers Accept application/json Referer https://js.stripe.com/v3/elements-inner-card-e7649e9a7bbd8ef9d0afced32e791783.html accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Tue, 10 Oct 2023 17:37:17 GMT via 1.1 8a5da1dacdf44356dd0f5d8a61106c9a.cloudfront.net (CloudFront) last-modified Tue, 10 Oct 2023 17:37:15 GMT server Cloudfront x-amz-cf-pop AMS54-C1 age 48 etag "cc3e9a93cc5ea6a51b67a33d1bb9ca2d" x-cache Hit from cloudfront content-type application/json access-control-allow-origin * cache-control max-age=60 accept-ranges bytes content-length 474 x-amz-cf-id iMbtKAZZJS4caEx1F7wqapm1_WBudlxbuKU4npt6BDizx_uBwzphyg==
POST H2	200	csp-report q.stripe.com/ Frame 086E	0 716 B	599ms 428ms	Other text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/csp-report Response headers date Tue, 10 Oct 2023 17:38:04 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1696959484512231 x-envoy-upstream-service-time 6 content-length 0 x-stripe-bg-intended-route-color blue pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS x-stripe-server-envoy-upstream-service-time-ms 2 access-control-allow-origin https://js.stripe.com x-stripe-client-envoy-start-time-us 1696959484509561 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-expose-headers Server, Range, Content-Type x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
POST H2	200	csp-report q.stripe.com/ Frame 086E	0 716 B	558ms 389ms	Other text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/csp-report Response headers date Tue, 10 Oct 2023 17:38:04 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1696959484509908 x-envoy-upstream-service-time 1 content-length 0 x-stripe-bg-intended-route-color blue pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS x-stripe-server-envoy-upstream-service-time-ms 0 access-control-allow-origin https://js.stripe.com x-stripe-client-envoy-start-time-us 1696959484509564 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-expose-headers Server, Range, Content-Type x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
POST H2	200	wallet-config Show response merchant-ui-api.stripe.com/elements/ Frame 39A9	2 KB 2 KB	403ms 264ms	Fetch application/json	198.202.176.81 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://merchant-ui-api.stripe.com/elements/wallet-config Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.202.176.81 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 9408cff7bd381b825b9d9404a6046914c8d0667720235740aa69e7064c306daf Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Tue, 10 Oct 2023 17:38:04 GMT strict-transport-security max-age=63072000; includeSubDomains; preload content-security-policy-report-only report-uri /csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self' cross-origin-resource-policy same-site content-length 1749 pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx vary Origin access-control-max-age 300 access-control-allow-methods GET, POST content-type application/json; charset=UTF-8 access-control-allow-origin https://js.stripe.com cache-control max-age=0, no-cache, no-store, must-revalidate access-control-allow-credentials true access-control-allow-headers x-stripe-csrf-token expires 0
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/ Frame 58EC	55 KB 24 KB	64ms 21ms	Stylesheet text/css	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/styles__ltr.css Requested by Host: www.recaptcha.net URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcW0K4kAAAAAIvAD4LnnB0XoYSHPXpH6MuedSFw&co=aHR0cHM6Ly9kb25hdGUud2ZwLm9yZzo0NDM.&hl=de&v=lLirU0na9roYU3wDDisGJEVT&size=invisible&cb=iuk5mgs2frm Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.recaptcha.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 13:35:08 GMT content-encoding gzip x-content-type-options nosniff age 14576 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24606 x-xss-protection 0 last-modified Mon, 02 Oct 2023 04:05:03 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 09 Oct 2024 13:35:08 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/ Frame 58EC	466 KB 187 KB	73ms 31ms	Script text/javascript	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/recaptcha__de.js Requested by Host: www.recaptcha.net URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcW0K4kAAAAAIvAD4LnnB0XoYSHPXpH6MuedSFw&co=aHR0cHM6Ly9kb25hdGUud2ZwLm9yZzo0NDM.&hl=de&v=lLirU0na9roYU3wDDisGJEVT&size=invisible&cb=iuk5mgs2frm Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e57ecbca07885a20fc56dbae51642fe0e95b58c96dba6ea1c5cbb15417b9a0df Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.recaptcha.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 14:43:12 GMT content-encoding gzip x-content-type-options nosniff age 183292 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 190978 x-xss-protection 0 last-modified Mon, 02 Oct 2023 04:05:03 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 07 Oct 2024 14:43:12 GMT
GET H2	200	events Show response events.getsitectrl.com/api/v1/	526 B 774 B	451ms 146ms	Fetch text/plain	34.195.236.117 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://events.getsitectrl.com/api/v1/events?query=campaign%3D3479%26utm_source%3Dsupportercare%26utm_medium%3Dsms%26utm_campaign%3D231009_Afghanistan_Emergency%26utm_cid%3D7014y000001RTUHAA4 Requested by Host: s2.getsitecontrol.com URL: https://s2.getsitecontrol.com/widgets/es6/runtime.913ffdb.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.195.236.117 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-195-236-117.compute-1.amazonaws.com Software Getsitecontrol / Resource Hash b56f6199d90fdc0ac2b3a3af57486e822c8fb0a5ceee759bab561a9dfb480546 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 17:38:04 GMT server Getsitecontrol access-control-allow-methods GET,POST content-type text/plain; charset=utf-8 access-control-allow-origin * cache-control private, no-cache access-control-allow-credentials false access-control-allow-headers Content-Type,X-Requested-With content-length 526
GET H2	200	muse.js Show response www.paypalobjects.com/muse/	55 KB 16 KB	122ms 122ms	Script application/javascript	151.101.130.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/muse/muse.js Requested by Host: www.paypal.com URL: https://www.paypal.com/tagmanager/pptm.js?id=donate.wfp.org&t=xo&v=5.0.401&source=payments_sdk&client_id=AbyrqEp_MW1nDeGIuU7pGYUNi85B7a9Gdcf8tpWgcHrn6mtIMPNruc31B06UJw7DHDdOd10ZCGh2bAth&disableSetCookie=true&vault=false Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.130.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c Security Headers Name Value Strict-Transport-Security max-age=31557600 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 17:38:04 GMT content-encoding br via 1.1 varnish, 1.1 varnish x-content-type-options nosniff log-origin shield=SJC,src_ip=157.52.96.131,alternate_path=0,ip=157.52.96.81,port=443,name=shield_ssl_cache_sjc10081_SJC,status=200,reason=OK,method=GET,url="/muse/muse.js",host=www.paypalobjects.com strict-transport-security max-age=31557600 log-timing fetch=178261,misspass=93,do_stream=0 x-cache HIT, HIT paypal-debug-id 3fd9c4a83a728 dc ccg11-origin-www-1.paypal.com content-length 15742 x-served-by cache-sjc10081-SJC, cache-fra-eddf8230093-FRA last-modified Fri, 01 Sep 2023 21:10:59 GMT traceparent 00-00000000000000000003fd9c4a83a728-6a5561e0f3f2e3ff-01 x-timer S1696959484.151013,VS0,VE0 etag W/"64f25363-daa8" vary Accept-Encoding, Accept-Encoding content-type application/javascript cache-control s-maxage=31536000, public,max-age=3600 accept-ranges bytes timing-allow-origin https://www.paypal.com,https://www.sandbox.paypal.com x-cache-hits 9, 63232
GET H2	200	ts t.paypal.com/	42 B 429 B	297ms 196ms	Image image/gif	192.229.221.25 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3AZ2YYMM8UVWX3A-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3AZ2YYMM8UVWX3A-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=cb71c1d9-41a7-416c-91f5-405984c59fba&fltp=analytics&mrid=Z2YYMM8UVWX3A&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=Donate%20Now%20%7C%20United%20Nations%20World%20Food%20Programme&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1696959484113&g=-120&completeurl=https%3A%2F%2Fdonate.wfp.org%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3479%26utm_source%3Dsupportercare%26utm_medium%3Dsms%26utm_campaign%3D231009_Afghanistan_Emergency%26utm_cid%3D7014y000001RTUHAA4&disableSetCookie=true Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.221.25 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (frc/4C95) / Resource Hash 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Tue, 10 Oct 2023 17:38:04 GMT strict-transport-security max-age=63072000; includeSubDomains; preload correlation-id 4edd0e492b002 server ECAcc (frc/4C95) traceparent 00-00000000000000000004edd0e492b002-d50be5a22b1b9007-01 vary Accept-Encoding p3p CP="CAO IND OUR SAM UNI STA COR COM" paypal-debug-id 4edd0e492b002 content-type image/gif cache-control max-age=0, no-cache, no-store, must-revalidate server-timing content-encoding;desc="", x-cdn;desc="edgecast" timing-allow-origin * expires Tue, 10 Oct 2023 17:38:04 GMT
GET H2	200	font-hotjar_5.65042d.woff2 script.hotjar.com/	2 KB 3 KB	150ms 30ms	Font font/woff2	13.32.27.107 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/font-hotjar_5.65042d.woff2 Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.107 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-107.fra56.r.cloudfront.net Software / Resource Hash fab4fef6bbfa8d6464403a14be7de1be5e3e63637a96d994fab10266e1eaf6da Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers Referer https://donate.wfp.org/ Origin https://donate.wfp.org accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Fri, 01 Sep 2023 23:49:20 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-C2 age 3347324 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin last-modified Fri, 01 Sep 2023 09:38:54 GMT etag "c9fb9163f8b7be37023ebe649688bebf" vary Accept-Encoding content-type font/woff2 access-control-allow-origin * cache-control max-age=31536000 x-robots-tag none x-amz-cf-id 0BGSCblF5HPR_Ev-uyoag9_YtgNcDNHxWhMEIicZf5BKqwU1Gq2UBQ==
GET H2	200	js Show response www.paypal.com/sdk/ Frame 89BC	273 KB 76 KB	90ms 55ms	Script application/javascript	151.101.193.21 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.paypal.com/sdk/js?client-id=AbyrqEp_MW1nDeGIuU7pGYUNi85B7a9Gdcf8tpWgcHrn6mtIMPNruc31B06UJw7DHDdOd10ZCGh2bAth&disable-funding=card,credit,bancontact,blik,eps,giropay,ideal,mercadopago,mybank,p24,sepa,sofort,venmo&currency=EUR Requested by Host: www.paypal.com URL: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=blue&style.shape=rect&style.tagline=false&style.height=45&style.menuPlacement=below&sdkVersion=5.0.401&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJ5cnFFcF9NVzFuRGVHSXVVN3BHWVVOaTg1QjdhOUdkY2Y4dHBXZ2NIcm42bXRJTVBOcnVjMzFCMDZVSnc3REhEZE9kMTBaQ0doMmJBdGgmZGlzYWJsZS1mdW5kaW5nPWNhcmQsY3JlZGl0LGJhbmNvbnRhY3QsYmxpayxlcHMsZ2lyb3BheSxpZGVhbCxtZXJjYWRvcGFnbyxteWJhbmsscDI0LHNlcGEsc29mb3J0LHZlbm1vJmN1cnJlbmN5PUVVUiIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX2xxa3h0cWthaWZyamZnd2lzYXVnZWJqdWlvbWJqayJ9fQ&clientID=AbyrqEp_MW1nDeGIuU7pGYUNi85B7a9Gdcf8tpWgcHrn6mtIMPNruc31B06UJw7DHDdOd10ZCGh2bAth&sdkCorrelationID=07a911bbb1602&storageID=uid_6e3ca5133d_mtc6mzg6mdm&sessionID=uid_8feced09cc_mtc6mzg6mdm&buttonSessionID=uid_3fb3729cc1_mtc6mzg6mdm&env=production&buttonSize=medium&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=EUR&intent=capture&commit=true&vault=false&disableFunding.0=card&disableFunding.1=credit&disableFunding.2=bancontact&disableFunding.3=blik&disableFunding.4=eps&disableFunding.5=giropay&disableFunding.6=ideal&disableFunding.7=mercadopago&disableFunding.8=mybank&disableFunding.9=p24&disableFunding.10=sepa&disableFunding.11=sofort&disableFunding.12=venmo&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true&experimentation.experience=107634&experimentation.treatment=135612 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.193.21 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash ed66fd3e95f4d455fb402ea6fba9f125d29e3412fd2ddf3d79a815a24344f859 Security Headers Name Value Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-qhqKu2c94jkRTp9L0Vagxg72DUR5vRiBaAhZynLvefnO61wI' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-qhqKu2c94jkRTp9L0Vagxg72DUR5vRiBaAhZynLvefnO61wI' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=blue&style.shape=rect&style.tagline=false&style.height=45&style.menuPlacement=below&sdkVersion=5.0.401&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJ5cnFFcF9NVzFuRGVHSXVVN3BHWVVOaTg1QjdhOUdkY2Y4dHBXZ2NIcm42bXRJTVBOcnVjMzFCMDZVSnc3REhEZE9kMTBaQ0doMmJBdGgmZGlzYWJsZS1mdW5kaW5nPWNhcmQsY3JlZGl0LGJhbmNvbnRhY3QsYmxpayxlcHMsZ2lyb3BheSxpZGVhbCxtZXJjYWRvcGFnbyxteWJhbmsscDI0LHNlcGEsc29mb3J0LHZlbm1vJmN1cnJlbmN5PUVVUiIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX2xxa3h0cWthaWZyamZnd2lzYXVnZWJqdWlvbWJqayJ9fQ&clientID=AbyrqEp_MW1nDeGIuU7pGYUNi85B7a9Gdcf8tpWgcHrn6mtIMPNruc31B06UJw7DHDdOd10ZCGh2bAth&sdkCorrelationID=07a911bbb1602&storageID=uid_6e3ca5133d_mtc6mzg6mdm&sessionID=uid_8feced09cc_mtc6mzg6mdm&buttonSessionID=uid_3fb3729cc1_mtc6mzg6mdm&env=production&buttonSize=medium&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=EUR&intent=capture&commit=true&vault=false&disableFunding.0=card&disableFunding.1=credit&disableFunding.2=bancontact&disableFunding.3=blik&disableFunding.4=eps&disableFunding.5=giropay&disableFunding.6=ideal&disableFunding.7=mercadopago&disableFunding.8=mybank&disableFunding.9=p24&disableFunding.10=sepa&disableFunding.11=sofort&disableFunding.12=venmo&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true&experimentation.experience=107634&experimentation.treatment=135612 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers content-security-policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-qhqKu2c94jkRTp9L0Vagxg72DUR5vRiBaAhZynLvefnO61wI' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-qhqKu2c94jkRTp9L0Vagxg72DUR5vRiBaAhZynLvefnO61wI' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp content-encoding gzip x-content-type-options nosniff disable-set-cookie true via 1.1 varnish, 1.1 varnish date Tue, 10 Oct 2023 17:38:04 GMT age 2181 strict-transport-security max-age=63072000; includeSubDomains; preload x-cache HIT, MISS p3p true paypal-debug-id f55655942c008 server-timing "traceparent;desc="00-0000000000000000000f55655942c008-6974d34643620a58-01"";content-encoding;desc="gzip",x-cdn;desc="fastly" dc ccg11-origin-www-1.paypal.com content-length 76490 x-xss-protection 1; mode=block x-served-by cache-fra-eddf8230110-FRA, cache-fra-eddf8230110-FRA accept-ch sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64 traceparent 00-0000000000000000000f55655942c008-28d69b4fc6b8131d-01 x-timer S1696959484.318552,VS0,VE28 etag W/"12aca-BamTfWHPKlf8mzANq4zXgL9Iqjg" x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers Server-Timing cache-control public, max-age=3600, s-maxage=10800 origin-trial AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ== permissions-policy ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com") accept-ranges bytes x-cache-hits 3, 0
GET H2	200	payframe Show response pay.google.com/gp/p/ui/ Frame B5D2	18 KB 8 KB	102ms 89ms	Document text/html	2a00:1450:400c:c04::5c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid= Requested by Host: pay.google.com URL: https://pay.google.com/gp/p/js/pay.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c04::5c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 2971297df1c26ae3aa4cfd6e937b6986824fbee28c997f8a1fed0248557a4cf6 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-3127iyrmm9HWEunaK6TzYg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://js.stripe.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=3600 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-3127iyrmm9HWEunaK6TzYg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport content-type text/html; charset=utf-8 cross-origin-opener-policy same-origin cross-origin-resource-policy same-site date Tue, 10 Oct 2023 17:38:04 GMT expires Tue, 10 Oct 2023 17:38:04 GMT permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* server ESF strict-transport-security max-age=31536000 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-content-type-options nosniff x-ua-compatible IE=edge x-xss-protection 0
POST H2	200	0 Show response r.stripe.com/ Frame 39A9	0 274 B	622ms 580ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color green date Tue, 10 Oct 2023 17:38:04 GMT x-stripe-server-envoy-start-time-us 1696959484886089 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 4 x-stripe-client-envoy-start-time-us 1696959484885508 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame 39A9	0 274 B	613ms 575ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color green date Tue, 10 Oct 2023 17:38:04 GMT x-stripe-server-envoy-start-time-us 1696959484885988 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 2 x-stripe-client-envoy-start-time-us 1696959484885589 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame 39A9	0 274 B	613ms 574ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color green date Tue, 10 Oct 2023 17:38:04 GMT x-stripe-server-envoy-start-time-us 1696959484885690 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 2 x-stripe-client-envoy-start-time-us 1696959484885469 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame 39A9	0 274 B	415ms 376ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color green date Tue, 10 Oct 2023 17:38:04 GMT x-stripe-server-envoy-start-time-us 1696959484694729 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 2 x-stripe-client-envoy-start-time-us 1696959484694473 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame 39A9	0 274 B	419ms 381ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color green date Tue, 10 Oct 2023 17:38:04 GMT x-stripe-server-envoy-start-time-us 1696959484694844 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 4 x-stripe-client-envoy-start-time-us 1696959484694554 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame 39A9	0 274 B	415ms 377ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color green date Tue, 10 Oct 2023 17:38:04 GMT x-stripe-server-envoy-start-time-us 1696959484694706 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 2 x-stripe-client-envoy-start-time-us 1696959484694516 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame 39A9	0 274 B	423ms 386ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color green date Tue, 10 Oct 2023 17:38:04 GMT x-stripe-server-envoy-start-time-us 1696959484694754 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 5 x-stripe-client-envoy-start-time-us 1696959484694590 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame 39A9	0 274 B	422ms 386ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color green date Tue, 10 Oct 2023 17:38:04 GMT x-stripe-server-envoy-start-time-us 1696959484695044 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 4 x-stripe-client-envoy-start-time-us 1696959484694786 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame 39A9	0 274 B	611ms 575ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color green date Tue, 10 Oct 2023 17:38:04 GMT x-stripe-server-envoy-start-time-us 1696959484886022 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 2 x-stripe-client-envoy-start-time-us 1696959484885468 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame 39A9	0 274 B	613ms 576ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color green date Tue, 10 Oct 2023 17:38:04 GMT x-stripe-server-envoy-start-time-us 1696959484885674 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 3 x-stripe-client-envoy-start-time-us 1696959484885426 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame 39A9	0 274 B	615ms 579ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color green date Tue, 10 Oct 2023 17:38:04 GMT x-stripe-server-envoy-start-time-us 1696959484885594 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 3 x-stripe-client-envoy-start-time-us 1696959484885467 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame 39A9	0 274 B	611ms 576ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color green date Tue, 10 Oct 2023 17:38:04 GMT x-stripe-server-envoy-start-time-us 1696959484885671 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 2 x-stripe-client-envoy-start-time-us 1696959484885524 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame 39A9	0 274 B	433ms 397ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color green date Tue, 10 Oct 2023 17:38:04 GMT x-stripe-server-envoy-start-time-us 1696959484694888 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 7 x-stripe-client-envoy-start-time-us 1696959484694426 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame 39A9	0 274 B	760ms 724ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color green date Tue, 10 Oct 2023 17:38:05 GMT x-stripe-server-envoy-start-time-us 1696959485040300 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 3 x-stripe-client-envoy-start-time-us 1696959485039901 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame 39A9	0 274 B	615ms 579ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color green date Tue, 10 Oct 2023 17:38:04 GMT x-stripe-server-envoy-start-time-us 1696959484886041 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 3 x-stripe-client-envoy-start-time-us 1696959484885540 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame A6CF	0 274 B	407ms 378ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color green date Tue, 10 Oct 2023 17:38:04 GMT x-stripe-server-envoy-start-time-us 1696959484695206 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 2 x-stripe-client-envoy-start-time-us 1696959484694947 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame A6CF	0 274 B	407ms 378ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color green date Tue, 10 Oct 2023 17:38:04 GMT x-stripe-server-envoy-start-time-us 1696959484695056 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 3 x-stripe-client-envoy-start-time-us 1696959484694874 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame A6CF	0 274 B	409ms 381ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color green date Tue, 10 Oct 2023 17:38:04 GMT x-stripe-server-envoy-start-time-us 1696959484695163 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 3 x-stripe-client-envoy-start-time-us 1696959484694648 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame A6CF	0 274 B	406ms 377ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color green date Tue, 10 Oct 2023 17:38:04 GMT x-stripe-server-envoy-start-time-us 1696959484694825 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 2 x-stripe-client-envoy-start-time-us 1696959484694629 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame A6CF	0 274 B	409ms 380ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color green date Tue, 10 Oct 2023 17:38:04 GMT x-stripe-server-envoy-start-time-us 1696959484695053 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 3 x-stripe-client-envoy-start-time-us 1696959484694665 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame A6CF	0 274 B	414ms 386ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color green date Tue, 10 Oct 2023 17:38:04 GMT x-stripe-server-envoy-start-time-us 1696959484694978 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 4 x-stripe-client-envoy-start-time-us 1696959484694577 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame A6CF	0 274 B	605ms 577ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color green date Tue, 10 Oct 2023 17:38:04 GMT x-stripe-server-envoy-start-time-us 1696959484885735 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 2 x-stripe-client-envoy-start-time-us 1696959484885305 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame A6CF	0 274 B	600ms 572ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color green date Tue, 10 Oct 2023 17:38:04 GMT x-stripe-server-envoy-start-time-us 1696959484885488 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 2 x-stripe-client-envoy-start-time-us 1696959484885236 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame A6CF	0 274 B	606ms 578ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color green date Tue, 10 Oct 2023 17:38:04 GMT x-stripe-server-envoy-start-time-us 1696959484885371 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 3 x-stripe-client-envoy-start-time-us 1696959484885212 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame A6CF	0 274 B	560ms 532ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color green date Tue, 10 Oct 2023 17:38:04 GMT x-stripe-server-envoy-start-time-us 1696959484850752 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 2 x-stripe-client-envoy-start-time-us 1696959484850411 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame A6CF	0 274 B	561ms 534ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color green date Tue, 10 Oct 2023 17:38:04 GMT x-stripe-server-envoy-start-time-us 1696959484850902 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 5 x-stripe-client-envoy-start-time-us 1696959484850325 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame A6CF	0 274 B	423ms 397ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color green date Tue, 10 Oct 2023 17:38:04 GMT x-stripe-server-envoy-start-time-us 1696959484695176 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 6 x-stripe-client-envoy-start-time-us 1696959484695009 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame A6CF	0 274 B	414ms 387ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color green date Tue, 10 Oct 2023 17:38:04 GMT x-stripe-server-envoy-start-time-us 1696959484695442 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 4 x-stripe-client-envoy-start-time-us 1696959484695009 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame A6CF	0 274 B	422ms 396ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color green date Tue, 10 Oct 2023 17:38:04 GMT x-stripe-server-envoy-start-time-us 1696959484695150 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 5 x-stripe-client-envoy-start-time-us 1696959484695000 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame A6CF	0 274 B	413ms 387ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color green date Tue, 10 Oct 2023 17:38:04 GMT x-stripe-server-envoy-start-time-us 1696959484695124 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 5 x-stripe-client-envoy-start-time-us 1696959484694931 access-control-allow-credentials true content-length 0
GET DATA	200 OK	truncated / Frame 89BC	3 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3f8c62b36198124e39fe0d48535fef486d0eb6174159c5c72b0fcaede72222f2 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Content-Type image/svg+xml
POST H2	200	0 Show response r.stripe.com/ Frame A6CF	0 274 B	597ms 573ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color green date Tue, 10 Oct 2023 17:38:04 GMT x-stripe-server-envoy-start-time-us 1696959484885603 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 2 x-stripe-client-envoy-start-time-us 1696959484885390 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame A6CF	0 274 B	596ms 576ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color green date Tue, 10 Oct 2023 17:38:04 GMT x-stripe-server-envoy-start-time-us 1696959484885555 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 3 x-stripe-client-envoy-start-time-us 1696959484885373 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame A6CF	0 274 B	598ms 578ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color green date Tue, 10 Oct 2023 17:38:04 GMT x-stripe-server-envoy-start-time-us 1696959484885781 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 3 x-stripe-client-envoy-start-time-us 1696959484885357 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame A6CF	0 274 B	590ms 574ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color green date Tue, 10 Oct 2023 17:38:04 GMT x-stripe-server-envoy-start-time-us 1696959484885607 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 2 x-stripe-client-envoy-start-time-us 1696959484885328 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame A6CF	0 274 B	727ms 726ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color green date Tue, 10 Oct 2023 17:38:05 GMT x-stripe-server-envoy-start-time-us 1696959485040415 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 4 x-stripe-client-envoy-start-time-us 1696959485039994 access-control-allow-credentials true content-length 0
POST H2	200	wallet-config Show response merchant-ui-api.stripe.com/elements/ Frame A6CF	2 KB 2 KB	268ms 268ms	Fetch application/json	198.202.176.81 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://merchant-ui-api.stripe.com/elements/wallet-config Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.202.176.81 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 260ce32e4de879e6fa608a84e949851aa71819099e313995606f32d2d5adb2f4 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Tue, 10 Oct 2023 17:38:04 GMT strict-transport-security max-age=63072000; includeSubDomains; preload content-security-policy-report-only report-uri /csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self' cross-origin-resource-policy same-site content-length 1749 pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx vary Origin access-control-max-age 300 access-control-allow-methods GET, POST content-type application/json; charset=UTF-8 access-control-allow-origin https://js.stripe.com cache-control max-age=0, no-cache, no-store, must-revalidate access-control-allow-credentials true access-control-allow-headers x-stripe-csrf-token expires 0
POST H2	200	0 Show response r.stripe.com/ Frame A6CF	0 274 B	753ms 753ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color green date Tue, 10 Oct 2023 17:38:05 GMT x-stripe-server-envoy-start-time-us 1696959485069936 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 3 x-stripe-client-envoy-start-time-us 1696959485069514 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame A6CF	0 274 B	748ms 747ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color green date Tue, 10 Oct 2023 17:38:05 GMT x-stripe-server-envoy-start-time-us 1696959485070057 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 2 x-stripe-client-envoy-start-time-us 1696959485069815 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame A6CF	0 274 B	712ms 692ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color green date Tue, 10 Oct 2023 17:38:05 GMT x-stripe-server-envoy-start-time-us 1696959485070450 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 3 x-stripe-client-envoy-start-time-us 1696959485069994 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame A6CF	0 274 B	708ms 689ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color green date Tue, 10 Oct 2023 17:38:05 GMT x-stripe-server-envoy-start-time-us 1696959485070347 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 3 x-stripe-client-envoy-start-time-us 1696959485070021 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame A6CF	0 274 B	703ms 687ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color green date Tue, 10 Oct 2023 17:38:05 GMT x-stripe-server-envoy-start-time-us 1696959485070378 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 2 x-stripe-client-envoy-start-time-us 1696959485070108 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame A6CF	0 274 B	705ms 694ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color green date Tue, 10 Oct 2023 17:38:05 GMT x-stripe-server-envoy-start-time-us 1696959485070827 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 3 x-stripe-client-envoy-start-time-us 1696959485070589 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame 39A9	0 274 B	670ms 670ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color green date Tue, 10 Oct 2023 17:38:05 GMT x-stripe-server-envoy-start-time-us 1696959485070828 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 3 x-stripe-client-envoy-start-time-us 1696959485070679 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame A6CF	0 274 B	673ms 672ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color green date Tue, 10 Oct 2023 17:38:05 GMT x-stripe-server-envoy-start-time-us 1696959485071041 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 3 x-stripe-client-envoy-start-time-us 1696959485070631 access-control-allow-credentials true content-length 0
GET H3	200	m=_b,_tp Show response www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.kWUFKIyYipU.es5.O/am=BMMY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfr... Frame B5D2	156 KB 55 KB	31ms 26ms	Script text/javascript	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.kWUFKIyYipU.es5.O/am=BMMY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrjw3neEjU4-qRioTgYZupDsPxiwig/m=_b,_tp Requested by Host: pay.google.com URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 54c8c220d475bd7432e8be4b3ee9799a40add67c58dcdb4a9ea4bec1d581ff97 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pay.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Fri, 06 Oct 2023 16:38:26 GMT content-encoding gzip x-content-type-options nosniff age 349178 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 56366 x-xss-protection 0 last-modified Fri, 06 Oct 2023 04:30:13 GMT server sffe cross-origin-opener-policy same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers" vary Accept-Encoding, Origin report-to {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]} content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 accept-ranges bytes expires Sat, 05 Oct 2024 16:38:26 GMT
GET H2	200	index.html Show response www.paypalobjects.com/muse/analytics/ Frame 2C77	55 KB 16 KB	97ms 96ms	Document text/html	151.101.130.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/muse/analytics/index.html Requested by Host: www.paypalobjects.com URL: https://www.paypalobjects.com/muse/muse.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.130.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 7247ab83a30fbd92bf8425aca87dbb9f3f44c1b7facc6f7fd80df157ea6b5e03 Security Headers Name Value Strict-Transport-Security max-age=31557600 X-Content-Type-Options nosniff Request headers Referer https://donate.wfp.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes cache-control s-maxage=31536000, public,max-age=3600 content-encoding br content-length 16039 content-type text/html date Tue, 10 Oct 2023 17:38:04 GMT dc ccg11-origin-www-1.paypal.com etag W/"64f25363-dacc" last-modified Fri, 01 Sep 2023 21:10:59 GMT log-origin shield=SJC,src_ip=157.52.96.92,alternate_path=0,ip=157.52.96.107,port=443,name=shield_ssl_cache_sjc1000107_SJC,status=200,reason=OK,method=GET,url="/muse/analytics/index.html",host=www.paypalobjects.com log-timing fetch=147177,misspass=72,do_stream=0 paypal-debug-id 7d8e18e65f05e strict-transport-security max-age=31557600 timing-allow-origin https://www.paypal.com,https://www.sandbox.paypal.com traceparent 00-00000000000000000007d8e18e65f05e-bff6b7eca9fa3c2d-01 vary Accept-Encoding, Accept-Encoding via 1.1 varnish, 1.1 varnish x-cache HIT, HIT x-cache-hits 7, 63389 x-content-type-options nosniff x-served-by cache-sjc1000107-SJC, cache-fra-eddf8230093-FRA x-timer S1696959485.561625,VS0,VE0
GET H3	200	logo_48.png www.gstatic.com/recaptcha/api2/ Frame 58EC	2 KB 2 KB	21ms 20ms	Image image/png	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/logo_48.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/styles__ltr.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Thu, 05 Oct 2023 15:15:26 GMT x-content-type-options nosniff age 440558 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2228 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes expires Thu, 12 Oct 2023 15:15:26 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 58EC	15 KB 16 KB	91ms 22ms	Font font/woff2	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.recaptcha.net URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcW0K4kAAAAAIvAD4LnnB0XoYSHPXpH6MuedSFw&co=aHR0cHM6Ly9kb25hdGUud2ZwLm9yZzo0NDM.&hl=de&v=lLirU0na9roYU3wDDisGJEVT&size=invisible&cb=iuk5mgs2frm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.recaptcha.net/ Origin https://www.recaptcha.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sat, 07 Oct 2023 02:58:03 GMT x-content-type-options nosniff age 312001 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 06 Oct 2024 02:58:03 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 58EC	15 KB 15 KB	99ms 30ms	Font font/woff2	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: www.recaptcha.net URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcW0K4kAAAAAIvAD4LnnB0XoYSHPXpH6MuedSFw&co=aHR0cHM6Ly9kb25hdGUud2ZwLm9yZzo0NDM.&hl=de&v=lLirU0na9roYU3wDDisGJEVT&size=invisible&cb=iuk5mgs2frm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.recaptcha.net/ Origin https://www.recaptcha.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Thu, 05 Oct 2023 18:06:30 GMT x-content-type-options nosniff age 430294 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15552 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:33:02 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 04 Oct 2024 18:06:30 GMT
POST H2	200	0 Show response r.stripe.com/ Frame 39A9	0 274 B	574ms 574ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color green date Tue, 10 Oct 2023 17:38:05 GMT x-stripe-server-envoy-start-time-us 1696959485070988 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 2 x-stripe-client-envoy-start-time-us 1696959485070665 access-control-allow-credentials true content-length 0
POST H3	404	cspreport pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame B5D2	2 KB 2 KB	128ms 127ms	Other text/html	2a00:1450:400c:c04::5c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400c:c04::5c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101 Request headers Referer https://pay.google.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/csp-report Response headers date Tue, 10 Oct 2023 17:38:04 GMT referrer-policy no-referrer alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1608 content-type text/html; charset=UTF-8
GET H3	200	webworker.js www.recaptcha.net/recaptcha/api2/ Frame 58EC	102 B 135 B	33ms 32ms	Other text/javascript	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.recaptcha.net/recaptcha/api2/webworker.js?hl=de&v=lLirU0na9roYU3wDDisGJEVT Requested by Host: www.recaptcha.net URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcW0K4kAAAAAIvAD4LnnB0XoYSHPXpH6MuedSFw&co=aHR0cHM6Ly9kb25hdGUud2ZwLm9yZzo0NDM.&hl=de&v=lLirU0na9roYU3wDDisGJEVT&size=invisible&cb=iuk5mgs2frm Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash fc8116624ca13ea4125db423b0f4bf7cd676ec017003da5be04f40b83e1b2cb6 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcW0K4kAAAAAIvAD4LnnB0XoYSHPXpH6MuedSFw&co=aHR0cHM6Ly9kb25hdGUud2ZwLm9yZzo0NDM.&hl=de&v=lLirU0na9roYU3wDDisGJEVT&size=invisible&cb=iuk5mgs2frm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 17:38:04 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE cross-origin-embedder-policy require-corp x-frame-options SAMEORIGIN report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Tue, 10 Oct 2023 17:38:04 GMT
POST H2	200	0 Show response r.stripe.com/ Frame 39A9	0 274 B	459ms 459ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color green date Tue, 10 Oct 2023 17:38:05 GMT x-stripe-server-envoy-start-time-us 1696959485071168 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 4 x-stripe-client-envoy-start-time-us 1696959485070876 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame 39A9	0 274 B	453ms 453ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color green date Tue, 10 Oct 2023 17:38:05 GMT x-stripe-server-envoy-start-time-us 1696959485071136 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 2 x-stripe-client-envoy-start-time-us 1696959485070978 access-control-allow-credentials true content-length 0
POST H2	200	logger Show response www.paypal.com/xoplatform/logger/api/ Frame 89BC	1022 B 1 KB	212ms 211ms	XHR application/json	151.101.193.21 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true Requested by Host: www.paypal.com URL: https://www.paypal.com/sdk/js?client-id=AbyrqEp_MW1nDeGIuU7pGYUNi85B7a9Gdcf8tpWgcHrn6mtIMPNruc31B06UJw7DHDdOd10ZCGh2bAth&disable-funding=card,credit,bancontact,blik,eps,giropay,ideal,mercadopago,mybank,p24,sepa,sofort,venmo&currency=EUR Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.193.21 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash be839d34ad9302f518a1157f89dc65ddba65bfcbb8d1829202f79954819f9a63 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept application/json Referer https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=blue&style.shape=rect&style.tagline=false&style.height=45&style.menuPlacement=below&sdkVersion=5.0.401&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJ5cnFFcF9NVzFuRGVHSXVVN3BHWVVOaTg1QjdhOUdkY2Y4dHBXZ2NIcm42bXRJTVBOcnVjMzFCMDZVSnc3REhEZE9kMTBaQ0doMmJBdGgmZGlzYWJsZS1mdW5kaW5nPWNhcmQsY3JlZGl0LGJhbmNvbnRhY3QsYmxpayxlcHMsZ2lyb3BheSxpZGVhbCxtZXJjYWRvcGFnbyxteWJhbmsscDI0LHNlcGEsc29mb3J0LHZlbm1vJmN1cnJlbmN5PUVVUiIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX2xxa3h0cWthaWZyamZnd2lzYXVnZWJqdWlvbWJqayJ9fQ&clientID=AbyrqEp_MW1nDeGIuU7pGYUNi85B7a9Gdcf8tpWgcHrn6mtIMPNruc31B06UJw7DHDdOd10ZCGh2bAth&sdkCorrelationID=07a911bbb1602&storageID=uid_6e3ca5133d_mtc6mzg6mdm&sessionID=uid_8feced09cc_mtc6mzg6mdm&buttonSessionID=uid_3fb3729cc1_mtc6mzg6mdm&env=production&buttonSize=medium&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=EUR&intent=capture&commit=true&vault=false&disableFunding.0=card&disableFunding.1=credit&disableFunding.2=bancontact&disableFunding.3=blik&disableFunding.4=eps&disableFunding.5=giropay&disableFunding.6=ideal&disableFunding.7=mercadopago&disableFunding.8=mybank&disableFunding.9=p24&disableFunding.10=sepa&disableFunding.11=sofort&disableFunding.12=venmo&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true&experimentation.experience=107634&experimentation.treatment=135612 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 content-type application/json Response headers date Tue, 10 Oct 2023 17:38:05 GMT via 1.1 varnish, 1.1 varnish x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubDomains; preload content-encoding br x-cache MISS, MISS paypal-debug-id f394085b276ab server-timing content-encoding;desc="br",x-cdn;desc="fastly" dc ccg11-origin-www-1.paypal.com x-served-by cache-fra-eddf8230110-FRA, cache-fra-eddf8230110-FRA accept-ch sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64 traceparent 00-0000000000000000000f394085b276ab-8ba413f1b3dfe4d3-01 x-timer S1696959485.873071,VS0,VE185 etag W/"3fe-EQyZ/NV1/R4bt6RtDP6iNvXvYfg" vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin https://www.paypal.com cache-control max-age=0, no-cache, no-store, must-revalidate access-control-allow-credentials true origin-trial AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ== permissions-policy ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com") accept-ranges none x-cache-hits 0, 0
GET H2	200	noop.js Show response www.paypalobjects.com/muse/ Frame 2C77	18 B 572 B	81ms 81ms	Fetch application/javascript	151.101.130.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/muse/noop.js Requested by Host: www.paypalobjects.com URL: https://www.paypalobjects.com/muse/analytics/index.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.130.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154 Security Headers Name Value Strict-Transport-Security max-age=31557600 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.paypalobjects.com/muse/analytics/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers x-cache-hits 10437, 62961 date Tue, 10 Oct 2023 17:38:04 GMT via 1.1 varnish, 1.1 varnish x-content-type-options nosniff strict-transport-security max-age=31557600 log-origin shield=SJC,src_ip=157.52.96.145,alternate_path=0,ip=157.52.96.145,port=443,name=shield_ssl_cache_sjc1000145_SJC,status=200,reason=OK,method=GET,url="/muse/noop.js",host=www.paypalobjects.com log-timing fetch=146948,misspass=79,do_stream=0 x-cache HIT, HIT paypal-debug-id 7f4693eaf4cf1 dc ccg11-origin-www-1.paypal.com content-length 18 x-served-by cache-sjc1000145-SJC, cache-fra-eddf8230093-FRA last-modified Sat, 13 Feb 2021 00:26:56 GMT traceparent 00-00000000000000000007f4693eaf4cf1-0dbd27aaa054f89f-01 x-timer S1696959485.892795,VS0,VE0 etag "60271cd0-12" vary Accept-Encoding content-type application/javascript cache-control s-maxage=31536000, public,max-age=3600 accept-ranges bytes timing-allow-origin https://www.paypal.com,https://www.sandbox.paypal.com x-client-location DE
POST H2	200	0 Show response r.stripe.com/ Frame A6CF	0 274 B	289ms 289ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color green date Tue, 10 Oct 2023 17:38:05 GMT x-stripe-server-envoy-start-time-us 1696959485071286 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 3 x-stripe-client-envoy-start-time-us 1696959485071000 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame A6CF	0 274 B	290ms 289ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color green date Tue, 10 Oct 2023 17:38:05 GMT x-stripe-server-envoy-start-time-us 1696959485071607 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 3 x-stripe-client-envoy-start-time-us 1696959485071069 access-control-allow-credentials true content-length 0
GET H3	200	m=Das5Le Show response www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.kWUFKIyYipU.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.i0ZbBA... Frame B5D2	72 KB 26 KB	26ms 26ms	Script text/javascript	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.kWUFKIyYipU.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.i0ZbBAUavxo.L.B1.O/am=BMMY/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfri8_ps2YwnDv-S2fM8cdWw7J9Hylg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.kWUFKIyYipU.es5.O/am=BMMY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrjw3neEjU4-qRioTgYZupDsPxiwig/m=_b,_tp Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2466325949d89e3bcccea69ec91d27bcca6d98290e33cda16a8bdfce11d9b943 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pay.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Fri, 06 Oct 2023 17:32:52 GMT content-encoding gzip x-content-type-options nosniff age 345912 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 26868 x-xss-protection 0 last-modified Wed, 27 Sep 2023 20:26:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers" vary Accept-Encoding, Origin report-to {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]} content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 accept-ranges bytes expires Sat, 05 Oct 2024 17:32:52 GMT
GET H2	200	ts t.paypal.com/	42 B 200 B	184ms 184ms	Image image/gif	192.229.221.25 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3AZ2YYMM8UVWX3A-1&page=muse%3Aoffer%3A%3A%3AZ2YYMM8UVWX3A-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=cb71c1d9-41a7-416c-91f5-405984c59fba&es=visitorInfoFlowStarted&mrid=Z2YYMM8UVWX3A&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Donate%20Now%20%7C%20United%20Nations%20World%20Food%20Programme&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1696959484933&g=-120&completeurl=https%3A%2F%2Fdonate.wfp.org%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3479%26utm_source%3Dsupportercare%26utm_medium%3Dsms%26utm_campaign%3D231009_Afghanistan_Emergency%26utm_cid%3D7014y000001RTUHAA4&disableSetCookie=true Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.221.25 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (frc/4CCC) / Resource Hash 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Tue, 10 Oct 2023 17:38:05 GMT strict-transport-security max-age=63072000; includeSubDomains; preload correlation-id d69d78ecc1576 server ECAcc (frc/4CCC) traceparent 00-0000000000000000000d69d78ecc1576-feb4fdaab5ab073a-01 vary Accept-Encoding p3p CP="CAO IND OUR SAM UNI STA COR COM" paypal-debug-id d69d78ecc1576 content-type image/gif cache-control max-age=0, no-cache, no-store, must-revalidate server-timing content-encoding;desc="", x-cdn;desc="edgecast" timing-allow-origin * expires Tue, 10 Oct 2023 17:38:05 GMT
GET H2	200	phone-numbers-lib-94ab48479d2e5b39e765f954bb742802.js Show response js.stripe.com/v3/fingerprinted/js/	129 KB 33 KB	31ms 28ms	Script text/javascript	13.227.219.27 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/phone-numbers-lib-94ab48479d2e5b39e765f954bb742802.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.27 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-27.ams54.r.cloudfront.net Software Cloudfront / Resource Hash 39973628ef62166a7640431577a9eb8d12448b4dc8f8dcd3bc1495849fb05913 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Tue, 10 Oct 2023 17:20:21 GMT via 1.1 2dc050ab05a5052054de7d000d6c5f50.cloudfront.net (CloudFront) x-amz-cf-pop AMS54-C1 age 1080 x-cache Hit from cloudfront last-modified Fri, 06 Oct 2023 20:54:32 GMT server Cloudfront etag W/"87d28746b1e2307e34759fb9e935f724" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id 95F--A4uHQZK0fus16xcVdGWmQfdj8HSWKbStBPpe0RzSYI1ui57JA==
POST H2	200	logger www.paypal.com/xoplatform/logger/api/ Frame 89BC	1 KB 1 KB	224ms 216ms	Ping application/json	151.101.193.21 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true Requested by Host: www.paypal.com URL: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=blue&style.shape=rect&style.tagline=false&style.height=45&style.menuPlacement=below&sdkVersion=5.0.401&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJ5cnFFcF9NVzFuRGVHSXVVN3BHWVVOaTg1QjdhOUdkY2Y4dHBXZ2NIcm42bXRJTVBOcnVjMzFCMDZVSnc3REhEZE9kMTBaQ0doMmJBdGgmZGlzYWJsZS1mdW5kaW5nPWNhcmQsY3JlZGl0LGJhbmNvbnRhY3QsYmxpayxlcHMsZ2lyb3BheSxpZGVhbCxtZXJjYWRvcGFnbyxteWJhbmsscDI0LHNlcGEsc29mb3J0LHZlbm1vJmN1cnJlbmN5PUVVUiIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX2xxa3h0cWthaWZyamZnd2lzYXVnZWJqdWlvbWJqayJ9fQ&clientID=AbyrqEp_MW1nDeGIuU7pGYUNi85B7a9Gdcf8tpWgcHrn6mtIMPNruc31B06UJw7DHDdOd10ZCGh2bAth&sdkCorrelationID=07a911bbb1602&storageID=uid_6e3ca5133d_mtc6mzg6mdm&sessionID=uid_8feced09cc_mtc6mzg6mdm&buttonSessionID=uid_3fb3729cc1_mtc6mzg6mdm&env=production&buttonSize=medium&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=EUR&intent=capture&commit=true&vault=false&disableFunding.0=card&disableFunding.1=credit&disableFunding.2=bancontact&disableFunding.3=blik&disableFunding.4=eps&disableFunding.5=giropay&disableFunding.6=ideal&disableFunding.7=mercadopago&disableFunding.8=mybank&disableFunding.9=p24&disableFunding.10=sepa&disableFunding.11=sofort&disableFunding.12=venmo&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true&experimentation.experience=107634&experimentation.treatment=135612 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.193.21 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 3593dcec408bbc74be69ce376165b340ccd52ccacb4ec547e0193459cd920d7e Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=blue&style.shape=rect&style.tagline=false&style.height=45&style.menuPlacement=below&sdkVersion=5.0.401&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJ5cnFFcF9NVzFuRGVHSXVVN3BHWVVOaTg1QjdhOUdkY2Y4dHBXZ2NIcm42bXRJTVBOcnVjMzFCMDZVSnc3REhEZE9kMTBaQ0doMmJBdGgmZGlzYWJsZS1mdW5kaW5nPWNhcmQsY3JlZGl0LGJhbmNvbnRhY3QsYmxpayxlcHMsZ2lyb3BheSxpZGVhbCxtZXJjYWRvcGFnbyxteWJhbmsscDI0LHNlcGEsc29mb3J0LHZlbm1vJmN1cnJlbmN5PUVVUiIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX2xxa3h0cWthaWZyamZnd2lzYXVnZWJqdWlvbWJqayJ9fQ&clientID=AbyrqEp_MW1nDeGIuU7pGYUNi85B7a9Gdcf8tpWgcHrn6mtIMPNruc31B06UJw7DHDdOd10ZCGh2bAth&sdkCorrelationID=07a911bbb1602&storageID=uid_6e3ca5133d_mtc6mzg6mdm&sessionID=uid_8feced09cc_mtc6mzg6mdm&buttonSessionID=uid_3fb3729cc1_mtc6mzg6mdm&env=production&buttonSize=medium&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=EUR&intent=capture&commit=true&vault=false&disableFunding.0=card&disableFunding.1=credit&disableFunding.2=bancontact&disableFunding.3=blik&disableFunding.4=eps&disableFunding.5=giropay&disableFunding.6=ideal&disableFunding.7=mercadopago&disableFunding.8=mybank&disableFunding.9=p24&disableFunding.10=sepa&disableFunding.11=sofort&disableFunding.12=venmo&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true&experimentation.experience=107634&experimentation.treatment=135612 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/json Response headers date Tue, 10 Oct 2023 17:38:05 GMT via 1.1 varnish, 1.1 varnish x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubDomains; preload content-encoding br x-cache MISS, MISS paypal-debug-id f394085fb9d0f server-timing content-encoding;desc="br",x-cdn;desc="fastly" dc ccg11-origin-www-1.paypal.com x-served-by cache-fra-eddf8230110-FRA, cache-fra-eddf8230110-FRA accept-ch sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64 traceparent 00-0000000000000000000f394085fb9d0f-55ed99dcccb60e74-01 x-timer S1696959485.969635,VS0,VE194 etag W/"404-JSahHfcj6lJtrJoh8abpPGh+FfI" vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin https://www.paypal.com cache-control max-age=0, no-cache, no-store, must-revalidate access-control-allow-credentials true origin-trial AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ== permissions-policy ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com") accept-ranges none x-cache-hits 0, 0
POST H2	200	0 Show response r.stripe.com/ Frame 39A9	0 274 B	216ms 215ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color green date Tue, 10 Oct 2023 17:38:05 GMT x-stripe-server-envoy-start-time-us 1696959485071670 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 2 x-stripe-client-envoy-start-time-us 1696959485071174 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame 39A9	0 274 B	216ms 215ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color green date Tue, 10 Oct 2023 17:38:05 GMT x-stripe-server-envoy-start-time-us 1696959485073000 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 2 x-stripe-client-envoy-start-time-us 1696959485072681 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame A6CF	0 274 B	346ms 322ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color green date Tue, 10 Oct 2023 17:38:05 GMT x-stripe-server-envoy-start-time-us 1696959485228634 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 4 x-stripe-client-envoy-start-time-us 1696959485228370 access-control-allow-credentials true content-length 0
GET H3	200	pay Show response pay.google.com/gp/p/ui/ Frame B5D2	1 MB 369 KB	91ms 85ms	XHR text/html	2a00:1450:400c:c04::5c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pay.google.com/gp/p/ui/pay Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.kWUFKIyYipU.es5.O/am=BMMY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrjw3neEjU4-qRioTgYZupDsPxiwig/m=_b,_tp Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400c:c04::5c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash f6d232e521a0672fc378471418d5a8b39d3ed3d8204ab4b8cb6229a5fec1cd78 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-seGW_zo6PqVesx04DChFkA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pay.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 17:38:05 GMT strict-transport-security max-age=31536000 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-seGW_zo6PqVesx04DChFkA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport x-content-type-options nosniff cross-origin-resource-policy same-site alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 x-ua-compatible IE=edge accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy unsafe-none server ESF x-frame-options DENY vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site content-type text/html; charset=utf-8 cache-control private, max-age=3600 permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* expires Tue, 10 Oct 2023 17:38:05 GMT
OPTIONS H2	204	graphql www.paypal.com/targeting/ Frame	0 0	272ms 213ms	Preflight	151.101.193.21 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.paypal.com/targeting/graphql?disableSetCookie=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.193.21 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Accept */* Access-Control-Request-Headers content-type,disable-set-cookie Access-Control-Request-Method POST Origin https://www.paypalobjects.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers accept-ch sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64 accept-ranges bytes access-control-allow-credentials true access-control-allow-headers content-type,disable-set-cookie access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE access-control-allow-origin https://www.paypalobjects.com access-control-expose-headers Paypal-Debug-Id cache-control max-age=0, no-cache, no-store, must-revalidate date Tue, 10 Oct 2023 17:38:05 GMT dc ccg11-origin-www-1.paypal.com origin-trial AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ== paypal-debug-id f39408534d2ea permissions-policy ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com") server-timing content-encoding;desc="",x-cdn;desc="fastly" strict-transport-security max-age=63072000; includeSubDomains; preload traceparent 00-0000000000000000000f39408534d2ea-bc1a650078a5aa62-01 via 1.1 varnish, 1.1 varnish x-cache MISS, MISS x-cache-hits 0, 0 x-served-by cache-fra-eddf8230021-FRA, cache-fra-eddf8230021-FRA x-timer S1696959485.075739,VS0,VE183
POST H2	200	graphql Show response www.paypal.com/targeting/ Frame 2C77	435 B 1 KB	297ms 296ms	Fetch application/json	151.101.193.21 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.paypal.com/targeting/graphql?disableSetCookie=true Requested by Host: www.paypalobjects.com URL: https://www.paypalobjects.com/muse/analytics/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.193.21 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 96977c451d04aa995d7ac84d02d065bc9b28494a44643ae0151dec1b2ea0bf1d Security Headers Name Value Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-FlL07gbGEawM8FfhVjVjuzlLCABKeVssLxFZZyyWCjNrR5U8' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.paypalobjects.com/ disable-set-cookie true accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/json Response headers content-security-policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-FlL07gbGEawM8FfhVjVjuzlLCABKeVssLxFZZyyWCjNrR5U8' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; content-encoding gzip via 1.1 varnish, 1.1 varnish date Tue, 10 Oct 2023 17:38:05 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-cache MISS, MISS paypal-debug-id f3940858c9f36 server-timing content-encoding;desc="gzip",x-cdn;desc="fastly" dc ccg11-origin-www-1.paypal.com x-xss-protection 1; mode=block x-served-by cache-fra-eddf8230110-FRA, cache-fra-eddf8230110-FRA accept-ch sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64 traceparent 00-0000000000000000000f3940858c9f36-6315affb4458e1fc-01 x-timer S1696959485.289777,VS0,VE270 etag W/"1b3-Qddl6Wrck+a7lJbiF18lFCBXfTc" x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin https://www.paypalobjects.com access-control-expose-headers Paypal-Debug-Id cache-control max-age=0, no-cache, no-store, must-revalidate access-control-allow-credentials true origin-trial AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ== permissions-policy ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com") accept-ranges bytes x-cache-hits 0, 0
GET H3	200	m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.kWUFKIyYipU.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.i0ZbBA... Frame B5D2	9 KB 4 KB	34ms 28ms	Script text/javascript	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.kWUFKIyYipU.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.i0ZbBAUavxo.L.B1.O/am=BMMY/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfri8_ps2YwnDv-S2fM8cdWw7J9Hylg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.kWUFKIyYipU.es5.O/am=BMMY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrjw3neEjU4-qRioTgYZupDsPxiwig/m=_b,_tp Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1dbcd136053c6917655c7ae621846556692f4c4016240598f1c95ffc10363341 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pay.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Fri, 06 Oct 2023 17:32:52 GMT content-encoding gzip x-content-type-options nosniff age 345913 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3925 x-xss-protection 0 last-modified Wed, 27 Sep 2023 20:26:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers" vary Accept-Encoding, Origin report-to {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]} content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 accept-ranges bytes expires Sat, 05 Oct 2024 17:32:52 GMT
GET H3	200	m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.kWUFKIyYipU.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.i0ZbBA... Frame B5D2	36 KB 14 KB	35ms 29ms	Script text/javascript	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.kWUFKIyYipU.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.i0ZbBAUavxo.L.B1.O/am=BMMY/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfri8_ps2YwnDv-S2fM8cdWw7J9Hylg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.kWUFKIyYipU.es5.O/am=BMMY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrjw3neEjU4-qRioTgYZupDsPxiwig/m=_b,_tp Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f66087bafc42e38e3b6ad523ed3e34946727f79805c8e9eb5c241f68e1aff6af Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pay.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Fri, 06 Oct 2023 17:32:52 GMT content-encoding gzip x-content-type-options nosniff age 345913 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13842 x-xss-protection 0 last-modified Wed, 27 Sep 2023 20:26:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers" vary Accept-Encoding, Origin report-to {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]} content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 accept-ranges bytes expires Sat, 05 Oct 2024 17:32:52 GMT
OPTIONS H2	200	log play.google.com/ Frame	0 0	921ms 57ms	Preflight text/plain	2a00:1450:4001:82b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers x-goog-authuser Access-Control-Request-Method POST Origin https://pay.google.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers X-Playlog-Web,authorization,origin,x-goog-authuser access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://pay.google.com access-control-max-age 86400 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/plain; charset=UTF-8 date Tue, 10 Oct 2023 17:38:05 GMT expires Tue, 10 Oct 2023 17:38:05 GMT p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." server Playlog x-frame-options SAMEORIGIN x-xss-protection 0
POST H3	200	log Show response play.google.com/ Frame B5D2	131 B 155 B	138ms 80ms	XHR text/plain	2a00:1450:4001:82b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.kWUFKIyYipU.es5.O/am=BMMY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrjw3neEjU4-qRioTgYZupDsPxiwig/m=_b,_tp Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://pay.google.com/ X-Goog-AuthUser 0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers date Tue, 10 Oct 2023 17:38:06 GMT content-encoding gzip server Playlog x-frame-options SAMEORIGIN content-type text/plain; charset=UTF-8 access-control-allow-origin https://pay.google.com p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers X-Playlog-Web content-length 131 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 10 Oct 2023 17:38:06 GMT
POST H3	200	log Show response play.google.com/ Frame B5D2	131 B 155 B	112ms 90ms	XHR text/plain	2a00:1450:4001:82b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.kWUFKIyYipU.es5.O/am=BMMY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrjw3neEjU4-qRioTgYZupDsPxiwig/m=_b,_tp Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://pay.google.com/ X-Goog-AuthUser 0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers date Tue, 10 Oct 2023 17:38:06 GMT content-encoding gzip server Playlog x-frame-options SAMEORIGIN content-type text/plain; charset=UTF-8 access-control-allow-origin https://pay.google.com p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers X-Playlog-Web content-length 131 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 10 Oct 2023 17:38:06 GMT
OPTIONS H2	200	log play.google.com/ Frame	0 0	953ms 92ms	Preflight text/plain	2a00:1450:4001:82b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers x-goog-authuser Access-Control-Request-Method POST Origin https://pay.google.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers X-Playlog-Web,authorization,origin,x-goog-authuser access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://pay.google.com access-control-max-age 86400 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/plain; charset=UTF-8 date Tue, 10 Oct 2023 17:38:05 GMT expires Tue, 10 Oct 2023 17:38:05 GMT p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." server Playlog x-frame-options SAMEORIGIN x-xss-protection 0
POST H3	200	log Show response play.google.com/ Frame B5D2	131 B 155 B	101ms 83ms	XHR text/plain	2a00:1450:4001:82b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.kWUFKIyYipU.es5.O/am=BMMY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrjw3neEjU4-qRioTgYZupDsPxiwig/m=_b,_tp Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://pay.google.com/ X-Goog-AuthUser 0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers date Tue, 10 Oct 2023 17:38:06 GMT content-encoding gzip server Playlog x-frame-options SAMEORIGIN content-type text/plain; charset=UTF-8 access-control-allow-origin https://pay.google.com p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers X-Playlog-Web content-length 131 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 10 Oct 2023 17:38:06 GMT
OPTIONS H2	200	log play.google.com/ Frame	0 0	951ms 92ms	Preflight text/plain	2a00:1450:4001:82b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers x-goog-authuser Access-Control-Request-Method POST Origin https://pay.google.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers X-Playlog-Web,authorization,origin,x-goog-authuser access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://pay.google.com access-control-max-age 86400 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/plain; charset=UTF-8 date Tue, 10 Oct 2023 17:38:05 GMT expires Tue, 10 Oct 2023 17:38:05 GMT p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." server Playlog x-frame-options SAMEORIGIN x-xss-protection 0
POST H3	200	log Show response play.google.com/ Frame B5D2	131 B 155 B	111ms 87ms	XHR text/plain	2a00:1450:4001:82b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.kWUFKIyYipU.es5.O/am=BMMY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrjw3neEjU4-qRioTgYZupDsPxiwig/m=_b,_tp Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://pay.google.com/ X-Goog-AuthUser 0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers date Tue, 10 Oct 2023 17:38:06 GMT content-encoding gzip server Playlog x-frame-options SAMEORIGIN content-type text/plain; charset=UTF-8 access-control-allow-origin https://pay.google.com p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers X-Playlog-Web content-length 131 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 10 Oct 2023 17:38:06 GMT
OPTIONS H2	200	log play.google.com/ Frame	0 0	946ms 91ms	Preflight text/plain	2a00:1450:4001:82b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers x-goog-authuser Access-Control-Request-Method POST Origin https://pay.google.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers X-Playlog-Web,authorization,origin,x-goog-authuser access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://pay.google.com access-control-max-age 86400 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/plain; charset=UTF-8 date Tue, 10 Oct 2023 17:38:05 GMT expires Tue, 10 Oct 2023 17:38:05 GMT p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." server Playlog x-frame-options SAMEORIGIN x-xss-protection 0
POST H3	200	log Show response play.google.com/ Frame B5D2	131 B 155 B	110ms 87ms	XHR text/plain	2a00:1450:4001:82b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.kWUFKIyYipU.es5.O/am=BMMY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrjw3neEjU4-qRioTgYZupDsPxiwig/m=_b,_tp Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://pay.google.com/ X-Goog-AuthUser 0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers date Tue, 10 Oct 2023 17:38:06 GMT content-encoding gzip server Playlog x-frame-options SAMEORIGIN content-type text/plain; charset=UTF-8 access-control-allow-origin https://pay.google.com p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers X-Playlog-Web content-length 131 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 10 Oct 2023 17:38:06 GMT
OPTIONS H2	200	log play.google.com/ Frame	0 0	944ms 92ms	Preflight text/plain	2a00:1450:4001:82b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers x-goog-authuser Access-Control-Request-Method POST Origin https://pay.google.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers X-Playlog-Web,authorization,origin,x-goog-authuser access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://pay.google.com access-control-max-age 86400 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/plain; charset=UTF-8 date Tue, 10 Oct 2023 17:38:05 GMT expires Tue, 10 Oct 2023 17:38:05 GMT p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." server Playlog x-frame-options SAMEORIGIN x-xss-protection 0
POST H3	200	log Show response play.google.com/ Frame B5D2	131 B 155 B	113ms 89ms	XHR text/plain	2a00:1450:4001:82b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.kWUFKIyYipU.es5.O/am=BMMY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrjw3neEjU4-qRioTgYZupDsPxiwig/m=_b,_tp Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://pay.google.com/ X-Goog-AuthUser 0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers date Tue, 10 Oct 2023 17:38:06 GMT content-encoding gzip server Playlog x-frame-options SAMEORIGIN content-type text/plain; charset=UTF-8 access-control-allow-origin https://pay.google.com p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers X-Playlog-Web content-length 131 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 10 Oct 2023 17:38:06 GMT
POST H2	200	0 Show response r.stripe.com/ Frame 39A9	0 274 B	214ms 214ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color green date Tue, 10 Oct 2023 17:38:05 GMT x-stripe-server-envoy-start-time-us 1696959485258493 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 2 x-stripe-client-envoy-start-time-us 1696959485258327 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame 39A9	0 274 B	218ms 218ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color green date Tue, 10 Oct 2023 17:38:05 GMT x-stripe-server-envoy-start-time-us 1696959485259116 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 5 x-stripe-client-envoy-start-time-us 1696959485258651 access-control-allow-credentials true content-length 0
GET H2	200	sparkcentral.1.25.7.css cdn.sparkcentral.com/rtm/web/1.25.7/	3 KB 1 KB	26ms 26ms	Stylesheet text/css	2600:9000:2057:9000:14:56a0:4680:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.sparkcentral.com/rtm/web/1.25.7/sparkcentral.1.25.7.css Requested by Host: cdn.sparkcentral.com URL: https://cdn.sparkcentral.com/rtm/web/1.25.7/sparkcentral.1.25.7.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:9000:14:56a0:4680:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 73f7889bf92cf273187c2cd8353f4c92005ae3164e6d6c8ec997df4c93401038 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 02:48:12 GMT content-encoding gzip via 1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront) last-modified Fri, 19 Feb 2021 16:46:30 GMT server AmazonS3 x-amz-cf-pop FRA6-C1 age 53394 etag W/"4c74258ace5e1e172fe16e0f81170ea4" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type text/css x-amz-meta-lastmodified 2020-03-16 15:17:38 +0000 UTC x-amz-cf-id XBh3Cusawb4WLzd4EzLvm08hdoFYt2wplJjpNJNoFqtlT4tdU_KJEg==
GET H2	200	frame.1.25.7.css cdn.sparkcentral.com/rtm/web/1.25.7/ Frame 89EA	96 KB 15 KB	30ms 23ms	Stylesheet text/css	2600:9000:2057:9000:14:56a0:4680:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.sparkcentral.com/rtm/web/1.25.7/frame.1.25.7.css Requested by Host: cdn.sparkcentral.com URL: https://cdn.sparkcentral.com/rtm/web/1.25.7/sparkcentral.1.25.7.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:9000:14:56a0:4680:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 2279acbe0b909f296878149708331941cdb1f78fdd049ae04689eb17c44f7962 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 06:30:02 GMT content-encoding gzip via 1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront) last-modified Fri, 19 Feb 2021 16:46:29 GMT server AmazonS3 x-amz-cf-pop FRA6-C1 age 40092 x-amz-server-side-encryption AES256 etag W/"79560a9f764fa94e6e9d749b61ac292a" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css x-amz-meta-lastmodified 2020-03-16 15:17:38 +0000 UTC x-amz-cf-id TZMuKgDKrDtHuxMaxyf35mUI8m20GxzY5YSUYkXViTkQoTlGFDxGmQ==
GET H2	200	frame.1.25.7.min.js Show response cdn.sparkcentral.com/rtm/web/1.25.7/ Frame 89EA	833 KB 252 KB	46ms 39ms	Script application/javascript	2600:9000:2057:9000:14:56a0:4680:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.sparkcentral.com/rtm/web/1.25.7/frame.1.25.7.min.js Requested by Host: cdn.sparkcentral.com URL: https://cdn.sparkcentral.com/rtm/web/1.25.7/sparkcentral.1.25.7.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:9000:14:56a0:4680:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 4c35771cad9dde5289558c52bd9f64f795170b265066370898c2f6d01b47ff5d Request headers Referer https://donate.wfp.org/ Origin https://donate.wfp.org accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 03:57:27 GMT content-encoding gzip via 1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront) x-amz-cf-pop FRA6-C1 age 49443 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-meta-lastmodified 2020-03-16 15:17:38 +0000 UTC last-modified Fri, 19 Feb 2021 16:46:30 GMT server AmazonS3 etag W/"461058a8e768a1691575ed540ddecdab" access-control-max-age 3000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * vary Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method x-amz-cf-id eUUIyNbvvXJ3pM0mc83SGaRLIMUMcNQA_jV7nSbPjtyIwd2NQ1du_A==
GET H2	200	m-outer-27c67c0d52761104439bb051c7856ab1.html Show response js.stripe.com/v3/ Frame 695F	200 B 1 KB	31ms 30ms	Document text/html	13.227.219.27 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.27 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-27.ams54.r.cloudfront.net Software Cloudfront / Resource Hash 351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9 Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://donate.wfp.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 1341 cache-control max-age=31536000 content-length 200 content-security-policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report content-security-policy-report-only base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Tue, 10 Oct 2023 17:15:47 GMT etag "27c67c0d52761104439bb051c7856ab1" last-modified Fri, 06 Oct 2023 20:54:34 GMT server Cloudfront strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 2dc050ab05a5052054de7d000d6c5f50.cloudfront.net (CloudFront) x-amz-cf-id SEgY9_0rUQy0HIa6GIhIPk0A3UyWqJfgcIddm3d7OH_QSOxVOdO_-g== x-amz-cf-pop AMS54-C1 x-cache Hit from cloudfront x-content-type-options nosniff
POST H2	200	0 Show response r.stripe.com/ Frame 39A9	0 274 B	193ms 192ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color green date Tue, 10 Oct 2023 17:38:05 GMT x-stripe-server-envoy-start-time-us 1696959485258963 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 4 x-stripe-client-envoy-start-time-us 1696959485258696 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame 39A9	0 274 B	191ms 190ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color green date Tue, 10 Oct 2023 17:38:05 GMT x-stripe-server-envoy-start-time-us 1696959485259087 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 2 x-stripe-client-envoy-start-time-us 1696959485258741 access-control-allow-credentials true content-length 0
GET H2	200	elements-inner-payment-request-18d0ceef03f52982a04176a7dd13c5db.html Show response js.stripe.com/v3/ Frame 8A31	820 B 2 KB	34ms 34ms	Document text/html	13.227.219.27 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/elements-inner-payment-request-18d0ceef03f52982a04176a7dd13c5db.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.27 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-27.ams54.r.cloudfront.net Software Cloudfront / Resource Hash 573d35bbc1189689154e870e8a619b21464e2ff966efef5c069fc0b9d110f72c Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://donate.wfp.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 1720 cache-control max-age=31536000 content-length 820 content-security-policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report content-security-policy-report-only base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Tue, 10 Oct 2023 17:09:26 GMT etag "18d0ceef03f52982a04176a7dd13c5db" last-modified Tue, 10 Oct 2023 17:07:04 GMT server Cloudfront strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 2dc050ab05a5052054de7d000d6c5f50.cloudfront.net (CloudFront) x-amz-cf-id qgojAqVBopI5WJTaVbHOI0nI1-uJqF9jckjlwwe5ecQQSt9J0nShiw== x-amz-cf-pop AMS54-C1 x-cache Hit from cloudfront x-content-type-options nosniff
POST H2	200	0 Show response r.stripe.com/ Frame 39A9	0 274 B	190ms 190ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color green date Tue, 10 Oct 2023 17:38:05 GMT x-stripe-server-envoy-start-time-us 1696959485268826 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 3 x-stripe-client-envoy-start-time-us 1696959485268603 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame 39A9	0 274 B	190ms 190ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color green date Tue, 10 Oct 2023 17:38:05 GMT x-stripe-server-envoy-start-time-us 1696959485273205 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 3 x-stripe-client-envoy-start-time-us 1696959485272821 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame 39A9	0 274 B	324ms 322ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color green date Tue, 10 Oct 2023 17:38:05 GMT x-stripe-server-envoy-start-time-us 1696959485413509 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 3 x-stripe-client-envoy-start-time-us 1696959485413258 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame 39A9	0 274 B	355ms 354ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color green date Tue, 10 Oct 2023 17:38:05 GMT x-stripe-server-envoy-start-time-us 1696959485442761 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 2 x-stripe-client-envoy-start-time-us 1696959485442479 access-control-allow-credentials true content-length 0
POST H2	200	logger Show response www.paypal.com/xoplatform/logger/api/	1014 B 869 B	203ms 203ms	XHR application/json	151.101.193.21 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true Requested by Host: www.paypal.com URL: https://www.paypal.com/sdk/js?client-id=AbyrqEp_MW1nDeGIuU7pGYUNi85B7a9Gdcf8tpWgcHrn6mtIMPNruc31B06UJw7DHDdOd10ZCGh2bAth&disable-funding=card,credit,bancontact,blik,eps,giropay,ideal,mercadopago,mybank,p24,sepa,sofort,venmo&currency=EUR Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.193.21 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 6463bac35efdc29355a24eabbce3903319fc506b348f227a99ef976bd4a22213 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept application/json Referer https://donate.wfp.org/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 content-type application/json Response headers date Tue, 10 Oct 2023 17:38:05 GMT via 1.1 varnish, 1.1 varnish x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubDomains; preload content-encoding br x-cache MISS, MISS paypal-debug-id f394085417650 server-timing content-encoding;desc="br",x-cdn;desc="fastly" dc ccg11-origin-www-1.paypal.com x-served-by cache-fra-eddf8230021-FRA, cache-fra-eddf8230021-FRA accept-ch sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64 traceparent 00-0000000000000000000f394085417650-614a42d13bf07c11-01 x-timer S1696959485.443359,VS0,VE175 etag W/"3f6-IqUMme0jWs7lVyyNrv7VMa0R60w" vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin https://donate.wfp.org cache-control max-age=0, no-cache, no-store, must-revalidate access-control-allow-credentials true origin-trial AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ== permissions-policy ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com") accept-ranges none x-cache-hits 0, 0
OPTIONS H2	200	log play.google.com/ Frame	0 0	878ms 91ms	Preflight text/plain	2a00:1450:4001:82b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers x-goog-authuser Access-Control-Request-Method POST Origin https://pay.google.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers X-Playlog-Web,authorization,origin,x-goog-authuser access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://pay.google.com access-control-max-age 86400 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/plain; charset=UTF-8 date Tue, 10 Oct 2023 17:38:05 GMT expires Tue, 10 Oct 2023 17:38:05 GMT p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." server Playlog x-frame-options SAMEORIGIN x-xss-protection 0
OPTIONS H2	200	logger www.paypal.com/xoplatform/logger/api/ Frame	0 0	220ms 220ms	Preflight	151.101.193.21 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.193.21 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://donate.wfp.org Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers accept-ch sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64 accept-ranges bytes access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods POST access-control-allow-origin https://donate.wfp.org cache-control max-age=0, no-cache, no-store, must-revalidate content-length 0 date Tue, 10 Oct 2023 17:38:05 GMT dc ccg11-origin-www-1.paypal.com origin-trial AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ== paypal-debug-id f3940850cf52e permissions-policy ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com") server-timing content-encoding;desc="",x-cdn;desc="fastly" strict-transport-security max-age=63072000; includeSubDomains; preload traceparent 00-0000000000000000000f3940850cf52e-4b6257c8b61da166-01 via 1.1 varnish, 1.1 varnish x-cache MISS, MISS x-cache-hits 0, 0 x-content-type-options nosniff x-served-by cache-fra-eddf8230021-FRA, cache-fra-eddf8230021-FRA x-timer S1696959485.219153,VS0,VE192
GET H2	200	m-outer-6576085ca35ee42f2f484cda6763e4aa.js Show response js.stripe.com/v3/fingerprinted/js/ Frame 695F	631 B 1 KB	35ms 35ms	Script text/javascript	13.227.219.27 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.27 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-27.ams54.r.cloudfront.net Software Cloudfront / Resource Hash f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload date Tue, 10 Oct 2023 17:25:26 GMT x-content-type-options nosniff via 1.1 2dc050ab05a5052054de7d000d6c5f50.cloudfront.net (CloudFront) x-amz-cf-pop AMS54-C1 age 759 x-cache Hit from cloudfront content-length 631 last-modified Fri, 06 Oct 2023 20:54:32 GMT server Cloudfront etag "70cacf09ae81711ac6dcbc5ee59750c4" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes timing-allow-origin * x-amz-cf-id a56Q5v4sagi-ZdbVEnKH4KQZr7yrC3q52ZbgR5DqH-y0v4YOdGU-VQ==
GET H2	200	shared-3b6a66eef9f15e42ebb3729fea20fc13.js Show response js.stripe.com/v3/fingerprinted/js/ Frame 8A31	513 KB 122 KB	42ms 41ms	Script text/javascript	13.227.219.27 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-payment-request-18d0ceef03f52982a04176a7dd13c5db.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.27 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-27.ams54.r.cloudfront.net Software Cloudfront / Resource Hash 84a32942de704cbad346426ef8464f2d76a9a500d8a0d9ca72ffb239e876e0b0 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-payment-request-18d0ceef03f52982a04176a7dd13c5db.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 17:08:36 GMT strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff content-encoding gzip x-amz-cf-pop AMS54-C1 age 1770 via 1.1 2dc050ab05a5052054de7d000d6c5f50.cloudfront.net (CloudFront) x-cache Hit from cloudfront last-modified Tue, 10 Oct 2023 17:07:19 GMT server Cloudfront etag W/"4cab16e21e6e44b6d52f5bae4d3197df" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id 4VPwF2inDgdsfAbHJxB9zSQwLny8Vj6X7ECUNygbLJfneXaETOrU9Q==
GET H2	200	ui-shared-599e1ca01f6778ad6abced84908de26f.js Show response js.stripe.com/v3/fingerprinted/js/ Frame 8A31	314 KB 89 KB	45ms 45ms	Script text/javascript	13.227.219.27 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/ui-shared-599e1ca01f6778ad6abced84908de26f.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-payment-request-18d0ceef03f52982a04176a7dd13c5db.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.27 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-27.ams54.r.cloudfront.net Software Cloudfront / Resource Hash 4035f4af9266bc942f69480dc38f4d4d2ec78c53a484da1c6b3b8045b657cd89 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-payment-request-18d0ceef03f52982a04176a7dd13c5db.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff date Tue, 10 Oct 2023 17:24:50 GMT via 1.1 2dc050ab05a5052054de7d000d6c5f50.cloudfront.net (CloudFront) x-amz-cf-pop AMS54-C1 age 796 x-cache Hit from cloudfront last-modified Mon, 09 Oct 2023 20:07:20 GMT server Cloudfront etag W/"e1ec5cf23ba8a3a30e6670d5b5ed4cd7" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id j20ETodCV_Y1MMrMF6-TzOKrZa8UvnQO4atwFVikYDhUOcclQD7lSA==
GET H2	200	elements-inner-payment-request-5ff8644e9ff4687415548827daa4fd63.js Show response js.stripe.com/v3/fingerprinted/js/ Frame 8A31	70 KB 23 KB	45ms 45ms	Script text/javascript	13.227.219.27 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/elements-inner-payment-request-5ff8644e9ff4687415548827daa4fd63.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-payment-request-18d0ceef03f52982a04176a7dd13c5db.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.27 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-27.ams54.r.cloudfront.net Software Cloudfront / Resource Hash e98cd0c2fdece87b81ab08922e36295fce17f66b99b4fcf828369a9c499d962e Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-payment-request-18d0ceef03f52982a04176a7dd13c5db.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff date Tue, 10 Oct 2023 17:26:51 GMT via 1.1 2dc050ab05a5052054de7d000d6c5f50.cloudfront.net (CloudFront) x-amz-cf-pop AMS54-C1 age 1254 x-cache Hit from cloudfront last-modified Mon, 09 Oct 2023 17:02:14 GMT server Cloudfront etag W/"45aab1218bf97a582a70d6c3d26a6a3f" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id Onb6Vkscxg-SzT1fI92EtRiKrgV8ih4azp6U7bYVATOo8HowTcs6Xw==
GET H2	200	ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css js.stripe.com/v3/fingerprinted/css/ Frame 8A31	20 KB 3 KB	43ms 43ms	Stylesheet text/css	13.227.219.27 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-payment-request-18d0ceef03f52982a04176a7dd13c5db.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.27 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-27.ams54.r.cloudfront.net Software Cloudfront / Resource Hash 394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-payment-request-18d0ceef03f52982a04176a7dd13c5db.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff date Tue, 10 Oct 2023 17:22:25 GMT via 1.1 2dc050ab05a5052054de7d000d6c5f50.cloudfront.net (CloudFront) x-amz-cf-pop AMS54-C1 age 949 x-cache Hit from cloudfront last-modified Fri, 06 Oct 2023 20:54:19 GMT server Cloudfront etag W/"b361d7109e9925ca18e32c9da528520f" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id cdelqRQQGtjT1E8KXrdcHWEwYEOJAkY8hG_cQFj-W-oYAW7dKcjkqg==
GET H2	200	elements-inner-payment-request-6851fb638395ab2ad12082441235bcfa.css js.stripe.com/v3/fingerprinted/css/ Frame 8A31	11 KB 3 KB	44ms 44ms	Stylesheet text/css	13.227.219.27 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/css/elements-inner-payment-request-6851fb638395ab2ad12082441235bcfa.css Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-payment-request-18d0ceef03f52982a04176a7dd13c5db.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.27 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-27.ams54.r.cloudfront.net Software Cloudfront / Resource Hash 5033e337e474e5d2818fee21b093eaef81d5f545fd49b5f635b3e1160fa83abe Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-payment-request-18d0ceef03f52982a04176a7dd13c5db.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff date Tue, 10 Oct 2023 17:26:51 GMT via 1.1 2dc050ab05a5052054de7d000d6c5f50.cloudfront.net (CloudFront) x-amz-cf-pop AMS54-C1 age 787 x-cache Hit from cloudfront last-modified Fri, 06 Oct 2023 20:54:19 GMT server Cloudfront etag W/"828ee6578d45b518446bf74a1cc39038" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id 0_f3_P-ARIMgio_P2qPeIzRJ681CZySoOsyjVfkcpjBhxXiIJuv49A==
OPTIONS H2	200	config 5f3157de284bd6000cc5b1eb.config.eu-1.smooch.io/sdk/apps/5f3157de284bd6000cc5b1eb/ Frame	0 0	174ms 87ms	Preflight	2606:4700:4400::6812:211d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://5f3157de284bd6000cc5b1eb.config.eu-1.smooch.io/sdk/apps/5f3157de284bd6000cc5b1eb/config Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:4400::6812:211d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type,x-smooch-appid,x-smooch-clientid,x-smooch-sdk Access-Control-Request-Method GET Origin https://donate.wfp.org Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type,x-smooch-appid,x-smooch-clientid,x-smooch-sdk access-control-allow-methods GET, HEAD, PUT, POST, DELETE, OPTIONS access-control-allow-origin https://donate.wfp.org access-control-max-age 2592000 cache-control private, no-cache, no-store, must-revalidate cf-cache-status DYNAMIC cf-ray 8140a2944d78916e-FRA content-length 0 date Tue, 10 Oct 2023 17:38:06 GMT expires -1 pragma no-cache server cloudflare vary Origin x-request-id 8140a2944d78916e-FRA x-zendesk-account-subdomain - x-zendesk-zorg yes
GET H2	200	config Show response 5f3157de284bd6000cc5b1eb.config.eu-1.smooch.io/sdk/apps/5f3157de284bd6000cc5b1eb/ Frame 89EA	1 KB 768 B	105ms 105ms	Fetch application/json	2606:4700:4400::6812:211d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://5f3157de284bd6000cc5b1eb.config.eu-1.smooch.io/sdk/apps/5f3157de284bd6000cc5b1eb/config Requested by Host: cdn.sparkcentral.com URL: https://cdn.sparkcentral.com/rtm/web/1.25.7/frame.1.25.7.min.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:4400::6812:211d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dadac14c76c7f89adf7b5047a18e359ad1154ff6bf56de3f4922a2ddd401428c Request headers accept-language de-DE,de;q=0.9 x-smooch-sdk web/sparkcentral/1.25.7 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/json Accept application/json x-smooch-clientid 2a121138b91140c0b1331f44112dd5a5 Referer https://donate.wfp.org/ x-smooch-appid 5f3157de284bd6000cc5b1eb Response headers date Tue, 10 Oct 2023 17:38:06 GMT content-encoding br cf-cache-status DYNAMIC x-request-id 8140a294de72916e-FRA x-zendesk-account-subdomain - pragma no-cache server cloudflare etag W/"411-mCuiqrdXlKiYk4s4Is7rGSbbdRI" x-zendesk-zorg yes vary Accept-Encoding,Origin content-type application/json; charset=utf-8 access-control-allow-origin https://donate.wfp.org access-control-expose-headers Retry-After cache-control private, no-cache, no-store, must-revalidate access-control-allow-credentials true cf-ray 8140a294de72916e-FRA expires -1
POST H3	204	collect region1.analytics.google.com/g/	0 17 B	33ms 28ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-TL7TXTVCYL&gtm=45je3a40h1&_p=543556405&cid=1157176061.1696959481&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1696959480&sct=1&seg=0&dl=https%3A%2F%2Fdonate.wfp.org%2F1244%2Fdonation%2Fsingle%2F%3Fcampaign%3D3479%26utm_source%3Dsupportercare%26utm_medium%3Dsms%26utm_campaign%3D231009_Afghanistan_Emergency%26utm_cid%3D7014y000001RTUHAA4&dt=Donate%20Now%20%7C%20United%20Nations%20World%20Food%20Programme&en=scroll&epn.percent_scrolled=90&_et=38 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-TL7TXTVCYL&l=dataLayer&cx=c Protocol H3 Security QUIC, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Tue, 10 Oct 2023 17:38:06 GMT server Golfe2 content-type text/plain access-control-allow-origin https://donate.wfp.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	csp-report q.stripe.com/ Frame 695F	0 716 B	193ms 187ms	Other text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/csp-report Response headers date Tue, 10 Oct 2023 17:38:06 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1696959486136440 x-envoy-upstream-service-time 2 content-length 0 x-stripe-bg-intended-route-color blue pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS x-stripe-server-envoy-upstream-service-time-ms 0 access-control-allow-origin https://js.stripe.com x-stripe-client-envoy-start-time-us 1696959486135852 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-expose-headers Server, Range, Content-Type x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
POST H2	200	csp-report q.stripe.com/ Frame 695F	0 716 B	193ms 189ms	Other text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/csp-report Response headers date Tue, 10 Oct 2023 17:38:06 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1696959486136658 x-envoy-upstream-service-time 2 content-length 0 x-stripe-bg-intended-route-color blue pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS x-stripe-server-envoy-upstream-service-time-ms 0 access-control-allow-origin https://js.stripe.com x-stripe-client-envoy-start-time-us 1696959486136031 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-expose-headers Server, Range, Content-Type x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
GET H2	200	inner.html Show response m.stripe.network/ Frame 39C2	930 B 1 KB	362ms 104ms	Document text/html	151.101.64.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://m.stripe.network/inner.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.64.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash 947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1 Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 142 cache-control max-age=300, public content-encoding br content-length 540 content-security-policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Tue, 10 Oct 2023 17:38:06 GMT server Fastly strict-transport-security max-age=31556926; includeSubDomains; preload vary Accept-Encoding, Origin via 1.1 varnish x-cache HIT x-cache-hits 149 x-content-type-options nosniff x-request-id 31a9fa00-3ba3-4c37-ae25-166ce470bc21 x-served-by cache-fra-eddf8230031-FRA x-timer S1696959486.307219,VS0,VE0
POST H2	200	csp-report q.stripe.com/ Frame 8A31	0 716 B	191ms 190ms	Other text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/csp-report Response headers date Tue, 10 Oct 2023 17:38:06 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1696959486138684 x-envoy-upstream-service-time 3 content-length 0 x-stripe-bg-intended-route-color blue pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS x-stripe-server-envoy-upstream-service-time-ms 2 access-control-allow-origin https://js.stripe.com x-stripe-client-envoy-start-time-us 1696959486137838 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-expose-headers Server, Range, Content-Type x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
POST H2	200	csp-report q.stripe.com/ Frame 8A31	0 716 B	189ms 189ms	Other text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/csp-report Response headers date Tue, 10 Oct 2023 17:38:06 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1696959486138534 x-envoy-upstream-service-time 1 content-length 0 x-stripe-bg-intended-route-color blue pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS x-stripe-server-envoy-upstream-service-time-ms 0 access-control-allow-origin https://js.stripe.com x-stripe-client-envoy-start-time-us 1696959486138178 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-expose-headers Server, Range, Content-Type x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
GET H2	200	.deploy_status_henson.json Show response js.stripe.com/v3/ Frame 8A31	474 B 846 B	28ms 27ms	Fetch application/json	13.227.219.27 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/.deploy_status_henson.json Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.27 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-27.ams54.r.cloudfront.net Software Cloudfront / Resource Hash 393babd32eb805a5bf0d1367465bad0285f88b60e6f73ee6119d570e3e3d800d Request headers Accept application/json Referer https://js.stripe.com/v3/elements-inner-payment-request-18d0ceef03f52982a04176a7dd13c5db.html accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Tue, 10 Oct 2023 17:37:17 GMT via 1.1 8a5da1dacdf44356dd0f5d8a61106c9a.cloudfront.net (CloudFront) last-modified Tue, 10 Oct 2023 17:37:15 GMT server Cloudfront x-amz-cf-pop AMS54-C1 age 50 etag "cc3e9a93cc5ea6a51b67a33d1bb9ca2d" x-cache Hit from cloudfront content-type application/json access-control-allow-origin * cache-control max-age=60 accept-ranges bytes content-length 474 x-amz-cf-id YwrjZMHjF4KxqBQ2wt_h5QP022Z-sYo_pOPtM0xhHb5k_IxVT-7MVw==
POST H2	200	0 Show response r.stripe.com/ Frame 39A9	0 274 B	192ms 191ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color green date Tue, 10 Oct 2023 17:38:06 GMT x-stripe-server-envoy-start-time-us 1696959486161123 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 3 x-stripe-client-envoy-start-time-us 1696959486160847 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame 39A9	0 274 B	350ms 349ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color green date Tue, 10 Oct 2023 17:38:06 GMT x-stripe-server-envoy-start-time-us 1696959486322167 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 2 x-stripe-client-envoy-start-time-us 1696959486321825 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame 39A9	0 274 B	299ms 298ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color green date Tue, 10 Oct 2023 17:38:06 GMT x-stripe-server-envoy-start-time-us 1696959486322128 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 3 x-stripe-client-envoy-start-time-us 1696959486321875 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame 39A9	0 274 B	300ms 299ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-3b6a66eef9f15e42ebb3729fea20fc13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color green date Tue, 10 Oct 2023 17:38:06 GMT x-stripe-server-envoy-start-time-us 1696959486322158 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 3 x-stripe-client-envoy-start-time-us 1696959486321998 access-control-allow-credentials true content-length 0
GET H2	200	495cbf48a0b5e9bd3b3efd74d07d1e62.png cdn.sparkcentral.com/rtm/web/1.25.7/ Frame 89EA	3 KB 4 KB	26ms 26ms	Image image/png	2600:9000:2057:9000:14:56a0:4680:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.sparkcentral.com/rtm/web/1.25.7/495cbf48a0b5e9bd3b3efd74d07d1e62.png Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:9000:14:56a0:4680:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 7d283151277ce9a966db5e94713b12b55345bacc16d09ed871d3ac7fd619251f Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 02:48:12 GMT via 1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront) last-modified Fri, 19 Feb 2021 16:46:29 GMT server AmazonS3 x-amz-cf-pop FRA6-C1 age 53425 x-amz-server-side-encryption AES256 etag "495cbf48a0b5e9bd3b3efd74d07d1e62" vary Accept-Encoding x-cache Hit from cloudfront content-type image/png x-amz-meta-lastmodified 2020-03-16 15:17:32 +0000 UTC accept-ranges bytes content-length 3296 x-amz-cf-id vtvPRVlWDn6rQ3YOscHYMVj3agnGGLBfilfOU1efqAXyoxBRGmII2Q==
GET H2	200	2fb46965575c0c497c81e110c437f0ce.jpg media.eu-1.smooch.io/5f3157de284bd6000cc5b1eb/icons/ Frame 89EA	13 KB 14 KB	111ms 33ms	Image image/png	108.138.17.36 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://media.eu-1.smooch.io/5f3157de284bd6000cc5b1eb/icons/2fb46965575c0c497c81e110c437f0ce.jpg Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.17.36 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-17-36.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 2f73e9ac0222fded928c39a9dcb5bd7e57c6d8dd70b025eaa88d74433de570da Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 01 Feb 2023 00:05:04 GMT x-amz-version-id jXX0xo4WZeYgkmw3zDgFQK5_DSvCWDa3 via 1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront) x-content-type-options nosniff age 21749583 x-amz-cf-pop FRA56-P7 x-cache Hit from cloudfront x-amz-replication-status COMPLETED content-length 13712 last-modified Mon, 24 Aug 2020 07:47:47 GMT server AmazonS3 etag "d672f813fc7205fef9cfbd559be83e62" content-type image/png cache-control max-age=315532800 accept-ranges bytes x-robots-tag noindex x-amz-cf-id I04RwFcCw-TlaAR_305me8bnquMNknibIMzWoA8uekRFo_r8M5u9mQ==
GET H2	200	7f0078e82d2e653bfab143e8181cdd9e.png cdn.sparkcentral.com/rtm/web/1.25.7/ Frame 89EA	1 KB 2 KB	23ms 22ms	Image image/png	2600:9000:2057:9000:14:56a0:4680:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.sparkcentral.com/rtm/web/1.25.7/7f0078e82d2e653bfab143e8181cdd9e.png Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:9000:14:56a0:4680:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 44c48de85c6def81ed02239d6b54ec624c9d7f91aa11cd3b27766eeb985dfb48 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Mon, 09 Oct 2023 22:11:25 GMT via 1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront) last-modified Fri, 19 Feb 2021 16:46:29 GMT server AmazonS3 x-amz-cf-pop FRA6-C1 age 70052 x-amz-server-side-encryption AES256 etag "7f0078e82d2e653bfab143e8181cdd9e" vary Accept-Encoding x-cache Hit from cloudfront content-type image/png x-amz-meta-lastmodified 2020-03-16 15:17:34 +0000 UTC accept-ranges bytes content-length 1203 x-amz-cf-id AM-jV97An9eKeAAgJVxO3_A00jo9G5bptdKJA1AKx3hdHqd79RAYRA==
POST H2	200	csp-report q.stripe.com/ Frame 39C2	0 490 B	197ms 197ms	Other text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1244/donation/single/?campaign=3479&utm_source=supportercare&utm_medium=sms&utm_campaign=231009_Afghanistan_Emergency&utm_cid=7014y000001RTUHAA4 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://m.stripe.network/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/csp-report Response headers date Tue, 10 Oct 2023 17:38:06 GMT strict-transport-security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1696959486519702 x-envoy-upstream-service-time 2 content-length 0 x-stripe-bg-intended-route-color blue pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin x-stripe-server-envoy-upstream-service-time-ms 1 x-stripe-client-envoy-start-time-us 1696959486519067 cache-control max-age=0, no-cache, no-store, must-revalidate x-robots-tag none expires 0
GET H2	200	out-4.5.43.js Show response m.stripe.network/ Frame 39C2	87 KB 15 KB	128ms 128ms	Script text/javascript	151.101.64.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://m.stripe.network/out-4.5.43.js Requested by Host: m.stripe.network URL: https://m.stripe.network/inner.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.64.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://m.stripe.network/inner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload date Tue, 10 Oct 2023 17:38:06 GMT x-content-type-options nosniff content-encoding br via 1.1 varnish age 101 x-cache HIT content-length 15509 x-request-id 635f0207-1c89-4191-9241-c7d4fe6c34f8 x-served-by cache-fra-eddf8230031-FRA server Fastly x-timer S1696959486.432713,VS0,VE0 vary Accept-Encoding, Origin content-type text/javascript; charset=utf-8 cache-control max-age=300, public accept-ranges bytes x-cache-hits 118
POST H2	200	6 Show response m.stripe.com/ Frame 39C2	156 B 670 B	598ms 192ms	XHR application/json	44.241.88.74 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://m.stripe.com/6 Requested by Host: m.stripe.network URL: https://m.stripe.network/out-4.5.43.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.241.88.74 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-241-88-74.us-west-2.compute.amazonaws.com Software nginx / Resource Hash 808e675eba2f69a1f2b1fbc39a1023b1d1ddd3ef0dad74e88ec3af56c74c92c8 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://m.stripe.network/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-stripe-bg-intended-route-color green date Tue, 10 Oct 2023 17:38:07 GMT strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1696959487185684 server nginx content-type application/json;charset=utf-8 x-stripe-server-envoy-upstream-service-time-ms 2 access-control-allow-origin https://m.stripe.network x-stripe-client-envoy-start-time-us 1696959487185342 access-control-allow-credentials true access-control-allow-headers Content-Type content-length 156
POST H2	200	6 Show response m.stripe.com/ Frame 39C2	156 B 669 B	383ms 383ms	XHR application/json	44.241.88.74 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://m.stripe.com/6 Requested by Host: m.stripe.network URL: https://m.stripe.network/out-4.5.43.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.241.88.74 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-241-88-74.us-west-2.compute.amazonaws.com Software nginx / Resource Hash 808e675eba2f69a1f2b1fbc39a1023b1d1ddd3ef0dad74e88ec3af56c74c92c8 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://m.stripe.network/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-stripe-bg-intended-route-color green date Tue, 10 Oct 2023 17:38:07 GMT strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1696959487582456 server nginx content-type application/json;charset=utf-8 x-stripe-server-envoy-upstream-service-time-ms 2 access-control-allow-origin https://m.stripe.network x-stripe-client-envoy-start-time-us 1696959487582138 access-control-allow-credentials true access-control-allow-headers Content-Type content-length 156
POST H2	200	6 Show response m.stripe.com/ Frame 39C2	156 B 669 B	431ms 430ms	XHR application/json	44.241.88.74 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://m.stripe.com/6 Requested by Host: m.stripe.network URL: https://m.stripe.network/out-4.5.43.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.241.88.74 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-241-88-74.us-west-2.compute.amazonaws.com Software nginx / Resource Hash 808e675eba2f69a1f2b1fbc39a1023b1d1ddd3ef0dad74e88ec3af56c74c92c8 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://m.stripe.network/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-stripe-bg-intended-route-color green date Tue, 10 Oct 2023 17:38:07 GMT strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1696959487632202 server nginx content-type application/json;charset=utf-8 x-stripe-server-envoy-upstream-service-time-ms 1 access-control-allow-origin https://m.stripe.network x-stripe-client-envoy-start-time-us 1696959487631343 access-control-allow-credentials true access-control-allow-headers Content-Type content-length 156
GET H2	200	trusted-types-checker-239db17d86d6320632b024ca9e43ba9c.js Show response js.stripe.com/v3/fingerprinted/js/	295 B 794 B	28ms 28ms	Script text/javascript	13.227.219.27 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-239db17d86d6320632b024ca9e43ba9c.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.27 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-27.ams54.r.cloudfront.net Software Cloudfront / Resource Hash 0ea220d4ad1c32f2b9c3fb1c5c2cce3df57496e54556f092e0f201d4d8622849 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload date Tue, 10 Oct 2023 17:06:13 GMT x-content-type-options nosniff via 1.1 2dc050ab05a5052054de7d000d6c5f50.cloudfront.net (CloudFront) x-amz-cf-pop AMS54-C1 age 1921 x-cache Hit from cloudfront content-length 295 last-modified Fri, 06 Oct 2023 20:54:33 GMT server Cloudfront etag "477956b204dfd45e10334fc060914d4b" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes timing-allow-origin * x-amz-cf-id w1LX2fkAaov1UD29aMDXMRQ9_1Ejm6GAMcFdLsuOs2-hDoJx7lJtsw==