give.citysquare.org Open in urlscan Pro
2606:4700::6812:7115 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://eml-pusa01.app.blackbaud.net/intv2/j/C2C6715B-B54A-4CF9-970D-02B8B8D751ED/r/C2C6715B-B54A-4CF9-970D-02B8B8D751ED_94241265-4ac...
Effective URL:
https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMb...
Submission: On November 30 via manual (November 30th 2021, 3:14:21 pm UTC) from US — Scanned from DE

Summary HTTP 174 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 28 IPs in 4 countries across 23 domains to perform 174 HTTP transactions. The main IP is 2606:4700::6812:7115, located in United States and belongs to CLOUDFLARENET, US. The main domain is give.citysquare.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 20th 2021. Valid for: a year.

This is the only time give.citysquare.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	20.94.101.126 20.94.101.126	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
13	2606:4700::68... 2606:4700::6812:7115	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	2606:4700::68... 2606:4700::6812:843c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	23.96.109.67 23.96.109.67	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6810:5e41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.143.247.24 52.143.247.24	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6810:7eaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.224.193.128 13.224.193.128	16509 (AMAZON-02) (AMAZON-02)
21	151.101.128.176 151.101.128.176	54113 (FASTLY) (FASTLY)
10	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	13.225.77.107 13.225.77.107	16509 (AMAZON-02) (AMAZON-02)
2	2600:1901:0:7... 2600:1901:0:7a0b::	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6814:b944	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
2	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
5	3.220.14.48 3.220.14.48	14618 (AMAZON-AES) (AMAZON-AES)
31	54.187.159.182 54.187.159.182	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
2	162.247.243.147 162.247.243.147	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0a::9a	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER)
1	52.42.231.203 52.42.231.203	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:400c:c08::5c	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
26	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
174	28

1 20.94.101.126 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

eml-pusa01.app.blackbaud.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700::6812:7115 (United States)

ASN13335 (CLOUDFLARENET, US)

give.citysquare.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:4700::6812:843c (United States)

ASN13335 (CLOUDFLARENET, US)

prod-frs.content.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pay.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.96.109.67 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

doublethedonation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5e41 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.143.247.24 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

htp.tokenex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7eaf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.193.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-128.fra2.r.cloudfront.net

cdn.plaid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 151.101.128.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.77.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-77-107.fra2.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:7a0b:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

sessions.bugsnag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b944 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.220.14.48 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-14-48.compute-1.amazonaws.com

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.243.147 (United States)

ASN13335 (CLOUDFLARENET, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.8 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.42.231.203 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-42-231-203.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400c:c08::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	stripe.com js.stripe.com q.stripe.com m.stripe.com r.stripe.com	414 KB
34	google.com pay.google.com play.google.com	754 KB
18	classy.org prod-frs.content.classy.org assets.classy.org pay.classy.org	4 MB
17	gstatic.com fonts.gstatic.com www.gstatic.com	396 KB
13	citysquare.org give.citysquare.org	50 KB
10	google-analytics.com www.google-analytics.com	60 KB
6	heapanalytics.com cdn.heapanalytics.com heapanalytics.com	44 KB
3	twitter.com platform.twitter.com syndication.twitter.com	133 KB
3	doublethedonation.com doublethedonation.com	112 KB
2	stripe.network m.stripe.network	17 KB
2	nr-data.net bam-cell.nr-data.net	1 KB
2	youtube.com www.youtube.com	49 KB
2	bugsnag.com sessions.bugsnag.com	140 B
2	plaid.com cdn.plaid.com	71 KB
1	jquery.com code.jquery.com	30 KB
1	doubleclick.net stats.g.doubleclick.net	442 B
1	googleapis.com fonts.googleapis.com	1 KB
1	newrelic.com js-agent.newrelic.com	17 KB
1	onetrust.com geolocation.onetrust.com	256 B
1	unpkg.com unpkg.com	3 KB
1	tokenex.com htp.tokenex.com	4 KB
1	cloudflareinsights.com static.cloudflareinsights.com	5 KB
1	blackbaud.net 1 redirects eml-pusa01.app.blackbaud.net	342 B
174	23

	Domain	Requested by
26	play.google.com	www.gstatic.com
23	r.stripe.com	js.stripe.com
19	js.stripe.com	give.citysquare.org js.stripe.com
13	give.citysquare.org	give.citysquare.org
10	www.gstatic.com	pay.google.com www.gstatic.com
10	www.google-analytics.com	give.citysquare.org www.gstatic.com
10	prod-frs.content.classy.org	give.citysquare.org prod-frs.content.classy.org
8	pay.google.com	js.stripe.com pay.google.com give.citysquare.org www.gstatic.com
8	q.stripe.com	give.citysquare.org
7	fonts.gstatic.com	fonts.googleapis.com
5	heapanalytics.com
5	assets.classy.org
3	pay.classy.org	give.citysquare.org
3	doublethedonation.com	give.citysquare.org
2	m.stripe.network	js.stripe.com m.stripe.network
2	bam-cell.nr-data.net	give.citysquare.org
2	www.youtube.com	give.citysquare.org
2	platform.twitter.com	give.citysquare.org
2	sessions.bugsnag.com	give.citysquare.org
2	cdn.plaid.com	give.citysquare.org
1	m.stripe.com	m.stripe.network
1	syndication.twitter.com	platform.twitter.com
1	code.jquery.com	give.citysquare.org
1	stats.g.doubleclick.net	give.citysquare.org
1	fonts.googleapis.com	give.citysquare.org
1	js-agent.newrelic.com	give.citysquare.org
1	geolocation.onetrust.com	give.citysquare.org
1	cdn.heapanalytics.com	give.citysquare.org
1	unpkg.com	give.citysquare.org
1	htp.tokenex.com	give.citysquare.org
1	static.cloudflareinsights.com	give.citysquare.org
1	eml-pusa01.app.blackbaud.net	1 redirects
174	32

This site contains links to these domains. Also see Links.

Domain
www.classy.org
classy.org

Subject Issuer	Validity	Valid
give.citysquare.org Cloudflare Inc ECC CA-3	`2021-08-20` - `2022-08-19`	a year	crt.sh
classy.org Cloudflare Inc ECC CA-3	`2021-06-03` - `2022-06-02`	a year	crt.sh
doublethedonation.com Sectigo ECC Domain Validation Secure Server CA	`2020-04-09` - `2022-07-12`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
api.tokenex.com Go Daddy Secure Certificate Authority - G2	`2021-01-26` - `2022-01-26`	a year	crt.sh
secure.plaid.com DigiCert SHA2 Extended Validation Server CA	`2020-04-17` - `2022-04-22`	2 years	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2021-10-21` - `2022-02-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
cdn.heapanalytics.com Amazon	`2021-08-28` - `2022-09-26`	a year	crt.sh
*.bugsnag.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-05` - `2022-05-05`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2021-02-12` - `2022-02-11`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
heapanalytics.com Amazon	`2020-12-24` - `2022-01-22`	a year	crt.sh
*.stripe.com DigiCert SHA2 Secure Server CA	`2021-09-08` - `2022-09-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-02-02`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg
Frame ID: 21FCE07E10C855B74E913D8023B84BBB
Requests: 73 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html
Frame ID: F63FF84A4CB67DFE1E1843AF1A9DB414
Requests: 3 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fgive.citysquare.org
Frame ID: 49C2C0075F49D6F4474EEEAB4C3F1338
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 7570F23AE1F845E986D5A890C817896B
Requests: 5 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-77c34e28b53cd0494db7d5f9357230bd.html
Frame ID: 23E381E58884A582988F7E0506F6286B
Requests: 28 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-7f72fd08dad8c7161035881a111dc4fd.html
Frame ID: E4E45AE0F3CD71DB6CBF7C94139AE6CD
Requests: 5 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-3fbcb9f758a65fc8ada974c508ee46e3.html
Frame ID: 3F9C03ACB90838D9F3A5F1BBD0FD72C7
Requests: 4 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: A0866380621879A1354D9855EC498AF0
Requests: 16 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-7f72fd08dad8c7161035881a111dc4fd.html
Frame ID: C5B687F1770547FB475EFF17C3C165CB
Requests: 5 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-3fbcb9f758a65fc8ada974c508ee46e3.html
Frame ID: D942693C507DCBAB11C0FA8DA951850E
Requests: 4 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 3F86A9C9C01BC3DF61E43A56BC7E796A
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Donate to Give to CitySquare

Page URL History Show full URLs

https://eml-pusa01.app.blackbaud.net/intv2/j/C2C6715B-B54A-4CF9-970D-02B8B8D751ED/r/C2C6715B-B54A-4CF9-970D-02B8B... HTTP 302
https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklM... Page URL

Page Statistics

174
Requests

99 %
HTTPS

57 %
IPv6

23
Domains

32
Subdomains

28
IPs

4
Countries

5949 kB
Transfer

13903 kB
Size

22
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.classy.org/terms/
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.classy.org/terms/privacy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.classy.org/terms
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.classy.org/terms/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.classy.org/terms/cookies/
Title: Cookie Statement

Search URL Search Domain Scan URL

URL: https://www.classy.org/terms/copyright/
Title: DMCA Policy

Search URL Search Domain Scan URL

URL: https://classy.org/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://eml-pusa01.app.blackbaud.net/intv2/j/C2C6715B-B54A-4CF9-970D-02B8B8D751ED/r/C2C6715B-B54A-4CF9-970D-02B8B8D751ED_94241265-4aca-4335-9f0b-4c330aeffd46/l/E1F5B431-3FC1-414A-9CF2-019250FB9412/c HTTP 302
https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

174 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
give.citysquare.org/give/351043/
Redirect Chain

https://eml-pusa01.app.blackbaud.net/intv2/j/C2C6715B-B54A-4CF9-970D-02B8B8D751ED/r/C2C6715B-B54A-4CF9-970D-02B8B8D751ED_94241265-4aca-4335-9f0b-4c330aeffd46/l/E1F5B431-3FC1-414A-9CF2-019250FB9412/c
https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg

74 KB
23 KB

795ms
724ms

Document
text/html

2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a10375b13b4d50498992d1056688b60628f6d2a1caca4bdb90826018a8fe956d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 30 Nov 2021 15:14:13 GMT
content-type: text/html; charset=utf-8
cf-ray: 6b65062fe9930601-FRA
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: DYNAMIC
content-security-policy: frame-ancestors 'self';
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: br

Redirect headers

date: Tue, 30 Nov 2021 15:14:12 GMT
content-length: 0
cache-control: no-store, must-revalidate, no-cache
location: https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg#!/donation/checkout
request-context: appId=cid-v1:d9704f59-4177-4f42-bad9-b1a9a5e5e02c
x-content-type-options: nosniff
x-envoy-upstream-service-time: 323
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy

GET
H2 200 main.css
prod-frs.content.classy.org/prod/15473/static/frs/ 1 MB
137 KB 104ms
73ms Stylesheet
text/css 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/15473/static/frs/main.css

Requested by

Host: give.citysquare.org
URL: https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee0a9c05670b10b0bb3b2bf17fc7826884a3e8ac95980eb24f4a20640a139183

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.citysquare.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:14:14 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 52272
cf-polished: origSize=1082318
x-amz-request-id: Z05BNKCEQPSH2WNY
x-amz-id-2: hiaiUerz3bVsjcAnLn+gi0gFkuFpfR1OBQerrehL01BNp95twRfxba48sswnliJFcaemeenI060=
last-modified: Fri, 19 Nov 2021 00:22:21 GMT
server: cloudflare
etag: W/"4ee16dcd7646cabfc7ecf197dafb0289"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: text/css
cache-control: max-age=86400
cf-ray: 6b6506354816430f-FRA
cf-bgj: minify

GET
H2 200 ddplugin.css
doublethedonation.com/api/css/ 153 KB
20 KB 392ms
187ms Stylesheet
text/css 23.96.109.67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://doublethedonation.com/api/css/ddplugin.css
Requested by: Host: give.citysquare.org
URL: https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 23.96.109.67 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 154acfa175f5a1873b733b2a6d390b707ea926c5646da8e8074fea4d1b1aebd5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.citysquare.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:14:14 GMT
content-encoding: br
last-modified: Mon, 29 Nov 2021 20:44:16 GMT
server: nginx
etag: "61a53ba0-5000"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=600;
content-length: 20480

GET
H2 200 rocket-loader.min.js Show response
give.citysquare.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 10ms
9ms Script
application/javascript 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.citysquare.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: give.citysquare.org
URL: https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:14:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Nov 2021 17:32:49 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"619bd441-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=172800, public
strict-transport-security: max-age=15552000; includeSubDomains
cf-ray: 6b650635ad870601-FRA
expires: Thu, 02 Dec 2021 15:14:14 GMT

GET
H2 200 v64f9daad31f64f81be21cbef6184a5e31634941392597 Show response
static.cloudflareinsights.com/beacon.min.js/ 13 KB
5 KB 103ms
78ms Script
text/javascript 2606:4700::6810:5e41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v64f9daad31f64f81be21cbef6184a5e31634941392597
Requested by: Host: give.citysquare.org
URL: https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5bf0a170ae91f1bb8d0c94381a74ab8b85f938bf31bf18a9c8e3b835250d3be6

Request headers

Referer: https://give.citysquare.org/
Origin: https://give.citysquare.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:14:14 GMT
content-encoding: gzip
last-modified: Fri, 22 Oct 2021 22:23:12 GMT
server: cloudflare
etag: W/2021.10.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 6b650635c9736943-FRA

GET
H2 200 onetrustConsent-1539020710655.js Show response
prod-frs.content.classy.org/prod/15473/static/onetrust/ 50 KB
12 KB 34ms
34ms Script
application/javascript 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/15473/static/onetrust/onetrustConsent-1539020710655.js

Requested by

Host: give.citysquare.org
URL: https://give.citysquare.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

987371454c1ad11929a412bd48f8ca28d2a951425e60023e9b1031575980ac9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.citysquare.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:14:14 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 52272
cf-polished: origSize=54583
x-amz-request-id: Z05E64YM0TX7WQRP
x-amz-id-2: DZmyM8xcp1heRUL/1deWmnsbFifrgz7MgHNkjZrD2jBVNqJgG5gii+Ac0F1CCMJf/kTUlsZ0+98=
last-modified: Fri, 19 Nov 2021 00:22:22 GMT
server: cloudflare
etag: W/"64c3a4446a1c238c4df7f2db78163772"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 6b650635b973430f-FRA
cf-bgj: minify

GET
H2 200 iframe-v3.min.js Show response
htp.tokenex.com/iframe/ 14 KB
4 KB 545ms
134ms Script
application/javascript 52.143.247.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://htp.tokenex.com/iframe/iframe-v3.min.js

Requested by

Host: give.citysquare.org
URL: https://give.citysquare.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.143.247.24 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c3b894a4425509ff283b4e7149b3e3ed8b3d2798616dfe351d491d06325fbc6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.citysquare.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 26 Oct 2021 16:24:32 GMT
etag: "0e0f6f485cad71:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
date: Tue, 30 Nov 2021 15:14:14 GMT
accept-ranges: bytes
content-length: 3833
x-xss-protection: 1; mode=block

GET
H2 200 paypal-js.legacy.min.js Show response
unpkg.com/@paypal/paypal-js@4.0.8/dist/iife/ 7 KB
3 KB 54ms
34ms Script
application/javascript 2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@paypal/paypal-js@4.0.8/dist/iife/paypal-js.legacy.min.js

Requested by

Host: give.citysquare.org
URL: https://give.citysquare.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62f42276dddf470e795cc1b1bdcb8fe73a0354188bcfa80e0600e8b8d2a21dcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.citysquare.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:14:14 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2993473
fly-request-id: 01FJZFRMM9DBHPG2M766J8W1NQ
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"1b81-IpiDV5HCNI7yT2mRdGuH3F1n0RQ"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6b650635daec6928-FRA

GET
H2 200 module.min.js Show response
prod-frs.content.classy.org/prod/15473/static/frs/donation/ 178 KB
36 KB 39ms
37ms Script
application/javascript 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/15473/static/frs/donation/module.min.js

Requested by

Host: give.citysquare.org
URL: https://give.citysquare.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b32d0c0027380ac3685a05937214bde83f51d2bf38c833f5962bfe97c18b2b69

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.citysquare.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:14:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 19 Nov 2021 00:22:21 GMT
server: cloudflare
age: 52186
etag: W/"87a6ae2900309b7ed10372d89c6495a5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
strict-transport-security: max-age=15552000; includeSubDomains
cf-ray: 6b650635b979430f-FRA
x-amz-request-id: HS509JQX6E7PD0JH
x-amz-id-2: 7Rm0NJDoGIcRYyJWu2qDfDvY1hPWmtXRAAR5F377AhTxRCuLqz14wblMHQYcSeTn8GidbKhm5JM=

GET
H2 200 module.min.js Show response
prod-frs.content.classy.org/prod/15473/static/global/ 2 MB
339 KB 57ms
56ms Script
application/javascript 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/15473/static/global/module.min.js

Requested by

Host: give.citysquare.org
URL: https://give.citysquare.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78f5d9eb6a0b0a2d4810727459ebdcf43952d6d4ad470525b18541ba84a13f81

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.citysquare.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:14:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 19 Nov 2021 00:22:22 GMT
server: cloudflare
age: 52331
etag: W/"9ef35d94e97fd7c9e27eeb836759bd4f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
strict-transport-security: max-age=15552000; includeSubDomains
cf-ray: 6b650635b980430f-FRA
x-amz-request-id: Z054QSF5W5EMEHF5
x-amz-id-2: aDls1tusFdEtHRdi+E1IhlHbgs1OCfmnJoKix4X6Cww67UPEjJA5ZT6amOSWaTvq+COH7JtNx+k=

GET
H2 200 libs.min.js Show response
prod-frs.content.classy.org/prod/15473/static/global/ 1 MB
430 KB 45ms
44ms Script
application/javascript 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/15473/static/global/libs.min.js

Requested by

Host: give.citysquare.org
URL: https://give.citysquare.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b05bc405a4294a1d778025a79275c288477dda7cf50f679c9b621925b0dad5a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.citysquare.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:14:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 19 Nov 2021 00:22:22 GMT
server: cloudflare
age: 52332
etag: W/"772e1301b871cc2545926cb86ee5965f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
strict-transport-security: max-age=15552000; includeSubDomains
cf-ray: 6b650635b983430f-FRA
x-amz-request-id: Z051WFD7VTWD6F9A
x-amz-id-2: Xsaoom4P3nrAUTzeygK7f1y85NtCV2olrOVUn2se1tKse2VqgunhxKTYCLs5bPWoEPmYyhtOaBo=

GET
H2 200 link-initialize.js Show response
cdn.plaid.com/link/v2/stable/ 86 KB
30 KB 125ms
37ms Script
application/javascript 13.224.193.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by: Host: give.citysquare.org
URL: https://give.citysquare.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-128.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a9e992c0d55edfbb3805067c7a5154238fd1880a3cf5e35140a0ff27f528a115

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.citysquare.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 22:16:53 GMT
content-encoding: gzip
age: 61042
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-request-id: XEACZ222M39CE153
x-amz-id-2: WkhO+WSQ+eMTbZ1/NTxnBnfwjsjz2xH7qLFQV8n8II+TmT119YPY5Y9zvncGWyJgTyDwh4OsEbE=
last-modified: Mon, 29 Nov 2021 21:40:59 GMT
server: AmazonS3
etag: W/"aba6d3dbb1f40a31916431e2aa2c3fcd"
vary: Accept-Encoding
x-amz-version-id: wJGsKAHElUF9cdJHw0.guJiHP4Idcuxy
via: 1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
cache-control: no-cache,must-revalidate,max-age=0
x-amz-cf-pop: FRA2-C1
content-type: application/javascript
x-amz-cf-id: 1h0cRzXt7IYF7tLYmFjoHCkBW1bawfyUMyNHtPNuZ0E5C_K2rShCCg==

GET
H2 200 / Show response
js.stripe.com/v3/ 266 KB
64 KB 94ms
7ms Script
application/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: give.citysquare.org
URL: https://give.citysquare.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

53fe9e3bceda41919ef86bb2cb7175f41bbcf6663d358d928e3658ab2626dc1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.citysquare.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 68
x-cache: HIT
content-length: 65360
etag: "d2f6c0451070dc28c496a2fd14b61547"
x-request-id: 8cf498d3-be07-4db3-b5c9-2fd7b730941d
x-served-by: cache-fra19138-FRA
access-control-allow-origin: *
last-modified: Mon, 22 Nov 2021 23:26:10 GMT
server: Fastly
date: Tue, 30 Nov 2021 15:14:14 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 21

GET
H2 200 ddplugin.js Show response
doublethedonation.com/api/js/ 452 KB
92 KB 287ms
190ms Script
text/javascript 23.96.109.67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://doublethedonation.com/api/js/ddplugin.js
Requested by: Host: give.citysquare.org
URL: https://give.citysquare.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 23.96.109.67 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: ef2d6517460af97612c94e862aa8b6fc6d5caf1ecf94eefc97fa1ca2d56d10ae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.citysquare.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:14:14 GMT
content-encoding: br
last-modified: Mon, 29 Nov 2021 20:44:15 GMT
server: nginx
etag: "61a53b9f-16cea"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=600;
content-length: 93418

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: give.citysquare.org
URL: https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.citysquare.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 787
date: Tue, 30 Nov 2021 15:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 30 Nov 2021 17:01:07 GMT

GET
H2 200 heap-1566116007.js Show response
cdn.heapanalytics.com/js/ 108 KB
43 KB 50ms
12ms Script
application/javascript 13.225.77.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-1566116007.js

Requested by

Host: give.citysquare.org
URL: https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.77.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-77-107.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

95f0779f97ba79eb7925fdef3c2dbbe726b672dfcff6d1b1fbcaaf7fe10e8b18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.citysquare.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:12:36 GMT
content-encoding: gzip
server: nginx
age: 98
etag: W/"1af0f-pBZvPwDTEwsj7k43ZWEGaQ"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 2afacc6ad96dbba3f0b477cd95f16459.cloudfront.net (CloudFront)
cache-control: public, max-age=120
x-amz-cf-pop: FRA2-C2
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-id: dyaVKkoo6b6I3mK3vsOPXlpUFYULWww4WfLiC31qFGQ-TBJbYvzkCA==

OPTIONS
H2 200 /
sessions.bugsnag.com/ Frame 0
0 168ms
145ms Preflight 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Origin: https://give.citysquare.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
date: Tue, 30 Nov 2021 15:14:14 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

POST
H2 202 / Show response
sessions.bugsnag.com/ 21 B
140 B 147ms
147ms XHR
application/json 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: give.citysquare.org
URL: https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1.0
Referer: https://give.citysquare.org/
Bugsnag-Sent-At: 2021-11-30T15:14:14.652Z
Accept-Language: de-DE,de;q=0.9
Bugsnag-Api-Key: ed2f4223afa43ef4870a151ab82d1ac6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Tue, 30 Nov 2021 15:14:14 GMT
via: 1.1 google
bugsnag-session-uuid: 23a69ed5-5685-4da4-bb22-c7a515ad303b
alt-svc: clear
content-length: 21
content-type: application/json

GET
H2 200 optanon.css
prod-frs.content.classy.org/prod/15473/static/onetrust/skins/3.6.25/default_flat_bottom_two_button_white/v2/css/ 22 KB
6 KB 34ms
33ms Stylesheet
text/css 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/15473/static/onetrust/skins/3.6.25/default_flat_bottom_two_button_white/v2/css/optanon.css

Requested by

Host: give.citysquare.org
URL: https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

adf4afee15d307888f52c5c1b8649ba2ef593e9a04e1400b63f80774c0d20176

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.citysquare.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:14:14 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 52225
cf-polished: origSize=22581
x-amz-request-id: SMG3SYKQ20NXJVK6
x-amz-id-2: QnxYoXb+5erDnVJMpGYmVcMTg/GwkaxH1D7qiVTvDtagTex0xfEU2bwD9MaWm0EFB93ntHgVOzc=
last-modified: Fri, 19 Nov 2021 00:22:22 GMT
server: cloudflare
etag: W/"5ec3a032a0370bd8e3f63adf430b4617"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: text/css
cache-control: max-age=86400
cf-ray: 6b650639bcbb430f-FRA
cf-bgj: minify

GET
H2 200 EU Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/countries/ 32 B
256 B 46ms
29ms Script
text/javascript 2606:4700:10::6814:b944
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/countries/EU?callback=jQuery32101238611950081272_1638285254580&_=1638285254581

Requested by

Host: give.citysquare.org
URL: https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0817a0d6a87f2d42532035e42b20ea55cfaa5ca1092c761f5fc5e734790bdbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.citysquare.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:14:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6b650639db13694f-FRA
content-length: 32

GET
H2 200 sdk.js Show response
give.citysquare.org/sso/ 20 KB
6 KB 506ms
506ms Script
application/javascript 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.citysquare.org/sso/sdk.js

Requested by

Host: give.citysquare.org
URL: https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/5.6.40

Resource Hash

33ee267763985a483e766006308c74e6afa3d561ac5b23ac58b7ef2a2e55eacc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:14:15 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 30 Nov 2021 15:14:15 GMT
server: cloudflare
x-powered-by: PHP/5.6.40
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=1200
strict-transport-security: max-age=15552000; includeSubDomains
cf-ray: 6b650639bdb50601-FRA
expires: Tue, 30 Nov 2021 15:34:15 GMT

GET
H2 200 nr-spa-1212.min.js Show response
js-agent.newrelic.com/ 44 KB
17 KB 25ms
9ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-spa-1212.min.js
Requested by: Host: give.citysquare.org
URL: https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ebfe453394ff1be6ef75d380ab7c5535aea0b51832d045f0d5d0ef7e6535969c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.citysquare.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: wY72Ah.NJX5KzzqRFK3uhSo3Jh07tDe4
content-encoding: gzip
etag: "8bd93bf0ecb2f4e971a2055a41402bb6"
x-amz-request-id: VG6YBKXNYMJ05RRS
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 16636
x-amz-id-2: CN/OtP3A9z0ShcwSC84Dp2716OPSVqHtXjTa3tL4kDFfrY9FTweTMDz1ynWsKHz8NETzizCEpEw=
x-served-by: cache-fra19175-FRA
last-modified: Thu, 04 Nov 2021 21:16:16 GMT
server: AmazonS3
x-timer: S1638285255.697900,VS0,VE0
date: Tue, 30 Nov 2021 15:14:14 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 881

GET
H2 200 m-outer-f7902241893e7a497417843cb15dc858.html Show response
js.stripe.com/v3/ Frame F63F 240 B
514 B 8ms
8ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html

Requested by

Host: give.citysquare.org
URL: https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

1969520bd7b0ea7b84b1cbdda4a8ae93c321abe6eaeff82b5fa496680bf88a0f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://give.citysquare.org/

Response headers

last-modified: Wed, 27 Oct 2021 22:19:31 GMT
etag: "f7902241893e7a497417843cb15dc858"
content-type: text/html; charset=utf-8
content-security-policy: default-src 'self'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Tue, 30 Nov 2021 15:14:14 GMT
via: 1.1 varnish
age: 3
x-request-id: 07d3bd6f-f652-441c-98e9-49771bc531ca
x-served-by: cache-fra19138-FRA
x-cache: HIT
x-cache-hits: 4
vary: Accept-Encoding
timing-allow-origin: *
cache-control: max-age=60
content-length: 141

GET
H2 200 link-dynamic-loader.js
cdn.plaid.com/link/2.0.1215/ 0
42 KB 8ms
8ms Other
application/javascript 13.224.193.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/2.0.1215/link-dynamic-loader.js
Requested by: Host: give.citysquare.org
URL: https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-128.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.citysquare.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 22:16:54 GMT
content-encoding: gzip
age: 61041
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 29 Nov 2021 21:40:59 GMT
server: AmazonS3
etag: W/"05b6a0c8c922bdc78b4d2fe1c548f0af"
vary: Accept-Encoding
x-amz-version-id: 4qk3qHCPgWWD3EQx6qCh77KkTginc24O
via: 1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
cache-control: max-age=10800
x-amz-cf-pop: FRA2-C1
content-type: application/javascript
x-amz-cf-id: qS_8Ot5-dJxCe42w2Kgmu8Tl_yn8dJBvSL5xNH8BH6OtkHJOrch4LA==

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 88ms
22ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: give.citysquare.org
URL: https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE4) /
Resource Hash: 00a57617df99ac957720b7332f9d15449def3ebe11169d68f12c47a3cde5168d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.citysquare.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 15:14:14 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Oct 2021 18:33:56 GMT
Server: ECS (mil/6CE4)
Age: 1064
Etag: "a709ab1b2c0d5d5e7c19895f6e1dcbfd+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 29104

GET
H2 200 iframe_api Show response
www.youtube.com/ 980 B
1 KB 48ms
26ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: give.citysquare.org
URL: https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5c5213ae9607e223883edb6fc2e766c15e2de3916e76855a226f8b539cce6b2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.citysquare.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:14:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
expires: Tue, 30 Nov 2021 15:14:14 GMT

GET
H2 200 ClassyIcons.woff
prod-frs.content.classy.org/prod/15473/static/global/fonts/ 42 KB
43 KB 639ms
622ms Font
application/x-font-woff 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/15473/static/global/fonts/ClassyIcons.woff

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/15473/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53ddfecb467110d25b2683d0edebaec4ea0a2042420c7a411eefcd90bd7c9c3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://prod-frs.content.classy.org/prod/15473/static/frs/main.css
Origin: https://give.citysquare.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:14:15 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: MISS
x-amz-request-id: N6P1XWSGNT8PK83H
strict-transport-security: max-age=15552000; includeSubDomains
content-length: 43184
x-amz-id-2: C/4Q9SorNIHkXxe3qptY23IprfIj3FfGHId2CKCsugofRPVaTr4WKi33pl7Zp+s5GxtUuFGJ0VE=
last-modified: Fri, 19 Nov 2021 00:22:21 GMT
server: cloudflare
etag: "4a28d75850e2ab1f3a1e82b8589570f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: application/x-font-woff
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6b65063b2c305c62-FRA

GET
H2 200 tax-entities Show response
give.citysquare.org/frs-api/organizations/75768/ 397 B
308 B 493ms
493ms XHR
application/json 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.citysquare.org/frs-api/organizations/75768/tax-entities

Requested by

Host: give.citysquare.org
URL: https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d98736232375b1876a7c2d609bd831c4651ec8baf479a89cf7cef1afe92e3b0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: dfsR53Fp-qtTZrlO8o_C-q_sf0rycOGNlw08
tracestate: 423787@nr=0-1-423787-363751183-107001ef037e4b2e----1638285254909
traceparent: 00-c494edfab874b6af9725c0fe2daf4540-107001ef037e4b2e-01
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIxMDcwMDFlZjAzN2U0YjJlIiwidHIiOiJjNDk0ZWRmYWI4NzRiNmFmOTcyNWMwZmUyZGFmNDU0MCIsInRpIjoxNjM4Mjg1MjU0OTA5fX0=
Accept: application/json, text/plain, */*
csrf-token: dfsR53Fp-qtTZrlO8o_C-q_sf0rycOGNlw08
Referer: https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg

Response headers

date: Tue, 30 Nov 2021 15:14:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"18d-K9iU0MLXmI8xrhSVwhTPPAmHRds"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 6b65063b39a50601-FRA
vary: Accept-Encoding

GET
H2 200 channels Show response
give.citysquare.org/frs-api/campaigns/351043/ 784 B
485 B 499ms
498ms XHR
application/json 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.citysquare.org/frs-api/campaigns/351043/channels?filter=channel_name%3DDoubletheDonation

Requested by

Host: give.citysquare.org
URL: https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

acecccc74061288b34cf958f56c93c528ebf20d9b263cd8fc65b8b76c8bcfac4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: dfsR53Fp-qtTZrlO8o_C-q_sf0rycOGNlw08
tracestate: 423787@nr=0-1-423787-363751183-c3a658e33dd513d8----1638285254936
traceparent: 00-9ea47b9a0cec522638d58528d689bfa0-c3a658e33dd513d8-01
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJjM2E2NThlMzNkZDUxM2Q4IiwidHIiOiI5ZWE0N2I5YTBjZWM1MjI2MzhkNTg1MjhkNjg5YmZhMCIsInRpIjoxNjM4Mjg1MjU0OTM2fX0=
Accept: application/json, text/plain, */*
csrf-token: dfsR53Fp-qtTZrlO8o_C-q_sf0rycOGNlw08
Referer: https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg

Response headers

date: Tue, 30 Nov 2021 15:14:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"310-3y/6CuRBcRNBllkj4gE0xzfbsIo"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 6b65063b59e70601-FRA
vary: Accept-Encoding

GET
H2 200 ach-account-routing Show response
give.citysquare.org/frs-api/organizations/75768/ 33 B
193 B 463ms
462ms XHR
application/json 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.citysquare.org/frs-api/organizations/75768/ach-account-routing

Requested by

Host: give.citysquare.org
URL: https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db35d9942ff3fe390acc214cea81723f9c880cdd53788be8a16d6b3e0aab3965

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: dfsR53Fp-qtTZrlO8o_C-q_sf0rycOGNlw08
tracestate: 423787@nr=0-1-423787-363751183-a87471aa6ef96d54----1638285254937
traceparent: 00-edd5eb5c85d0604446944336ff802930-a87471aa6ef96d54-01
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJhODc0NzFhYTZlZjk2ZDU0IiwidHIiOiJlZGQ1ZWI1Yzg1ZDA2MDQ0NDY5NDQzMzZmZjgwMjkzMCIsInRpIjoxNjM4Mjg1MjU0OTM3fX0=
Accept: application/json, text/plain, */*
csrf-token: dfsR53Fp-qtTZrlO8o_C-q_sf0rycOGNlw08
Referer: https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg

Response headers

date: Tue, 30 Nov 2021 15:14:15 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"21-x2mDQC0vzbrt0ZWFDFk/7jYh9jg"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 6b65063b59ea0601-FRA
vary: Accept-Encoding
content-length: 33

GET
H2 200 62d44bfe-f163-11eb-a22d-0e235aae87f7.jpg
assets.classy.org/19722348/ 232 KB
233 KB 99ms
89ms Image
image/jpeg 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/19722348/62d44bfe-f163-11eb-a22d-0e235aae87f7.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e590636a82a5613e3074da8308a66905f45d07e9bd55d790a2eb779c43e732aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.citysquare.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:14:15 GMT
via: 1.1 372875ad1ec20daf24f3f29f14a73cd0.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
content-length: 237447
last-modified: Fri, 30 Jul 2021 18:24:34 GMT
server: cloudflare
etag: "d41144391520fed9db0c1af2e4af2ad8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: public,max-age=31536000
x-amz-version-id: T81oJJKyb..315qwCoR1ATxSyWFIcUfo
accept-ranges: bytes
cf-ray: 6b65063b6975430f-FRA
x-amz-cf-id: ZwZEcFgPUAFKq8At-ozHiOwCP8JGO1hQhWJLFX6g3W54VGlY3XzxRQ==

GET
H2 200 fontawesome-webfont.woff2
prod-frs.content.classy.org/prod/15473/static/fonts/ 65 KB
66 KB 599ms
599ms Font
binary/octet-stream 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/15473/static/fonts/fontawesome-webfont.woff2?v=4.5.0

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/15473/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://prod-frs.content.classy.org/prod/15473/static/frs/main.css
Origin: https://give.citysquare.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:14:15 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: MISS
x-amz-request-id: N6PF3P29VY2B2MYD
strict-transport-security: max-age=15552000; includeSubDomains
content-length: 66624
x-amz-id-2: 5jgWHBnlJy3x5l5Pw79RSqEcZAPLtDYvACmsA1uq5CG+I0o5+vznvyYQJL+eN4NPkJN9R/D4im0=
last-modified: Fri, 19 Nov 2021 00:22:21 GMT
server: cloudflare
etag: "db812d8a70a4e88e888744c1c9a27e89"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6b65063b6cab5c62-FRA

GET
H2 200 plaid Show response
pay.classy.org/token/ 88 B
805 B 354ms
344ms XHR
application/json 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/plaid?applicationId=16770&currency=EUR

Requested by

Host: give.citysquare.org
URL: https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86cb276d0550d189e7dad4800fbbcfe7b5312f7845e0e711115d5aad589b5d27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://give.citysquare.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:14:15 GMT
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
x-classypay-version: 1
cf-cache-status: DYNAMIC
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
x-classypay-requestid: c82204d1-b553-45cd-b217-7f2db9159522
content-encoding: br
vary: Accept-Encoding
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 6b65063bddba5c62-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
x-amz-cf-id: r9vMMIZ_m1Q1zjuNodhUwAxlG5rYeck9Lyzqj5v67J0VY8kaG1n8lA==

GET
H2 200 dropdown-caret.png
prod-frs.content.classy.org/prod/15473/static/global/images/ 394 B
774 B 42ms
41ms Image
image/webp 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/15473/static/global/images/dropdown-caret.png

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/15473/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9dc9f15be9644fe661ed74493a4de393418024500fe78cf633bac0a86f29a745

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prod-frs.content.classy.org/prod/15473/static/frs/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:14:15 GMT
vary: Accept
cf-cache-status: HIT
age: 52097
cf-polished: origFmt=png, origSize=547
cf-ray: 6b65063bfae9430f-FRA
content-disposition: inline; filename="dropdown-caret.webp"
content-length: 394
x-amz-id-2: 8kJHdIaD+51eFrj0Lp+m3sdcdYEnNiNsAsf8u3o13+V5wl0W8aspVrhlIOQuHLW7aJG0fNxy2us=
last-modified: Fri, 19 Nov 2021 00:22:22 GMT
server: cloudflare
etag: "43da60879cfe0801ed7fc830a628885c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-amz-request-id: 26V2R9A6HXG39J58
cache-control: max-age=86400
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 designations Show response
give.citysquare.org/frs-api/campaigns/351043/ 1 KB
708 B 512ms
511ms XHR
application/json 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.citysquare.org/frs-api/campaigns/351043/designations?filter=id%3D164652

Requested by

Host: give.citysquare.org
URL: https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb95e14fe2607a024110f56caa6c92abcfdea7c2dd1e7753887011e7f6f82b69

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: dfsR53Fp-qtTZrlO8o_C-q_sf0rycOGNlw08
tracestate: 423787@nr=0-1-423787-363751183-1773a0093760bcc5----1638285255085
traceparent: 00-2d2fd57f270c876492b375f0f777c070-1773a0093760bcc5-01
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIxNzczYTAwOTM3NjBiY2M1IiwidHIiOiIyZDJmZDU3ZjI3MGM4NzY0OTJiMzc1ZjBmNzc3YzA3MCIsInRpIjoxNjM4Mjg1MjU1MDg1fX0=
Accept: application/json, text/plain, */*
csrf-token: dfsR53Fp-qtTZrlO8o_C-q_sf0rycOGNlw08
Referer: https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg

Response headers

date: Tue, 30 Nov 2021 15:14:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"430-HT4pUUHL6uJALocIqWXgJwYUne4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 6b65063c4c030601-FRA
vary: Accept-Encoding

GET
H2 200 currency-conversions Show response
give.citysquare.org/frs-api/i18n/ 75 B
211 B 441ms
441ms XHR
application/json 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.citysquare.org/frs-api/i18n/currency-conversions?amount=1&from=USD&to=EUR

Requested by

Host: give.citysquare.org
URL: https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72f1ccdc89a549789bfd5e2c755bdaac5c26a24d1e8281266573ce4078834db8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: dfsR53Fp-qtTZrlO8o_C-q_sf0rycOGNlw08
tracestate: 423787@nr=0-1-423787-363751183-f71b87609a108ae7----1638285255119
traceparent: 00-172a6c2f77cf76f8a30eba2d8143ef10-f71b87609a108ae7-01
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJmNzFiODc2MDlhMTA4YWU3IiwidHIiOiIxNzJhNmMyZjc3Y2Y3NmY4YTMwZWJhMmQ4MTQzZWYxMCIsInRpIjoxNjM4Mjg1MjU1MTE5fX0=
Accept: application/json, text/plain, */*
csrf-token: dfsR53Fp-qtTZrlO8o_C-q_sf0rycOGNlw08
Referer: https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg

Response headers

date: Tue, 30 Nov 2021 15:14:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"4b-HYCxkzRKnmnJ8EhVEnZ7ALABWr4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 6b65063c8c7e0601-FRA
vary: Accept-Encoding

GET
H2 200 user-icon.png
give.citysquare.org/static/global/images/ 4 KB
5 KB 466ms
465ms Image
image/png 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://give.citysquare.org/static/global/images/user-icon.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bcdc7148d1f31a3d06cff6b52d1064cb1a0dca292ccd80e3d8c52b1bf5330440

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:14:15 GMT
cf-cache-status: MISS
last-modified: Fri, 19 Nov 2021 00:17:32 GMT
server: cloudflare
etag: "6196ed1c-11ec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000; includeSubDomains
accept-ranges: bytes
cf-ray: 6b65063c8c960601-FRA
content-length: 4588
expires: Wed, 30 Nov 2022 15:14:15 GMT

GET
H2 200 b8dbd56c-f0f0-11eb-9cfc-0a58a9feac02.png
assets.classy.org/19722348/ 197 KB
198 KB 72ms
72ms Image
image/webp 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/19722348/b8dbd56c-f0f0-11eb-9cfc-0a58a9feac02.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb4c071d8e6508e76203affbf616897cda8253ca492a54ea601e2014338489cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.citysquare.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:14:15 GMT
via: 1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 6703
cf-polished: origFmt=png, origSize=339789
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
content-disposition: inline; filename="b8dbd56c-f0f0-11eb-9cfc-0a58a9feac02.webp"
content-length: 201844
x-amz-server-side-encryption: AES256
last-modified: Fri, 30 Jul 2021 04:43:46 GMT
server: cloudflare
etag: "638bee64a5d9f29bf86223dbb753c218"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/webp
cache-control: public,max-age=31536000
x-amz-version-id: kEOvSvVa1zj7xwOcqfVixVwNKbJPE0We
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
cf-ray: 6b65063c8c80430f-FRA
x-amz-cf-id: O2ucYc2y8eBLNn0w0BrC7GEMDopnA40vYDl0H1f6sxCVVDthxReQYQ==
cf-bgj: imgq:85,h2pri

GET
H2 200 05e4cc90-2537-11ec-bb22-0e057c0fbb7f.png
assets.classy.org/19722348/ 761 KB
762 KB 89ms
89ms Image
image/png 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/19722348/05e4cc90-2537-11ec-bb22-0e057c0fbb7f.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7e6acfa526397eb9f5f44446b17769e3e7763c0779774c117c54412f151e894

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.citysquare.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:14:15 GMT
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
content-length: 779266
last-modified: Mon, 04 Oct 2021 17:18:00 GMT
server: cloudflare
etag: "49a847d8873e046ab056262d26bd8823"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/png
x-amz-version-id: K1skNWhYX0T31.Zpg2ZY3TYGtfJMXAtE
accept-ranges: bytes
cf-ray: 6b65063c8c82430f-FRA
x-amz-cf-id: whrjiSCVAS8_e937VPvku3LIWwXKtbruAJSHlxA3cPQJZIUQ0yTbaA==

GET
H2 200 0b37f230-2537-11ec-a5f5-0a58a9feac02.png
assets.classy.org/19722348/ 761 KB
762 KB 50ms
50ms Image
image/png 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/19722348/0b37f230-2537-11ec-a5f5-0a58a9feac02.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b936410af9cb510891a675f0e4aefd71b290aa3a621db3cc5a59aa8980c95c06

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.citysquare.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:14:15 GMT
via: 1.1 372875ad1ec20daf24f3f29f14a73cd0.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
content-length: 779266
last-modified: Mon, 04 Oct 2021 17:18:09 GMT
server: cloudflare
etag: "6ae9c2f00b85fce5292f0d088a134ebb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/png
x-amz-version-id: NHg_I.6FeaMX3LCYs1apr53bXZlmOtrg
accept-ranges: bytes
cf-ray: 6b65063c8c84430f-FRA
x-amz-cf-id: KnCrHYn1DKnVwK2akMh0Qb8v4LtvCxINP3DsqZCDcC5HrUk3xxbzmw==

GET
H2 200 111f4b80-2537-11ec-afbc-0a58a9feac02.png
assets.classy.org/19722348/ 761 KB
762 KB 101ms
101ms Image
image/png 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/19722348/111f4b80-2537-11ec-afbc-0a58a9feac02.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

639d9b9080ab4c7414cc18933001ef1900125013c10dc82e43a0493211030e8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.citysquare.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:14:15 GMT
via: 1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
content-length: 779266
last-modified: Mon, 04 Oct 2021 17:18:19 GMT
server: cloudflare
etag: "f74eb30f14f0be7d76ce9d9f175de6f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/png
x-amz-version-id: kL81GwDEgMLK14iTauc4pJKA0wAQUXi1
accept-ranges: bytes
cf-ray: 6b65063c8c86430f-FRA
x-amz-cf-id: aVhjxPuINV9AA6RUrDlA0EaRII_oK-try8Ji7lbBtX2RldGqm9SP7w==

GET
H2 200 h
heapanalytics.com/ 37 B
258 B 284ms
92ms Image
image/gif 3.220.14.48
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1566116007&u=387803268735034&v=2211231539285426&s=6250220491295542&b=web&tv=4.0&z=0&g=%23!%2Fdonation%2Fcheckout&h=%2Fgive%2F351043%2F&q=%3Fbbeml%3Dtp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg&d=give.citysquare.org&t=Donate%20to%20Give%20to%20CitySquare&ts=1638285255132&st=1638285255135

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.220.14.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-220-14-48.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.citysquare.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 15:14:15 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

POST
H2 200 rum Show response
give.citysquare.org/cdn-cgi/ 0
216 B 14ms
14ms XHR
text/plain 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.citysquare.org/cdn-cgi/rum?

Requested by

Host: give.citysquare.org
URL: https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-b2cc489071dd4ca4----1638285255138
traceparent: 00-268f1128534aa97a21613ce68ca85d10-b2cc489071dd4ca4-01
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJiMmNjNDg5MDcxZGQ0Y2E0IiwidHIiOiIyNjhmMTEyODUzNGFhOTdhMjE2MTNjZTY4Y2E4NWQxMCIsInRpIjoxNjM4Mjg1MjU1MTM4fX0=
content-type: application/json
Referer: https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg

Response headers

date: Tue, 30 Nov 2021 15:14:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://give.citysquare.org
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 6b65063c9ccf0601-FRA
vary: Origin

POST
H2 200 csp-report
q.stripe.com/ Frame F63F 0
347 B 615ms
206ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q.stripe.com/csp-report
Requested by: Host: give.citysquare.org
URL: https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 30 Nov 2021 15:14:15 GMT
server: nginx
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
x-envoy-upstream-service-time: 6
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length: 0

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 42ms
20ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Requested by

Host: give.citysquare.org
URL: https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8ca5b0e248255ce9e81e10a3970a2d627dc55a03f5807b04560281a17720b8e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.citysquare.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 15:14:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 30 Nov 2021 15:14:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 30 Nov 2021 15:14:15 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
212 B 15ms
14ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=882578583&t=timing&_s=1&dl=https%3A%2F%2Fgive.citysquare.org%2Fgive%2F351043%2F%3Fbbeml%3Dtp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg&ul=en-us&de=UTF-8&dt=Donate%20to%20Give%20to%20CitySquare&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20latency&utv=fresh&utl=1638285254761&utt=900&_u=aEBAAEABAAAAAC~&jid=2108328706&gjid=1292120554&cid=1605340164.1638285255&tid=UA-3837893-1&_gid=541691630.1638285255&_r=1&_slc=1&cd1=75768&cd2=Classy%20Pay&cd3=0&cd4=donation&cd5=351043&cd6=campaign&cd11=recurring%20optimization&z=964288274

Requested by

Host: give.citysquare.org
URL: https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.citysquare.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 15:14:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.citysquare.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
131 B 7ms
6ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=882578583&t=timing&_s=2&dl=https%3A%2F%2Fgive.citysquare.org%2Fgive%2F351043%2F%3Fbbeml%3Dtp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg&ul=en-us&de=UTF-8&dt=Donate%20to%20Give%20to%20CitySquare&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20first%20byte&utv=fresh&utl=1638285254761&utt=1625&_u=aEBAAEABAAAAAC~&jid=&gjid=&cid=1605340164.1638285255&tid=UA-3837893-1&_gid=541691630.1638285255&cd1=75768&cd2=Classy%20Pay&cd3=0&cd4=donation&cd5=351043&cd6=campaign&cd11=recurring%20optimization&z=1156064542

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.citysquare.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 14:06:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 4087
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 7ms
7ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=882578583&t=timing&_s=3&dl=https%3A%2F%2Fgive.citysquare.org%2Fgive%2F351043%2F%3Fbbeml%3Dtp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg&ul=en-us&de=UTF-8&dt=Donate%20to%20Give%20to%20CitySquare&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20last%20byte&utv=fresh&utl=1638285254761&utt=1812&_u=aEBAAEABAAAAAC~&jid=&gjid=&cid=1605340164.1638285255&tid=UA-3837893-1&_gid=541691630.1638285255&cd1=75768&cd2=Classy%20Pay&cd3=0&cd4=donation&cd5=351043&cd6=campaign&cd11=recurring%20optimization&z=1402308485

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.citysquare.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 14:06:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 4087
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 7ms
7ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=882578583&t=timing&_s=4&dl=https%3A%2F%2Fgive.citysquare.org%2Fgive%2F351043%2F%3Fbbeml%3Dtp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg&ul=en-us&de=UTF-8&dt=Donate%20to%20Give%20to%20CitySquare&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20document%20ready&utv=fresh&utl=1638285254761&utt=2141&_u=aEBAAEABAAAAAC~&jid=&gjid=&cid=1605340164.1638285255&tid=UA-3837893-1&_gid=541691630.1638285255&cd1=75768&cd2=Classy%20Pay&cd3=0&cd4=donation&cd5=351043&cd6=campaign&cd11=recurring%20optimization&z=2106226277

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.citysquare.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 14:06:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 4087
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 8ms
7ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=882578583&t=timing&_s=5&dl=https%3A%2F%2Fgive.citysquare.org%2Fgive%2F351043%2F%3Fbbeml%3Dtp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg&ul=en-us&de=UTF-8&dt=Donate%20to%20Give%20to%20CitySquare&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20view%20rendered&utv=fresh&utl=1638285254761&utt=2947&_u=aEBAAEABAAAAAC~&jid=&gjid=&cid=1605340164.1638285255&tid=UA-3837893-1&_gid=541691630.1638285255&cd1=75768&cd2=Classy%20Pay&cd3=0&cd4=donation&cd5=351043&cd6=campaign&cd11=recurring%20optimization&z=193029726

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.citysquare.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 14:06:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 4087
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 telemetry
heapanalytics.com/api/ 37 B
259 B 217ms
92ms Image
image/gif 3.220.14.48
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/api/telemetry?a=1566116007&te=type&te=data&te=cm&te=eventPropertiesTelemetry%20-%20added%20new%20properties&te=val&te=8&st=1638285255202&hv=4.15.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.220.14.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-220-14-48.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.citysquare.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 15:14:15 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H/1.1 200
OK 67fe2a1b26 Show response
bam-cell.nr-data.net/1/ 49 B
715 B 190ms
165ms Script
text/javascript 162.247.243.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/67fe2a1b26?a=363721230&v=1212.e95d35c&to=ZV0HYUJUCEYEU0QLC1wXIE1ARwNGFlpDTSN3bEoaV1wQUEoKUwMJQlkMUl58Ah8%3D&rst=3008&ck=1&ref=https://give.citysquare.org/give/351043/&ap=271.941849&be=2137&fe=2468&dc=2466&tt=bae7d0245f3a2&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1638285252208,%22n%22:0,%22f%22:830,%22dn%22:830,%22dne%22:882,%22c%22:882,%22s%22:887,%22ce%22:900,%22rq%22:900,%22rp%22:1625,%22rpe%22:1812,%22dl%22:1628,%22di%22:1814,%22ds%22:1920,%22de%22:1920,%22dc%22:2134,%22l%22:2134,%22le%22:2141%7D,%22navigation%22:%7B%7D%7D&fp=2946&fcp=2946&jsonp=NREUM.setToken
Requested by: Host: give.citysquare.org
URL: https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.citysquare.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 15:14:15 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 6b65063d4821432d-FRA

GET
H2 200 m-outer-639174098ea8fe7fede6fa654790e8ec.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame F63F 1 KB
797 B 13ms
12ms Script
application/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-639174098ea8fe7fede6fa654790e8ec.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

6b5402ff8932ed835d39a31b75c6bc737a80f6ddcd6269a1fa53556485ca3ad8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 106
x-cache: HIT
content-length: 645
etag: "5213886b88cd72e6d0aebc89868e5d13"
x-request-id: 99b7021e-035b-48ad-9f63-20f50932afb9
x-served-by: cache-fra19138-FRA
access-control-allow-origin: *
last-modified: Mon, 25 Oct 2021 19:35:20 GMT
server: Fastly
date: Tue, 30 Nov 2021 15:14:15 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 98

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v7/ 27 KB
27 KB 35ms
7ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v7/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bfb91256f2cf5de0eb60ca3fd11c8f94d27958b0f6d95b483e67483931647aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.citysquare.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 18:01:33 GMT
x-content-type-options: nosniff
age: 508362
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27420
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:05:26 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 24 Nov 2022 18:01:33 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v7/ 27 KB
27 KB 38ms
15ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v7/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bfb91256f2cf5de0eb60ca3fd11c8f94d27958b0f6d95b483e67483931647aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.citysquare.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 18:01:33 GMT
x-content-type-options: nosniff
age: 508362
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27420
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:05:26 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 24 Nov 2022 18:01:33 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v7/ 27 KB
27 KB 33ms
17ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v7/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bfb91256f2cf5de0eb60ca3fd11c8f94d27958b0f6d95b483e67483931647aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.citysquare.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 18:01:33 GMT
x-content-type-options: nosniff
age: 508362
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27420
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:05:26 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 24 Nov 2022 18:01:33 GMT

GET
H2 200 1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v7/ 28 KB
29 KB 30ms
21ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v7/1Pttg83HX_SGhgqk2jovaqQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

056a25fd3493379aba428c8c679b68a841060e54b9bab8c65361a573ba2305ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.citysquare.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 04:10:12 GMT
x-content-type-options: nosniff
age: 385443
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29144
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:05:42 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 26 Nov 2022 04:10:12 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
442 B 42ms
14ms XHR
text/plain 2a00:1450:400c:c0a::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-3837893-1&cid=1605340164.1638285255&jid=2108328706&gjid=1292120554&_gid=541691630.1638285255&_u=aEBAAEAAAAAAAC~&z=106610030

Requested by

Host: give.citysquare.org
URL: https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.citysquare.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 30 Nov 2021 15:14:15 GMT
content-type: text/plain
access-control-allow-origin: https://give.citysquare.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v7/ 28 KB
28 KB 29ms
15ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v7/1Pttg83HX_SGhgqk2jovaqQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

056a25fd3493379aba428c8c679b68a841060e54b9bab8c65361a573ba2305ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.citysquare.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 04:10:12 GMT
x-content-type-options: nosniff
age: 385443
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29144
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:05:42 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 26 Nov 2022 04:10:12 GMT

GET
H3 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v7/ 27 KB
27 KB 26ms
13ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v7/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bfb91256f2cf5de0eb60ca3fd11c8f94d27958b0f6d95b483e67483931647aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.citysquare.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 18:01:33 GMT
x-content-type-options: nosniff
age: 508362
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27420
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:05:26 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 24 Nov 2022 18:01:33 GMT

GET
H3 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v7/ 27 KB
27 KB 21ms
8ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v7/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bfb91256f2cf5de0eb60ca3fd11c8f94d27958b0f6d95b483e67483931647aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.citysquare.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 18:01:33 GMT
x-content-type-options: nosniff
age: 508362
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27420
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:05:26 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 24 Nov 2022 18:01:33 GMT

GET
H2 200 jquery-3.3.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 87ms
27ms Script
application/javascript 2001:4de0:ac18::1:a:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.min.js
Requested by: Host: give.citysquare.org
URL: https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Referer: https://give.citysquare.org/
Origin: https://give.citysquare.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:14:15 GMT
content-encoding: gzip
last-modified: Sat, 20 Jan 2018 17:26:44 GMT
server: nginx
etag: W/"5a637bd4-1538f"
vary: Accept-Encoding
x-hw: 1638285255.dop027.ml1.t,1638285255.cds213.ml1.hn,1638285255.cds213.ml1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30288

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/10df06bb/www-widgetapi.vflset/ 146 KB
48 KB 25ms
10ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/10df06bb/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: give.citysquare.org
URL: https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7baeed670b9dfe277223ef349839f35391de32a5c4df26f241c90c1d878a30fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.citysquare.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 11:37:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12992
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48723
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 14:49:27 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 30 Nov 2022 11:37:43 GMT

GET
H/1.1 200
OK widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html Show response
platform.twitter.com/widgets/ Frame 49C2 319 KB
103 KB 22ms
21ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fgive.citysquare.org
Requested by: Host: give.citysquare.org
URL: https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE7) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://give.citysquare.org/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1093569
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Tue, 30 Nov 2021 15:14:15 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Mon, 18 Oct 2021 18:32:00 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (mil/6CE7)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 7570 932 B
1 KB 37ms
11ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-639174098ea8fe7fede6fa654790e8ec.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ed34a59f182c66e2b25c602f3c9b0f21435a8f475d5dbc9e6830ff4c7929f5cd

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://m.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; media-src 'none'; object-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: max-age=300, public
content-security-policy: connect-src 'self' https://m.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; media-src 'none'; object-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://m.stripe.com; default-src 'none'; font-src 'self'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; script-src 'self' 'sha256-Qj6AdMOUjZkBBUTjGW/OORBoqx2Pohcq8Bg/ZvZzgYw='; style-src 'self'; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: Fastly
content-encoding: gzip
accept-ranges: bytes
date: Tue, 30 Nov 2021 15:14:15 GMT
via: 1.1 varnish
age: 34
x-request-id: 4a1fe130-d2c3-4f50-8e95-4cc4f390481d
x-served-by: cache-fra19138-FRA
x-cache: HIT
x-cache-hits: 23
x-timer: S1638285255.351845,VS0,VE0
vary: Accept-Encoding, Origin
content-length: 528

GET
H2 200 plaid Show response
pay.classy.org/token/ 88 B
457 B 314ms
313ms XHR
application/json 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/plaid?applicationId=16770&currency=EUR

Requested by

Host: give.citysquare.org
URL: https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86cb276d0550d189e7dad4800fbbcfe7b5312f7845e0e711115d5aad589b5d27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://give.citysquare.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:14:15 GMT
via: 1.1 91dc0292eef4e22508a3ae73fe64bbf5.cloudfront.net (CloudFront)
x-classypay-version: 1
cf-cache-status: DYNAMIC
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
x-classypay-requestid: b1c547c5-862e-477b-b9a3-b27d1c1bcfc6
content-encoding: br
vary: Accept-Encoding
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 6b65063e1bf05c62-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
x-amz-cf-id: t616aQ5AQCv2Zo473svhIWbiK621mobu65Q9WlXN5au41_ZS6FCihg==

POST
H2 200 csp-report
q.stripe.com/ Frame 7570 0
121 B 516ms
342ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: give.citysquare.org
URL: https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 30 Nov 2021 15:14:15 GMT
x-envoy-upstream-service-time: 142
server: nginx
content-length: 0
strict-transport-security: max-age=31556926; includeSubDomains; preload

POST
H2 200 csp-report
q.stripe.com/ Frame 7570 0
121 B 525ms
351ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: give.citysquare.org
URL: https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 30 Nov 2021 15:14:15 GMT
x-envoy-upstream-service-time: 151
server: nginx
content-length: 0
strict-transport-security: max-age=31556926; includeSubDomains; preload

GET
H2 200 out-4.5.41.js Show response
m.stripe.network/ Frame 7570 85 KB
16 KB 16ms
16ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.41.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a2f6b81396ab1150effea054efbf1623212ea0419976389ce8f10e909d39e4c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 96
x-cache: HIT
content-length: 15786
x-request-id: 4e0aba67-b184-484d-917e-011b3ca5864a
x-served-by: cache-fra19138-FRA
server: Fastly
x-timer: S1638285255.395604,VS0,VE0
date: Tue, 30 Nov 2021 15:14:15 GMT
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 70

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 49C2 232 B
449 B 188ms
173ms Fetch
application/json 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=baede4a152863cf1e2c778a5e99383ed62132a41

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fgive.citysquare.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-response-time: 167
date: Tue, 30 Nov 2021 15:14:14 GMT
content-encoding: gzip
last-modified: Tue, 30 Nov 2021 15:14:15 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 5846d78d8cb6035fd31af04ba0bb62ea98442e4b048dd4d216f6ccc2ebdfbfc2
content-length: 166

GET
H2 200 iframeResizer-6bb8ec1b02.js Show response
give.citysquare.org/sso/ssobuild/js/ 34 KB
9 KB 523ms
523ms XHR
application/javascript 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.citysquare.org/sso/ssobuild/js/iframeResizer-6bb8ec1b02.js

Requested by

Host: give.citysquare.org
URL: https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a420d3aaef8542c2952614ab83b697fcb3d1c57c7728b3565876611b5f06ef7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-326213055b1b11e6----1638285255433
traceparent: 00-3c2b043982691d53e8b80ba71383a600-326213055b1b11e6-01
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIzMjYyMTMwNTViMWIxMWU2IiwidHIiOiIzYzJiMDQzOTgyNjkxZDUzZThiODBiYTcxMzgzYTYwMCIsInRpIjoxNjM4Mjg1MjU1NDMzfX0=
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg
X-Requested-With: XMLHttpRequest

Response headers

date: Tue, 30 Nov 2021 15:14:15 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 22 Nov 2021 20:03:54 GMT
server: cloudflare
etag: W/"619bf7aa-893d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
strict-transport-security: max-age=15552000; includeSubDomains
cf-ray: 6b65063e79260601-FRA
expires: Wed, 30 Nov 2022 15:14:15 GMT

GET
H2 200 plugin_settings Show response
doublethedonation.com/api/v1/ 378 B
408 B 291ms
97ms XHR
application/json 23.96.109.67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://doublethedonation.com/api/v1/plugin_settings?customer_id=FmV8yf0tMU7deIUt

Requested by

Host: give.citysquare.org
URL: https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

23.96.109.67 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

d512a0aaa9babc16d865cecea1d2615a23e87261b812b08c623ec67053d3df15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.citysquare.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:14:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: nginx
x-frame-options: sameorigin
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true

POST
H2 200 6 Show response
m.stripe.com/ Frame 7570 156 B
517 B 594ms
206ms XHR
text/plain 52.42.231.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.41.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.42.231.203 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-42-231-203.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

0e6772931af7fcb07110ebd7ef927a9b881f95133df4b8a6c540a99b352e1fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 30 Nov 2021 15:14:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
strict-transport-security: max-age=31556926; includeSubDomains; preload
access-control-allow-headers: Content-Type

GET
H2 200 stripe Show response
pay.classy.org/token/ 99 B
778 B 309ms
309ms XHR
application/json 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/stripe?applicationId=16770&currency=EUR

Requested by

Host: give.citysquare.org
URL: https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13b3aa435f746f2f1a6fed44d309180920a10ec6ad2246962c61694460bae445

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://give.citysquare.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:14:15 GMT
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
x-classypay-version: 1
cf-cache-status: DYNAMIC
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
x-classypay-requestid: 01bbe1de-1d15-4202-bf52-c30aeeb28a1d
content-encoding: br
vary: Accept-Encoding
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 6b65063f8fae5c62-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
x-amz-cf-id: QYFUZfwq-aEl3QJjvTDKEHyyXlPEznuhx7YoNk1UQzNuePDm6H_SpQ==

GET
H2 200 dropdown-caret.png
prod-frs.content.classy.org/prod/15473/static/global/images/ 394 B
509 B 35ms
35ms Image
image/webp 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/15473/static/global/images/dropdown-caret.png

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/15473/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9dc9f15be9644fe661ed74493a4de393418024500fe78cf633bac0a86f29a745

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prod-frs.content.classy.org/prod/15473/static/frs/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:14:15 GMT
vary: Accept
cf-cache-status: HIT
age: 52097
cf-polished: origFmt=png, origSize=547
cf-ray: 6b65063fcc96430f-FRA
content-disposition: inline; filename="dropdown-caret.webp"
content-length: 394
x-amz-id-2: 8kJHdIaD+51eFrj0Lp+m3sdcdYEnNiNsAsf8u3o13+V5wl0W8aspVrhlIOQuHLW7aJG0fNxy2us=
last-modified: Fri, 19 Nov 2021 00:22:22 GMT
server: cloudflare
etag: "43da60879cfe0801ed7fc830a628885c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-amz-request-id: 26V2R9A6HXG39J58
cache-control: max-age=86400
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=882578583&t=timing&_s=6&dl=https%3A%2F%2Fgive.citysquare.org%2Fgive%2F351043%2F%3Fbbeml%3Dtp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg&ul=en-us&de=UTF-8&dt=Donate%20to%20Give%20to%20CitySquare&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20fully%20loaded&utv=fresh&utl=1638285254761&utt=3444&_u=aEBAAEABAAAAAC~&jid=&gjid=&cid=1605340164.1638285255&tid=UA-3837893-1&_gid=541691630.1638285255&cd1=75768&cd2=Classy%20Pay&cd3=0&cd4=donation&cd5=351043&cd6=campaign&cd11=recurring%20optimization&z=1847209082

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.citysquare.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:41:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 48786
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 controller-77c34e28b53cd0494db7d5f9357230bd.html Show response
js.stripe.com/v3/ Frame 23E3 349 B
621 B 6ms
6ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-77c34e28b53cd0494db7d5f9357230bd.html

Requested by

Host: give.citysquare.org
URL: https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

977d4c7fb8ee2ee630953d2d4477987261fca8f7152214a2416d1731e937bef5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://give.citysquare.org/

Response headers

last-modified: Mon, 22 Nov 2021 23:04:58 GMT
etag: "77c34e28b53cd0494db7d5f9357230bd"
content-type: text/html; charset=utf-8
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self'; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Tue, 30 Nov 2021 15:14:15 GMT
via: 1.1 varnish
age: 65
x-request-id: bdb42930-d0ff-41df-94e3-fb911616d79e
x-served-by: cache-fra19138-FRA
x-cache: HIT
x-cache-hits: 20
vary: Accept-Encoding
timing-allow-origin: *
cache-control: max-age=60
content-length: 167

GET
H2 200 payment-request-inner-google-pay-7f72fd08dad8c7161035881a111dc4fd.html Show response
js.stripe.com/v3/ Frame E4E4 434 B
573 B 7ms
6ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-7f72fd08dad8c7161035881a111dc4fd.html

Requested by

Host: give.citysquare.org
URL: https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

23298ea5b1b364d0024bfcf8d568a74cdc5d878ce7e775d33a4a138d4187c73d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; script-src 'self' https://pay.google.com; style-src 'self' 'unsafe-inline'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://give.citysquare.org/

Response headers

last-modified: Mon, 22 Nov 2021 23:04:58 GMT
etag: "7f72fd08dad8c7161035881a111dc4fd"
content-type: text/html; charset=utf-8
content-security-policy: default-src 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; script-src 'self' https://pay.google.com; style-src 'self' 'unsafe-inline'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Tue, 30 Nov 2021 15:14:15 GMT
via: 1.1 varnish
age: 15
x-request-id: 04e98eae-6cf2-4800-91d3-1327382c3cff
x-served-by: cache-fra19138-FRA
x-cache: HIT
x-cache-hits: 2
vary: Accept-Encoding
timing-allow-origin: *
cache-control: max-age=60
content-length: 197

GET
H2 200 payment-request-inner-browser-3fbcb9f758a65fc8ada974c508ee46e3.html Show response
js.stripe.com/v3/ Frame 3F9C 370 B
616 B 6ms
6ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-3fbcb9f758a65fc8ada974c508ee46e3.html

Requested by

Host: give.citysquare.org
URL: https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

4b97e91ac72561607ea5a78499557efd7fddfaacf5debac0799774e299cd8fa9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; font-src data: https:; media-src 'none'; object-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://give.citysquare.org/

Response headers

last-modified: Mon, 22 Nov 2021 23:04:45 GMT
etag: "3fbcb9f758a65fc8ada974c508ee46e3"
content-type: text/html; charset=utf-8
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; font-src data: https:; media-src 'none'; object-src 'self'; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Tue, 30 Nov 2021 15:14:15 GMT
via: 1.1 varnish
age: 45
x-request-id: 1ded62bc-1dae-468c-be73-084743b584e2
x-served-by: cache-fra19138-FRA
x-cache: HIT
x-cache-hits: 5
vary: Accept-Encoding
timing-allow-origin: *
cache-control: max-age=60
content-length: 178

POST
H2 200 csp-report
q.stripe.com/ Frame 23E3 0
346 B 203ms
203ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q.stripe.com/csp-report
Requested by: Host: give.citysquare.org
URL: https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 30 Nov 2021 15:14:16 GMT
server: nginx
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
x-envoy-upstream-service-time: 2
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length: 0

POST
H2 200 csp-report
q.stripe.com/ Frame E4E4 0
346 B 203ms
202ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q.stripe.com/csp-report
Requested by: Host: give.citysquare.org
URL: https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 30 Nov 2021 15:14:16 GMT
server: nginx
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
x-envoy-upstream-service-time: 2
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 3F9C 0
346 B 201ms
201ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q.stripe.com/csp-report
Requested by: Host: give.citysquare.org
URL: https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 30 Nov 2021 15:14:16 GMT
server: nginx
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
x-envoy-upstream-service-time: 1
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length: 0

GET
H2 200 shared-ed90f8b5099bf79cfd8c7e5a6dc49aad.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 23E3 197 KB
49 KB 8ms
7ms Script
application/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-ed90f8b5099bf79cfd8c7e5a6dc49aad.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-77c34e28b53cd0494db7d5f9357230bd.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

67678086b6f37a8e5067b4969fd3a67b279b1a22180c56b4c99eb0301ad35684

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-77c34e28b53cd0494db7d5f9357230bd.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 93
x-cache: HIT
content-length: 49518
etag: "28692a0a45957b271f8ce08aa7681a5b"
x-request-id: 79c8ff16-05b2-4880-84cd-737dbf21b447
x-served-by: cache-fra19138-FRA
access-control-allow-origin: *
last-modified: Mon, 22 Nov 2021 23:04:45 GMT
server: Fastly
date: Tue, 30 Nov 2021 15:14:15 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 40

GET
H2 200 controller-8efca5dab26db7c676332065c6f1618a.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 23E3 306 KB
78 KB 14ms
14ms Script
application/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-8efca5dab26db7c676332065c6f1618a.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-77c34e28b53cd0494db7d5f9357230bd.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

7aed446f8efe3b0b8b7afd7a01832d250c9d8ef6f4f6159198ec99950c6d964b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-77c34e28b53cd0494db7d5f9357230bd.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 19
x-cache: HIT
content-length: 79489
etag: "bb503c4083cd22f61226b1ab8f5ebc30"
x-request-id: bcf529af-aa34-4323-bbb7-4af8924e2df9
x-served-by: cache-fra19138-FRA
access-control-allow-origin: *
last-modified: Mon, 22 Nov 2021 23:04:50 GMT
server: Fastly
date: Tue, 30 Nov 2021 15:14:15 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 7

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame E4E4 95 KB
31 KB 92ms
62ms Script
application/javascript 2a00:1450:400c:c08::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-7f72fd08dad8c7161035881a111dc4fd.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

658d3728e3878a01e5a054d6ba34ca6c574e7320933b9b9d46ad370465b8cca7

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-6YU8+qgdGROWaQ4RFqQ/sw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-6YU8+qgdGROWaQ4RFqQ/sw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:14:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
cross-origin-opener-policy: same-origin; report-to="InstantbuyFrontendHttp"
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"InstantbuyFrontendHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendHttp/external"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-6YU8+qgdGROWaQ4RFqQ/sw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-6YU8+qgdGROWaQ4RFqQ/sw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport
expires: Tue, 30 Nov 2021 15:14:16 GMT

GET
H2 200 shared-ed90f8b5099bf79cfd8c7e5a6dc49aad.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame E4E4 197 KB
48 KB 14ms
13ms Script
application/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-ed90f8b5099bf79cfd8c7e5a6dc49aad.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-7f72fd08dad8c7161035881a111dc4fd.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

67678086b6f37a8e5067b4969fd3a67b279b1a22180c56b4c99eb0301ad35684

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-7f72fd08dad8c7161035881a111dc4fd.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 93
x-cache: HIT
content-length: 49518
etag: "28692a0a45957b271f8ce08aa7681a5b"
x-request-id: c0100a49-932a-4b9a-9bad-d64c6d2ac32c
x-served-by: cache-fra19138-FRA
access-control-allow-origin: *
last-modified: Mon, 22 Nov 2021 23:04:45 GMT
server: Fastly
date: Tue, 30 Nov 2021 15:14:15 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 41

GET
H2 200 payment-request-inner-google-pay-4645f70b2486dff134650d5d522fad20.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame E4E4 13 KB
4 KB 20ms
20ms Script
application/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-4645f70b2486dff134650d5d522fad20.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-7f72fd08dad8c7161035881a111dc4fd.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

032b2cd62ca53bd3edf67462afb364442044e4338d4eedf1269375bc238682d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-7f72fd08dad8c7161035881a111dc4fd.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 64
x-cache: HIT
content-length: 4367
etag: "e54b5138e0469d998089f7239d6f9aeb"
x-request-id: 39905b19-386c-4f6d-906f-5d5fd7ff9e75
x-served-by: cache-fra19138-FRA
access-control-allow-origin: *
last-modified: Wed, 10 Nov 2021 20:01:25 GMT
server: Fastly
date: Tue, 30 Nov 2021 15:14:15 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 5

GET
H2 200 shared-ed90f8b5099bf79cfd8c7e5a6dc49aad.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 3F9C 197 KB
49 KB 20ms
20ms Script
application/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-ed90f8b5099bf79cfd8c7e5a6dc49aad.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-3fbcb9f758a65fc8ada974c508ee46e3.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

67678086b6f37a8e5067b4969fd3a67b279b1a22180c56b4c99eb0301ad35684

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-3fbcb9f758a65fc8ada974c508ee46e3.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 93
x-cache: HIT
content-length: 49518
etag: "28692a0a45957b271f8ce08aa7681a5b"
x-request-id: 309d0f36-5569-482f-8fff-0f049cad7c6b
x-served-by: cache-fra19138-FRA
access-control-allow-origin: *
last-modified: Mon, 22 Nov 2021 23:04:45 GMT
server: Fastly
date: Tue, 30 Nov 2021 15:14:15 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 42

GET
H2 200 payment-request-inner-browser-f2a776258b5d03fabd63ccb663dcf89a.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 3F9C 11 KB
4 KB 20ms
20ms Script
application/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-f2a776258b5d03fabd63ccb663dcf89a.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-3fbcb9f758a65fc8ada974c508ee46e3.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

71a55578d53e666ef644669139972f47092d97114a67c8b251f155ef6c19c15d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-3fbcb9f758a65fc8ada974c508ee46e3.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 91
x-cache: HIT
content-length: 4063
etag: "10d818482d8e44820136b10d6f9b02e4"
x-request-id: 6fcd2377-2d39-4109-a330-84d6531c9084
x-served-by: cache-fra19138-FRA
access-control-allow-origin: *
last-modified: Mon, 25 Oct 2021 19:35:22 GMT
server: Fastly
date: Tue, 30 Nov 2021 15:14:15 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 13

GET
H2 200 status Show response
give.citysquare.org/sso/ 89 B
1 KB 449ms
449ms XHR
application/javascript 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.citysquare.org/sso/status?client_id=hkDllBPffAW7sKhdYbpNc5PrwMIVbh&callback=jQuery33105063589486865148_1638285255431&_=1638285255432

Requested by

Host: give.citysquare.org
URL: https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/5.6.40

Resource Hash

8f905338cfcab34eacf6e12892762095e7d8b74e9bf6e7bf9b6cff866a8d6dc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-7666d657aea8df21----1638285255969
traceparent: 00-f71cd75ffeccd575d4ab944bddfa5e60-7666d657aea8df21-01
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI3NjY2ZDY1N2FlYThkZjIxIiwidHIiOiJmNzFjZDc1ZmZlY2NkNTc1ZDRhYjk0NGJkZGZhNWU2MCIsInRpIjoxNjM4Mjg1MjU1OTY5fX0=
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg
X-Requested-With: XMLHttpRequest

Response headers

cf-ray: 6b650641c82d0601-FRA
date: Tue, 30 Nov 2021 15:14:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/5.6.40
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
p3p: CP="Classy does not have a P3P policy."
cache-control: no-cache
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
x-xss-protection: 1; mode=block

POST
H2 200 0 Show response
r.stripe.com/ Frame 23E3 0
213 B 208ms
201ms XHR
application/octet-stream 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ed90f8b5099bf79cfd8c7e5a6dc49aad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 30 Nov 2021 15:14:16 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 23E3 0
213 B 201ms
201ms XHR
application/octet-stream 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ed90f8b5099bf79cfd8c7e5a6dc49aad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 30 Nov 2021 15:14:16 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 23E3 0
213 B 201ms
200ms XHR
application/octet-stream 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ed90f8b5099bf79cfd8c7e5a6dc49aad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 30 Nov 2021 15:14:16 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 23E3 0
213 B 296ms
296ms XHR
application/octet-stream 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ed90f8b5099bf79cfd8c7e5a6dc49aad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 30 Nov 2021 15:14:16 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 23E3 0
213 B 297ms
297ms XHR
application/octet-stream 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ed90f8b5099bf79cfd8c7e5a6dc49aad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 30 Nov 2021 15:14:16 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 4
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 23E3 0
213 B 296ms
296ms XHR
application/octet-stream 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ed90f8b5099bf79cfd8c7e5a6dc49aad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 30 Nov 2021 15:14:16 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 23E3 0
213 B 296ms
296ms XHR
application/octet-stream 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ed90f8b5099bf79cfd8c7e5a6dc49aad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 30 Nov 2021 15:14:16 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 23E3 0
213 B 295ms
295ms XHR
application/octet-stream 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ed90f8b5099bf79cfd8c7e5a6dc49aad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 30 Nov 2021 15:14:16 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 23E3 0
213 B 295ms
295ms XHR
application/octet-stream 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ed90f8b5099bf79cfd8c7e5a6dc49aad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 30 Nov 2021 15:14:16 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 23E3 0
213 B 291ms
290ms XHR
application/octet-stream 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ed90f8b5099bf79cfd8c7e5a6dc49aad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 30 Nov 2021 15:14:16 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 4
content-length: 0

GET
H3 200 payframe Show response
pay.google.com/gp/p/ui/ Frame A086 17 KB
7 KB 83ms
68ms Document
text/html 2a00:1450:400c:c08::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c08::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6f465e3c3a2dbcb5cc80eaff7f9afa6656ecd0dba5cfc9ea8a1813a72147cdae

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-C/BNaR/8Z4dDw8a+kS05ew' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-C/BNaR/8Z4dDw8a+kS05ew' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/

Response headers

content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
expires: Tue, 30 Nov 2021 15:14:16 GMT
date: Tue, 30 Nov 2021 15:14:16 GMT
cache-control: private, max-age=3600
strict-transport-security: max-age=31536000
cross-origin-opener-policy: same-origin; report-to="InstantbuyFrontendBuyflowPayframeUi"
content-security-policy: script-src 'report-sample' 'nonce-C/BNaR/8Z4dDw8a+kS05ew' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-C/BNaR/8Z4dDw8a+kS05ew' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
report-to: {"group":"InstantbuyFrontendBuyflowPayframeUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendBuyflowPayframeUi/external"}]}
cross-origin-resource-policy: same-site
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 payment-request-inner-google-pay-7f72fd08dad8c7161035881a111dc4fd.html Show response
js.stripe.com/v3/ Frame C5B6 434 B
658 B 6ms
6ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-7f72fd08dad8c7161035881a111dc4fd.html

Requested by

Host: give.citysquare.org
URL: https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

23298ea5b1b364d0024bfcf8d568a74cdc5d878ce7e775d33a4a138d4187c73d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; script-src 'self' https://pay.google.com; style-src 'self' 'unsafe-inline'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://give.citysquare.org/

Response headers

last-modified: Mon, 22 Nov 2021 23:04:58 GMT
etag: "7f72fd08dad8c7161035881a111dc4fd"
content-type: text/html; charset=utf-8
content-security-policy: default-src 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; script-src 'self' https://pay.google.com; style-src 'self' 'unsafe-inline'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Tue, 30 Nov 2021 15:14:16 GMT
via: 1.1 varnish
age: 16
x-request-id: eb9ede57-c7b1-4907-8c0c-80859309bcae
x-served-by: cache-fra19138-FRA
x-cache: HIT
x-cache-hits: 3
vary: Accept-Encoding
timing-allow-origin: *
cache-control: max-age=60
content-length: 197

GET
H2 200 payment-request-inner-browser-3fbcb9f758a65fc8ada974c508ee46e3.html Show response
js.stripe.com/v3/ Frame D942 370 B
593 B 6ms
6ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-3fbcb9f758a65fc8ada974c508ee46e3.html

Requested by

Host: give.citysquare.org
URL: https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

4b97e91ac72561607ea5a78499557efd7fddfaacf5debac0799774e299cd8fa9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; font-src data: https:; media-src 'none'; object-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://give.citysquare.org/

Response headers

last-modified: Mon, 22 Nov 2021 23:04:45 GMT
etag: "3fbcb9f758a65fc8ada974c508ee46e3"
content-type: text/html; charset=utf-8
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; font-src data: https:; media-src 'none'; object-src 'self'; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Tue, 30 Nov 2021 15:14:16 GMT
via: 1.1 varnish
age: 45
x-request-id: a22380e9-6707-41cf-bf3f-6540a0a5e296
x-served-by: cache-fra19138-FRA
x-cache: HIT
x-cache-hits: 6
vary: Accept-Encoding
timing-allow-origin: *
cache-control: max-age=60
content-length: 178

POST
H2 200 0 Show response
r.stripe.com/ Frame 23E3 0
213 B 207ms
207ms XHR
application/octet-stream 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ed90f8b5099bf79cfd8c7e5a6dc49aad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 30 Nov 2021 15:14:16 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 23E3 0
213 B 207ms
206ms XHR
application/octet-stream 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ed90f8b5099bf79cfd8c7e5a6dc49aad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 30 Nov 2021 15:14:16 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 23E3 0
213 B 208ms
208ms XHR
application/octet-stream 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ed90f8b5099bf79cfd8c7e5a6dc49aad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 30 Nov 2021 15:14:16 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 23E3 0
213 B 210ms
210ms XHR
application/octet-stream 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ed90f8b5099bf79cfd8c7e5a6dc49aad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 30 Nov 2021 15:14:16 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 23E3 0
213 B 210ms
210ms XHR
application/octet-stream 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ed90f8b5099bf79cfd8c7e5a6dc49aad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 30 Nov 2021 15:14:16 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
content-length: 0

POST
H2 200 csp-report
q.stripe.com/ Frame C5B6 0
347 B 218ms
218ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q.stripe.com/csp-report
Requested by: Host: give.citysquare.org
URL: https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 30 Nov 2021 15:14:16 GMT
server: nginx
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
x-envoy-upstream-service-time: 16
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length: 0

POST
H2 200 csp-report
q.stripe.com/ Frame D942 0
346 B 204ms
204ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q.stripe.com/csp-report
Requested by: Host: give.citysquare.org
URL: https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 30 Nov 2021 15:14:16 GMT
server: nginx
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
x-envoy-upstream-service-time: 2
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length: 0

POST
H/1.1 200
OK 67fe2a1b26 Show response
bam-cell.nr-data.net/events/1/ 24 B
507 B 143ms
143ms XHR
image/gif 162.247.243.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/events/1/67fe2a1b26?a=363721230&v=1212.e95d35c&to=ZV0HYUJUCEYEU0QLC1wXIE1ARwNGFlpDTSN3bEoaV1wQUEoKUwMJQlkMUl58Ah8%3D&rst=3936&ck=1&ref=https://give.citysquare.org/give/351043/
Requested by: Host: give.citysquare.org
URL: https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://give.citysquare.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
content-type: text/plain

Response headers

Date: Tue, 30 Nov 2021 15:14:16 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://give.citysquare.org
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 6b650642ef00432d-FRA
Content-Length: 24

GET
H3 200 pay.js Show response
pay.google.com/gp/p/js/ Frame C5B6 95 KB
30 KB 62ms
62ms Script
application/javascript 2a00:1450:400c:c08::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-7f72fd08dad8c7161035881a111dc4fd.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c08::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

658d3728e3878a01e5a054d6ba34ca6c574e7320933b9b9d46ad370465b8cca7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-owv84fcWzd2XSMpz4F7n6w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-owv84fcWzd2XSMpz4F7n6w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:14:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin; report-to="InstantbuyFrontendHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"InstantbuyFrontendHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendHttp/external"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-owv84fcWzd2XSMpz4F7n6w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-owv84fcWzd2XSMpz4F7n6w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Tue, 30 Nov 2021 15:14:16 GMT

GET
H2 200 shared-ed90f8b5099bf79cfd8c7e5a6dc49aad.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame C5B6 197 KB
48 KB 7ms
6ms Script
application/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-ed90f8b5099bf79cfd8c7e5a6dc49aad.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-7f72fd08dad8c7161035881a111dc4fd.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

67678086b6f37a8e5067b4969fd3a67b279b1a22180c56b4c99eb0301ad35684

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-7f72fd08dad8c7161035881a111dc4fd.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 94
x-cache: HIT
content-length: 49518
etag: "28692a0a45957b271f8ce08aa7681a5b"
x-request-id: 8fec13a0-d596-42ae-92f5-1365e0e51496
x-served-by: cache-fra19138-FRA
access-control-allow-origin: *
last-modified: Mon, 22 Nov 2021 23:04:45 GMT
server: Fastly
date: Tue, 30 Nov 2021 15:14:16 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 43

GET
H2 200 payment-request-inner-google-pay-4645f70b2486dff134650d5d522fad20.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame C5B6 13 KB
5 KB 12ms
12ms Script
application/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-4645f70b2486dff134650d5d522fad20.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-7f72fd08dad8c7161035881a111dc4fd.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

032b2cd62ca53bd3edf67462afb364442044e4338d4eedf1269375bc238682d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-7f72fd08dad8c7161035881a111dc4fd.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 65
x-cache: HIT
content-length: 4367
etag: "e54b5138e0469d998089f7239d6f9aeb"
x-request-id: 71412968-33df-4626-a0da-b2023930644e
x-served-by: cache-fra19138-FRA
access-control-allow-origin: *
last-modified: Wed, 10 Nov 2021 20:01:25 GMT
server: Fastly
date: Tue, 30 Nov 2021 15:14:16 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 6

GET
H2 200 shared-ed90f8b5099bf79cfd8c7e5a6dc49aad.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame D942 197 KB
49 KB 13ms
12ms Script
application/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-ed90f8b5099bf79cfd8c7e5a6dc49aad.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-3fbcb9f758a65fc8ada974c508ee46e3.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

67678086b6f37a8e5067b4969fd3a67b279b1a22180c56b4c99eb0301ad35684

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-3fbcb9f758a65fc8ada974c508ee46e3.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 94
x-cache: HIT
content-length: 49518
etag: "28692a0a45957b271f8ce08aa7681a5b"
x-request-id: ffda4519-3c28-4d9c-a3fe-a4e04f198dfa
x-served-by: cache-fra19138-FRA
access-control-allow-origin: *
last-modified: Mon, 22 Nov 2021 23:04:45 GMT
server: Fastly
date: Tue, 30 Nov 2021 15:14:16 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 44

GET
H2 200 payment-request-inner-browser-f2a776258b5d03fabd63ccb663dcf89a.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame D942 11 KB
4 KB 12ms
12ms Script
application/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-f2a776258b5d03fabd63ccb663dcf89a.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-3fbcb9f758a65fc8ada974c508ee46e3.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

71a55578d53e666ef644669139972f47092d97114a67c8b251f155ef6c19c15d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-3fbcb9f758a65fc8ada974c508ee46e3.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 91
x-cache: HIT
content-length: 4063
etag: "10d818482d8e44820136b10d6f9b02e4"
x-request-id: 6ed7e7db-01c7-4f14-aade-79b490a9c805
x-served-by: cache-fra19138-FRA
access-control-allow-origin: *
last-modified: Mon, 25 Oct 2021 19:35:22 GMT
server: Fastly
date: Tue, 30 Nov 2021 15:14:16 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 14

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame A086 2 KB
2 KB 13ms
13ms Other
text/html 2a00:1450:400c:c08::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: give.citysquare.org
URL: https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c08::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 30 Nov 2021 15:14:16 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ApSbr_QkfPA.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AM... Frame A086 146 KB
52 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ApSbr_QkfPA.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrg0eTynB-peqHVId6KnLPrFiB487A/m=_b,_tp

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37c5dbca7ed6a5431e52fc5e2a6f8e7ecf26c8151a82f8de4bdd3a5cc415a538

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 17:21:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78753
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52641
x-xss-protection: 0
last-modified: Wed, 24 Nov 2021 21:26:54 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
expires: Tue, 29 Nov 2022 17:21:43 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ApSbr_QkfPA.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.WnW... Frame A086 36 KB
13 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ApSbr_QkfPA.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.WnWUPV9Q3DI.L.B1.O/am=BgAC/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrgzPWViFzXbGfOsPrvdBlwDXSig5g/m=byfTOb,lsjVmc,LEikZe

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ApSbr_QkfPA.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrg0eTynB-peqHVId6KnLPrFiB487A/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5c176ff9dfc4e48befc7214eb8d8b4829e09d2f93646b1497564baafe40524d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 17:22:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78707
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13441
x-xss-protection: 0
last-modified: Wed, 24 Nov 2021 01:32:06 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
expires: Tue, 29 Nov 2022 17:22:29 GMT

GET
H3 200 m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ApSbr_QkfPA.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.WnW... Frame A086 73 KB
27 KB 22ms
10ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ApSbr_QkfPA.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.WnWUPV9Q3DI.L.B1.O/am=BgAC/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrgzPWViFzXbGfOsPrvdBlwDXSig5g/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ApSbr_QkfPA.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrg0eTynB-peqHVId6KnLPrFiB487A/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa1a079d2e43462d68ab4e4dee9d28fe1c073ce16389de714e42c8b00d554aae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 17:22:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78707
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27479
x-xss-protection: 0
last-modified: Wed, 24 Nov 2021 01:32:06 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
expires: Tue, 29 Nov 2022 17:22:29 GMT

GET
H3 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 3F86 17 KB
7 KB 66ms
65ms Document
text/html 2a00:1450:400c:c08::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c08::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7d1e50bddebcae853734f63787806711035fe1217355300e1ff3e71683131887

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MnhOyg52k7Epu94MWb5loA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-MnhOyg52k7Epu94MWb5loA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/

Response headers

content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
expires: Tue, 30 Nov 2021 15:14:16 GMT
date: Tue, 30 Nov 2021 15:14:16 GMT
cache-control: private, max-age=3600
strict-transport-security: max-age=31536000
cross-origin-resource-policy: same-site
content-security-policy: script-src 'report-sample' 'nonce-MnhOyg52k7Epu94MWb5loA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-MnhOyg52k7Epu94MWb5loA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
cross-origin-opener-policy: same-origin; report-to="InstantbuyFrontendBuyflowPayframeUi"
report-to: {"group":"InstantbuyFrontendBuyflowPayframeUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendBuyflowPayframeUi/external"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame A086 49 KB
20 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ApSbr_QkfPA.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.WnWUPV9Q3DI.L.B1.O/am=BgAC/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrgzPWViFzXbGfOsPrvdBlwDXSig5g/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 789
date: Tue, 30 Nov 2021 15:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 30 Nov 2021 17:01:07 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame A086 1 MB
337 KB 65ms
65ms XHR
text/html 2a00:1450:400c:c08::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ApSbr_QkfPA.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrg0eTynB-peqHVId6KnLPrFiB487A/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c08::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1b17d0172ad7a0ec261d4a6722ab82773c648bbf8452495a7ceac6e36a75d846

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vZ7hg4ALrCm/DmutaDEQ3A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-vZ7hg4ALrCm/DmutaDEQ3A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:14:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
cross-origin-resource-policy: same-site
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge
server: ESF
cross-origin-opener-policy: unsafe-none; report-to="InstantbuyFrontendBuyflowPayUi"
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"InstantbuyFrontendBuyflowPayUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendBuyflowPayUi/external"}]}
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
content-security-policy: script-src 'report-sample' 'nonce-vZ7hg4ALrCm/DmutaDEQ3A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-vZ7hg4ALrCm/DmutaDEQ3A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
expires: Tue, 30 Nov 2021 15:14:16 GMT

POST
H3 200 log Show response
play.google.com/ Frame A086 131 B
155 B 59ms
43ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ApSbr_QkfPA.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrg0eTynB-peqHVId6KnLPrFiB487A/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 30 Nov 2021 15:14:16 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Tue, 30 Nov 2021 15:14:16 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 62ms
39ms Preflight
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Tue, 30 Nov 2021 15:14:16 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 30 Nov 2021 15:14:16 GMT
cache-control: private

POST
H3 200 log Show response
play.google.com/ Frame A086 131 B
155 B 55ms
40ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ApSbr_QkfPA.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrg0eTynB-peqHVId6KnLPrFiB487A/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 30 Nov 2021 15:14:16 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Tue, 30 Nov 2021 15:14:16 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 55ms
39ms Preflight
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Tue, 30 Nov 2021 15:14:16 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 30 Nov 2021 15:14:16 GMT
cache-control: private

POST
H3 200 log Show response
play.google.com/ Frame A086 131 B
155 B 55ms
40ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ApSbr_QkfPA.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrg0eTynB-peqHVId6KnLPrFiB487A/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 30 Nov 2021 15:14:16 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Tue, 30 Nov 2021 15:14:16 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 50ms
39ms Preflight
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Tue, 30 Nov 2021 15:14:16 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 30 Nov 2021 15:14:16 GMT
cache-control: private

POST
H3 200 log Show response
play.google.com/ Frame A086 131 B
155 B 83ms
68ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ApSbr_QkfPA.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrg0eTynB-peqHVId6KnLPrFiB487A/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 30 Nov 2021 15:14:16 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Tue, 30 Nov 2021 15:14:16 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 45ms
39ms Preflight
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Tue, 30 Nov 2021 15:14:16 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 30 Nov 2021 15:14:16 GMT
cache-control: private

POST
H3 200 log Show response
play.google.com/ Frame A086 131 B
155 B 57ms
43ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ApSbr_QkfPA.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrg0eTynB-peqHVId6KnLPrFiB487A/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 30 Nov 2021 15:14:16 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Tue, 30 Nov 2021 15:14:16 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 39ms
39ms Preflight
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Tue, 30 Nov 2021 15:14:16 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 30 Nov 2021 15:14:16 GMT
cache-control: private

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ApSbr_QkfPA.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.WnW... Frame A086 17 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ApSbr_QkfPA.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.WnWUPV9Q3DI.L.B1.O/am=BgAC/d=1/exm=Das5Le,IZT63,LEikZe,PrPYRd,Ru0Pgb,ZyYHPb,_b,_tp,byfTOb,hc6Ubd,lsjVmc,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrgzPWViFzXbGfOsPrvdBlwDXSig5g/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ApSbr_QkfPA.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrg0eTynB-peqHVId6KnLPrFiB487A/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

213f4c4537ee325b3fadc794f77d126c35636174b30d8869a97634d3553028b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 17:22:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78707
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7268
x-xss-protection: 0
last-modified: Wed, 24 Nov 2021 01:32:06 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
expires: Tue, 29 Nov 2022 17:22:29 GMT

GET
H3 200 m=lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ApSbr_QkfPA.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.WnW... Frame A086 8 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ApSbr_QkfPA.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.WnWUPV9Q3DI.L.B1.O/am=BgAC/d=1/exm=Das5Le,FCpbqb,IZT63,LEikZe,PrPYRd,Ru0Pgb,WhJNk,Wt6vjf,ZyYHPb,_b,_tp,byfTOb,hc6Ubd,hhhU8,lsjVmc,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrgzPWViFzXbGfOsPrvdBlwDXSig5g/m=lwddkf,EFQ78c

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ApSbr_QkfPA.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrg0eTynB-peqHVId6KnLPrFiB487A/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7986b2cbf1f1934425e74ad3db628a17908b28b613ea6ce990137b421f541f2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 17:22:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78707
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3333
x-xss-protection: 0
last-modified: Wed, 24 Nov 2021 01:32:06 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
expires: Tue, 29 Nov 2022 17:22:29 GMT

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 3F86 2 KB
2 KB 13ms
13ms Other
text/html 2a00:1450:400c:c08::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: give.citysquare.org
URL: https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c08::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 30 Nov 2021 15:14:16 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1608
content-type: text/html; charset=UTF-8

POST
H3 200 log Show response
play.google.com/ Frame A086 131 B
155 B 42ms
41ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ApSbr_QkfPA.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrg0eTynB-peqHVId6KnLPrFiB487A/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 30 Nov 2021 15:14:16 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Tue, 30 Nov 2021 15:14:16 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 39ms
39ms Preflight
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Tue, 30 Nov 2021 15:14:16 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 30 Nov 2021 15:14:16 GMT
cache-control: private

POST
H2 200 0 Show response
r.stripe.com/ Frame 23E3 0
213 B 202ms
202ms XHR
application/octet-stream 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ed90f8b5099bf79cfd8c7e5a6dc49aad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 30 Nov 2021 15:14:16 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 23E3 0
213 B 200ms
200ms XHR
application/octet-stream 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ed90f8b5099bf79cfd8c7e5a6dc49aad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 30 Nov 2021 15:14:16 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
content-length: 0

GET
H3 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ApSbr_QkfPA.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AM... Frame 3F86 146 KB
51 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37c5dbca7ed6a5431e52fc5e2a6f8e7ecf26c8151a82f8de4bdd3a5cc415a538

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 17:21:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78753
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52641
x-xss-protection: 0
last-modified: Wed, 24 Nov 2021 21:26:54 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
expires: Tue, 29 Nov 2022 17:21:43 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 23E3 0
213 B 202ms
202ms XHR
application/octet-stream 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ed90f8b5099bf79cfd8c7e5a6dc49aad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 30 Nov 2021 15:14:16 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 23E3 0
213 B 202ms
202ms XHR
application/octet-stream 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ed90f8b5099bf79cfd8c7e5a6dc49aad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 30 Nov 2021 15:14:16 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
content-length: 0

POST
H2 200 log Show response
play.google.com/ Frame A086 131 B
672 B 63ms
42ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ApSbr_QkfPA.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrg0eTynB-peqHVId6KnLPrFiB487A/m=_b,_tp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 30 Nov 2021 15:14:16 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Tue, 30 Nov 2021 15:14:16 GMT

GET
H2 200 h
heapanalytics.com/ 37 B
258 B 93ms
92ms Image
image/gif 3.220.14.48
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1566116007&u=387803268735034&v=2211231539285426&s=6250220491295542&b=web&tv=4.0&sp=ts&sp=1638285255132&sp=d&sp=give.citysquare.org&sp=h&sp=%2Fgive%2F351043%2F&sp=q&sp=%3Fbbeml%3Dtp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg&sp=g&sp=%23!%2Fdonation%2Fcheckout&pp=d&pp=give.citysquare.org&pp=q&pp=%3Fbbeml%3Dtp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg&pp=h&pp=%2Fgive%2F351043%2F&pp=g&pp=%23!%2Fdonation%2Fcheckout&pp=t&pp=Donate%20to%20Give%20to%20CitySquare&pp=ts&pp=1638285255132&id0=5975696417549746&k0=environment&k0=prod&k0=organization_id&k0=75768&k0=campaign&k0=351043&k0=campaign_type&k0=donation&k0=duplicate_fundraisers&k0=false&k0=existing_fundraiser&k0=false&k0=digitalWalletsLoaded&k0=true&t0=Donation%20Page%20-%20View%20Page%20-%20Digital%20Wallet&ts0=1638285256339&st=1638285256341

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.220.14.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-220-14-48.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.citysquare.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 15:14:16 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 GooglePay-logo.svg
give.citysquare.org/static/global/images/digitalWallets/ 3 KB
1 KB 437ms
437ms Image
image/svg+xml 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://give.citysquare.org/static/global/images/digitalWallets/GooglePay-logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee8b513e01e58127f81cb40ae5909a16a8eb0f8185efa32fd0a9104a7deb2c78

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:14:16 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 19 Nov 2021 00:17:32 GMT
server: cloudflare
etag: W/"6196ed1c-b41"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000; includeSubDomains
cf-ray: 6b6506442cf60601-FRA
expires: Wed, 30 Nov 2022 15:14:16 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 23E3 0
213 B 201ms
200ms XHR
application/octet-stream 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ed90f8b5099bf79cfd8c7e5a6dc49aad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 30 Nov 2021 15:14:16 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
content-length: 0

GET
H3 200 m=byfTOb,lsjVmc,LEikZe Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ApSbr_QkfPA.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.WnW... Frame 3F86 36 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ApSbr_QkfPA.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrg0eTynB-peqHVId6KnLPrFiB487A/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5c176ff9dfc4e48befc7214eb8d8b4829e09d2f93646b1497564baafe40524d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 17:22:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78707
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13441
x-xss-protection: 0
last-modified: Wed, 24 Nov 2021 01:32:06 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
expires: Tue, 29 Nov 2022 17:22:29 GMT

GET
H3 200 m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ApSbr_QkfPA.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.WnW... Frame 3F86 73 KB
27 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ApSbr_QkfPA.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.WnWUPV9Q3DI.L.B1.O/am=BgAC/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrgzPWViFzXbGfOsPrvdBlwDXSig5g/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ApSbr_QkfPA.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrg0eTynB-peqHVId6KnLPrFiB487A/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa1a079d2e43462d68ab4e4dee9d28fe1c073ce16389de714e42c8b00d554aae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 17:22:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78707
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27479
x-xss-protection: 0
last-modified: Wed, 24 Nov 2021 01:32:06 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
expires: Tue, 29 Nov 2022 17:22:29 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 3F86 49 KB
20 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ApSbr_QkfPA.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.WnWUPV9Q3DI.L.B1.O/am=BgAC/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrgzPWViFzXbGfOsPrvdBlwDXSig5g/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 789
date: Tue, 30 Nov 2021 15:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 30 Nov 2021 17:01:07 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 3F86 1 MB
337 KB 70ms
68ms XHR
text/html 2a00:1450:400c:c08::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ApSbr_QkfPA.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrg0eTynB-peqHVId6KnLPrFiB487A/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c08::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c161801a88aaacb65ddea0f9174878e528ce961bc474837d11be85348bf12a62

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-BcsGB7GqlQ0ZibxObbGJow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-BcsGB7GqlQ0ZibxObbGJow' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:14:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge
server: ESF
cross-origin-opener-policy: unsafe-none; report-to="InstantbuyFrontendBuyflowPayUi"
x-frame-options: DENY
strict-transport-security: max-age=31536000
report-to: {"group":"InstantbuyFrontendBuyflowPayUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendBuyflowPayUi/external"}]}
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: private, max-age=3600
content-security-policy: script-src 'report-sample' 'nonce-BcsGB7GqlQ0ZibxObbGJow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-BcsGB7GqlQ0ZibxObbGJow' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
expires: Tue, 30 Nov 2021 15:14:16 GMT

POST
H3 200 log Show response
play.google.com/ Frame 3F86 131 B
155 B 42ms
41ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ApSbr_QkfPA.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrg0eTynB-peqHVId6KnLPrFiB487A/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 30 Nov 2021 15:14:16 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Tue, 30 Nov 2021 15:14:16 GMT

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 53ms
38ms Preflight
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Tue, 30 Nov 2021 15:14:16 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 30 Nov 2021 15:14:16 GMT
cache-control: private

POST
H3 200 log Show response
play.google.com/ Frame 3F86 131 B
155 B 45ms
44ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ApSbr_QkfPA.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrg0eTynB-peqHVId6KnLPrFiB487A/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 30 Nov 2021 15:14:16 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Tue, 30 Nov 2021 15:14:16 GMT

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 49ms
39ms Preflight
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Tue, 30 Nov 2021 15:14:16 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 30 Nov 2021 15:14:16 GMT
cache-control: private

POST
H3 200 log Show response
play.google.com/ Frame 3F86 131 B
155 B 42ms
41ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ApSbr_QkfPA.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrg0eTynB-peqHVId6KnLPrFiB487A/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 30 Nov 2021 15:14:16 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Tue, 30 Nov 2021 15:14:16 GMT

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 41ms
38ms Preflight
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Tue, 30 Nov 2021 15:14:16 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 30 Nov 2021 15:14:16 GMT
cache-control: private

POST
H3 200 log Show response
play.google.com/ Frame 3F86 131 B
155 B 42ms
42ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ApSbr_QkfPA.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrg0eTynB-peqHVId6KnLPrFiB487A/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 30 Nov 2021 15:14:16 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Tue, 30 Nov 2021 15:14:16 GMT

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 38ms
38ms Preflight
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Tue, 30 Nov 2021 15:14:16 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 30 Nov 2021 15:14:16 GMT
cache-control: private

POST
H3 200 log Show response
play.google.com/ Frame 3F86 131 B
155 B 40ms
40ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ApSbr_QkfPA.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrg0eTynB-peqHVId6KnLPrFiB487A/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 30 Nov 2021 15:14:16 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Tue, 30 Nov 2021 15:14:16 GMT

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 38ms
38ms Preflight
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Tue, 30 Nov 2021 15:14:16 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 30 Nov 2021 15:14:16 GMT
cache-control: private

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ApSbr_QkfPA.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.WnW... Frame 3F86 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ApSbr_QkfPA.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.WnWUPV9Q3DI.L.B1.O/am=BgAC/d=1/exm=Das5Le,IZT63,LEikZe,PrPYRd,Ru0Pgb,ZyYHPb,_b,_tp,byfTOb,hc6Ubd,lsjVmc,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrgzPWViFzXbGfOsPrvdBlwDXSig5g/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ApSbr_QkfPA.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrg0eTynB-peqHVId6KnLPrFiB487A/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

213f4c4537ee325b3fadc794f77d126c35636174b30d8869a97634d3553028b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 17:22:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78707
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7268
x-xss-protection: 0
last-modified: Wed, 24 Nov 2021 01:32:06 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
expires: Tue, 29 Nov 2022 17:22:29 GMT

GET
H3 200 m=lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ApSbr_QkfPA.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.WnW... Frame 3F86 8 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ApSbr_QkfPA.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.WnWUPV9Q3DI.L.B1.O/am=BgAC/d=1/exm=Das5Le,FCpbqb,IZT63,LEikZe,PrPYRd,Ru0Pgb,WhJNk,Wt6vjf,ZyYHPb,_b,_tp,byfTOb,hc6Ubd,hhhU8,lsjVmc,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrgzPWViFzXbGfOsPrvdBlwDXSig5g/m=lwddkf,EFQ78c

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ApSbr_QkfPA.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrg0eTynB-peqHVId6KnLPrFiB487A/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7986b2cbf1f1934425e74ad3db628a17908b28b613ea6ce990137b421f541f2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 17:22:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78707
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3333
x-xss-protection: 0
last-modified: Wed, 24 Nov 2021 01:32:06 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
expires: Tue, 29 Nov 2022 17:22:29 GMT

GET
H2 200 h
heapanalytics.com/ 37 B
258 B 93ms
92ms Image
image/gif 3.220.14.48
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1566116007&u=387803268735034&v=2211231539285426&s=6250220491295542&b=web&tv=4.0&sp=ts&sp=1638285255132&sp=d&sp=give.citysquare.org&sp=h&sp=%2Fgive%2F351043%2F&sp=q&sp=%3Fbbeml%3Dtp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg&sp=g&sp=%23!%2Fdonation%2Fcheckout&pp=d&pp=give.citysquare.org&pp=q&pp=%3Fbbeml%3Dtp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg&pp=h&pp=%2Fgive%2F351043%2F&pp=g&pp=%23!%2Fdonation%2Fcheckout&pp=t&pp=Donate%20to%20Give%20to%20CitySquare&pp=ts&pp=1638285255132&id0=6116767232641921&k0=environment&k0=prod&k0=organization_id&k0=75768&k0=campaign&k0=351043&k0=campaign_type&k0=donation&k0=duplicate_fundraisers&k0=false&k0=existing_fundraiser&k0=false&k0=page&k0=%2Fgive%2F351043%2F%3Fbbeml%3Dtp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg%23!%2Fdonation%2Fcheckout&k0=title&k0=Donation%20Page&k0=userAgent&k0=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.45%20Safari%2F537.36&k0=environment&k0=prod&k0=is_public&k0=true&t0=Page%20View&ts0=1638285256450&st=1638285256450

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.220.14.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-220-14-48.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.citysquare.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 15:14:16 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

POST
H3 200 log Show response
play.google.com/ Frame 3F86 131 B
155 B 41ms
40ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ApSbr_QkfPA.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrg0eTynB-peqHVId6KnLPrFiB487A/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 30 Nov 2021 15:14:16 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Tue, 30 Nov 2021 15:14:16 GMT

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 38ms
38ms Preflight
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Tue, 30 Nov 2021 15:14:16 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 30 Nov 2021 15:14:16 GMT
cache-control: private

POST
H2 200 0 Show response
r.stripe.com/ Frame 23E3 0
213 B 202ms
202ms XHR
application/octet-stream 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ed90f8b5099bf79cfd8c7e5a6dc49aad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 30 Nov 2021 15:14:16 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 23E3 0
213 B 204ms
204ms XHR
application/octet-stream 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ed90f8b5099bf79cfd8c7e5a6dc49aad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 30 Nov 2021 15:14:16 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 4
content-length: 0

GET
H2 200 h
heapanalytics.com/ 37 B
258 B 92ms
92ms Image
image/gif 3.220.14.48
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1566116007&u=387803268735034&v=2211231539285426&s=6250220491295542&b=web&tv=4.0&sp=ts&sp=1638285255132&sp=d&sp=give.citysquare.org&sp=h&sp=%2Fgive%2F351043%2F&sp=q&sp=%3Fbbeml%3Dtp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg&sp=g&sp=%23!%2Fdonation%2Fcheckout&pp=d&pp=give.citysquare.org&pp=q&pp=%3Fbbeml%3Dtp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg&pp=h&pp=%2Fgive%2F351043%2F&pp=g&pp=%23!%2Fdonation%2Fcheckout&pp=t&pp=Donate%20to%20Give%20to%20CitySquare&pp=ts&pp=1638285255132&id0=8947929152510265&k0=environment&k0=prod&k0=organization_id&k0=75768&k0=campaign&k0=351043&k0=campaign_type&k0=donation&k0=duplicate_fundraisers&k0=false&k0=existing_fundraiser&k0=false&k0=digitalWalletsLoaded&k0=true&t0=Donation%20Page%20-%20View%20Page%20-%20Digital%20Wallet&ts0=1638285256462&st=1638285256462

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.220.14.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-220-14-48.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.citysquare.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 15:14:16 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

POST
H2 200 0 Show response
r.stripe.com/ Frame 23E3 0
213 B 202ms
202ms XHR
application/octet-stream 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ed90f8b5099bf79cfd8c7e5a6dc49aad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 30 Nov 2021 15:14:16 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
content-length: 0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=882578583&t=pageview&_s=7&dl=https%3A%2F%2Fgive.citysquare.org%2Fgive%2F351043%2F%3Fbbeml%3Dtp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg&dp=%2Fgive%2F351043%2F%3Fbbeml%3Dtp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg%23!%2Fdonation%2Fcheckout&ul=en-us&de=UTF-8&dt=Donation%20Page&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABAAAAAC~&jid=&gjid=&cid=1605340164.1638285255&tid=UA-3837893-1&_gid=541691630.1638285255&cd1=75768&cd2=Classy%20Pay&cd3=0&cd4=donation&cd5=351043&cd6=campaign&cd11=recurring%20optimization&z=2126839885

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.citysquare.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:41:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 48787
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 log Show response
play.google.com/ Frame 3F86 131 B
155 B 43ms
43ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ApSbr_QkfPA.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrg0eTynB-peqHVId6KnLPrFiB487A/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 30 Nov 2021 15:14:16 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Tue, 30 Nov 2021 15:14:16 GMT

GET
H2 200 trusted-types-checker-cda1635e27dc416e23614def05f39e01.js Show response
js.stripe.com/v3/fingerprinted/js/ 172 B
269 B 6ms
6ms Script
application/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-cda1635e27dc416e23614def05f39e01.js

Requested by

Host: give.citysquare.org
URL: https://give.citysquare.org/give/351043/?bbeml=tp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

95606fd79e5ed034243c781bbfdacc97d7fbc04174981a4a45cd4ad63008afed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.citysquare.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 42
x-cache: HIT
content-length: 118
etag: "c78a4d54d725874984ae69d553523207"
x-request-id: 5515ceab-56ad-4438-9210-3135e4a1c4ed
x-served-by: cache-fra19138-FRA
access-control-allow-origin: *
last-modified: Fri, 05 Nov 2021 21:06:48 GMT
server: Fastly
date: Tue, 30 Nov 2021 15:14:21 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 7

POST 0
r.stripe.com/ Frame 23E3 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: r.stripe.com
URL: https://r.stripe.com/0

Verdicts & Comments Add Verdict or Comment

175 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
give.citysquare.org/	1970-02-07 21:53:12	Name: connect.sid Value: s%3A9CdjiiPkU71AbcSlSjG5vjRC4fDkl8D6.7QvOsWM0cHEdaSd%2FF3D8eXJ5H9VdqcYyLKxptFcJm9E
.give.citysquare.org/	1970-01-19 23:04:47	Name: __cf_bm Value: xbFAINWlrOND0AX_DgWx4I.agptlwiAjWOIjc8O9U7Y-1638285253-0-AZpJK3YmAXHVYBWf2Tued36OGOLVJ3mwSAPvT5fTGC5B4AIay9Gmom8acwWevZj0GQp+mqMCf1OsqijSSis2y0g=
.give.citysquare.org/	1969-12-31 23:59:59	Name: __cfruid Value: d706e896f764594b79bccf0a786a6efccd98bc98-1638285253
.classy.org/	1970-01-19 23:04:47	Name: __cf_bm Value: rDkELX1s9znPD3bXS4Day7kF8G1rSTpmixP.mOZw..I-1638285254-0-AdTCUuLJv6Z56cqQazb5adEFjNdYor1AjcMDT45Wv9duT8tJ7lqRAFNHeDleyXMj3xRLrwqEhEQhUDwIgmJDQn4=
.citysquare.org/	1970-01-20 16:35:57	Name: _ga Value: GA1.2.1605340164.1638285255
.citysquare.org/	1970-01-19 23:06:11	Name: _gid Value: GA1.2.541691630.1638285255
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: vXkYBVoRXbQ
.youtube.com/	1970-01-20 03:23:57	Name: VISITOR_INFO1_LIVE Value: fBeZiIxHuwE
.citysquare.org/	1970-01-20 08:32:42	Name: _hp2_id.1566116007 Value: %7B%22userId%22%3A%22387803268735034%22%2C%22pageviewId%22%3A%222211231539285426%22%2C%22sessionId%22%3A%226250220491295542%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.citysquare.org/	1970-01-19 23:04:45	Name: _gat_classyTrack Value: 1
.citysquare.org/	1970-01-20 08:32:42	Name: _hp2_props.1566116007 Value: %7B%22environment%22%3A%22prod%22%2C%22organization_id%22%3A75768%2C%22payment_processor%22%3Anull%2C%22campaign%22%3A351043%2C%22campaign_type%22%3A%22donation%22%2C%22duplicate_fundraisers%22%3Afalse%2C%22existing_fundraiser%22%3Afalse%7D
.give.citysquare.org/	1970-01-20 07:50:21	Name: OptanonConsent Value: landingPath=https%3A%2F%2Fgive.citysquare.org%2Fgive%2F351043%2F%3Fbbeml%3Dtp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg%23!%2Fdonation%2Fcheckout&datestamp=Tue+Nov+30+2021+15%3A14%3A15+GMT%2B0000+(GMT)&version=3.6.25&EuOnly=true
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 4277d5d17144917a
.citysquare.org/	1970-01-19 23:04:47	Name: _hp2_ses_props.1566116007 Value: %7B%22ts%22%3A1638285255132%2C%22d%22%3A%22give.citysquare.org%22%2C%22h%22%3A%22%2Fgive%2F351043%2F%22%2C%22q%22%3A%22%3Fbbeml%3Dtp-8_cvOwA95k-dPBn-ACE3Kw.jW3HGwkq1-UyXDQK4uNdR7Q.rZRIklMpKNUOfC0wzCu_9Rg.lMbT14cE_SkGc8gGSUPuUEg%22%2C%22g%22%3A%22%23!%2Fdonation%2Fcheckout%22%7D
give.citysquare.org/	1969-12-31 23:59:59	Name: CSRF-TOKEN Value: Wh8a0wvz-1a8OF1e82yGdzikaZ9z5qeYf2YE
.google.com/	1970-01-20 03:28:16	Name: NID Value: 511=MX6H0hv-gctJgOPvsryhjkELEz2Vdg6GLrjW3kFBToa_usV2om3632ummeI_rL-vu_sMqBbrN4_q5UIT-Dfh3EyCw2qLNkjNLOkwHzXn7Uki_IH94xTYvsTveuSt1GX_2gbqcH_yS_LUNTk8jXOCdMyouuUFRBa2UrI7czHqOe8
m.stripe.com/	1970-01-20 16:35:57	Name: m Value: fff7f6fd-dfee-4bb6-a99c-85249ac77b4022d76b
.give.citysquare.org/	1970-01-20 07:50:21	Name: __stripe_mid Value: 1ac4a148-12c3-43d2-acd9-f966fa5d7664bd1603
.give.citysquare.org/	1970-01-19 23:04:47	Name: __stripe_sid Value: 9e71f75e-70e3-4a86-8eac-53d1de069f0b4985ef
give.citysquare.org/	1970-01-20 07:50:21	Name: acceptCookies Value: eyJpdiI6InZ4Z3lXSXJ2clNsVmR5cHNkeUVPZFE9PSIsInZhbHVlIjoiOTRyXC95UkwyMHFNSjBnbGs4Mm5JdXc9PSIsIm1hYyI6IjI3YTlmMjY3MThjZGYwYmJiNzVjZGMwM2E4NDgyNTQ4Mzg4YjMyNGZjODc4ZGU5ZmI3YzI4NmZkODA0NDM5MzcifQ%3D%3D
give.citysquare.org/	1970-01-19 23:04:52	Name: XSRF-TOKEN Value: eyJpdiI6IjB4XC9PcE9zK0dqMXB3Unp1dGVhZU13PT0iLCJ2YWx1ZSI6ImtYd3psVjlXRXgzTGtHVUFRU0haUWx5YmVJbGZnUkNJZU4yeFh4UUhEWERVTWJVZllcL2JvUEZqc3dNZFdFSHJVUEVUWFVRb0Y5M0hSR041UEUzVUlxUT09IiwibWFjIjoiYTZmNWRlZDNjY2Y3MWQwYWZmNzZiMDMzZjQzNTBjZjljYTNiMDYzNTQzZjdiNzc5ZGVhMjJlNTY3Y2FhNzJhMCJ9
give.citysquare.org/	1969-12-31 23:59:59	Name: sid Value: eyJpdiI6IkV6K0pESndiK2ZVOHEyVTRqSURyYWc9PSIsInZhbHVlIjoicXpDMlk4WUt0bTZUWEtsbW9KOWpXSFZpZGora1d0dkNveEIzd2VnZkRQNkExQWxYb1pyeDh2ODRCbjlYNWdHQXhybHQyMEo1eDdYS3I1blppUjNWa0E9PSIsIm1hYyI6ImIwZjlkYTA0YzRmNDVhZGEzYzQ3NzUwN2JlYzdkYWU0ODc1YzcwNDI3NTIwOWVhOGJlOWE5OGU1MWU5NWM4YjMifQ%3D%3D

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'sha256-Qj6AdMOUjZkBBUTjGW/OORBoqx2Pohcq8Bg/ZvZzgYw='".
deprecation	warning	URL: https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-f2a776258b5d03fabd63ccb663dcf89a.js Message: The 'basic-card' payment method is deprecated and will be removed in M100, around March 2022. See https://www.chromestatus.com/features/5730051011117056 for more details.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.classy.org
bam-cell.nr-data.net
cdn.heapanalytics.com
cdn.plaid.com
code.jquery.com
doublethedonation.com
eml-pusa01.app.blackbaud.net
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
give.citysquare.org
heapanalytics.com
htp.tokenex.com
js-agent.newrelic.com
js.stripe.com
m.stripe.com
m.stripe.network
pay.classy.org
pay.google.com
platform.twitter.com
play.google.com
prod-frs.content.classy.org
q.stripe.com
r.stripe.com
sessions.bugsnag.com
static.cloudflareinsights.com
stats.g.doubleclick.net
syndication.twitter.com
unpkg.com
www.google-analytics.com
www.gstatic.com
www.youtube.com
r.stripe.com
104.244.42.8
13.224.193.128
13.225.77.107
151.101.128.176
151.101.2.137
162.247.243.147
20.94.101.126
2001:4de0:ac18::1:a:3b
23.96.109.67
2600:1901:0:7a0b::
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:10::6814:b944
2606:4700::6810:5e41
2606:4700::6810:7eaf
2606:4700::6812:7115
2606:4700::6812:843c
2a00:1450:4001:80f::200e
2a00:1450:4001:811::200a
2a00:1450:4001:827::2003
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:830::200e
2a00:1450:400c:c08::5c
2a00:1450:400c:c0a::9a
3.220.14.48
52.143.247.24
52.42.231.203
54.187.159.182
00a57617df99ac957720b7332f9d15449def3ebe11169d68f12c47a3cde5168d
032b2cd62ca53bd3edf67462afb364442044e4338d4eedf1269375bc238682d8
056a25fd3493379aba428c8c679b68a841060e54b9bab8c65361a573ba2305ae
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0bfb91256f2cf5de0eb60ca3fd11c8f94d27958b0f6d95b483e67483931647aa
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0e6772931af7fcb07110ebd7ef927a9b881f95133df4b8a6c540a99b352e1fd4
13b3aa435f746f2f1a6fed44d309180920a10ec6ad2246962c61694460bae445
154acfa175f5a1873b733b2a6d390b707ea926c5646da8e8074fea4d1b1aebd5
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1969520bd7b0ea7b84b1cbdda4a8ae93c321abe6eaeff82b5fa496680bf88a0f
1b17d0172ad7a0ec261d4a6722ab82773c648bbf8452495a7ceac6e36a75d846
213f4c4537ee325b3fadc794f77d126c35636174b30d8869a97634d3553028b1
23298ea5b1b364d0024bfcf8d568a74cdc5d878ce7e775d33a4a138d4187c73d
2a420d3aaef8542c2952614ab83b697fcb3d1c57c7728b3565876611b5f06ef7
33ee267763985a483e766006308c74e6afa3d561ac5b23ac58b7ef2a2e55eacc
37c5dbca7ed6a5431e52fc5e2a6f8e7ecf26c8151a82f8de4bdd3a5cc415a538
4b97e91ac72561607ea5a78499557efd7fddfaacf5debac0799774e299cd8fa9
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
53ddfecb467110d25b2683d0edebaec4ea0a2042420c7a411eefcd90bd7c9c3c
53fe9e3bceda41919ef86bb2cb7175f41bbcf6663d358d928e3658ab2626dc1f
5bf0a170ae91f1bb8d0c94381a74ab8b85f938bf31bf18a9c8e3b835250d3be6
5c5213ae9607e223883edb6fc2e766c15e2de3916e76855a226f8b539cce6b2b
62f42276dddf470e795cc1b1bdcb8fe73a0354188bcfa80e0600e8b8d2a21dcb
639d9b9080ab4c7414cc18933001ef1900125013c10dc82e43a0493211030e8e
658d3728e3878a01e5a054d6ba34ca6c574e7320933b9b9d46ad370465b8cca7
67678086b6f37a8e5067b4969fd3a67b279b1a22180c56b4c99eb0301ad35684
6b5402ff8932ed835d39a31b75c6bc737a80f6ddcd6269a1fa53556485ca3ad8
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f465e3c3a2dbcb5cc80eaff7f9afa6656ecd0dba5cfc9ea8a1813a72147cdae
71a55578d53e666ef644669139972f47092d97114a67c8b251f155ef6c19c15d
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
72f1ccdc89a549789bfd5e2c755bdaac5c26a24d1e8281266573ce4078834db8
78f5d9eb6a0b0a2d4810727459ebdcf43952d6d4ad470525b18541ba84a13f81
7986b2cbf1f1934425e74ad3db628a17908b28b613ea6ce990137b421f541f2a
7aed446f8efe3b0b8b7afd7a01832d250c9d8ef6f4f6159198ec99950c6d964b
7baeed670b9dfe277223ef349839f35391de32a5c4df26f241c90c1d878a30fd
7d1e50bddebcae853734f63787806711035fe1217355300e1ff3e71683131887
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86cb276d0550d189e7dad4800fbbcfe7b5312f7845e0e711115d5aad589b5d27
8ca5b0e248255ce9e81e10a3970a2d627dc55a03f5807b04560281a17720b8e2
8f905338cfcab34eacf6e12892762095e7d8b74e9bf6e7bf9b6cff866a8d6dc2
95606fd79e5ed034243c781bbfdacc97d7fbc04174981a4a45cd4ad63008afed
95f0779f97ba79eb7925fdef3c2dbbe726b672dfcff6d1b1fbcaaf7fe10e8b18
977d4c7fb8ee2ee630953d2d4477987261fca8f7152214a2416d1731e937bef5
987371454c1ad11929a412bd48f8ca28d2a951425e60023e9b1031575980ac9c
9dc9f15be9644fe661ed74493a4de393418024500fe78cf633bac0a86f29a745
a10375b13b4d50498992d1056688b60628f6d2a1caca4bdb90826018a8fe956d
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2f6b81396ab1150effea054efbf1623212ea0419976389ce8f10e909d39e4c7
a9e992c0d55edfbb3805067c7a5154238fd1880a3cf5e35140a0ff27f528a115
acecccc74061288b34cf958f56c93c528ebf20d9b263cd8fc65b8b76c8bcfac4
adf4afee15d307888f52c5c1b8649ba2ef593e9a04e1400b63f80774c0d20176
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b05bc405a4294a1d778025a79275c288477dda7cf50f679c9b621925b0dad5a4
b0817a0d6a87f2d42532035e42b20ea55cfaa5ca1092c761f5fc5e734790bdbf
b32d0c0027380ac3685a05937214bde83f51d2bf38c833f5962bfe97c18b2b69
b936410af9cb510891a675f0e4aefd71b290aa3a621db3cc5a59aa8980c95c06
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb4c071d8e6508e76203affbf616897cda8253ca492a54ea601e2014338489cd
bb95e14fe2607a024110f56caa6c92abcfdea7c2dd1e7753887011e7f6f82b69
bcdc7148d1f31a3d06cff6b52d1064cb1a0dca292ccd80e3d8c52b1bf5330440
c161801a88aaacb65ddea0f9174878e528ce961bc474837d11be85348bf12a62
c3b894a4425509ff283b4e7149b3e3ed8b3d2798616dfe351d491d06325fbc6f
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c7e6acfa526397eb9f5f44446b17769e3e7763c0779774c117c54412f151e894
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d512a0aaa9babc16d865cecea1d2615a23e87261b812b08c623ec67053d3df15
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d98736232375b1876a7c2d609bd831c4651ec8baf479a89cf7cef1afe92e3b0a
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
db35d9942ff3fe390acc214cea81723f9c880cdd53788be8a16d6b3e0aab3965
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e590636a82a5613e3074da8308a66905f45d07e9bd55d790a2eb779c43e732aa
ebfe453394ff1be6ef75d380ab7c5535aea0b51832d045f0d5d0ef7e6535969c
ed34a59f182c66e2b25c602f3c9b0f21435a8f475d5dbc9e6830ff4c7929f5cd
ee0a9c05670b10b0bb3b2bf17fc7826884a3e8ac95980eb24f4a20640a139183
ee8b513e01e58127f81cb40ae5909a16a8eb0f8185efa32fd0a9104a7deb2c78
ef2d6517460af97612c94e862aa8b6fc6d5caf1ecf94eefc97fa1ca2d56d10ae
f5c176ff9dfc4e48befc7214eb8d8b4829e09d2f93646b1497564baafe40524d
fa1a079d2e43462d68ab4e4dee9d28fe1c073ce16389de714e42c8b00d554aae
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

give.citysquare.org Open in urlscan Pro 2606:4700::6812:7115 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

174 Requests

99 %HTTPS

57 %IPv6

23 Domains

32 Subdomains

28 IPs

4 Countries

5949 kBTransfer

13903 kBSize

22 Cookies

7 Outgoing links

Page URL History

Redirected requests

174 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

give.citysquare.org Open in urlscan Pro
2606:4700::6812:7115 Public Scan

Screenshot
Live screenshot

Full Image

174
Requests

99 %
HTTPS

57 %
IPv6

23
Domains

32
Subdomains

28
IPs

4
Countries

5949 kB
Transfer

13903 kB
Size

22
Cookies

174 HTTP transactions
0 data transactions