donate.wck.org Open in urlscan Pro
2606:4700::6812:843c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.tripadvisor.com/MptUrl?p=AAR1jBCSqXiB1nZ9Eap4sYodl8pY%2BRaN7SoaHpGdOwGQhCn0IqEMIGJIUILbs61ehXFXuUnFNH9UbRkkhrmfv...
Effective URL:
https://donate.wck.org/give/394390?m=65460&eatoken=3%3AFxXXvMC7VQIv7mJ4ABQCKcV0kIsWTySO7eDdMCE0EBwDKjHhGH-81dnqZvzx0yj8...
Submission: On March 14 via manual (March 14th 2022, 4:35:23 pm UTC) from IE — Scanned from DE

Summary HTTP 140 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 30 IPs in 4 countries across 26 domains to perform 140 HTTP transactions. The main IP is 2606:4700::6812:843c, located in United States and belongs to CLOUDFLARENET, US. The main domain is donate.wck.org. The Cisco Umbrella rank of the primary domain is 357554.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 31st 2021. Valid for: a year.

This is the only time donate.wck.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2.18.234.194 2.18.234.194	16625 (AKAMAI-AS) (AKAMAI-AS)
24	2606:4700::68... 2606:4700::6812:843c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.96.109.67 23.96.109.67	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6810:5e41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	52.143.247.24 52.143.247.24	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6810:7aaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	108.157.4.23 108.157.4.23	16509 (AMAZON-02) (AMAZON-02)
15	151.101.0.176 151.101.0.176	54113 (FASTLY) (FASTLY)
12	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	13.32.121.85 13.32.121.85	16509 (AMAZON-02) (AMAZON-02)
2	2600:1901:0:7... 2600:1901:0:7a0b::	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (STACKPATH...) (STACKPATH-CDN)
5	34.234.33.8 34.234.33.8	14618 (AMAZON-AES) (AMAZON-AES)
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
1	2606:4700:10:... 2606:4700:10::6814:b844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6812:7115	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	54.186.23.98 54.186.23.98	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c08::9c	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	162.247.243.147 162.247.243.147	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
3	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	34.215.58.150 34.215.58.150	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:400c:c00::5c	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
140	30

1 2.18.234.194 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-194.deploy.static.akamaitechnologies.com

www.tripadvisor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2606:4700::6812:843c (United States)

ASN13335 (CLOUDFLARENET, US)

donate.wck.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prod-frs.content.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.96.109.67 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

doublethedonation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5e41 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.143.247.24 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

htp.tokenex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7aaf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.157.4.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-23.dus51.r.cloudfront.net

cdn.plaid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 151.101.0.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-85.fra60.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:7a0b:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

sessions.bugsnag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.234.33.8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-33-8.compute-1.amazonaws.com

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:7115 (United States)

ASN13335 (CLOUDFLARENET, US)

pay.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.243.147 (United States)

ASN13335 (CLOUDFLARENET, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.215.58.150 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-215-58-150.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c00::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	stripe.com js.stripe.com — Cisco Umbrella Rank: 894 q.stripe.com — Cisco Umbrella Rank: 5856 m.stripe.com — Cisco Umbrella Rank: 854 r.stripe.com — Cisco Umbrella Rank: 3909	330 KB
17	google.com pay.google.com — Cisco Umbrella Rank: 2999 play.google.com — Cisco Umbrella Rank: 32	388 KB
15	classy.org prod-frs.content.classy.org — Cisco Umbrella Rank: 123985 pay.classy.org — Cisco Umbrella Rank: 182491 assets.classy.org — Cisco Umbrella Rank: 128873	1 MB
12	gstatic.com fonts.gstatic.com www.gstatic.com	296 KB
12	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	40 KB
12	wck.org donate.wck.org — Cisco Umbrella Rank: 357554	48 KB
6	heapanalytics.com cdn.heapanalytics.com — Cisco Umbrella Rank: 2997 heapanalytics.com — Cisco Umbrella Rank: 2623	44 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	588 B
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 124	134 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 525 syndication.twitter.com — Cisco Umbrella Rank: 769	133 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 948	17 KB
2	nr-data.net bam-cell.nr-data.net — Cisco Umbrella Rank: 309	1 KB
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 68	505 B
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 88	51 KB
2	bugsnag.com sessions.bugsnag.com — Cisco Umbrella Rank: 743	140 B
2	plaid.com cdn.plaid.com — Cisco Umbrella Rank: 15134	71 KB
2	doublethedonation.com doublethedonation.com — Cisco Umbrella Rank: 64273	109 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	1 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 727	256 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 306	18 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 588	30 KB
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 821	3 KB
1	tokenex.com htp.tokenex.com — Cisco Umbrella Rank: 33910	4 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 101	15 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1207	5 KB
1	tripadvisor.com 1 redirects www.tripadvisor.com — Cisco Umbrella Rank: 8152	2 KB
140	26

	Domain	Requested by
16	r.stripe.com	js.stripe.com
13	play.google.com	www.gstatic.com
13	js.stripe.com	donate.wck.org js.stripe.com
12	www.google-analytics.com	donate.wck.org www.gstatic.com
12	donate.wck.org	donate.wck.org
9	prod-frs.content.classy.org	donate.wck.org prod-frs.content.classy.org
7	fonts.gstatic.com	fonts.googleapis.com
5	www.gstatic.com	pay.google.com www.gstatic.com
5	q.stripe.com	donate.wck.org
5	heapanalytics.com
4	pay.google.com	js.stripe.com pay.google.com donate.wck.org www.gstatic.com
3	www.facebook.com
3	connect.facebook.net	donate.wck.org
3	assets.classy.org
3	pay.classy.org	donate.wck.org
2	m.stripe.network	js.stripe.com m.stripe.network
2	bam-cell.nr-data.net	donate.wck.org
2	stats.g.doubleclick.net	donate.wck.org
2	www.youtube.com	donate.wck.org
2	platform.twitter.com	donate.wck.org
2	sessions.bugsnag.com	donate.wck.org
2	cdn.plaid.com	donate.wck.org
2	doublethedonation.com	donate.wck.org
1	m.stripe.com	m.stripe.network
1	syndication.twitter.com	platform.twitter.com
1	fonts.googleapis.com	donate.wck.org
1	geolocation.onetrust.com	donate.wck.org
1	js-agent.newrelic.com	donate.wck.org
1	code.jquery.com	donate.wck.org
1	cdn.heapanalytics.com	donate.wck.org
1	unpkg.com	donate.wck.org
1	htp.tokenex.com	donate.wck.org
1	www.googleadservices.com	donate.wck.org
1	static.cloudflareinsights.com	donate.wck.org
1	www.tripadvisor.com	1 redirects
140	35

This site contains links to these domains. Also see Links.

Domain
www.classy.org
classy.org

Subject Issuer	Validity	Valid
donate.wck.org Cloudflare Inc ECC CA-3	`2021-05-31` - `2022-05-30`	a year	crt.sh
classy.org Cloudflare Inc ECC CA-3	`2021-06-03` - `2022-06-02`	a year	crt.sh
doublethedonation.com Sectigo ECC Domain Validation Secure Server CA	`2020-04-09` - `2022-07-12`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
api.tokenex.com Go Daddy Secure Certificate Authority - G2	`2022-01-12` - `2023-02-13`	a year	crt.sh
secure.plaid.com DigiCert SHA2 Extended Validation Server CA	`2022-03-08` - `2023-04-08`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2022-01-26` - `2022-05-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
cdn.heapanalytics.com Amazon	`2021-08-28` - `2022-09-26`	a year	crt.sh
*.bugsnag.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-05` - `2022-05-05`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
heapanalytics.com Amazon	`2021-12-09` - `2023-01-06`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-01-12` - `2023-01-12`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
pay.classy.org Cloudflare Inc ECC CA-3	`2021-06-08` - `2022-06-07`	a year	crt.sh
*.stripe.com DigiCert SHA2 Secure Server CA	`2021-09-08` - `2022-09-07`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-12-22` - `2022-03-22`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-06` - `2023-01-05`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-11` - `2022-05-04`	4 months	crt.sh

This page contains 8 frames:

Primary Page: https://donate.wck.org/give/394390?m=65460&eatoken=3%3AFxXXvMC7VQIv7mJ4ABQCKcV0kIsWTySO7eDdMCE0EBwDKjHhGH-81dnqZvzx0yj8brUiLt3BsDMAVXumrT1B1oGxR2egy2F4b8vlRVz2BUT4ng&nid=VR.bec9a2d3-7c57-3766-b1c1-4d4cd68b05db.TA_EMAIL_TRV
Frame ID: 846704878E3F907B80467EA1E6296825
Requests: 79 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-9fe86c29346daf61dc2cc0586b4fad18.html
Frame ID: 8234CE9C3A6191395036882307F9D7A6
Requests: 3 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=https%3A%2F%2Fdonate.wck.org
Frame ID: A538468F24A44CE8C1AF2D53B271558B
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 039540A86764A99C293359F683CE160A
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-d8e9ca61161b63ce8b96b8cfb9de69bf.html
Frame ID: 3DCA7F09000B758F42F7EEEAE6BE5C8A
Requests: 20 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-93b9b461cf49791aa8cac173e41e2b08.html
Frame ID: 67F5B78CA08E74AAB62920C535CAC2BB
Requests: 5 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-1439590a2dd61f25979114a47faf16ed.html
Frame ID: 16E338BF1EE04C3C5D671F0AAE12FDF7
Requests: 4 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 14634F75DD4B4BDD07A6A0982C1C2418
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Donate to World Central Kitchen

Page URL History Show full URLs

https://www.tripadvisor.com/MptUrl?p=AAR1jBCSqXiB1nZ9Eap4sYodl8pY%2BRaN7SoaHpGdOwGQhCn0IqEMIGJIUILbs61eh... HTTP 302
https://donate.wck.org/give/394390?m=65460&eatoken=3%3AFxXXvMC7VQIv7mJ4ABQCKcV0kIsWTySO7eDdMCE0EBwD... Page URL

Detected technologies

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Heap (Analytics) Expand

Overall confidence: 100%
Detected patterns

heap-\d+\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

140
Requests

100 %
HTTPS

58 %
IPv6

26
Domains

35
Subdomains

30
IPs

4
Countries

2998 kB
Transfer

10036 kB
Size

38
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.classy.org/terms/
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.classy.org/terms/privacy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.classy.org/terms
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.classy.org/terms/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.classy.org/terms/cookies/
Title: Cookie Statement

Search URL Search Domain Scan URL

URL: https://www.classy.org/terms/copyright/
Title: DMCA Policy

Search URL Search Domain Scan URL

URL: https://classy.org/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.tripadvisor.com/MptUrl?p=AAR1jBCSqXiB1nZ9Eap4sYodl8pY%2BRaN7SoaHpGdOwGQhCn0IqEMIGJIUILbs61ehXFXuUnFNH9UbRkkhrmfvoLMt0Uu%2FiRNEsiNNuQrLxZYgryMgEkcjFJSvCdfKw20q3K9ja%2F2vj1hyI8UOUuzy8TcspRK1H3nHXJ1f0htXQwwt0ppN0M21GQbbiQbXlyrhNt8TgKHuSk1C4AFlXxX0CydJq4OIYbCeW4V3YHMfr6w%2F5WCbeIjlveU8fryQkOZGIjn5FLekcAOXm0nwBQ5JQAPs0s%2FwIFQN7ivel3YgJXYthLESZ2AySBJJyngTU6%2F9FeZo0WVYsTEK8pDSnTLJaGvkKrLWNTa29oEifDMaRLQV2O%2F5K80RmYDxEwSO0sEtvGpMbFZz1vbrs8k4p0pnOG%2FaOTicaVYhZ3Tfmp7xgfm3bywoOOZ6sKjtxDJQm3LxOF%2FOJMfLO56DGro2hEo6EyhENgwU1esIuBHlaopb7QaNTasXCeU0L4Y8Sw0VndWr7La5z%2FYNJHD%2BjzlBSlV8ASfEo1PB2dFRQllY%2B41uT7e7WiEMdk82D0LKLJKFLlTn6MpAN0c6maAMKxy04r%2B3pMWXzDP9cBGEYecQQPM7Si2amXOUvudr6VqayCkC%2FmTtw%3D%3D HTTP 302
https://donate.wck.org/give/394390?m=65460&eatoken=3%3AFxXXvMC7VQIv7mJ4ABQCKcV0kIsWTySO7eDdMCE0EBwDKjHhGH-81dnqZvzx0yj8brUiLt3BsDMAVXumrT1B1oGxR2egy2F4b8vlRVz2BUT4ng&nid=VR.bec9a2d3-7c57-3766-b1c1-4d4cd68b05db.TA_EMAIL_TRV Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

140 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 394390 Show response
donate.wck.org/give/
Redirect Chain

https://www.tripadvisor.com/MptUrl?p=AAR1jBCSqXiB1nZ9Eap4sYodl8pY%2BRaN7SoaHpGdOwGQhCn0IqEMIGJIUILbs61ehXFXuUnFNH9UbRkkhrmfvoLMt0Uu%2FiRNEsiNNuQrLxZYgryMgEkcjFJSvCdfKw20q3K9ja%2F2vj1hyI8UOUuzy8Tcsp...
https://donate.wck.org/give/394390?m=65460&eatoken=3%3AFxXXvMC7VQIv7mJ4ABQCKcV0kIsWTySO7eDdMCE0EBwDKjHhGH-81dnqZvzx0yj8brUiLt3BsDMAVXumrT1B1oGxR2egy2F4b8vlRVz2BUT4ng&nid=VR.bec9a2d3-7c57-3766-b1c1-...

101 KB
28 KB

847ms
675ms

Document
text/html

2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.wck.org/give/394390?m=65460&eatoken=3%3AFxXXvMC7VQIv7mJ4ABQCKcV0kIsWTySO7eDdMCE0EBwDKjHhGH-81dnqZvzx0yj8brUiLt3BsDMAVXumrT1B1oGxR2egy2F4b8vlRVz2BUT4ng&nid=VR.bec9a2d3-7c57-3766-b1c1-4d4cd68b05db.TA_EMAIL_TRV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e11bcfaca97fe9951e45ee8c86f966eaebf2b0e54aa38bedea2cb920057797da

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 14 Mar 2022 16:35:16 GMT
content-type: text/html; charset=utf-8
cf-ray: 6ebe6be62aa123c7-ZRH
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
content-security-policy: frame-ancestors 'self';
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: br

Redirect headers

server: envoy
location: https://donate.wck.org/give/394390?m=65460&eatoken=3%3AFxXXvMC7VQIv7mJ4ABQCKcV0kIsWTySO7eDdMCE0EBwDKjHhGH-81dnqZvzx0yj8brUiLt3BsDMAVXumrT1B1oGxR2egy2F4b8vlRVz2BUT4ng&nid=VR.bec9a2d3-7c57-3766-b1c1-4d4cd68b05db.TA_EMAIL_TRV#!/donation/checkout
expires: 0
cache-control: no-cache,no-store,must-revalidate
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
pragma: no-cache
content-length: 0
timing-allow-origin: https://www.tripadvisor.com
vary: Accept-Encoding
content-type: text/html;charset=UTF-8
date: Mon, 14 Mar 2022 16:35:15 GMT

GET
H2 200 main.css
prod-frs.content.classy.org/prod/16043/static/frs/ 1 MB
137 KB 110ms
69ms Stylesheet
text/css 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/16043/static/frs/main.css

Requested by

Host: donate.wck.org
URL: https://donate.wck.org/give/394390?m=65460&eatoken=3%3AFxXXvMC7VQIv7mJ4ABQCKcV0kIsWTySO7eDdMCE0EBwDKjHhGH-81dnqZvzx0yj8brUiLt3BsDMAVXumrT1B1oGxR2egy2F4b8vlRVz2BUT4ng&nid=VR.bec9a2d3-7c57-3766-b1c1-4d4cd68b05db.TA_EMAIL_TRV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12d00509d53016805b7a18219553a512018c5a1a8daf99ad6ada6c5f90cffa79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.wck.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 16:35:16 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 55442
cf-polished: origSize=1083352
x-amz-request-id: 9JW8T1AYXVYNN0XQ
x-amz-id-2: TyXQUtL5fRH13m0liQ1rIXRCmUMwFr15oU0pFLdswnoNi1Tgwr6MLysymlt4Acd6uxF+wtNHxu4=
last-modified: Wed, 09 Mar 2022 21:33:58 GMT
server: cloudflare
etag: W/"6f520842bf802077985574a262065910"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
cache-control: max-age=86400
cf-ray: 6ebe6beb3cae2325-ZRH
cf-bgj: minify

GET
H2 200 ddplugin.css
doublethedonation.com/api/css/ 153 KB
20 KB 416ms
180ms Stylesheet
text/css 23.96.109.67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://doublethedonation.com/api/css/ddplugin.css
Requested by: Host: donate.wck.org
URL: https://donate.wck.org/give/394390?m=65460&eatoken=3%3AFxXXvMC7VQIv7mJ4ABQCKcV0kIsWTySO7eDdMCE0EBwDKjHhGH-81dnqZvzx0yj8brUiLt3BsDMAVXumrT1B1oGxR2egy2F4b8vlRVz2BUT4ng&nid=VR.bec9a2d3-7c57-3766-b1c1-4d4cd68b05db.TA_EMAIL_TRV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.96.109.67 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 34d4b0d52609d6fe3b7a0b1ade615a14d99b59b85c35a078c7839e33695a893b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.wck.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 16:35:16 GMT
content-encoding: br
last-modified: Fri, 11 Mar 2022 16:32:38 GMT
server: nginx
etag: "622b79a6-5027"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=600;
content-length: 20519

GET
H2 200 rocket-loader.min.js Show response
donate.wck.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 24ms
23ms Script
application/javascript 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.wck.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.wck.org/give/394390?m=65460&eatoken=3%3AFxXXvMC7VQIv7mJ4ABQCKcV0kIsWTySO7eDdMCE0EBwDKjHhGH-81dnqZvzx0yj8brUiLt3BsDMAVXumrT1B1oGxR2egy2F4b8vlRVz2BUT4ng&nid=VR.bec9a2d3-7c57-3766-b1c1-4d4cd68b05db.TA_EMAIL_TRV
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 16:35:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 11 Mar 2022 12:22:44 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"622b3f14-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=172800, public
strict-transport-security: max-age=31536000; includeSubDomains
cf-ray: 6ebe6bec1c8e23c7-ZRH
expires: Wed, 16 Mar 2022 16:35:16 GMT

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ 14 KB
5 KB 94ms
67ms Script
text/javascript 2606:4700::6810:5e41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: donate.wck.org
URL: https://donate.wck.org/give/394390?m=65460&eatoken=3%3AFxXXvMC7VQIv7mJ4ABQCKcV0kIsWTySO7eDdMCE0EBwDKjHhGH-81dnqZvzx0yj8brUiLt3BsDMAVXumrT1B1oGxR2egy2F4b8vlRVz2BUT4ng&nid=VR.bec9a2d3-7c57-3766-b1c1-4d4cd68b05db.TA_EMAIL_TRV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://donate.wck.org/
Origin: https://donate.wck.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 16:35:16 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 6ebe6bec4b78cc62-ZRH

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 52ms
29ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: donate.wck.org
URL: https://donate.wck.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

b872b4ad2e649961fbf3cdc43966716bd820301634adebaf5329c1aa22a1f7ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.wck.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 16:35:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14889
x-xss-protection: 0
server: cafe
etag: 11178597599353190569
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 14 Mar 2022 16:35:16 GMT

GET
H2 200 onetrustConsent-1539020710655.js Show response
prod-frs.content.classy.org/prod/16043/static/onetrust/ 50 KB
12 KB 30ms
29ms Script
application/javascript 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/16043/static/onetrust/onetrustConsent-1539020710655.js

Requested by

Host: donate.wck.org
URL: https://donate.wck.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

987371454c1ad11929a412bd48f8ca28d2a951425e60023e9b1031575980ac9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.wck.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 16:35:16 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 55442
cf-polished: origSize=54583
x-amz-request-id: 9JW7NS90B5N09XV8
x-amz-id-2: rAq5uEvRhUigMsYGENlaUK65V30dl2BaH/mjcCtxSCGWw/QODFYW8CgDu3X0M85ObVvX7P/W3nk=
last-modified: Wed, 09 Mar 2022 21:33:59 GMT
server: cloudflare
etag: W/"64c3a4446a1c238c4df7f2db78163772"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 6ebe6bec4e342325-ZRH
cf-bgj: minify

GET
H2 200 iframe-v3.min.js Show response
htp.tokenex.com/iframe/ 15 KB
4 KB 619ms
124ms Script
application/javascript 52.143.247.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://htp.tokenex.com/iframe/iframe-v3.min.js

Requested by

Host: donate.wck.org
URL: https://donate.wck.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.143.247.24 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

21c848048b8d6f27df63cda1c6c0b3990d9bec2a6e2117685994755f7752b8b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.wck.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 11 Mar 2022 22:20:53 GMT
etag: "809036459635d81:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
date: Mon, 14 Mar 2022 16:35:17 GMT
accept-ranges: bytes
content-length: 4029
x-xss-protection: 1; mode=block

GET
H2 200 paypal-js.legacy.min.js Show response
unpkg.com/@paypal/paypal-js@4.0.8/dist/iife/ 7 KB
3 KB 52ms
25ms Script
application/javascript 2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@paypal/paypal-js@4.0.8/dist/iife/paypal-js.legacy.min.js

Requested by

Host: donate.wck.org
URL: https://donate.wck.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62f42276dddf470e795cc1b1bdcb8fe73a0354188bcfa80e0600e8b8d2a21dcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.wck.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 16:35:16 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 16042434
fly-request-id: 01FF6H925DYEB8ZPR9RDNX28BP
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"1b81-IpiDV5HCNI7yT2mRdGuH3F1n0RQ"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6ebe6bec79862373-ZRH

GET
H2 200 module.min.js Show response
prod-frs.content.classy.org/prod/16043/static/frs/donation/ 178 KB
36 KB 34ms
33ms Script
application/javascript 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/16043/static/frs/donation/module.min.js

Requested by

Host: donate.wck.org
URL: https://donate.wck.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d57ca9d0360fd8880df135a1d414e60f73dce60f65bbaed8a9174b2506ab1b02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.wck.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 16:35:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Mar 2022 21:33:58 GMT
server: cloudflare
age: 55442
etag: W/"2ddcd236cf15d32920a6d14bce114f19"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
strict-transport-security: max-age=31536000; includeSubDomains
cf-ray: 6ebe6bec4e372325-ZRH
x-amz-request-id: 9JWCFG4DB2YRMTCM
x-amz-id-2: hFdih3dFsyngYBziKtikVAXtOV/D8amI3NqTPt/5hA2bh/HiEQrCkmZGtGwzcN+sOhmxwP1vUwo=

GET
H2 200 module.min.js Show response
prod-frs.content.classy.org/prod/16043/static/global/ 2 MB
343 KB 40ms
39ms Script
application/javascript 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/16043/static/global/module.min.js

Requested by

Host: donate.wck.org
URL: https://donate.wck.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f58dde34086b12832e2cb3817d80f9d414346cdfa9a37815206206159e0af04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.wck.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 16:35:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Mar 2022 21:33:59 GMT
server: cloudflare
age: 55442
etag: W/"1a697ddaa666fb9abe7f964ccc54efa6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
strict-transport-security: max-age=31536000; includeSubDomains
cf-ray: 6ebe6bec4e392325-ZRH
x-amz-request-id: 9JW6BVVF3Q2RB2WW
x-amz-id-2: ML6gOj3X286f0ekqHRNtpa0A6lnQq2wCuT4r/3PgGORdbzQ82N6itdU9h51vhrP1imm1kcSYdFM=

GET
H2 200 libs.min.js Show response
prod-frs.content.classy.org/prod/16043/static/global/ 1 MB
430 KB 52ms
52ms Script
application/javascript 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/16043/static/global/libs.min.js

Requested by

Host: donate.wck.org
URL: https://donate.wck.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b05bc405a4294a1d778025a79275c288477dda7cf50f679c9b621925b0dad5a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.wck.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 16:35:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Mar 2022 21:33:58 GMT
server: cloudflare
age: 55442
etag: W/"772e1301b871cc2545926cb86ee5965f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
strict-transport-security: max-age=31536000; includeSubDomains
cf-ray: 6ebe6bec4e3a2325-ZRH
x-amz-request-id: 9JWE5S6W7THQX0CB
x-amz-id-2: sNR3RM1s6SKAaCymOig//XmII200dl9ob2xBm0ZKB6ot00c6FinETGHo2uf9NDN9id07zcqBcAE=

GET
H2 200 link-initialize.js Show response
cdn.plaid.com/link/v2/stable/ 87 KB
30 KB 119ms
60ms Script
application/javascript 108.157.4.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by: Host: donate.wck.org
URL: https://donate.wck.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-23.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 88d1a4c00a42d4ae20c4b8f4e193e334d77394c6c7dc4197c66a90e90e4973f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.wck.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 14:16:10 GMT
content-encoding: gzip
age: 8347
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-request-id: F3JCYSN83M7917HD
x-amz-id-2: SNYNEbORqo0FJ9oWkj17hjfLjwZvxvDmKO0oUON6+o+k0tfEZnu75jvDQu3yXgLmUG7hfc+sPqg=
last-modified: Mon, 14 Mar 2022 13:31:55 GMT
server: AmazonS3
etag: W/"9a6402905fa289ac1ab641a215b23f63"
vary: Accept-Encoding
x-amz-version-id: mooK.KENxjysg444AYjP_LwgfzXfBL83
via: 1.1 8080d8bfc581f6befaaa7736f6d0003e.cloudfront.net (CloudFront)
cache-control: no-cache,must-revalidate,max-age=0
x-amz-cf-pop: DUS51-P2
content-type: application/javascript
x-amz-cf-id: FtSxTY1YEJhm76UZAmSIWwJ6KW7AKSFwvFiAsO_-JCLbEG2EzFjH7A==

GET
H2 200 / Show response
js.stripe.com/v3/ 289 KB
69 KB 65ms
7ms Script
application/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: donate.wck.org
URL: https://donate.wck.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ae998eb82cc3181d36e0cb43e5b89634b8ba85e027047d343e58cbc6fc58d3ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.wck.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 53
x-cache: HIT
content-length: 70008
etag: "1d59cd0ea7348aa08194901403b1a457"
x-request-id: eb86583a-510c-497f-868c-425c03f940fc
x-served-by: cache-hhn4042-HHN
access-control-allow-origin: *
last-modified: Fri, 11 Mar 2022 23:57:16 GMT
server: Fastly
date: Mon, 14 Mar 2022 16:35:16 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 18

GET
H2 200 ddplugin.js Show response
doublethedonation.com/api/js/ 420 KB
89 KB 209ms
181ms Script
text/javascript 23.96.109.67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://doublethedonation.com/api/js/ddplugin.js
Requested by: Host: donate.wck.org
URL: https://donate.wck.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.96.109.67 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: db49cf0970b25372642861352702ca1153a05c3d634a2fabe48112049ec74579

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.wck.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 16:35:16 GMT
content-encoding: br
last-modified: Fri, 11 Mar 2022 16:32:37 GMT
server: nginx
etag: "622b79a5-162fa"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=600;
content-length: 90874

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 270ms
6ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.wck.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3624
date: Mon, 14 Mar 2022 15:34:53 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 14 Mar 2022 17:34:53 GMT

GET
H2 200 heap-1566116007.js Show response
cdn.heapanalytics.com/js/ 111 KB
43 KB 272ms
8ms Script
application/javascript 13.32.121.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-1566116007.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.85 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-85.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

8dfc820eee73dff22f39419f76c53bf6327d37b10cf348224eb78e723f0cb93b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.wck.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 16:33:24 GMT
content-encoding: gzip
server: nginx
age: 113
etag: W/"1bba2-apq5gpzTENG/d0mvFxnZHw"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 d7433132a7c6595c9aab2dc2272e7060.cloudfront.net (CloudFront)
cache-control: public, max-age=120
x-amz-cf-pop: FRA60-P1
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-id: aFiQsKwFe6CzeQSiglY6rB4nZXIukZ0pzx2iFAYFhMDQ97jahb7FOQ==

POST
H2 202 / Show response
sessions.bugsnag.com/ 21 B
140 B 144ms
144ms XHR
application/json 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: donate.wck.org
URL: https://donate.wck.org/give/394390?m=65460&eatoken=3%3AFxXXvMC7VQIv7mJ4ABQCKcV0kIsWTySO7eDdMCE0EBwDKjHhGH-81dnqZvzx0yj8brUiLt3BsDMAVXumrT1B1oGxR2egy2F4b8vlRVz2BUT4ng&nid=VR.bec9a2d3-7c57-3766-b1c1-4d4cd68b05db.TA_EMAIL_TRV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1.0
Referer: https://donate.wck.org/
Bugsnag-Sent-At: 2022-03-14T16:35:16.885Z
Accept-Language: de-DE,de;q=0.9
Bugsnag-Api-Key: ed2f4223afa43ef4870a151ab82d1ac6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Mon, 14 Mar 2022 16:35:17 GMT
via: 1.1 google
bugsnag-session-uuid: b6276267-f25c-45f0-b022-fe6e6fe5249f
alt-svc: clear
content-length: 21
content-type: application/json

GET
H2 200 sdk.js Show response
donate.wck.org/sso/ 11 KB
4 KB 47ms
47ms Script
application/javascript 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.wck.org/sso/sdk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/5.6.40

Resource Hash

f70b05c50d20b6044717b1a0f732d9f20958482d5391450af6a1cbce1eb2e514

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.wck.org/give/394390?m=65460&eatoken=3%3AFxXXvMC7VQIv7mJ4ABQCKcV0kIsWTySO7eDdMCE0EBwDKjHhGH-81dnqZvzx0yj8brUiLt3BsDMAVXumrT1B1oGxR2egy2F4b8vlRVz2BUT4ng&nid=VR.bec9a2d3-7c57-3766-b1c1-4d4cd68b05db.TA_EMAIL_TRV
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 16:35:16 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 715
x-powered-by: PHP/5.6.40
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OIv54XFI7Ure9nI26Dm4TYAj_yZKQl1T9cCzOfmfVRk-1647275716-0-AZpZ2detaIm-yAFg_g3asJB7VCmtn0_FvUCMmd2qt_4W_0PsKEoavMpmBD6OCjhcB7oGQm80uSn_1KFf9nrfk60
cf-bgj: minify
last-modified: Mon, 14 Mar 2022 16:23:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=utf-8
cache-control: max-age=1200
cf-polished: origSize=21336
cf-ray: 6ebe6bee983d23c7-ZRH
expires: Mon, 14 Mar 2022 16:43:21 GMT

GET
H2 200 link-dynamic-loader.js
cdn.plaid.com/link/2.0.1286/ 0
41 KB 13ms
13ms Other
application/javascript 108.157.4.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/2.0.1286/link-dynamic-loader.js
Requested by: Host: donate.wck.org
URL: https://donate.wck.org/give/394390?m=65460&eatoken=3%3AFxXXvMC7VQIv7mJ4ABQCKcV0kIsWTySO7eDdMCE0EBwDKjHhGH-81dnqZvzx0yj8brUiLt3BsDMAVXumrT1B1oGxR2egy2F4b8vlRVz2BUT4ng&nid=VR.bec9a2d3-7c57-3766-b1c1-4d4cd68b05db.TA_EMAIL_TRV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-23.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.wck.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 14:16:11 GMT
content-encoding: gzip
age: 8347
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 14 Mar 2022 13:31:55 GMT
server: AmazonS3
etag: W/"d8cdec06c39473fc25eb5fb50599267f"
vary: Accept-Encoding
x-amz-version-id: Ifl_leVgQrll9eiYreH6SxUgJfY458wB
via: 1.1 8080d8bfc581f6befaaa7736f6d0003e.cloudfront.net (CloudFront)
cache-control: max-age=10800
x-amz-cf-pop: DUS51-P2
content-type: application/javascript
x-amz-cf-id: 7k_HQnAeqBt7TZXewrbbnXCus4hiCmRUr1_J6TenHADW9f45wM2IVQ==

OPTIONS
H2 200 /
sessions.bugsnag.com/ Frame 0
0 272ms
144ms Preflight 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Origin: https://donate.wck.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
date: Mon, 14 Mar 2022 16:35:17 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H2 200 jquery-3.3.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 30ms
13ms Script
application/javascript 2001:4de0:ac18::1:a:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.min.js
Requested by: Host: donate.wck.org
URL: https://donate.wck.org/give/394390?m=65460&eatoken=3%3AFxXXvMC7VQIv7mJ4ABQCKcV0kIsWTySO7eDdMCE0EBwDKjHhGH-81dnqZvzx0yj8brUiLt3BsDMAVXumrT1B1oGxR2egy2F4b8vlRVz2BUT4ng&nid=VR.bec9a2d3-7c57-3766-b1c1-4d4cd68b05db.TA_EMAIL_TRV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Referer: https://donate.wck.org/
Origin: https://donate.wck.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 16:35:17 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-1538f"
vary: Accept-Encoding
x-hw: 1647275717.dop234.fr8.t,1647275717.cds165.fr8.hn,1647275717.cds057.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30288

GET
H2 200 h
heapanalytics.com/ 37 B
259 B 368ms
100ms Image
image/gif 34.234.33.8
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1566116007&u=3141148209231365&v=502273731192336&s=897677440326104&b=web&tv=4.0&z=0&g=%23!%2Fdonation%2Fcheckout&h=%2Fgive%2F394390&q=%3Fm%3D65460%26eatoken%3D3%253AFxXXvMC7VQIv7mJ4ABQCKcV0kIsWTySO7eDdMCE0EBwDKjHhGH-81dnqZvzx0yj8brUiLt3BsDMAVXumrT1B1oGxR2egy2F4b8vlRVz2BUT4ng%26nid%3DVR.bec9a2d3-7c57-3766-b1c1-4d4cd68b05db.TA_EMAIL_TRV&d=donate.wck.org&t=World%20Central%20Kitchen&ts=1647275717071&st=1647275717072

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.234.33.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-234-33-8.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.wck.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Mar 2022 16:35:17 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 iframeResizer-6bb8ec1b02.js Show response
donate.wck.org/sso/ssobuild/js/ 22 KB
7 KB 39ms
39ms XHR
application/javascript 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.wck.org/sso/ssobuild/js/iframeResizer-6bb8ec1b02.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb92a1ef1cf264bb8eea72c2931c0792c88263258e00e86de118bdd5f1aae997

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-fc8d2ca187e36a94----1647275717086
traceparent: 00-b62393fd72c2fbf870b3f24dd9c824d0-fc8d2ca187e36a94-01
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJmYzhkMmNhMTg3ZTM2YTk0IiwidHIiOiJiNjIzOTNmZDcyYzJmYmY4NzBiM2YyNGRkOWM4MjRkMCIsInRpIjoxNjQ3Mjc1NzE3MDg2fX0=
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://donate.wck.org/give/394390?m=65460&eatoken=3%3AFxXXvMC7VQIv7mJ4ABQCKcV0kIsWTySO7eDdMCE0EBwDKjHhGH-81dnqZvzx0yj8brUiLt3BsDMAVXumrT1B1oGxR2egy2F4b8vlRVz2BUT4ng&nid=VR.bec9a2d3-7c57-3766-b1c1-4d4cd68b05db.TA_EMAIL_TRV
X-Requested-With: XMLHttpRequest

Response headers

date: Mon, 14 Mar 2022 16:35:17 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1475815
cf-polished: origSize=35133
cf-bgj: minify
last-modified: Wed, 26 Jan 2022 18:22:02 GMT
server: cloudflare
etag: W/"61f1914a-893d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-ray: 6ebe6befda2823c7-ZRH
expires: Sat, 25 Feb 2023 14:38:22 GMT

GET
H2 200 m-outer-9fe86c29346daf61dc2cc0586b4fad18.html Show response
js.stripe.com/v3/ Frame 8234 240 B
555 B 7ms
6ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-9fe86c29346daf61dc2cc0586b4fad18.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

1dda2cecb8f0322c2b59a817ac9d9fa234b3792ff094b1a401b3862d3cf157dc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://donate.wck.org/

Response headers

last-modified: Mon, 07 Mar 2022 20:11:00 GMT
etag: "9fe86c29346daf61dc2cc0586b4fad18"
cache-control: max-age=31536000
content-type: text/html; charset=utf-8
content-security-policy: default-src 'self'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Mon, 14 Mar 2022 16:35:17 GMT
via: 1.1 varnish
age: 591768
x-request-id: 78ae6b96-7bc8-4649-8909-e5f2d5f7841c
x-served-by: cache-hhn4042-HHN
x-cache: HIT
x-cache-hits: 32495
vary: Accept-Encoding
timing-allow-origin: *
content-length: 140

GET
H2 200 nr-spa-1215.min.js Show response
js-agent.newrelic.com/ 47 KB
18 KB 22ms
6ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-spa-1215.min.js
Requested by: Host: donate.wck.org
URL: https://donate.wck.org/give/394390?m=65460&eatoken=3%3AFxXXvMC7VQIv7mJ4ABQCKcV0kIsWTySO7eDdMCE0EBwDKjHhGH-81dnqZvzx0yj8brUiLt3BsDMAVXumrT1B1oGxR2egy2F4b8vlRVz2BUT4ng&nid=VR.bec9a2d3-7c57-3766-b1c1-4d4cd68b05db.TA_EMAIL_TRV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dd2d8d288526b88b0eae53168e31b4092acf39ed38d40ffcbc6d0ab2f7a4aa66

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.wck.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: zcmP9QP8YWQtiPZETZozJGQXbXQvWuWT
content-encoding: gzip
etag: "7e1862f7a390ed9fc02c299216395547"
x-amz-request-id: 2T668NC3H6XRH3JM
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 17465
x-amz-id-2: z3ZqPCO5H2fAGveHR6fjGtcOihhegJNM/yscm5AE5zxFfnMu1pdPU5pzTJPseqp7FaurMRqqEiI=
x-served-by: cache-hhn4051-HHN
last-modified: Mon, 24 Jan 2022 22:13:54 GMT
server: AmazonS3
x-timer: S1647275717.163706,VS0,VE0
date: Mon, 14 Mar 2022 16:35:17 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1689

GET
H2 200 optanon.css
prod-frs.content.classy.org/prod/16043/static/onetrust/skins/3.6.25/default_flat_bottom_two_button_white/v2/css/ 22 KB
6 KB 38ms
38ms Stylesheet
text/css 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/16043/static/onetrust/skins/3.6.25/default_flat_bottom_two_button_white/v2/css/optanon.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

adf4afee15d307888f52c5c1b8649ba2ef593e9a04e1400b63f80774c0d20176

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.wck.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 16:35:17 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 50585
cf-polished: origSize=22581
x-amz-request-id: 917HR69Q56YV2JQ7
x-amz-id-2: gd3UYl6XR1Aip4iEireO/npc09xGplwLCzdDEDC7hGqQIS57e5z9ZlqEYrRAl6nhxSlgb3T5g+Y=
last-modified: Wed, 09 Mar 2022 21:33:59 GMT
server: cloudflare
etag: W/"5ec3a032a0370bd8e3f63adf430b4617"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
cache-control: max-age=86400
cf-ray: 6ebe6bf03df02325-ZRH
cf-bgj: minify

GET
H2 200 EU Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/countries/ 32 B
256 B 63ms
34ms Script
text/javascript 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/countries/EU?callback=jQuery32108369088923125387_1647275716803&_=1647275716804

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0817a0d6a87f2d42532035e42b20ea55cfaa5ca1092c761f5fc5e734790bdbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.wck.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 16:35:17 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6ebe6bf06dbfcc5a-ZRH
content-length: 32

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 222ms
37ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: donate.wck.org
URL: https://donate.wck.org/give/394390?m=65460&eatoken=3%3AFxXXvMC7VQIv7mJ4ABQCKcV0kIsWTySO7eDdMCE0EBwDKjHhGH-81dnqZvzx0yj8brUiLt3BsDMAVXumrT1B1oGxR2egy2F4b8vlRVz2BUT4ng&nid=VR.bec9a2d3-7c57-3766-b1c1-4d4cd68b05db.TA_EMAIL_TRV
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CF7) /
Resource Hash: c9a35e6a04a65ef59009f7f48fda051d802dea8c7814533ba432b6477410c9b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.wck.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 14 Mar 2022 16:35:17 GMT
Content-Encoding: gzip
Age: 1366
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 29178
x-tw-cdn: VZ
Last-Modified: Wed, 16 Feb 2022 18:46:17 GMT
Server: ECS (mil/6CF7)
Etag: "f7f936f48944db7f829585c4368f33ae+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 200 iframe_api Show response
www.youtube.com/ 980 B
2 KB 128ms
28ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

911ef7c8eccb36f011b85b2c67156a262d1bb0c9fed0543746d80ed08a8621e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.wck.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 16:35:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"
expires: Mon, 14 Mar 2022 16:35:17 GMT

GET
H2 200 tax-entities Show response
donate.wck.org/frs-api/organizations/20802/ 397 B
316 B 507ms
506ms XHR
application/json 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.wck.org/frs-api/organizations/20802/tax-entities

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c436c243a9a9475a4aef412cb31a2a5f06927436a98c7d243b5083fab52eed63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: 5tNytoIS-dmQJgKS_II7pqBnvVppzrpxgPH4
tracestate: 423787@nr=0-1-423787-363751183-403e8bbadfeb0eab----1647275717361
traceparent: 00-901ee1a8db032e55007b03dae97415b0-403e8bbadfeb0eab-01
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI0MDNlOGJiYWRmZWIwZWFiIiwidHIiOiI5MDFlZTFhOGRiMDMyZTU1MDA3YjAzZGFlOTc0MTViMCIsInRpIjoxNjQ3Mjc1NzE3MzYxfX0=
Accept: application/json, text/plain, */*
csrf-token: 5tNytoIS-dmQJgKS_II7pqBnvVppzrpxgPH4
Referer: https://donate.wck.org/give/394390?m=65460&eatoken=3%3AFxXXvMC7VQIv7mJ4ABQCKcV0kIsWTySO7eDdMCE0EBwDKjHhGH-81dnqZvzx0yj8brUiLt3BsDMAVXumrT1B1oGxR2egy2F4b8vlRVz2BUT4ng&nid=VR.bec9a2d3-7c57-3766-b1c1-4d4cd68b05db.TA_EMAIL_TRV

Response headers

date: Mon, 14 Mar 2022 16:35:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"18d-w2yeKZbHftYYDgmvzLYZBe5pco8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 6ebe6bf18d5323c7-ZRH
vary: Accept-Encoding

GET
H2 200 channels Show response
donate.wck.org/frs-api/campaigns/394390/ 785 B
622 B 469ms
468ms XHR
application/json 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.wck.org/frs-api/campaigns/394390/channels?filter=channel_name%3DDoubletheDonation

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0429366e46af03204bb50895857583bae6449f82b70b74b54c2d87ee074d7637

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: 5tNytoIS-dmQJgKS_II7pqBnvVppzrpxgPH4
tracestate: 423787@nr=0-1-423787-363751183-3f1f8f1658a1143a----1647275717398
traceparent: 00-56322525beedd9f4ff5743cc9975e620-3f1f8f1658a1143a-01
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIzZjFmOGYxNjU4YTExNDNhIiwidHIiOiI1NjMyMjUyNWJlZWRkOWY0ZmY1NzQzY2M5OTc1ZTYyMCIsInRpIjoxNjQ3Mjc1NzE3Mzk4fX0=
Accept: application/json, text/plain, */*
csrf-token: 5tNytoIS-dmQJgKS_II7pqBnvVppzrpxgPH4
Referer: https://donate.wck.org/give/394390?m=65460&eatoken=3%3AFxXXvMC7VQIv7mJ4ABQCKcV0kIsWTySO7eDdMCE0EBwDKjHhGH-81dnqZvzx0yj8brUiLt3BsDMAVXumrT1B1oGxR2egy2F4b8vlRVz2BUT4ng&nid=VR.bec9a2d3-7c57-3766-b1c1-4d4cd68b05db.TA_EMAIL_TRV

Response headers

date: Mon, 14 Mar 2022 16:35:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"311-3MOULFoyTpKqFyXf8+eEf02vwNo"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 6ebe6bf1cdb123c7-ZRH
vary: Accept-Encoding

GET
H2 200 ach-account-routing Show response
donate.wck.org/frs-api/organizations/20802/ 33 B
169 B 473ms
473ms XHR
application/json 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.wck.org/frs-api/organizations/20802/ach-account-routing

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db35d9942ff3fe390acc214cea81723f9c880cdd53788be8a16d6b3e0aab3965

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: 5tNytoIS-dmQJgKS_II7pqBnvVppzrpxgPH4
tracestate: 423787@nr=0-1-423787-363751183-8edfde400ea39f0b----1647275717399
traceparent: 00-b1ec455ed7fe18a1f9cda88cabedd550-8edfde400ea39f0b-01
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI4ZWRmZGU0MDBlYTM5ZjBiIiwidHIiOiJiMWVjNDU1ZWQ3ZmUxOGExZjljZGE4OGNhYmVkZDU1MCIsInRpIjoxNjQ3Mjc1NzE3Mzk5fX0=
Accept: application/json, text/plain, */*
csrf-token: 5tNytoIS-dmQJgKS_II7pqBnvVppzrpxgPH4
Referer: https://donate.wck.org/give/394390?m=65460&eatoken=3%3AFxXXvMC7VQIv7mJ4ABQCKcV0kIsWTySO7eDdMCE0EBwDKjHhGH-81dnqZvzx0yj8brUiLt3BsDMAVXumrT1B1oGxR2egy2F4b8vlRVz2BUT4ng&nid=VR.bec9a2d3-7c57-3766-b1c1-4d4cd68b05db.TA_EMAIL_TRV

Response headers

date: Mon, 14 Mar 2022 16:35:17 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"21-x2mDQC0vzbrt0ZWFDFk/7jYh9jg"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 6ebe6bf1cdb323c7-ZRH
vary: Accept-Encoding
content-length: 33

GET
H2 200 plaid Show response
pay.classy.org/token/ 88 B
1022 B 651ms
519ms XHR
application/json 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/plaid?applicationId=11153&currency=EUR

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86cb276d0550d189e7dad4800fbbcfe7b5312f7845e0e711115d5aad589b5d27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://donate.wck.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 16:35:18 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-classypay-version: 1
cf-cache-status: DYNAMIC
x-amz-cf-pop: FRA56-P5
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=LuAK_1pv_ND1twWbiW.SmasXlI3NAM.lPOlFoUN.MRI-1647275718-0-AdgXl1LrkhKIzDA8gUiJuVjxxu3osg9lzZ2zbSepvzUdBdzu6uqn3xbM_6xVpAOABZVP8jIxwEwyKXVp8eDdMIQ
x-cache: Miss from cloudfront
x-classypay-requestid: 6760db62-b920-4762-9d45-8496cd16bcbb
content-encoding: br
vary: Accept-Encoding
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 6ebe6bf2f8b9cc5a-ZRH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
x-amz-cf-id: 3A34Vw4UJdbwQ7Usq8tW5-zIid4OKjAYcTOXXVyROj0OdK4NX4MKPg==

GET
H2 200 b86b5730-9cb5-11ec-ae63-0a58a9feac02.jpg
assets.classy.org/18305442/ 148 KB
149 KB 78ms
58ms Image
image/webp 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/18305442/b86b5730-9cb5-11ec-ae63-0a58a9feac02.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e906db1e3944fb6bfb6c1c25957a65e1fd4b74447ae5a4ab89d40dac0e8e0521

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.wck.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 16:35:17 GMT
via: 1.1 32700c539a5f821aadd3624288c4aeb6.cloudfront.net (CloudFront)
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 769114
cf-polished: qual=85, origFmt=jpeg, origSize=171780
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
content-disposition: inline; filename="b86b5730-9cb5-11ec-ae63-0a58a9feac02.webp"
content-length: 151680
x-amz-server-side-encryption: AES256
last-modified: Sat, 05 Mar 2022 18:54:45 GMT
server: cloudflare
etag: "9c3338afc3078c22087799d22414b9e2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/webp
cache-control: public,max-age=31536000
x-amz-version-id: SzEJPjvsn2Z1pn4bTQwlOVo82fO907Bu
x-amz-cf-pop: MUC50-P1
accept-ranges: bytes
cf-ray: 6ebe6bf289f82325-ZRH
x-amz-cf-id: L-CM3Bnksb81cIZbx5eEMqXYm3e8DpSa6q9iSPK0z2DrcI-_nLskPg==
cf-bgj: imgq:85,h2pri

GET
H2 200 dropdown-caret.png
prod-frs.content.classy.org/prod/16043/static/global/images/ 394 B
655 B 35ms
34ms Image
image/webp 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/16043/static/global/images/dropdown-caret.png

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/16043/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9dc9f15be9644fe661ed74493a4de393418024500fe78cf633bac0a86f29a745

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prod-frs.content.classy.org/prod/16043/static/frs/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 16:35:17 GMT
vary: Accept
cf-cache-status: HIT
age: 49828
cf-polished: origFmt=png, origSize=547
cf-ray: 6ebe6bf269bc2325-ZRH
content-disposition: inline; filename="dropdown-caret.webp"
content-length: 394
x-amz-id-2: hY1p+ex53T8KtPHeCt5H4jnWB9IXHByQo9frxMYaVHy8qG9zmiX5R5DZE0DnJ5V1ndFbBWKF/zM=
last-modified: Wed, 09 Mar 2022 21:33:58 GMT
server: cloudflare
etag: "43da60879cfe0801ed7fc830a628885c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-request-id: D2KMXPYT4W1GNPQP
cache-control: max-age=86400
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 ClassyIcons.woff
prod-frs.content.classy.org/prod/16043/static/global/fonts/ 42 KB
43 KB 96ms
63ms Font
application/x-font-woff 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/16043/static/global/fonts/ClassyIcons.woff

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/16043/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46e79a09a479456616c9a9ac685e8e26ca6377c3067d18205066c541db3f9da4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://prod-frs.content.classy.org/prod/16043/static/frs/main.css
Origin: https://donate.wck.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 16:35:17 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 29478
cf-ray: 6ebe6bf2bec801f4-ZRH
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 43184
x-amz-id-2: UBQoC0slZdKPYlOzqVyxNXInXqi9bvG0awV5pWo6Hq3qPWFFcsGlWgqeyBtqfZ3boq+UX+Msk5A=
last-modified: Wed, 09 Mar 2022 21:33:58 GMT
server: cloudflare
etag: "a3286a77337e9cbd1529269769b0e953"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
x-amz-request-id: 34Y5A0KHCAB2ABR7
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-type: application/x-font-woff

GET
H2 200 fontawesome-webfont.woff2
prod-frs.content.classy.org/prod/16043/static/fonts/ 65 KB
66 KB 81ms
49ms Font
binary/octet-stream 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/16043/static/fonts/fontawesome-webfont.woff2?v=4.5.0

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/16043/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://prod-frs.content.classy.org/prod/16043/static/frs/main.css
Origin: https://donate.wck.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 16:35:17 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 29478
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.cInvhSkZMHODEzY_meZNnMbddHxYZLMcxFJhhcAW_M-1647275717-0-AYIdn8WGIc1vF0z9tvJmk_c4a6577fIKeAzsb8mpN0Zj8hc7CqoMPw0gWU132xQxWMyPZTyy8hwXFlMBKB-ZCZCtmMP91Lb_pzMOePiGhIE_
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 66624
x-amz-id-2: 6J11csZ+wWSBnJyx95LZH11mMqrJnKMoPSDUe7sfpc9N4KTBj9FA5FZI7TdJl3UHo+11K8og0NQ=
cf-ray: 6ebe6bf2bed001f4-ZRH
last-modified: Wed, 09 Mar 2022 21:33:58 GMT
server: cloudflare
etag: "db812d8a70a4e88e888744c1c9a27e89"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
x-amz-request-id: 34Y6T5MXQAQX5EDK
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-type: binary/octet-stream

GET
H2 200 currency-conversions Show response
donate.wck.org/frs-api/i18n/ 73 B
223 B 439ms
438ms XHR
application/json 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.wck.org/frs-api/i18n/currency-conversions?amount=1&from=USD&to=EUR

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c0590b942b751ad1015d0203cca0ff1dfe5ccea220e263c3640040d64c0c882

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: 5tNytoIS-dmQJgKS_II7pqBnvVppzrpxgPH4
tracestate: 423787@nr=0-1-423787-363751183-fe805a81a99f83f3----1647275717598
traceparent: 00-a18cc30b1ded3839d737ad8808bc8500-fe805a81a99f83f3-01
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJmZTgwNWE4MWE5OWY4M2YzIiwidHIiOiJhMThjYzMwYjFkZWQzODM5ZDczN2FkODgwOGJjODUwMCIsInRpIjoxNjQ3Mjc1NzE3NTk4fX0=
Accept: application/json, text/plain, */*
csrf-token: 5tNytoIS-dmQJgKS_II7pqBnvVppzrpxgPH4
Referer: https://donate.wck.org/give/394390?m=65460&eatoken=3%3AFxXXvMC7VQIv7mJ4ABQCKcV0kIsWTySO7eDdMCE0EBwDKjHhGH-81dnqZvzx0yj8brUiLt3BsDMAVXumrT1B1oGxR2egy2F4b8vlRVz2BUT4ng&nid=VR.bec9a2d3-7c57-3766-b1c1-4d4cd68b05db.TA_EMAIL_TRV

Response headers

date: Mon, 14 Mar 2022 16:35:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"49-PO/xzp7QtgPEvLSNg8xtIhSok5Y"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 6ebe6bf30f7d23c7-ZRH
vary: Accept-Encoding

GET
H2 200 user-icon.png
donate.wck.org/static/global/images/ 2 KB
2 KB 33ms
33ms Image
image/webp 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://donate.wck.org/static/global/images/user-icon.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c751fe2e3ebe19205c4845af55a79608fcc55109648115357e673bf5dc161b49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.wck.org/give/394390?m=65460&eatoken=3%3AFxXXvMC7VQIv7mJ4ABQCKcV0kIsWTySO7eDdMCE0EBwDKjHhGH-81dnqZvzx0yj8brUiLt3BsDMAVXumrT1B1oGxR2egy2F4b8vlRVz2BUT4ng&nid=VR.bec9a2d3-7c57-3766-b1c1-4d4cd68b05db.TA_EMAIL_TRV
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 16:35:17 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 754125
cf-polished: origFmt=png, origSize=4588
content-disposition: inline; filename="user-icon.webp"
cf-bgj: imgq:85,h2pri
content-length: 2024
last-modified: Mon, 28 Feb 2022 18:43:38 GMT
server: cloudflare
etag: "621d17da-11ec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6ebe6bf30f8a23c7-ZRH
expires: Sun, 05 Mar 2023 23:06:32 GMT

GET
H2 200 7e06862a-8a6e-11e9-be78-0e123206230e.png
assets.classy.org/9797180/ 18 KB
19 KB 44ms
44ms Image
image/webp 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/9797180/7e06862a-8a6e-11e9-be78-0e123206230e.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0cbdddc17a4a07f9b2f25c5534ab1dd3ad5aefbf30cfe974cac3ca038b99ca5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.wck.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 16:35:17 GMT
via: 1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 1475817
cf-polished: origFmt=png, origSize=48257
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
content-disposition: inline; filename="7e06862a-8a6e-11e9-be78-0e123206230e.webp"
content-length: 18834
x-amz-server-side-encryption: AES256
last-modified: Sun, 09 Jun 2019 04:24:39 GMT
server: cloudflare
etag: "a9339cefbbb05a0df013e35f938c802f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/webp
cache-control: public,max-age=31536000
x-amz-version-id: Cofp06tjT4eJfJTS1KJ3JH2MVt9tf4ZW
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
cf-ray: 6ebe6bf30b032325-ZRH
x-amz-cf-id: Z7JM0MGildsFaJJsJRkqAsIrXW9AtoOX8Ft5KvKCMKCJcFd_Gkpt5w==
cf-bgj: imgq:85,h2pri

GET
H2 200 1e036a90-8a5a-11e9-b2e7-0a6696c95f9a.png
assets.classy.org/9797180/ 16 KB
16 KB 34ms
34ms Image
image/webp 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/9797180/1e036a90-8a5a-11e9-b2e7-0a6696c95f9a.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

081171e53fb475d6883b0eb282309fa98335569794aabb10e664e1ec31126ab1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.wck.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 16:35:17 GMT
via: 1.1 32700c539a5f821aadd3624288c4aeb6.cloudfront.net (CloudFront)
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 1099659
cf-polished: origFmt=png, origSize=35891
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
content-disposition: inline; filename="1e036a90-8a5a-11e9-b2e7-0a6696c95f9a.webp"
content-length: 16238
x-amz-server-side-encryption: AES256
last-modified: Sun, 09 Jun 2019 01:58:48 GMT
server: cloudflare
etag: "c206881469745f8622e208bf711f1bbe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/webp
cache-control: public,max-age=31536000
x-amz-version-id: 9BR57MIEHnrGse3LEIgMPuHp0cxSZge4
x-amz-cf-pop: MUC50-P1
accept-ranges: bytes
cf-ray: 6ebe6bf30b062325-ZRH
x-amz-cf-id: QLZvF7giP6VpCiTsB12AJLmAux-PScALFNWsxvlGv0Xk9_H-fhdvPA==
cf-bgj: imgq:85,h2pri

POST
H2 200 rum Show response
donate.wck.org/cdn-cgi/ 0
189 B 24ms
24ms XHR
text/plain 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.wck.org/cdn-cgi/rum?

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-8fb5cc4a308ee345----1647275717610
traceparent: 00-ae9926550bc0642e646798f4dfbd8b10-8fb5cc4a308ee345-01
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI4ZmI1Y2M0YTMwOGVlMzQ1IiwidHIiOiJhZTk5MjY1NTBiYzA2NDJlNjQ2Nzk4ZjRkZmJkOGIxMCIsInRpIjoxNjQ3Mjc1NzE3NjEwfX0=
content-type: application/json
Referer: https://donate.wck.org/give/394390?m=65460&eatoken=3%3AFxXXvMC7VQIv7mJ4ABQCKcV0kIsWTySO7eDdMCE0EBwDKjHhGH-81dnqZvzx0yj8brUiLt3BsDMAVXumrT1B1oGxR2egy2F4b8vlRVz2BUT4ng&nid=VR.bec9a2d3-7c57-3766-b1c1-4d4cd68b05db.TA_EMAIL_TRV

Response headers

date: Mon, 14 Mar 2022 16:35:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://donate.wck.org
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 6ebe6bf31f9d23c7-ZRH
vary: Origin

POST
H2 200 csp-report
q.stripe.com/ Frame 8234 0
357 B 509ms
162ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q.stripe.com/csp-report
Requested by: Host: donate.wck.org
URL: https://donate.wck.org/give/394390?m=65460&eatoken=3%3AFxXXvMC7VQIv7mJ4ABQCKcV0kIsWTySO7eDdMCE0EBwDKjHhGH-81dnqZvzx0yj8brUiLt3BsDMAVXumrT1B1oGxR2egy2F4b8vlRVz2BUT4ng&nid=VR.bec9a2d3-7c57-3766-b1c1-4d4cd68b05db.TA_EMAIL_TRV
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 14 Mar 2022 16:35:18 GMT
server: nginx
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
x-envoy-upstream-service-time: 2
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length: 0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 28ms
11ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8e885457ba20624b6b2ce062f0c9f63adaa4e8b215cf068bdf701a6c819b9e5d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.wck.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26293
x-xss-protection: 0
pragma: public
x-fb-debug: 6TbfKoBd5GwoWB6/GJU/IEsA3SeZIFkCxEaBNfwZzaaMEKaoIQIPCLtPRq4asxs1GK6H7j+8dW7yrSJw/S95gg==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Mon, 14 Mar 2022 16:35:17 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 47ms
19ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5fa553b3ca22c21a48fb04341944ed72eff3fc14e3bee039d4f92dccfb270bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.wck.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 16:29:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 14 Mar 2022 16:35:17 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Mar 2022 16:35:17 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
208 B 17ms
16ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1584954821&t=event&_s=1&dl=https%3A%2F%2Fdonate.wck.org%2Fgive%2F394390%3Fm%3D65460%26eatoken%3D3%253AFxXXvMC7VQIv7mJ4ABQCKcV0kIsWTySO7eDdMCE0EBwDKjHhGH-81dnqZvzx0yj8brUiLt3BsDMAVXumrT1B1oGxR2egy2F4b8vlRVz2BUT4ng%26nid%3DVR.bec9a2d3-7c57-3766-b1c1-4d4cd68b05db.TA_EMAIL_TRV&ul=en-us&de=UTF-8&dt=Donate%20to%20World%20Central%20Kitchen&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=frs&ea=checkout&el=Begin%20Checkout&_u=KGDACEABBAAAAC~&jid=263681602&gjid=2143696285&cid=1148721415.1647275717&tid=UA-3837893-1&_gid=2025588087.1647275717&_r=1&_slc=1&z=1670306163

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://donate.wck.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 14 Mar 2022 16:35:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://donate.wck.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
69 B 20ms
20ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1584954821&t=event&_s=1&dl=https%3A%2F%2Fdonate.wck.org%2Fgive%2F394390%3Fm%3D65460%26eatoken%3D3%253AFxXXvMC7VQIv7mJ4ABQCKcV0kIsWTySO7eDdMCE0EBwDKjHhGH-81dnqZvzx0yj8brUiLt3BsDMAVXumrT1B1oGxR2egy2F4b8vlRVz2BUT4ng%26nid%3DVR.bec9a2d3-7c57-3766-b1c1-4d4cd68b05db.TA_EMAIL_TRV&ul=en-us&de=UTF-8&dt=Donate%20to%20World%20Central%20Kitchen&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=frs&ea=checkout&el=Begin%20Checkout&_u=KGDACEABBAAAAC~&jid=1806133860&gjid=1195679090&cid=1148721415.1647275717&tid=UA-151317020-1&_gid=2025588087.1647275717&_r=1&_slc=1&z=267006640

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://donate.wck.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 14 Mar 2022 16:35:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://donate.wck.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 stripe Show response
pay.classy.org/token/ 99 B
667 B 482ms
482ms XHR
application/json 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/stripe?applicationId=11153&currency=EUR

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fac44736016b4b0e83c2293f77abcd251520dc2e841fb35604b33aefc3a485ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://donate.wck.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 16:35:18 GMT
via: 1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
x-classypay-version: 1
cf-cache-status: DYNAMIC
x-amz-cf-pop: FRA56-P5
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=7vupDGvoNbTgJzIi3e4eN9H.4rARkmCUlSrG9JqSzxo-1647275718-0-AXY-S7aq1N-R6Y1NUGQWIsLQCM4hqrTOgJOq2AiwbrGQyNULMq41ECiSpo_BID5zk9h6fweCtymWBC2owiK71lk
x-cache: Miss from cloudfront
x-classypay-requestid: ad3a1305-3ffa-4048-bb79-d829db47d379
content-encoding: br
vary: Accept-Encoding
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 6ebe6bf37965cc5a-ZRH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
x-amz-cf-id: scjR6_ZTqzKtfFCZOK5HQQfL-x3vvcD4nNpNxGoULZzWegF0P9_LfQ==

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1584954821&t=timing&_s=2&dl=https%3A%2F%2Fdonate.wck.org%2Fgive%2F394390%3Fm%3D65460%26eatoken%3D3%253AFxXXvMC7VQIv7mJ4ABQCKcV0kIsWTySO7eDdMCE0EBwDKjHhGH-81dnqZvzx0yj8brUiLt3BsDMAVXumrT1B1oGxR2egy2F4b8vlRVz2BUT4ng%26nid%3DVR.bec9a2d3-7c57-3766-b1c1-4d4cd68b05db.TA_EMAIL_TRV&ul=en-us&de=UTF-8&dt=Donate%20to%20World%20Central%20Kitchen&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20latency&utv=fresh&utl=1647275717205&utt=467&_u=aGDACEABBAAAAC~&jid=&gjid=&cid=1148721415.1647275717&tid=UA-3837893-1&_gid=2025588087.1647275717&cd1=20802&cd2=Classy%20Pay&cd3=0&cd4=donation&cd5=394390&cd6=campaign&cd11=recurring%20optimization&z=70263606

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.wck.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Mar 2022 09:23:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 25886
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 27ms
25ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1584954821&t=timing&_s=3&dl=https%3A%2F%2Fdonate.wck.org%2Fgive%2F394390%3Fm%3D65460%26eatoken%3D3%253AFxXXvMC7VQIv7mJ4ABQCKcV0kIsWTySO7eDdMCE0EBwDKjHhGH-81dnqZvzx0yj8brUiLt3BsDMAVXumrT1B1oGxR2egy2F4b8vlRVz2BUT4ng%26nid%3DVR.bec9a2d3-7c57-3766-b1c1-4d4cd68b05db.TA_EMAIL_TRV&ul=en-us&de=UTF-8&dt=Donate%20to%20World%20Central%20Kitchen&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20first%20byte&utv=fresh&utl=1647275717205&utt=1142&_u=aGDACEABBAAAAC~&jid=&gjid=&cid=1148721415.1647275717&tid=UA-3837893-1&_gid=2025588087.1647275717&cd1=20802&cd2=Classy%20Pay&cd3=0&cd4=donation&cd5=394390&cd6=campaign&cd11=recurring%20optimization&z=1705917884

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.wck.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Mar 2022 09:23:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 25886
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 27ms
26ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1584954821&t=timing&_s=4&dl=https%3A%2F%2Fdonate.wck.org%2Fgive%2F394390%3Fm%3D65460%26eatoken%3D3%253AFxXXvMC7VQIv7mJ4ABQCKcV0kIsWTySO7eDdMCE0EBwDKjHhGH-81dnqZvzx0yj8brUiLt3BsDMAVXumrT1B1oGxR2egy2F4b8vlRVz2BUT4ng%26nid%3DVR.bec9a2d3-7c57-3766-b1c1-4d4cd68b05db.TA_EMAIL_TRV&ul=en-us&de=UTF-8&dt=Donate%20to%20World%20Central%20Kitchen&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20last%20byte&utv=fresh&utl=1647275717205&utt=1407&_u=aGDACEABBAAAAC~&jid=&gjid=&cid=1148721415.1647275717&tid=UA-3837893-1&_gid=2025588087.1647275717&cd1=20802&cd2=Classy%20Pay&cd3=0&cd4=donation&cd5=394390&cd6=campaign&cd11=recurring%20optimization&z=1483957032

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.wck.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Mar 2022 09:23:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 25886
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 27ms
26ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1584954821&t=timing&_s=5&dl=https%3A%2F%2Fdonate.wck.org%2Fgive%2F394390%3Fm%3D65460%26eatoken%3D3%253AFxXXvMC7VQIv7mJ4ABQCKcV0kIsWTySO7eDdMCE0EBwDKjHhGH-81dnqZvzx0yj8brUiLt3BsDMAVXumrT1B1oGxR2egy2F4b8vlRVz2BUT4ng%26nid%3DVR.bec9a2d3-7c57-3766-b1c1-4d4cd68b05db.TA_EMAIL_TRV&ul=en-us&de=UTF-8&dt=Donate%20to%20World%20Central%20Kitchen&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20document%20ready&utv=fresh&utl=1647275717205&utt=1673&_u=aGDACEABBAAAAC~&jid=&gjid=&cid=1148721415.1647275717&tid=UA-3837893-1&_gid=2025588087.1647275717&cd1=20802&cd2=Classy%20Pay&cd3=0&cd4=donation&cd5=394390&cd6=campaign&cd11=recurring%20optimization&z=1520973218

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.wck.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Mar 2022 09:23:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 25886
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 28ms
26ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1584954821&t=timing&_s=6&dl=https%3A%2F%2Fdonate.wck.org%2Fgive%2F394390%3Fm%3D65460%26eatoken%3D3%253AFxXXvMC7VQIv7mJ4ABQCKcV0kIsWTySO7eDdMCE0EBwDKjHhGH-81dnqZvzx0yj8brUiLt3BsDMAVXumrT1B1oGxR2egy2F4b8vlRVz2BUT4ng%26nid%3DVR.bec9a2d3-7c57-3766-b1c1-4d4cd68b05db.TA_EMAIL_TRV&ul=en-us&de=UTF-8&dt=Donate%20to%20World%20Central%20Kitchen&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20view%20rendered&utv=fresh&utl=1647275717205&utt=2578&_u=aGDACEABBAAAAC~&jid=&gjid=&cid=1148721415.1647275717&tid=UA-3837893-1&_gid=2025588087.1647275717&cd1=20802&cd2=Classy%20Pay&cd3=0&cd4=donation&cd5=394390&cd6=campaign&cd11=recurring%20optimization&z=670300745

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.wck.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Mar 2022 09:23:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 25886
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 telemetry
heapanalytics.com/api/ 37 B
258 B 136ms
133ms Image
image/gif 34.234.33.8
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/api/telemetry?a=1566116007&te=type&te=data&te=cm&te=eventPropertiesTelemetry%20-%20added%20new%20properties&te=val&te=8&st=1647275717767&hv=4.17.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.234.33.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-234-33-8.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.wck.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Mar 2022 16:35:17 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 h
heapanalytics.com/ 37 B
258 B 101ms
98ms Image
image/gif 34.234.33.8
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1566116007&u=3141148209231365&v=502273731192336&s=897677440326104&b=web&tv=4.0&sp=z&sp=0&sp=ts&sp=1647275717071&sp=d&sp=donate.wck.org&sp=h&sp=%2Fgive%2F394390&sp=t&sp=World%20Central%20Kitchen&sp=q&sp=%3Fm%3D65460%26eatoken%3D3%253AFxXXvMC7VQIv7mJ4ABQCKcV0kIsWTySO7eDdMCE0EBwDKjHhGH-81dnqZvzx0yj8brUiLt3BsDMAVXumrT1B1oGxR2egy2F4b8vlRVz2BUT4ng%26nid%3DVR.bec9a2d3-7c57-3766-b1c1-4d4cd68b05db.TA_EMAIL_TRV&sp=g&sp=%23!%2Fdonation%2Fcheckout&pp=d&pp=donate.wck.org&pp=q&pp=%3Fm%3D65460%26eatoken%3D3%253AFxXXvMC7VQIv7mJ4ABQCKcV0kIsWTySO7eDdMCE0EBwDKjHhGH-81dnqZvzx0yj8brUiLt3BsDMAVXumrT1B1oGxR2egy2F4b8vlRVz2BUT4ng%26nid%3DVR.bec9a2d3-7c57-3766-b1c1-4d4cd68b05db.TA_EMAIL_TRV&pp=h&pp=%2Fgive%2F394390&pp=g&pp=%23!%2Fdonation%2Fcheckout&pp=t&pp=World%20Central%20Kitchen&pp=ts&pp=1647275717071&id0=4691960578771755&k0=environment&k0=prod&k0=organization_id&k0=20802&k0=payment_processor&k0=WePay&k0=campaign&k0=394390&k0=campaign_type&k0=donation&k0=duplicate_fundraisers&k0=false&k0=existing_fundraiser&k0=false&k0=label&k0=Begin%20Checkout&k0=action&k0=checkout&k0=currency&k0=USD&t0=Begin%20Checkout&ts0=1647275717768&st=1647275717769

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.234.33.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-234-33-8.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.wck.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Mar 2022 16:35:17 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 m-outer-7345858512d328389831b5c353d30a99.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 8234 1 KB
772 B 17ms
16ms Script
application/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-7345858512d328389831b5c353d30a99.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-9fe86c29346daf61dc2cc0586b4fad18.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

990a970d0b13f02acfecc901ef01c6d8fd87b05fbb7173e2a1ecb5ffbc3ef514

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-9fe86c29346daf61dc2cc0586b4fad18.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 61
x-cache: HIT
content-length: 645
etag: "d0c7e21ec457b6a134a496f107c3ca93"
x-request-id: 455276f1-a145-498c-96cd-64c2799626e2
x-served-by: cache-hhn4042-HHN
access-control-allow-origin: *
last-modified: Mon, 07 Mar 2022 20:10:26 GMT
server: Fastly
date: Mon, 14 Mar 2022 16:35:17 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 4

GET
H2 200 status Show response
donate.wck.org/sso/ 90 B
1 KB 490ms
489ms XHR
application/javascript 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.wck.org/sso/status?client_id=hkDllBPffAW7sKhdYbpNc5PrwMIVbh&callback=jQuery331044616541061990667_1647275717084&_=1647275717085

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/5.6.40

Resource Hash

8643d2fc856e6117f24a5cc85c87c243375ed3dc6e7a2292a8cbb898edbc26c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-4796c93debcc4455----1647275717780
traceparent: 00-6f0c7f1ea28428f5ba64099bd8c10520-4796c93debcc4455-01
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI0Nzk2YzkzZGViY2M0NDU1IiwidHIiOiI2ZjBjN2YxZWEyODQyOGY1YmE2NDA5OWJkOGMxMDUyMCIsInRpIjoxNjQ3Mjc1NzE3NzgwfX0=
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://donate.wck.org/give/394390?m=65460&eatoken=3%3AFxXXvMC7VQIv7mJ4ABQCKcV0kIsWTySO7eDdMCE0EBwDKjHhGH-81dnqZvzx0yj8brUiLt3BsDMAVXumrT1B1oGxR2egy2F4b8vlRVz2BUT4ng&nid=VR.bec9a2d3-7c57-3766-b1c1-4d4cd68b05db.TA_EMAIL_TRV
X-Requested-With: XMLHttpRequest

Response headers

cf-ray: 6ebe6bf4399423c7-ZRH
date: Mon, 14 Mar 2022 16:35:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/5.6.40
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="Classy does not have a P3P policy."
cache-control: no-cache
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
x-xss-protection: 1; mode=block

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 116ms
36ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-3837893-1&cid=1148721415.1647275717&jid=263681602&gjid=2143696285&_gid=2025588087.1647275717&_u=KGDACEAABAAAAC~&z=1276812920

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://donate.wck.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 14 Mar 2022 16:35:17 GMT
content-type: text/plain
access-control-allow-origin: https://donate.wck.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
438 B 116ms
36ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-151317020-1&cid=1148721415.1647275717&jid=1806133860&gjid=1195679090&_gid=2025588087.1647275717&_u=KGDACEABBAAAAC~&z=1988517812

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://donate.wck.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 14 Mar 2022 16:35:17 GMT
content-type: text/plain
access-control-allow-origin: https://donate.wck.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v10/ 27 KB
27 KB 100ms
34ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v10/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bfb91256f2cf5de0eb60ca3fd11c8f94d27958b0f6d95b483e67483931647aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://donate.wck.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 09:01:54 GMT
x-content-type-options: nosniff
age: 459203
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27420
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:16:30 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Mar 2023 09:01:54 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v10/ 27 KB
27 KB 97ms
35ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v10/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bfb91256f2cf5de0eb60ca3fd11c8f94d27958b0f6d95b483e67483931647aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://donate.wck.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 09:01:54 GMT
x-content-type-options: nosniff
age: 459203
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27420
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:16:30 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Mar 2023 09:01:54 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v10/ 27 KB
27 KB 86ms
38ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v10/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bfb91256f2cf5de0eb60ca3fd11c8f94d27958b0f6d95b483e67483931647aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://donate.wck.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 09:01:54 GMT
x-content-type-options: nosniff
age: 459203
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27420
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:16:30 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Mar 2023 09:01:54 GMT

GET
H2 200 1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v10/ 28 KB
29 KB 56ms
41ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v10/1Pttg83HX_SGhgqk2jovaqQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

056a25fd3493379aba428c8c679b68a841060e54b9bab8c65361a573ba2305ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://donate.wck.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 16:35:07 GMT
x-content-type-options: nosniff
age: 10
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29144
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:16:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Mar 2023 16:35:07 GMT

GET
H/1.1 200
OK 67fe2a1b26 Show response
bam-cell.nr-data.net/1/ 49 B
715 B 261ms
230ms Script
text/javascript 162.247.243.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/67fe2a1b26?a=363721230&v=1215.1253ab8&to=ZV0HYUJUCEYEU0QLC1wXIE1ARwNGFlpDTSN3bEoaV1wQUEoKUwMJQlkMUl58Ah8%3D&rst=2825&ck=1&ref=https://donate.wck.org/give/394390&ap=249.675738&be=1661&fe=2066&dc=2064&tt=d91494cc7ccbc0&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1647275715077,%22n%22:0,%22f%22:294,%22dn%22:295,%22dne%22:438,%22c%22:438,%22s%22:449,%22ce%22:467,%22rq%22:467,%22rp%22:1142,%22rpe%22:1407,%22dl%22:1145,%22di%22:1414,%22ds%22:1511,%22de%22:1511,%22dc%22:1659,%22l%22:1659,%22le%22:1673%7D,%22navigation%22:%7B%7D%7D&fp=2563&fcp=2563&jsonp=NREUM.setToken
Requested by: Host: donate.wck.org
URL: https://donate.wck.org/give/394390?m=65460&eatoken=3%3AFxXXvMC7VQIv7mJ4ABQCKcV0kIsWTySO7eDdMCE0EBwDKjHhGH-81dnqZvzx0yj8brUiLt3BsDMAVXumrT1B1oGxR2egy2F4b8vlRVz2BUT4ng&nid=VR.bec9a2d3-7c57-3766-b1c1-4d4cd68b05db.TA_EMAIL_TRV
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.wck.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 14 Mar 2022 16:35:18 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 6ebe6bf52d359101-FRA

GET
H/1.1 200
OK widget_iframe.a58e82e150afc25eb5372dd55a98b778.html Show response
platform.twitter.com/widgets/ Frame A538 319 KB
104 KB 37ms
37ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=https%3A%2F%2Fdonate.wck.org
Requested by: Host: donate.wck.org
URL: https://donate.wck.org/give/394390?m=65460&eatoken=3%3AFxXXvMC7VQIv7mJ4ABQCKcV0kIsWTySO7eDdMCE0EBwDKjHhGH-81dnqZvzx0yj8brUiLt3BsDMAVXumrT1B1oGxR2egy2F4b8vlRVz2BUT4ng&nid=VR.bec9a2d3-7c57-3766-b1c1-4d4cd68b05db.TA_EMAIL_TRV
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE2) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://donate.wck.org/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 925800
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Mon, 14 Mar 2022 16:35:17 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Wed, 16 Feb 2022 18:36:30 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (mil/6CE2)
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/87b9576a/www-widgetapi.vflset/ 151 KB
49 KB 29ms
13ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/87b9576a/www-widgetapi.vflset/www-widgetapi.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8faaf7a31723f29322d97c936aaa2d594a993d009780f0cf785798378d72c1c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.wck.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 16:32:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 160
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50158
x-xss-protection: 0
last-modified: Thu, 10 Mar 2022 01:42:51 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 14 Mar 2023 16:32:37 GMT

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 17ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.55

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

167549d476f2de7aafe21665a35957328e7978580fdad0f2e387ea9ff67a2210

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.wck.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 20657
x-xss-protection: 0
pragma: public
x-fb-debug: pOLubXeP58ivW42WhLx4xllxuWo/kEvjt27XFhUoBra6zQQwBkYJRp6FXpvUGaN217UQTXHuhreYewwP6VztSw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
date: Mon, 14 Mar 2022 16:35:18 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 2145340818891888 Show response
connect.facebook.net/signals/config/ 308 KB
87 KB 62ms
52ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2145340818891888?v=2.9.55&r=stable

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

325703be85c4a9f407d84924917b3241f96b6c2f508cc3065c140ce47f2ebf28

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.wck.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: acVinedMLgIsI/JxmXx0BfLfeqS9JFz0V5Up3QL0wS1OV2JvE2336E0Pc1XUk+wH8X9B17YhUrH+/QkFvQYhoA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 14 Mar 2022 16:35:18 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v10/ 28 KB
28 KB 23ms
8ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v10/1Pttg83HX_SGhgqk2jovaqQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

056a25fd3493379aba428c8c679b68a841060e54b9bab8c65361a573ba2305ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://donate.wck.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 16:35:07 GMT
x-content-type-options: nosniff
age: 11
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29144
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:16:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Mar 2023 16:35:07 GMT

GET
H3 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v10/ 27 KB
27 KB 31ms
17ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v10/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bfb91256f2cf5de0eb60ca3fd11c8f94d27958b0f6d95b483e67483931647aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://donate.wck.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 09:01:54 GMT
x-content-type-options: nosniff
age: 459204
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27420
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:16:30 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Mar 2023 09:01:54 GMT

GET
H3 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v10/ 27 KB
27 KB 28ms
14ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v10/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bfb91256f2cf5de0eb60ca3fd11c8f94d27958b0f6d95b483e67483931647aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://donate.wck.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 09:01:54 GMT
x-content-type-options: nosniff
age: 459204
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27420
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:16:30 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Mar 2023 09:01:54 GMT

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 0395 932 B
1 KB 14ms
6ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-7345858512d328389831b5c353d30a99.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ed34a59f182c66e2b25c602f3c9b0f21435a8f475d5dbc9e6830ff4c7929f5cd

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-Qj6AdMOUjZkBBUTjGW/OORBoqx2Pohcq8Bg/ZvZzgYw='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/

Response headers

cache-control: max-age=300, public
content-type: text/html; charset=utf-8
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-Qj6AdMOUjZkBBUTjGW/OORBoqx2Pohcq8Bg/ZvZzgYw='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: Fastly
content-encoding: gzip
accept-ranges: bytes
date: Mon, 14 Mar 2022 16:35:18 GMT
via: 1.1 varnish
age: 154
x-request-id: 5d7cd8b0-92e5-45d4-bba0-c62578902c0c
x-served-by: cache-hhn4042-HHN
x-cache: HIT
x-cache-hits: 275
x-timer: S1647275718.029053,VS0,VE0
vary: Accept-Encoding, Origin
content-length: 528

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1584954821&t=timing&_s=7&dl=https%3A%2F%2Fdonate.wck.org%2Fgive%2F394390%3Fm%3D65460%26eatoken%3D3%253AFxXXvMC7VQIv7mJ4ABQCKcV0kIsWTySO7eDdMCE0EBwDKjHhGH-81dnqZvzx0yj8brUiLt3BsDMAVXumrT1B1oGxR2egy2F4b8vlRVz2BUT4ng%26nid%3DVR.bec9a2d3-7c57-3766-b1c1-4d4cd68b05db.TA_EMAIL_TRV&ul=en-us&de=UTF-8&dt=Donate%20to%20World%20Central%20Kitchen&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20fully%20loaded&utv=fresh&utl=1647275717205&utt=2840&_u=aGDACEABBAAAAC~&jid=&gjid=&cid=1148721415.1647275717&tid=UA-3837893-1&_gid=2025588087.1647275717&cd1=20802&cd2=Classy%20Pay&cd3=0&cd4=donation&cd5=394390&cd6=campaign&cd11=recurring%20optimization&z=1976292758

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.wck.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Mar 2022 09:23:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 25887
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 0395 0
130 B 161ms
160ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 14 Mar 2022 16:35:18 GMT
x-envoy-upstream-service-time: 0
server: nginx
content-length: 0
strict-transport-security: max-age=31556926; includeSubDomains; preload

GET
H2 200 settings Show response
syndication.twitter.com/ Frame A538 367 B
501 B 134ms
118ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=baab8c54b7f97fcd92bb645c5e999224120bea1a

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=https%3A%2F%2Fdonate.wck.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

1563b4b7778cd83abd36fe33c751c32d18533abb40905f99aca22f64a70df50c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time: 111
date: Mon, 14 Mar 2022 16:35:17 GMT
content-encoding: gzip
last-modified: Mon, 14 Mar 2022 16:35:18 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: ed220911e2fc0cf210ab60cf59b8f8cd76954312e43220bfd558619516b76e9a
content-length: 221

GET
H2 200 out-4.5.41.js Show response
m.stripe.network/ Frame 0395 85 KB
16 KB 7ms
6ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.41.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a2f6b81396ab1150effea054efbf1623212ea0419976389ce8f10e909d39e4c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 295
x-cache: HIT
content-length: 15786
x-request-id: 103eb711-2a6a-44a0-bfbd-e10f81f57926
x-served-by: cache-hhn4042-HHN
server: Fastly
x-timer: S1647275718.130076,VS0,VE0
date: Mon, 14 Mar 2022 16:35:18 GMT
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 486

GET
H2 200 plaid Show response
pay.classy.org/token/ 88 B
465 B 446ms
446ms XHR
application/json 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/plaid?applicationId=11153&currency=EUR

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86cb276d0550d189e7dad4800fbbcfe7b5312f7845e0e711115d5aad589b5d27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://donate.wck.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 16:35:18 GMT
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
x-classypay-version: 1
cf-cache-status: DYNAMIC
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
x-classypay-requestid: fb52592d-2160-4e03-a0b3-98e9bd4556e2
content-encoding: br
vary: Accept-Encoding
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 6ebe6bf65cd2cc5a-ZRH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
x-amz-cf-id: yQ6TzQGUFs1oQq00MHgN4GdzANZthE0h_IB_W5XOkCZri1Fdwz6KNQ==

GET
H2 200 /
www.facebook.com/tr/ 44 B
409 B 31ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2145340818891888&ev=PageView&dl=https%3A%2F%2Fdonate.wck.org%2Fgive%2F394390%3Fm%3D65460%26eatoken%3D3%253AFxXXvMC7VQIv7mJ4ABQCKcV0kIsWTySO7eDdMCE0EBwDKjHhGH-81dnqZvzx0yj8brUiLt3BsDMAVXumrT1B1oGxR2egy2F4b8vlRVz2BUT4ng%26nid%3DVR.bec9a2d3-7c57-3766-b1c1-4d4cd68b05db.TA_EMAIL_TRV%23!%2Fdonation%2Fcheckout&rl=&if=false&ts=1647275718156&sw=1600&sh=1200&v=2.9.55&r=stable&ec=0&o=30&fbp=fb.1.1647275718154.777605310&it=1647275717995&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.wck.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 16:35:18 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Mon, 14 Mar 2022 16:35:18 GMT

GET
H2 200 controller-d8e9ca61161b63ce8b96b8cfb9de69bf.html Show response
js.stripe.com/v3/ Frame 3DCA 349 B
633 B 7ms
6ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-d8e9ca61161b63ce8b96b8cfb9de69bf.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

b5b86e6342c84d0eefc2bb387a4fd8d6c8477ca921f059ba2faa81ced69cb483

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://donate.wck.org/

Response headers

last-modified: Fri, 11 Mar 2022 23:41:53 GMT
etag: "d8e9ca61161b63ce8b96b8cfb9de69bf"
cache-control: max-age=60
content-type: text/html; charset=utf-8
content-security-policy: default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Mon, 14 Mar 2022 16:35:18 GMT
via: 1.1 varnish
age: 8
x-request-id: 7771a49f-22cc-4041-a29c-8e0e6a6c7637
x-served-by: cache-hhn4042-HHN
x-cache: HIT
x-cache-hits: 3
vary: Accept-Encoding
timing-allow-origin: *
content-length: 167

GET
H2 200 payment-request-inner-google-pay-93b9b461cf49791aa8cac173e41e2b08.html Show response
js.stripe.com/v3/ Frame 67F5 434 B
613 B 6ms
6ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-93b9b461cf49791aa8cac173e41e2b08.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

866c6849512ea1b0144a4afa82da9fc1c7dfeb322b4a8c082ca16bdd3cc08446

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; script-src 'self' https://pay.google.com; style-src 'self'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://donate.wck.org/

Response headers

last-modified: Fri, 11 Mar 2022 23:41:54 GMT
etag: "93b9b461cf49791aa8cac173e41e2b08"
cache-control: max-age=60
content-type: text/html; charset=utf-8
content-security-policy: default-src 'none'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; script-src 'self' https://pay.google.com; style-src 'self'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Mon, 14 Mar 2022 16:35:18 GMT
via: 1.1 varnish
age: 52
x-request-id: 3e3777de-bb7c-418d-8b40-e86a4757ed7e
x-served-by: cache-hhn4042-HHN
x-cache: HIT
x-cache-hits: 2
vary: Accept-Encoding
timing-allow-origin: *
content-length: 197

GET
H2 200 payment-request-inner-browser-1439590a2dd61f25979114a47faf16ed.html Show response
js.stripe.com/v3/ Frame 16E3 370 B
601 B 20ms
19ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-1439590a2dd61f25979114a47faf16ed.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

b84522c8ad3dc8572b8d7ebcffbe108e04e5e079120e3d2d9394e28ad537b814

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; script-src 'self'; style-src 'self'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://donate.wck.org/

Response headers

last-modified: Fri, 11 Mar 2022 23:41:53 GMT
etag: "1439590a2dd61f25979114a47faf16ed"
cache-control: max-age=60
content-type: text/html; charset=utf-8
content-security-policy: default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; script-src 'self'; style-src 'self'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Mon, 14 Mar 2022 16:35:18 GMT
via: 1.1 varnish
age: 44
x-request-id: f2f8d2f2-4cfb-4081-9bf7-5fca41eb4304
x-served-by: cache-hhn4042-HHN
x-cache: HIT
x-cache-hits: 2
vary: Accept-Encoding
timing-allow-origin: *
content-length: 177

POST
H2 200 csp-report
q.stripe.com/ Frame 3DCA 0
356 B 167ms
164ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q.stripe.com/csp-report
Requested by: Host: donate.wck.org
URL: https://donate.wck.org/give/394390?m=65460&eatoken=3%3AFxXXvMC7VQIv7mJ4ABQCKcV0kIsWTySO7eDdMCE0EBwDKjHhGH-81dnqZvzx0yj8brUiLt3BsDMAVXumrT1B1oGxR2egy2F4b8vlRVz2BUT4ng&nid=VR.bec9a2d3-7c57-3766-b1c1-4d4cd68b05db.TA_EMAIL_TRV
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 14 Mar 2022 16:35:18 GMT
server: nginx
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
x-envoy-upstream-service-time: 3
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 67F5 0
356 B 171ms
171ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q.stripe.com/csp-report
Requested by: Host: donate.wck.org
URL: https://donate.wck.org/give/394390?m=65460&eatoken=3%3AFxXXvMC7VQIv7mJ4ABQCKcV0kIsWTySO7eDdMCE0EBwDKjHhGH-81dnqZvzx0yj8brUiLt3BsDMAVXumrT1B1oGxR2egy2F4b8vlRVz2BUT4ng&nid=VR.bec9a2d3-7c57-3766-b1c1-4d4cd68b05db.TA_EMAIL_TRV
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 14 Mar 2022 16:35:18 GMT
server: nginx
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
x-envoy-upstream-service-time: 2
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 16E3 0
356 B 166ms
164ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q.stripe.com/csp-report
Requested by: Host: donate.wck.org
URL: https://donate.wck.org/give/394390?m=65460&eatoken=3%3AFxXXvMC7VQIv7mJ4ABQCKcV0kIsWTySO7eDdMCE0EBwDKjHhGH-81dnqZvzx0yj8brUiLt3BsDMAVXumrT1B1oGxR2egy2F4b8vlRVz2BUT4ng&nid=VR.bec9a2d3-7c57-3766-b1c1-4d4cd68b05db.TA_EMAIL_TRV
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 14 Mar 2022 16:35:18 GMT
server: nginx
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
x-envoy-upstream-service-time: 1
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length: 0

GET
H2 200 h
heapanalytics.com/ 37 B
258 B 97ms
97ms Image
image/gif 34.234.33.8
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1566116007&u=3141148209231365&v=502273731192336&s=897677440326104&b=web&tv=4.0&sp=ts&sp=1647275717071&sp=d&sp=donate.wck.org&sp=h&sp=%2Fgive%2F394390&sp=q&sp=%3Fm%3D65460%26eatoken%3D3%253AFxXXvMC7VQIv7mJ4ABQCKcV0kIsWTySO7eDdMCE0EBwDKjHhGH-81dnqZvzx0yj8brUiLt3BsDMAVXumrT1B1oGxR2egy2F4b8vlRVz2BUT4ng%26nid%3DVR.bec9a2d3-7c57-3766-b1c1-4d4cd68b05db.TA_EMAIL_TRV&sp=g&sp=%23!%2Fdonation%2Fcheckout&pp=d&pp=donate.wck.org&pp=q&pp=%3Fm%3D65460%26eatoken%3D3%253AFxXXvMC7VQIv7mJ4ABQCKcV0kIsWTySO7eDdMCE0EBwDKjHhGH-81dnqZvzx0yj8brUiLt3BsDMAVXumrT1B1oGxR2egy2F4b8vlRVz2BUT4ng%26nid%3DVR.bec9a2d3-7c57-3766-b1c1-4d4cd68b05db.TA_EMAIL_TRV&pp=h&pp=%2Fgive%2F394390&pp=g&pp=%23!%2Fdonation%2Fcheckout&pp=t&pp=World%20Central%20Kitchen&pp=ts&pp=1647275717071&id0=6856004210994016&k0=environment&k0=prod&k0=organization_id&k0=20802&k0=payment_processor&k0=WePay&k0=campaign&k0=394390&k0=campaign_type&k0=donation&k0=duplicate_fundraisers&k0=false&k0=existing_fundraiser&k0=false&k0=page&k0=%2Fgive%2F394390%3Fm%3D65460%26eatoken%3D3%253AFxXXvMC7VQIv7mJ4ABQCKcV0kIsWTySO7eDdMCE0EBwDKjHhGH-81dnqZvzx0yj8brUiLt3BsDMAVXumrT1B1oGxR2egy2F4b8vlRVz2BUT4ng%26nid%3DVR.bec9a2d3-7c57-3766-b1c1-4d4cd68b05db.TA_EMAIL_TRV%23!%2Fdonation%2Fcheckout&k0=title&k0=Donation%20Page&k0=userAgent&k0=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&k0=environment&k0=prod&k0=is_public&k0=true&t0=Page%20View&ts0=1647275718311&st=1647275718312

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.234.33.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-234-33-8.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.wck.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Mar 2022 16:35:18 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 18ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2145340818891888&ev=ViewContent&dl=https%3A%2F%2Fdonate.wck.org%2Fgive%2F394390%3Fm%3D65460%26eatoken%3D3%253AFxXXvMC7VQIv7mJ4ABQCKcV0kIsWTySO7eDdMCE0EBwDKjHhGH-81dnqZvzx0yj8brUiLt3BsDMAVXumrT1B1oGxR2egy2F4b8vlRVz2BUT4ng%26nid%3DVR.bec9a2d3-7c57-3766-b1c1-4d4cd68b05db.TA_EMAIL_TRV%23!%2Fdonation%2Fcheckout&rl=&if=false&ts=1647275718314&cd[content_name]=Donation%20Page&cd[content_url]=%2Fgive%2F394390%3Fm%3D65460%26eatoken%3D3%253AFxXXvMC7VQIv7mJ4ABQCKcV0kIsWTySO7eDdMCE0EBwDKjHhGH-81dnqZvzx0yj8brUiLt3BsDMAVXumrT1B1oGxR2egy2F4b8vlRVz2BUT4ng%26nid%3DVR.bec9a2d3-7c57-3766-b1c1-4d4cd68b05db.TA_EMAIL_TRV%23!%2Fdonation%2Fcheckout&sw=1600&sh=1200&v=2.9.55&r=stable&ec=1&o=30&fbp=fb.1.1647275718154.777605310&it=1647275717995&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.wck.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 16:35:18 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 14 Mar 2022 16:35:18 GMT

POST
H2 200 6 Show response
m.stripe.com/ Frame 0395 156 B
523 B 482ms
160ms XHR
application/json 34.215.58.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.41.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.215.58.150 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-215-58-150.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

6c94cba1c52aee50673b999392fb4078c7ca161f7418757f850196c998b4ee41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 14 Mar 2022 16:35:18 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 shared-8e58e79802d9bcab58f7c4c402daba72.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 3DCA 207 KB
51 KB 10ms
6ms Script
application/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-8e58e79802d9bcab58f7c4c402daba72.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-d8e9ca61161b63ce8b96b8cfb9de69bf.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a454ac75a7a8f1336a7305ffc9fdf9763dd7c14975e679e41006d7913b90e03b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-d8e9ca61161b63ce8b96b8cfb9de69bf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 30
x-cache: HIT
content-length: 51917
etag: "9c459ac6460fb1f76b32c016d3ac6f7d"
x-request-id: bda754ae-d4ca-44dd-b1cf-caa60034cb7d
x-served-by: cache-hhn4042-HHN
access-control-allow-origin: *
last-modified: Fri, 11 Mar 2022 23:41:38 GMT
server: Fastly
date: Mon, 14 Mar 2022 16:35:18 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 13

GET
H2 200 controller-6490124a1840c6b4d822286e603f4126.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 3DCA 374 KB
92 KB 15ms
11ms Script
application/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-6490124a1840c6b4d822286e603f4126.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-d8e9ca61161b63ce8b96b8cfb9de69bf.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

45c43f74abd2f40552d304ffa4ff077cf507529c7234a4d94e73738bbcb9780f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-d8e9ca61161b63ce8b96b8cfb9de69bf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 32
x-cache: HIT
content-length: 94368
etag: "60a365d04242694340de26201c649207"
x-request-id: 2d65271c-f08b-4708-9f0e-4d21ffe793f2
x-served-by: cache-hhn4042-HHN
access-control-allow-origin: *
last-modified: Fri, 11 Mar 2022 23:41:36 GMT
server: Fastly
date: Mon, 14 Mar 2022 16:35:18 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 11

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame 67F5 95 KB
31 KB 195ms
133ms Script
application/javascript 2a00:1450:400c:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-93b9b461cf49791aa8cac173e41e2b08.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0ecde91d88dbb2ac0fee3fd1fbb92977853f7e91ba1977c2c33b04d237165693

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-okQcG9gMeODL/N+0xxWA9g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-okQcG9gMeODL/N+0xxWA9g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 16:35:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
cross-origin-opener-policy: same-origin; report-to="InstantbuyFrontendHttp"
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"InstantbuyFrontendHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendHttp/external"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
content-security-policy: script-src 'report-sample' 'nonce-okQcG9gMeODL/N+0xxWA9g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-okQcG9gMeODL/N+0xxWA9g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
expires: Mon, 14 Mar 2022 16:35:18 GMT

GET
H2 200 shared-8e58e79802d9bcab58f7c4c402daba72.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 67F5 207 KB
51 KB 15ms
12ms Script
application/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-8e58e79802d9bcab58f7c4c402daba72.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-93b9b461cf49791aa8cac173e41e2b08.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a454ac75a7a8f1336a7305ffc9fdf9763dd7c14975e679e41006d7913b90e03b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-93b9b461cf49791aa8cac173e41e2b08.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 30
x-cache: HIT
content-length: 51917
etag: "9c459ac6460fb1f76b32c016d3ac6f7d"
x-request-id: 927623e8-ac3c-40bc-911e-79568bcbc154
x-served-by: cache-hhn4042-HHN
access-control-allow-origin: *
last-modified: Fri, 11 Mar 2022 23:41:38 GMT
server: Fastly
date: Mon, 14 Mar 2022 16:35:18 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 15

GET
H2 200 payment-request-inner-google-pay-f37b439d82bf329cbac9a72d53d92f6a.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 67F5 13 KB
5 KB 19ms
17ms Script
application/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-f37b439d82bf329cbac9a72d53d92f6a.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-93b9b461cf49791aa8cac173e41e2b08.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

5ba86bd1f4cc4f3a1575d2075a4474fa3b08bcb6d0b5a7b6e51100f7a3b59b95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-93b9b461cf49791aa8cac173e41e2b08.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 11
x-cache: HIT
content-length: 4384
etag: "8fd69d986507ed1053120facd69b236d"
x-request-id: ac386e11-825c-4f70-9144-41cec79293ca
x-served-by: cache-hhn4042-HHN
access-control-allow-origin: *
last-modified: Thu, 10 Mar 2022 20:26:55 GMT
server: Fastly
date: Mon, 14 Mar 2022 16:35:18 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1

GET
H2 200 shared-8e58e79802d9bcab58f7c4c402daba72.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 16E3 207 KB
51 KB 11ms
7ms Script
application/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-8e58e79802d9bcab58f7c4c402daba72.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-1439590a2dd61f25979114a47faf16ed.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a454ac75a7a8f1336a7305ffc9fdf9763dd7c14975e679e41006d7913b90e03b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-1439590a2dd61f25979114a47faf16ed.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 30
x-cache: HIT
content-length: 51917
etag: "9c459ac6460fb1f76b32c016d3ac6f7d"
x-request-id: 8b0717c5-edc9-4526-b040-fd8cf7319705
x-served-by: cache-hhn4042-HHN
access-control-allow-origin: *
last-modified: Fri, 11 Mar 2022 23:41:38 GMT
server: Fastly
date: Mon, 14 Mar 2022 16:35:18 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 14

GET
H2 200 payment-request-inner-browser-579148eaa4c0861be790e2d193160dae.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 16E3 11 KB
4 KB 18ms
15ms Script
application/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-579148eaa4c0861be790e2d193160dae.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-1439590a2dd61f25979114a47faf16ed.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

9ef784fd6235d361e4661e2f5dee7cc6d77577985e08fd32ab55de96bd56c8c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-1439590a2dd61f25979114a47faf16ed.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 53
x-cache: HIT
content-length: 4063
etag: "24b38fa85bc9891f8061475aaff3bff2"
x-request-id: c7d3e225-3ebe-4c37-81b1-35176a8284de
x-served-by: cache-hhn4042-HHN
access-control-allow-origin: *
last-modified: Thu, 10 Mar 2022 20:26:54 GMT
server: Fastly
date: Mon, 14 Mar 2022 16:35:18 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 10ms
8ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1584954821&t=pageview&_s=8&dl=https%3A%2F%2Fdonate.wck.org%2Fgive%2F394390%3Fm%3D65460%26eatoken%3D3%253AFxXXvMC7VQIv7mJ4ABQCKcV0kIsWTySO7eDdMCE0EBwDKjHhGH-81dnqZvzx0yj8brUiLt3BsDMAVXumrT1B1oGxR2egy2F4b8vlRVz2BUT4ng%26nid%3DVR.bec9a2d3-7c57-3766-b1c1-4d4cd68b05db.TA_EMAIL_TRV&dp=%2Fgive%2F394390%3Fm%3D65460%26eatoken%3D3%253AFxXXvMC7VQIv7mJ4ABQCKcV0kIsWTySO7eDdMCE0EBwDKjHhGH-81dnqZvzx0yj8brUiLt3BsDMAVXumrT1B1oGxR2egy2F4b8vlRVz2BUT4ng%26nid%3DVR.bec9a2d3-7c57-3766-b1c1-4d4cd68b05db.TA_EMAIL_TRV%23!%2Fdonation%2Fcheckout&ul=en-us&de=UTF-8&dt=Donation%20Page&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEABBAAAAC~&jid=&gjid=&cid=1148721415.1647275717&tid=UA-3837893-1&_gid=2025588087.1647275717&cd1=20802&cd2=Classy%20Pay&cd3=0&cd4=donation&cd5=394390&cd6=campaign&cd11=recurring%20optimization&z=1022741187

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.wck.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Mar 2022 09:23:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 25887
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 9ms
8ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1584954821&t=pageview&_s=2&dl=https%3A%2F%2Fdonate.wck.org%2Fgive%2F394390%3Fm%3D65460%26eatoken%3D3%253AFxXXvMC7VQIv7mJ4ABQCKcV0kIsWTySO7eDdMCE0EBwDKjHhGH-81dnqZvzx0yj8brUiLt3BsDMAVXumrT1B1oGxR2egy2F4b8vlRVz2BUT4ng%26nid%3DVR.bec9a2d3-7c57-3766-b1c1-4d4cd68b05db.TA_EMAIL_TRV&dp=%2Fgive%2F394390%3Fm%3D65460%26eatoken%3D3%253AFxXXvMC7VQIv7mJ4ABQCKcV0kIsWTySO7eDdMCE0EBwDKjHhGH-81dnqZvzx0yj8brUiLt3BsDMAVXumrT1B1oGxR2egy2F4b8vlRVz2BUT4ng%26nid%3DVR.bec9a2d3-7c57-3766-b1c1-4d4cd68b05db.TA_EMAIL_TRV%23!%2Fdonation%2Fcheckout&ul=en-us&de=UTF-8&dt=Donation%20Page&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEABBAAAAC~&jid=&gjid=&cid=1148721415.1647275717&tid=UA-151317020-1&_gid=2025588087.1647275717&z=1224623053

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.wck.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Mar 2022 09:23:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 25887
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 3DCA 0
127 B 181ms
163ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8e58e79802d9bcab58f7c4c402daba72.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 14 Mar 2022 16:35:18 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 3DCA 0
127 B 163ms
163ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8e58e79802d9bcab58f7c4c402daba72.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 14 Mar 2022 16:35:18 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 3DCA 0
127 B 163ms
163ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8e58e79802d9bcab58f7c4c402daba72.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 14 Mar 2022 16:35:18 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 3DCA 0
127 B 202ms
202ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8e58e79802d9bcab58f7c4c402daba72.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 14 Mar 2022 16:35:18 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 3DCA 0
127 B 201ms
200ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8e58e79802d9bcab58f7c4c402daba72.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 14 Mar 2022 16:35:18 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 3DCA 0
127 B 196ms
195ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8e58e79802d9bcab58f7c4c402daba72.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 14 Mar 2022 16:35:18 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 3DCA 0
127 B 199ms
199ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8e58e79802d9bcab58f7c4c402daba72.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 14 Mar 2022 16:35:18 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 3DCA 0
127 B 200ms
200ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8e58e79802d9bcab58f7c4c402daba72.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 14 Mar 2022 16:35:18 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 3DCA 0
127 B 198ms
198ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8e58e79802d9bcab58f7c4c402daba72.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 14 Mar 2022 16:35:18 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 3DCA 0
127 B 196ms
196ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8e58e79802d9bcab58f7c4c402daba72.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 14 Mar 2022 16:35:18 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H3 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 1463 18 KB
7 KB 161ms
142ms Document
text/html 2a00:1450:400c:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

917de146b42194aede8af5de5907ca5b439977784602f539f42b3307c24e1274

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gMdUK54b3t82CkxGKJXoiw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-gMdUK54b3t82CkxGKJXoiw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/

Response headers

content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
expires: Mon, 14 Mar 2022 16:35:18 GMT
date: Mon, 14 Mar 2022 16:35:18 GMT
cache-control: private, max-age=3600
strict-transport-security: max-age=31536000
cross-origin-resource-policy: same-site
content-security-policy: script-src 'report-sample' 'nonce-gMdUK54b3t82CkxGKJXoiw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-gMdUK54b3t82CkxGKJXoiw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
cross-origin-opener-policy: same-origin; report-to="InstantbuyFrontendBuyflowPayframeUi"
report-to: {"group":"InstantbuyFrontendBuyflowPayframeUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendBuyflowPayframeUi/external"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H/1.1 200
OK 67fe2a1b26 Show response
bam-cell.nr-data.net/events/1/ 24 B
502 B 241ms
241ms XHR
image/gif 162.247.243.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/events/1/67fe2a1b26?a=363721230&v=1215.1253ab8&to=ZV0HYUJUCEYEU0QLC1wXIE1ARwNGFlpDTSN3bEoaV1wQUEoKUwMJQlkMUl58Ah8%3D&rst=3512&ck=1&ref=https://donate.wck.org/give/394390
Requested by: Host: donate.wck.org
URL: https://donate.wck.org/give/394390?m=65460&eatoken=3%3AFxXXvMC7VQIv7mJ4ABQCKcV0kIsWTySO7eDdMCE0EBwDKjHhGH-81dnqZvzx0yj8brUiLt3BsDMAVXumrT1B1oGxR2egy2F4b8vlRVz2BUT4ng&nid=VR.bec9a2d3-7c57-3766-b1c1-4d4cd68b05db.TA_EMAIL_TRV
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://donate.wck.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type: text/plain

Response headers

Date: Mon, 14 Mar 2022 16:35:18 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://donate.wck.org
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 6ebe6bf93ee09101-FRA
Content-Length: 24

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2145340818891888&ev=Microdata&dl=https%3A%2F%2Fdonate.wck.org%2Fgive%2F394390%3Fm%3D65460%26eatoken%3D3%253AFxXXvMC7VQIv7mJ4ABQCKcV0kIsWTySO7eDdMCE0EBwDKjHhGH-81dnqZvzx0yj8brUiLt3BsDMAVXumrT1B1oGxR2egy2F4b8vlRVz2BUT4ng%26nid%3DVR.bec9a2d3-7c57-3766-b1c1-4d4cd68b05db.TA_EMAIL_TRV%23!%2Fdonation%2Fcheckout&rl=&if=false&ts=1647275718658&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Donate%20to%20World%20Central%20Kitchen%22%2C%22meta%3Adescription%22%3A%22Help%20provide%20fresh%20meals%20to%20Ukrainian%20families%20in%20need%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22Classy%22%2C%22og%3Atype%22%3A%22website%22%2C%22twitter%3Acard%22%3A%22summary%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fdonate.wck.org%2Fgive%2F394390%3Fm%3D65460%26eatoken%3D3%253AFxXXvMC7VQIv7mJ4ABQCKcV0kIsWTySO7eDdMCE0EBwDKjHhGH-81dnqZvzx0yj8brUiLt3BsDMAVXumrT1B1oGxR2egy2F4b8vlRVz2BUT4ng%26nid%3DVR.bec9a2d3-7c57-3766-b1c1-4d4cd68b05db.TA_EMAIL_TRV%23!%2Fdonation%2Fcheckout%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fassets.classy.org%2F17169860%2Fcfaf26c8-9a45-11ec-b44e-0a58a9feac02.jpg%22%2C%22twitter%3Aimage%22%3A%22https%3A%2F%2Fassets.classy.org%2F17169860%2Fcfaf26c8-9a45-11ec-b44e-0a58a9feac02.jpg%22%2C%22og%3Adescription%22%3A%22Help%20provide%20fresh%20meals%20to%20Ukrainian%20families%20in%20need%22%2C%22twitter%3Adescription%22%3A%22Help%20provide%20fresh%20meals%20to%20Ukrainian%20families%20in%20need%22%2C%22og%3Atitle%22%3A%22Donate%20to%20World%20Central%20Kitchen%22%2C%22twitter%3Atitle%22%3A%22Donate%20to%20World%20Central%20Kitchen%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.55&r=stable&ec=2&o=30&fbp=fb.1.1647275718154.777605310&it=1647275717995&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.wck.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 16:35:18 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 14 Mar 2022 16:35:18 GMT

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 1463 2 KB
2 KB 18ms
17ms Other
text/html 2a00:1450:400c:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: donate.wck.org
URL: https://donate.wck.org/give/394390?m=65460&eatoken=3%3AFxXXvMC7VQIv7mJ4ABQCKcV0kIsWTySO7eDdMCE0EBwDKjHhGH-81dnqZvzx0yj8brUiLt3BsDMAVXumrT1B1oGxR2egy2F4b8vlRVz2BUT4ng&nid=VR.bec9a2d3-7c57-3766-b1c1-4d4cd68b05db.TA_EMAIL_TRV
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 14 Mar 2022 16:35:18 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.s3MUL3PC9mY.es5.O/am=DAAE/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AM... Frame 1463 150 KB
53 KB 30ms
8ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.s3MUL3PC9mY.es5.O/am=DAAE/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrg_EaGzODuWKJZ9Iz6H0aLfK6ZbJA/m=_b,_tp

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f5e7f860be0fea836eca8a17253bfa18c0d115ebdef9100c138a1188bd76d57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 16:15:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1173
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53606
x-xss-protection: 0
last-modified: Fri, 11 Mar 2022 05:24:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Mar 2023 16:15:45 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.s3MUL3PC9mY.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.caH... Frame 1463 36 KB
13 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.s3MUL3PC9mY.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.caHDU0FH7Jk.L.B1.O/am=DAAE/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrhTpOq57CQXWsHjCUS9PWKlKwXjOg/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,LEikZe

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.s3MUL3PC9mY.es5.O/am=DAAE/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrg_EaGzODuWKJZ9Iz6H0aLfK6ZbJA/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2cbd667c9141c3ef06bd0a8c4149ae58e52ded5ec49d57d8cabfa9bff874c572

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 16:15:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1169
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13519
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 00:42:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Mar 2023 16:15:49 GMT

GET
H3 200 m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.s3MUL3PC9mY.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.caH... Frame 1463 75 KB
28 KB 19ms
9ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.s3MUL3PC9mY.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.caHDU0FH7Jk.L.B1.O/am=DAAE/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrhTpOq57CQXWsHjCUS9PWKlKwXjOg/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.s3MUL3PC9mY.es5.O/am=DAAE/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrg_EaGzODuWKJZ9Iz6H0aLfK6ZbJA/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0667488ff25353e3edc193b3372c47e6fd141b2795caa90328ebf576443fd53d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 17:35:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 255596
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28157
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 00:42:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Mar 2023 17:35:22 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 1463 49 KB
20 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.s3MUL3PC9mY.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.caHDU0FH7Jk.L.B1.O/am=DAAE/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrhTpOq57CQXWsHjCUS9PWKlKwXjOg/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3625
date: Mon, 14 Mar 2022 15:34:53 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 14 Mar 2022 17:34:53 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 1463 1 MB
347 KB 132ms
131ms XHR
text/html 2a00:1450:400c:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.s3MUL3PC9mY.es5.O/am=DAAE/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrg_EaGzODuWKJZ9Iz6H0aLfK6ZbJA/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

381dd026f76952616b11b8ba2d5d1bf8a840e4646ddb1b1a0d6336d27e71f646

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-pQIY/Fnxx8RLTy49iinUMQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-pQIY/Fnxx8RLTy49iinUMQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge
server: ESF
cross-origin-opener-policy: unsafe-none; report-to="InstantbuyFrontendBuyflowPayUi"
date: Mon, 14 Mar 2022 16:35:18 GMT
x-frame-options: DENY
report-to: {"group":"InstantbuyFrontendBuyflowPayUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendBuyflowPayUi/external"}]}
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: private, max-age=3600
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-pQIY/Fnxx8RLTy49iinUMQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-pQIY/Fnxx8RLTy49iinUMQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
expires: Mon, 14 Mar 2022 16:35:18 GMT

POST
H3 200 log Show response
play.google.com/ Frame 1463 131 B
155 B 65ms
49ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.s3MUL3PC9mY.es5.O/am=DAAE/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrg_EaGzODuWKJZ9Iz6H0aLfK6ZbJA/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 14 Mar 2022 16:35:18 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Mon, 14 Mar 2022 16:35:18 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 67ms
44ms Preflight
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Mon, 14 Mar 2022 16:35:18 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 14 Mar 2022 16:35:18 GMT
cache-control: private

POST
H3 200 log Show response
play.google.com/ Frame 1463 131 B
155 B 61ms
47ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.s3MUL3PC9mY.es5.O/am=DAAE/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrg_EaGzODuWKJZ9Iz6H0aLfK6ZbJA/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 14 Mar 2022 16:35:18 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Mon, 14 Mar 2022 16:35:18 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 62ms
45ms Preflight
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Mon, 14 Mar 2022 16:35:18 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 14 Mar 2022 16:35:18 GMT
cache-control: private

POST
H3 200 log Show response
play.google.com/ Frame 1463 131 B
155 B 61ms
47ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.s3MUL3PC9mY.es5.O/am=DAAE/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrg_EaGzODuWKJZ9Iz6H0aLfK6ZbJA/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 14 Mar 2022 16:35:18 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Mon, 14 Mar 2022 16:35:18 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 55ms
45ms Preflight
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Mon, 14 Mar 2022 16:35:18 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 14 Mar 2022 16:35:18 GMT
cache-control: private

POST
H3 200 log Show response
play.google.com/ Frame 1463 131 B
155 B 64ms
49ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.s3MUL3PC9mY.es5.O/am=DAAE/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrg_EaGzODuWKJZ9Iz6H0aLfK6ZbJA/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 14 Mar 2022 16:35:18 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Mon, 14 Mar 2022 16:35:18 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 46ms
45ms Preflight
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Mon, 14 Mar 2022 16:35:18 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 14 Mar 2022 16:35:18 GMT
cache-control: private

POST
H3 200 log Show response
play.google.com/ Frame 1463 131 B
155 B 57ms
48ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.s3MUL3PC9mY.es5.O/am=DAAE/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrg_EaGzODuWKJZ9Iz6H0aLfK6ZbJA/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 14 Mar 2022 16:35:18 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Mon, 14 Mar 2022 16:35:18 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 43ms
43ms Preflight
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Mon, 14 Mar 2022 16:35:18 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 14 Mar 2022 16:35:18 GMT
cache-control: private

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.s3MUL3PC9mY.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.caH... Frame 1463 17 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.s3MUL3PC9mY.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.caHDU0FH7Jk.L.B1.O/am=DAAE/d=1/exm=Das5Le,IZT63,LEikZe,PrPYRd,Ru0Pgb,ZyYHPb,_b,_tp,byfTOb,hc6Ubd,lsjVmc,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrhTpOq57CQXWsHjCUS9PWKlKwXjOg/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.s3MUL3PC9mY.es5.O/am=DAAE/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrg_EaGzODuWKJZ9Iz6H0aLfK6ZbJA/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77bf1ee15caa602ce8639845d7e262601eee449733e8b573010a9b6349badd35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 17:35:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 255596
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7212
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 00:42:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Mar 2023 17:35:22 GMT

GET
H3 200 m=lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.s3MUL3PC9mY.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.caH... Frame 1463 7 KB
3 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.s3MUL3PC9mY.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.caHDU0FH7Jk.L.B1.O/am=DAAE/d=1/exm=Das5Le,FCpbqb,IZT63,LEikZe,PrPYRd,Ru0Pgb,WhJNk,Wt6vjf,ZyYHPb,_b,_tp,byfTOb,hc6Ubd,hhhU8,lsjVmc,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrhTpOq57CQXWsHjCUS9PWKlKwXjOg/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=lwddkf,EFQ78c

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.s3MUL3PC9mY.es5.O/am=DAAE/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrg_EaGzODuWKJZ9Iz6H0aLfK6ZbJA/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

577ee16d78b50293c4280a2348bbea5ac0b34dd13db556a236c4d6fad15c33eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 17:35:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 255596
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3070
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 00:42:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Mar 2023 17:35:22 GMT

POST
H3 200 log Show response
play.google.com/ Frame 1463 131 B
155 B 48ms
48ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.s3MUL3PC9mY.es5.O/am=DAAE/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrg_EaGzODuWKJZ9Iz6H0aLfK6ZbJA/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 14 Mar 2022 16:35:18 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Mon, 14 Mar 2022 16:35:18 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 44ms
44ms Preflight
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Mon, 14 Mar 2022 16:35:18 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 14 Mar 2022 16:35:18 GMT
cache-control: private

POST
H2 200 0 Show response
r.stripe.com/ Frame 3DCA 0
127 B 163ms
163ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8e58e79802d9bcab58f7c4c402daba72.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 14 Mar 2022 16:35:18 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 3DCA 0
127 B 163ms
163ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8e58e79802d9bcab58f7c4c402daba72.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 14 Mar 2022 16:35:18 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 3DCA 0
127 B 163ms
163ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8e58e79802d9bcab58f7c4c402daba72.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 14 Mar 2022 16:35:18 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 3DCA 0
127 B 163ms
162ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8e58e79802d9bcab58f7c4c402daba72.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 14 Mar 2022 16:35:18 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 log Show response
play.google.com/ Frame 1463 131 B
672 B 64ms
44ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.s3MUL3PC9mY.es5.O/am=DAAE/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrg_EaGzODuWKJZ9Iz6H0aLfK6ZbJA/m=_b,_tp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 14 Mar 2022 16:35:18 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Mon, 14 Mar 2022 16:35:18 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 3DCA 0
127 B 162ms
162ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8e58e79802d9bcab58f7c4c402daba72.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 14 Mar 2022 16:35:19 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H2 200 h
heapanalytics.com/ 37 B
258 B 98ms
97ms Image
image/gif 34.234.33.8
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1566116007&u=3141148209231365&v=502273731192336&s=897677440326104&b=web&tv=4.0&sp=ts&sp=1647275717071&sp=d&sp=donate.wck.org&sp=h&sp=%2Fgive%2F394390&sp=q&sp=%3Fm%3D65460%26eatoken%3D3%253AFxXXvMC7VQIv7mJ4ABQCKcV0kIsWTySO7eDdMCE0EBwDKjHhGH-81dnqZvzx0yj8brUiLt3BsDMAVXumrT1B1oGxR2egy2F4b8vlRVz2BUT4ng%26nid%3DVR.bec9a2d3-7c57-3766-b1c1-4d4cd68b05db.TA_EMAIL_TRV&sp=g&sp=%23!%2Fdonation%2Fcheckout&pp=d&pp=donate.wck.org&pp=q&pp=%3Fm%3D65460%26eatoken%3D3%253AFxXXvMC7VQIv7mJ4ABQCKcV0kIsWTySO7eDdMCE0EBwDKjHhGH-81dnqZvzx0yj8brUiLt3BsDMAVXumrT1B1oGxR2egy2F4b8vlRVz2BUT4ng%26nid%3DVR.bec9a2d3-7c57-3766-b1c1-4d4cd68b05db.TA_EMAIL_TRV&pp=h&pp=%2Fgive%2F394390&pp=g&pp=%23!%2Fdonation%2Fcheckout&pp=t&pp=World%20Central%20Kitchen&pp=ts&pp=1647275717071&id0=6125951162007751&k0=environment&k0=prod&k0=organization_id&k0=20802&k0=payment_processor&k0=WePay&k0=campaign&k0=394390&k0=campaign_type&k0=donation&k0=duplicate_fundraisers&k0=false&k0=existing_fundraiser&k0=false&k0=digitalWalletsLoaded&k0=true&t0=Donation%20Page%20-%20View%20Page%20-%20Digital%20Wallet&ts0=1647275718923&st=1647275718924

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.234.33.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-234-33-8.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.wck.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Mar 2022 16:35:18 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 GooglePay-logo.svg
donate.wck.org/static/global/images/digitalWallets/ 3 KB
1 KB 42ms
40ms Image
image/svg+xml 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://donate.wck.org/static/global/images/digitalWallets/GooglePay-logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee8b513e01e58127f81cb40ae5909a16a8eb0f8185efa32fd0a9104a7deb2c78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.wck.org/give/394390?m=65460&eatoken=3%3AFxXXvMC7VQIv7mJ4ABQCKcV0kIsWTySO7eDdMCE0EBwDKjHhGH-81dnqZvzx0yj8brUiLt3BsDMAVXumrT1B1oGxR2egy2F4b8vlRVz2BUT4ng&nid=VR.bec9a2d3-7c57-3766-b1c1-4d4cd68b05db.TA_EMAIL_TRV
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 16:35:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 28 Feb 2022 18:43:38 GMT
server: cloudflare
age: 787577
etag: W/"621d17da-b41"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains
cf-ray: 6ebe6bfb5e6a23c7-ZRH
expires: Sun, 05 Mar 2023 13:49:01 GMT

GET
H2 200 trusted-types-checker-d94f0d11e834f7fa478e6019ceb5f82f.js Show response
js.stripe.com/v3/fingerprinted/js/ 174 B
276 B 8ms
8ms Script
application/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-d94f0d11e834f7fa478e6019ceb5f82f.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

414920313c75c6d7e67834792991545719672c8552735628553bc5033255a0f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.wck.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 33
x-cache: HIT
content-length: 120
etag: "c09952c736b1c994b451192b7801b692"
x-request-id: e8e20f60-888c-461e-903f-9eb6c534015c
x-served-by: cache-hhn4042-HHN
access-control-allow-origin: *
last-modified: Tue, 08 Mar 2022 20:28:44 GMT
server: Fastly
date: Mon, 14 Mar 2022 16:35:23 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3

POST
H2 200 0 Show response
r.stripe.com/ Frame 3DCA 0
127 B 162ms
162ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8e58e79802d9bcab58f7c4c402daba72.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 14 Mar 2022 16:35:23 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

Verdicts & Comments Add Verdict or Comment

182 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

38 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.tripadvisor.com/	1970-01-23 17:10:35	Name: TADCID Value: _nLbRnuMa0M5WgaIABQCFdpBzzOuRA-9xvCxaMyI12wmUGBmHdJA3zQgX8v2xRtgo1lQmacYOzwuxoINQp6IerIc97iGODcVYoQ
.tripadvisor.com/	1970-01-20 19:05:47	Name: TAUnique Value: %1%enc%3A7EZKNwcZtQd2LOW9AzceDxfDqTAe0AfQT6cCiuGZix0VAETMq8nxvA%3D%3D
.www.tripadvisor.com/	1970-01-20 01:34:39	Name: __vt Value: DViB4LvHm2tQQ9b7ABQCIf6-ytF7QiW7ovfhqc-AvRwD8PCxAeNah4a02P2M5mzebCIuw-CrtFO3pkHGzfJizqXQCaRzOQ7mFpj4bgpDSf7Paic2mzYGC-J2IC5QqiiBevz0VF1fQ8icGS4rooWz2ht9ug
.tripadvisor.com/	1969-12-31 23:59:59	Name: TASession Value: V2ID.7DA068E797F7443D8F29A077E33BCB1FSQ.1GR.17TCPAR.64TBR.41EXEX.80ABTR.91PHTB.88FS.43CPU.87HS.recommendedES.popularityDS.5SAS.popularityFPS.oldFirstFA.1DF.0*TRA.true
.www.tripadvisor.com/	1970-01-20 19:05:47	Name: PAC Value: ABj0dKspoEORPEkNw3lFznU3Tneq0_4PiYni8R3FWdj2xOzFqwo9wdLkTUYoWPf-csOSXpcFgFyqjmRzZpzLb2FIwIgPdGSKogC_lwyeGn0w
.www.tripadvisor.com/	1969-12-31 23:59:59	Name: SRT Value: TART_SYNC
.tripadvisor.com/	1969-12-31 23:59:59	Name: ServerPool Value: B
.www.tripadvisor.com/	1970-01-20 19:05:47	Name: PMC Value: V2MS.5MD.20220314*LD.20220314
.www.tripadvisor.com/	1970-01-20 01:41:47	Name: TART Value: %1%enc%3AdizlvQM3Hg8ArB8KEn%2FRAQEaTNSAJ0e3RkaxSCgFoGYiyqKCnP8Kkj3DzbTiuEeUVvbw%2B%2FEkX94%3D
.tripadvisor.com/	1970-01-20 01:54:45	Name: TATravelInfo Value: V2A.2MG.-1HP.2FL.3*RS.1
.tripadvisor.com/	1970-01-20 01:54:45	Name: TAUD Value: RDD-1647275715281-2022_03_14
.www.tripadvisor.com/	1970-01-20 01:34:37	Name: TASID Value: 7DA068E797F7443D8F29A077E33BCB1F
.tripadvisor.com/	1970-01-20 01:34:42	Name: ak_bmsc Value: FDD3DED4845C88E458171483B73546D7~000000000000000000000000000000~YAAQfboQArfSOWV/AQAAG6tIiQ/X5dN2bm7uPex08bmQ/l5AF+BGKE7qCG5tDIF84Azt9bDbNC3djZVnkNqgpzkP6lbzQ4MhLQDnIGUWiIxAR8sXLuxW5rdNzlbi6DppRmLeeKupD0f/G/LYKlP8/7lchaQ9Ew476q2ThjgS3CovrEfCDVhSpkSn199ObFqvqUPD1X3D9fS9oxIpJN2dyi84oxE1rB6UpS06L5C1QPqxnwK3rGCZIrsl/eFzg1LvW9IYxeuNGcRICi9roxQJKoZm35CfnDe90cG83r7rpF9qpabn/XMq76dcxaXrc+/t7Yz+mVJZFUguA2gYxJVp8yFGtqO0Sz4o2et3FMq35DevUiOsUaap/SoQF3FupK9cw+D1A75dNfIOZzTQfQRx
donate.wck.org/	1970-02-08 03:02:53	Name: connect.sid Value: s%3AWbn93MCxfAGteQIDlhaDxvrAbRDc9rV9.%2BMEpOMoOhwgl%2FPivgawzlore%2BVcWx%2FC%2Fax2sd3%2FU%2FNQ
.donate.wck.org/	1970-01-20 01:34:37	Name: __cf_bm Value: mHU8TBRPSz7uvUpWf5SCGG4JwHGgYWSII7ahvFADe2w-1647275716-0-ARJTDh9nyxxRmxRlNI1/DA0yFRuLHq+slIfFJ/tJG8TxCZN8Vw/ZVa0xCabtYKTXSX0K5lkQLcYCQI3s/wWj1VA=
.donate.wck.org/	1969-12-31 23:59:59	Name: __cfruid Value: 75b30fd532b76e4c909af94c03d1524cd59ad6f2-1647275716
.classy.org/	1970-01-20 01:34:37	Name: __cf_bm Value: CHXz9SdclDGpqVR.eDrWHFciMyhAo.Bbdz7_GVySnQo-1647275716-0-AbvQBD1e2IYLtvOkQiKNydKsVREtfV49zgLbS6Nfrnv6CYQ1HjsH7PJYhNxlgJp174dwETCxdxx1S4c57WUXXjw=
.wck.org/	1970-01-20 19:05:47	Name: _ga Value: GA1.2.1148721415.1647275717
.wck.org/	1970-01-20 01:36:02	Name: _gid Value: GA1.2.2025588087.1647275717
.wck.org/	1970-01-20 11:02:33	Name: _hp2_id.1566116007 Value: %7B%22userId%22%3A%223141148209231365%22%2C%22pageviewId%22%3A%22502273731192336%22%2C%22sessionId%22%3A%22897677440326104%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 1SQLlP65ABo
.youtube.com/	1970-01-20 05:53:47	Name: VISITOR_INFO1_LIVE Value: Dlg_B7qpcI8
.wck.org/	1970-01-20 01:34:35	Name: _gat_classyTrack Value: 1
.wck.org/	1970-01-20 01:34:35	Name: _gat_clientTrack Value: 1
.wck.org/	1970-01-20 11:02:33	Name: _hp2_props.1566116007 Value: %7B%22environment%22%3A%22prod%22%2C%22organization_id%22%3A20802%2C%22payment_processor%22%3A%22WePay%22%2C%22campaign%22%3A394390%2C%22campaign_type%22%3A%22donation%22%2C%22duplicate_fundraisers%22%3Afalse%2C%22existing_fundraiser%22%3Afalse%7D
.wck.org/	1970-01-20 01:34:37	Name: _hp2_ses_props.1566116007 Value: %7B%22ts%22%3A1647275717071%2C%22d%22%3A%22donate.wck.org%22%2C%22h%22%3A%22%2Fgive%2F394390%22%2C%22q%22%3A%22%3Fm%3D65460%26eatoken%3D3%253AFxXXvMC7VQIv7mJ4ABQCKcV0kIsWTySO7eDdMCE0EBwDKjHhGH-81dnqZvzx0yj8brUiLt3BsDMAVXumrT1B1oGxR2egy2F4b8vlRVz2BUT4ng%26nid%3DVR.bec9a2d3-7c57-3766-b1c1-4d4cd68b05db.TA_EMAIL_TRV%22%2C%22g%22%3A%22%23!%2Fdonation%2Fcheckout%22%7D
.donate.wck.org/	1970-01-20 10:20:11	Name: OptanonConsent Value: landingPath=https%3A%2F%2Fdonate.wck.org%2Fgive%2F394390%3Fm%3D65460%26eatoken%3D3%253AFxXXvMC7VQIv7mJ4ABQCKcV0kIsWTySO7eDdMCE0EBwDKjHhGH-81dnqZvzx0yj8brUiLt3BsDMAVXumrT1B1oGxR2egy2F4b8vlRVz2BUT4ng%26nid%3DVR.bec9a2d3-7c57-3766-b1c1-4d4cd68b05db.TA_EMAIL_TRV%23!%2Fdonation%2Fcheckout&datestamp=Mon+Mar+14+2022+16%3A35%3A17+GMT%2B0000+(GMT)&version=3.6.25&EuOnly=true
donate.wck.org/	1969-12-31 23:59:59	Name: CSRF-TOKEN Value: BFr4A8iA-J-d9qSv3I7jg7N6QbEXH62Y0ucM
.wck.org/	1970-01-20 03:44:11	Name: _fbp Value: fb.1.1647275718154.777605310
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 8884867d0381e975
.facebook.com/	1970-01-20 03:44:11	Name: fr Value: 0G8t4p3WHdjmWWKPk..BiL27G...1.0.BiL27G.
donate.wck.org/	1970-01-20 10:20:11	Name: acceptCookies Value: eyJpdiI6IjA1dFFZTkZ4REI4dnhyd1lTM2xoUFE9PSIsInZhbHVlIjoiSUhycHNSeGJNVU1uYnk3RG9LTWxQdz09IiwibWFjIjoiMWJjYTdhOTAyYmU4ZDMyYzE3ZjljYzZjNzhiM2FmYjQ1NTE3ZmY0NGM1ZjE4ODZjYjg5OWQ0OTE0OGY5N2Q2NSJ9
donate.wck.org/	1970-01-20 01:34:42	Name: XSRF-TOKEN Value: eyJpdiI6Im81eEg2Z1kyUFNxK2JwdnJxMktJTHc9PSIsInZhbHVlIjoieDd0cXk2WlBDNkFxR3VHWjBGbkQrUFllQ0V4cTYwWEZRamNBY1dQaEZoTG1uWTFnRzZWQXROVzJ4MzNuS0JHbWYrUVFhYXBHdTFCT2ZteXVqQkYzbnc9PSIsIm1hYyI6IjBkOWEyNDMzZjJkMjcxNGNkZGY4MzI5ZGE2YmFmMTM3YTI3YjVhNGM3OTczMDY5MTgyYjdlZTQxMmY5MjcyMjgifQ%3D%3D
donate.wck.org/	1969-12-31 23:59:59	Name: sid Value: eyJpdiI6Im93RVF2TWNQMThSbXoxQVEzRHpBYmc9PSIsInZhbHVlIjoiOThKaSt2UDdCOUR3b3o3Uno4ODFvUURYaWtvdVVIdFJwXC9DVExMSytlSUR0NnpUb0g1YWM0dnBIYWNVbnM4eWdCRDZYbFczZVIzV1V2UjZBMWZHQ1ZnPT0iLCJtYWMiOiJmMmRiYWRkZjE1NTE3Yzc1NDk4ZjFmYmVkMWQwZjgyNWM3MTAzNjUxMGQwZTkyYzRiOTJiMmQ3ZGZhZGZiMGU4In0%3D
.google.com/	1970-01-20 05:58:06	Name: NID Value: 511=Ysr921uqy3VPK6Ke1xev1uR5o4xWevJIfE8V6_YPDwIKKnW20lge_CZ7YXxErLcs3rHWyzQbLsT-vrivdTGe8xogPQnEfzAFC2kbbPRq7b4Q0zkFpi8e39UXxYmzXjslKCQ-CftpjFzn7LkKa5DVsIZwWODPyJeAdEfAaN7G0HI
m.stripe.com/	1970-01-20 19:05:47	Name: m Value: 10109f28-1cd3-4d82-abe9-bfdf16405546389733
.donate.wck.org/	1970-01-20 10:20:11	Name: __stripe_mid Value: f1683551-5eea-42e3-9192-88c0584279b66b23bb
.donate.wck.org/	1970-01-20 01:34:37	Name: __stripe_sid Value: 28a82720-8c6f-4a5b-85bc-d46ba841a1a41d1718

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.classy.org
bam-cell.nr-data.net
cdn.heapanalytics.com
cdn.plaid.com
code.jquery.com
connect.facebook.net
donate.wck.org
doublethedonation.com
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
heapanalytics.com
htp.tokenex.com
js-agent.newrelic.com
js.stripe.com
m.stripe.com
m.stripe.network
pay.classy.org
pay.google.com
platform.twitter.com
play.google.com
prod-frs.content.classy.org
q.stripe.com
r.stripe.com
sessions.bugsnag.com
static.cloudflareinsights.com
stats.g.doubleclick.net
syndication.twitter.com
unpkg.com
www.facebook.com
www.google-analytics.com
www.googleadservices.com
www.gstatic.com
www.tripadvisor.com
www.youtube.com
104.244.42.72
108.157.4.23
13.32.121.85
142.250.184.194
151.101.0.176
151.101.2.137
162.247.243.147
2.18.234.194
2001:4de0:ac18::1:a:1b
23.96.109.67
2600:1901:0:7a0b::
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6814:b844
2606:4700::6810:5e41
2606:4700::6810:7aaf
2606:4700::6812:7115
2606:4700::6812:843c
2a00:1450:4001:810::200e
2a00:1450:4001:811::200e
2a00:1450:4001:827::2003
2a00:1450:4001:82f::2003
2a00:1450:4001:830::200a
2a00:1450:4001:830::200e
2a00:1450:400c:c00::5c
2a00:1450:400c:c08::9c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.215.58.150
34.234.33.8
52.143.247.24
54.186.23.98
0429366e46af03204bb50895857583bae6449f82b70b74b54c2d87ee074d7637
056a25fd3493379aba428c8c679b68a841060e54b9bab8c65361a573ba2305ae
0667488ff25353e3edc193b3372c47e6fd141b2795caa90328ebf576443fd53d
081171e53fb475d6883b0eb282309fa98335569794aabb10e664e1ec31126ab1
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0bfb91256f2cf5de0eb60ca3fd11c8f94d27958b0f6d95b483e67483931647aa
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0cbdddc17a4a07f9b2f25c5534ab1dd3ad5aefbf30cfe974cac3ca038b99ca5c
0ecde91d88dbb2ac0fee3fd1fbb92977853f7e91ba1977c2c33b04d237165693
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12d00509d53016805b7a18219553a512018c5a1a8daf99ad6ada6c5f90cffa79
1563b4b7778cd83abd36fe33c751c32d18533abb40905f99aca22f64a70df50c
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
167549d476f2de7aafe21665a35957328e7978580fdad0f2e387ea9ff67a2210
1dda2cecb8f0322c2b59a817ac9d9fa234b3792ff094b1a401b3862d3cf157dc
21c848048b8d6f27df63cda1c6c0b3990d9bec2a6e2117685994755f7752b8b5
2cbd667c9141c3ef06bd0a8c4149ae58e52ded5ec49d57d8cabfa9bff874c572
2f5e7f860be0fea836eca8a17253bfa18c0d115ebdef9100c138a1188bd76d57
325703be85c4a9f407d84924917b3241f96b6c2f508cc3065c140ce47f2ebf28
34d4b0d52609d6fe3b7a0b1ade615a14d99b59b85c35a078c7839e33695a893b
381dd026f76952616b11b8ba2d5d1bf8a840e4646ddb1b1a0d6336d27e71f646
414920313c75c6d7e67834792991545719672c8552735628553bc5033255a0f4
45c43f74abd2f40552d304ffa4ff077cf507529c7234a4d94e73738bbcb9780f
46e79a09a479456616c9a9ac685e8e26ca6377c3067d18205066c541db3f9da4
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
577ee16d78b50293c4280a2348bbea5ac0b34dd13db556a236c4d6fad15c33eb
5ba86bd1f4cc4f3a1575d2075a4474fa3b08bcb6d0b5a7b6e51100f7a3b59b95
5c0590b942b751ad1015d0203cca0ff1dfe5ccea220e263c3640040d64c0c882
5f58dde34086b12832e2cb3817d80f9d414346cdfa9a37815206206159e0af04
5fa553b3ca22c21a48fb04341944ed72eff3fc14e3bee039d4f92dccfb270bda
62f42276dddf470e795cc1b1bdcb8fe73a0354188bcfa80e0600e8b8d2a21dcb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c94cba1c52aee50673b999392fb4078c7ca161f7418757f850196c998b4ee41
77bf1ee15caa602ce8639845d7e262601eee449733e8b573010a9b6349badd35
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8643d2fc856e6117f24a5cc85c87c243375ed3dc6e7a2292a8cbb898edbc26c0
866c6849512ea1b0144a4afa82da9fc1c7dfeb322b4a8c082ca16bdd3cc08446
86cb276d0550d189e7dad4800fbbcfe7b5312f7845e0e711115d5aad589b5d27
88d1a4c00a42d4ae20c4b8f4e193e334d77394c6c7dc4197c66a90e90e4973f2
8dfc820eee73dff22f39419f76c53bf6327d37b10cf348224eb78e723f0cb93b
8e885457ba20624b6b2ce062f0c9f63adaa4e8b215cf068bdf701a6c819b9e5d
8faaf7a31723f29322d97c936aaa2d594a993d009780f0cf785798378d72c1c0
911ef7c8eccb36f011b85b2c67156a262d1bb0c9fed0543746d80ed08a8621e5
917de146b42194aede8af5de5907ca5b439977784602f539f42b3307c24e1274
987371454c1ad11929a412bd48f8ca28d2a951425e60023e9b1031575980ac9c
990a970d0b13f02acfecc901ef01c6d8fd87b05fbb7173e2a1ecb5ffbc3ef514
9dc9f15be9644fe661ed74493a4de393418024500fe78cf633bac0a86f29a745
9ef784fd6235d361e4661e2f5dee7cc6d77577985e08fd32ab55de96bd56c8c9
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2f6b81396ab1150effea054efbf1623212ea0419976389ce8f10e909d39e4c7
a454ac75a7a8f1336a7305ffc9fdf9763dd7c14975e679e41006d7913b90e03b
adf4afee15d307888f52c5c1b8649ba2ef593e9a04e1400b63f80774c0d20176
ae998eb82cc3181d36e0cb43e5b89634b8ba85e027047d343e58cbc6fc58d3ed
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b05bc405a4294a1d778025a79275c288477dda7cf50f679c9b621925b0dad5a4
b0817a0d6a87f2d42532035e42b20ea55cfaa5ca1092c761f5fc5e734790bdbf
b5b86e6342c84d0eefc2bb387a4fd8d6c8477ca921f059ba2faa81ced69cb483
b84522c8ad3dc8572b8d7ebcffbe108e04e5e079120e3d2d9394e28ad537b814
b872b4ad2e649961fbf3cdc43966716bd820301634adebaf5329c1aa22a1f7ee
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c436c243a9a9475a4aef412cb31a2a5f06927436a98c7d243b5083fab52eed63
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c751fe2e3ebe19205c4845af55a79608fcc55109648115357e673bf5dc161b49
c9a35e6a04a65ef59009f7f48fda051d802dea8c7814533ba432b6477410c9b0
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d57ca9d0360fd8880df135a1d414e60f73dce60f65bbaed8a9174b2506ab1b02
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
db35d9942ff3fe390acc214cea81723f9c880cdd53788be8a16d6b3e0aab3965
db49cf0970b25372642861352702ca1153a05c3d634a2fabe48112049ec74579
dd2d8d288526b88b0eae53168e31b4092acf39ed38d40ffcbc6d0ab2f7a4aa66
e11bcfaca97fe9951e45ee8c86f966eaebf2b0e54aa38bedea2cb920057797da
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e906db1e3944fb6bfb6c1c25957a65e1fd4b74447ae5a4ab89d40dac0e8e0521
ed34a59f182c66e2b25c602f3c9b0f21435a8f475d5dbc9e6830ff4c7929f5cd
ee8b513e01e58127f81cb40ae5909a16a8eb0f8185efa32fd0a9104a7deb2c78
f70b05c50d20b6044717b1a0f732d9f20958482d5391450af6a1cbce1eb2e514
fac44736016b4b0e83c2293f77abcd251520dc2e841fb35604b33aefc3a485ad
fb92a1ef1cf264bb8eea72c2931c0792c88263258e00e86de118bdd5f1aae997
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

donate.wck.org Open in urlscan Pro 2606:4700::6812:843c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

140 Requests

100 %HTTPS

58 %IPv6

26 Domains

35 Subdomains

30 IPs

4 Countries

2998 kBTransfer

10036 kBSize

38 Cookies

7 Outgoing links

Page URL History

Redirected requests

140 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

donate.wck.org Open in urlscan Pro
2606:4700::6812:843c Public Scan

Screenshot
Live screenshot

Full Image

140
Requests

100 %
HTTPS

58 %
IPv6

26
Domains

35
Subdomains

30
IPs

4
Countries

2998 kB
Transfer

10036 kB
Size

38
Cookies

140 HTTP transactions
0 data transactions