fireflyin.org Open in urlscan Pro
104.248.232.0 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://fireflyin.org/
Effective URL:
https://fireflyin.org/
Submission: On March 06 via api (March 6th 2024, 7:54:11 pm UTC) from US — Scanned from DE

Summary HTTP 213 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 28 IPs in 5 countries across 21 domains to perform 213 HTTP transactions. The main IP is 104.248.232.0, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is fireflyin.org.
TLS certificate: Issued by R3 on February 14th 2024. Valid for: 3 months.

This is the only time fireflyin.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 52	104.248.232.0 104.248.232.0	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
17	18.245.60.53 18.245.60.53	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:e6:... 2606:4700:e6::ac40:cf26	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:214... 2600:9000:214f:7800:1b:350b:3f00:93a1	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::178	15169 (GOOGLE) (GOOGLE)
1	2600:9000:239... 2600:9000:2394:8a00:2:68c1:1040:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c02::9b	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
41	151.101.128.176 151.101.128.176	54113 (FASTLY) (FASTLY)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	2400:52e0:1e0... 2400:52e0:1e00::1081:1	200325 (BUNNYCDN) (BUNNYCDN)
10	104.209.152.250 104.209.152.250	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
12	35.186.241.51 35.186.241.51	15169 (GOOGLE) (GOOGLE)
2	99.86.4.85 99.86.4.85	16509 (AMAZON-02) (AMAZON-02)
3	44.241.19.114 44.241.19.114	16509 (AMAZON-02) (AMAZON-02)
1	20.150.43.196 20.150.43.196	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	34.241.59.225 34.241.59.225	16509 (AMAZON-02) (AMAZON-02)
1	198.137.150.81 198.137.150.81	16509 (AMAZON-02) (AMAZON-02)
15	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
6	104.19.218.90 104.19.218.90	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c0b::5c	15169 (GOOGLE) (GOOGLE)
213	28

52 104.248.232.0 (North Bergen, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: childrensbureau.org

fireflyin.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 18.245.60.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-53.fra60.r.cloudfront.net

sky.blackbaudcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e6::ac40:cf26 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:214f:7800:1b:350b:3f00:93a1 (United States)

ASN16509 (AMAZON-02, US)

editor.ne16.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2394:8a00:2:68c1:1040:93a1 (United States)

ASN16509 (AMAZON-02, US)

host.nxt.blackbaud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c02::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 151.101.128.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.stripecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2400:52e0:1e00::1081:1 (Germany)

ASN200325 (BUNNYCDN, SI)

cl.qualaroo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dntcl.qualaroo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.209.152.250 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

fms-pusa01.app.blackbaud.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pco-pusa01.app.blackbaud.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 35.186.241.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.241.186.35.bc.googleusercontent.com

api-js.mixpanel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.4.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-85.fra6.r.cloudfront.net

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.241.19.114 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-241-19-114.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.150.43.196 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

s21pusa01afmsv2blkbsa03.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.241.59.225 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: api-34-241-59-225.stripe.com

api.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.137.150.81 (United States)

ASN16509 (AMAZON-02, US)

merchant-ui-api.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.19.218.90 (None, )

ASN13335 (CLOUDFLARENET, US)

hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
newassets.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
57	stripe.com js.stripe.com — Cisco Umbrella Rank: 1155 m.stripe.com — Cisco Umbrella Rank: 1134 api.stripe.com — Cisco Umbrella Rank: 12840 merchant-ui-api.stripe.com — Cisco Umbrella Rank: 5082 r.stripe.com — Cisco Umbrella Rank: 2301	2 MB
52	fireflyin.org 1 redirects fireflyin.org	2 MB
17	blackbaudcdn.net sky.blackbaudcdn.net — Cisco Umbrella Rank: 23317	992 KB
12	mixpanel.com api-js.mixpanel.com — Cisco Umbrella Rank: 1996	1013 B
12	gstatic.com www.gstatic.com fonts.gstatic.com	898 KB
12	google.com www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 2656 pay.google.com — Cisco Umbrella Rank: 2753	118 KB
10	blackbaud.net fms-pusa01.app.blackbaud.net — Cisco Umbrella Rank: 307897 pco-pusa01.app.blackbaud.net	54 KB
7	stripecdn.com b.stripecdn.com — Cisco Umbrella Rank: 11596	89 KB
6	hcaptcha.com hcaptcha.com — Cisco Umbrella Rank: 5514 newassets.hcaptcha.com — Cisco Umbrella Rank: 6729 api.hcaptcha.com — Cisco Umbrella Rank: 6866	439 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	272 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1243	16 KB
2	qualaroo.com cl.qualaroo.com — Cisco Umbrella Rank: 8685 dntcl.qualaroo.com — Cisco Umbrella Rank: 10925	57 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1141	83 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6744	515 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 84	395 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	21 KB
2	ne16.com editor.ne16.com — Cisco Umbrella Rank: 115924	26 KB
2	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 973	77 KB
1	windows.net s21pusa01afmsv2blkbsa03.blob.core.windows.net — Cisco Umbrella Rank: 596771	2 MB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	2 KB
1	blackbaud.com host.nxt.blackbaud.com — Cisco Umbrella Rank: 44555	3 KB
213	21

	Domain	Requested by
52	fireflyin.org	1 redirects fireflyin.org
34	js.stripe.com	host.nxt.blackbaud.com js.stripe.com
17	sky.blackbaudcdn.net	fireflyin.org sky.blackbaudcdn.net host.nxt.blackbaud.com
15	r.stripe.com	js.stripe.com
12	api-js.mixpanel.com	sky.blackbaudcdn.net
10	www.google.com	fireflyin.org www.gstatic.com www.google.com sky.blackbaudcdn.net
8	www.gstatic.com	www.google.com www.gstatic.com
7	b.stripecdn.com	js.stripe.com b.stripecdn.com
6	fms-pusa01.app.blackbaud.net	sky.blackbaudcdn.net
4	api.stripe.com	js.stripe.com
4	pco-pusa01.app.blackbaud.net	sky.blackbaudcdn.net
4	fonts.gstatic.com	www.google.com
3	newassets.hcaptcha.com	hcaptcha.com newassets.hcaptcha.com
3	m.stripe.com	m.stripe.network
3	www.googletagmanager.com	fireflyin.org www.googletagmanager.com www.google-analytics.com
2	api.hcaptcha.com	newassets.hcaptcha.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	maxcdn.bootstrapcdn.com	sky.blackbaudcdn.net maxcdn.bootstrapcdn.com
2	www.google.de	fireflyin.org
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	editor.ne16.com	fireflyin.org editor.ne16.com
2	use.fontawesome.com	fireflyin.org use.fontawesome.com
1	pay.google.com	b.stripecdn.com pay.google.com
1	hcaptcha.com	b.stripecdn.com
1	merchant-ui-api.stripe.com	js.stripe.com
1	s21pusa01afmsv2blkbsa03.blob.core.windows.net
1	dntcl.qualaroo.com	cl.qualaroo.com
1	cl.qualaroo.com	fireflyin.org
1	fonts.googleapis.com	sky.blackbaudcdn.net client
1	region1.analytics.google.com	www.googletagmanager.com
1	host.nxt.blackbaud.com	sky.blackbaudcdn.net
213	32

This site contains links to these domains. Also see Links.

Domain
trainwithfirefly.org
vizi.vizirecruiter.com
goo.gl
www.facebook.com
twitter.com
www.youtube.com
www.linkedin.com
www.instagram.com

Subject Issuer	Validity	Valid
fireflyin.org R3	`2024-02-14` - `2024-05-14`	3 months	crt.sh
sky.blackbaudcdn.net Amazon RSA 2048 M01	`2023-07-10` - `2024-08-07`	a year	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
editor.ne16.com Amazon RSA 2048 M02	`2023-07-09` - `2024-08-06`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
host.nxt.blackbaud.com Amazon RSA 2048 M02	`2023-12-18` - `2025-01-15`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
www.google.de GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-02-07` - `2024-05-09`	3 months	crt.sh
bootstrapcdn.com GTS CA 1P5	`2024-01-28` - `2024-04-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
cl.qualaroo.com R3	`2024-02-13` - `2024-05-13`	3 months	crt.sh
*.app.blackbaud.net GeoTrust TLS RSA CA G1	`2023-02-16` - `2024-03-18`	a year	crt.sh
*.mixpanel.com GeoTrust TLS RSA CA G1	`2024-02-08` - `2025-03-10`	a year	crt.sh
dntcl.qualaroo.com R3	`2024-02-22` - `2024-05-22`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2024-02-26` - `2024-05-23`	3 months	crt.sh
*.blob.core.windows.net Microsoft RSA TLS CA 01	`2023-09-27` - `2024-09-27`	a year	crt.sh
api.stripe.com DigiCert SHA2 Extended Validation Server CA	`2024-01-02` - `2024-04-04`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2024-02-26` - `2024-05-23`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-15` - `2024-04-14`	a year	crt.sh

This page contains 18 frames:

Primary Page: https://fireflyin.org/
Frame ID: 0D0023B9D12A11423AE613515994D619
Requests: 81 HTTP requests in this frame

Frame: https://host.nxt.blackbaud.com/adaptive-donor-form?formId=dfba46a0-3e16-4628-81f5-7e230561d381&envId=p-9z6Up4Vb10-q_nAoD_KRZw&zone=usa&loaderId=f246b62e-d40a-4815-aacf-b95c146cd89a
Frame ID: A5BD0ADC61D40564598EB1FB91266D3B
Requests: 49 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcNmFogAAAAANf9lmg1yN8XceAk5OO0Yo2DQ5gV&co=aHR0cHM6Ly9maXJlZmx5aW4ub3JnOjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=yaca62e1y7hk
Frame ID: 946963B9077B4C886EDE90198F2F1DBA
Requests: 9 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 097262C8B9F7281BC6C1DA5E0E494B43
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: A2AB156D536092FD5C01C8811328B468
Requests: 5 HTTP requests in this frame

Frame: https://dntcl.qualaroo.com/frame.html
Frame ID: 08937F2CFA5F928227E9EEF06EA3011C
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-5d32e60b1cb234351f931b77526b2e3c.html
Frame ID: EB42795DAC5BEF0B0DF33D0CF97936A0
Requests: 25 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-express-checkout-8d42ac02930eada169d1b7d8d63c8d68.html
Frame ID: BF3F7443AC1C3EFEF971B35736ADE2A2
Requests: 5 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-loader-ui-eb1d7a8323f738ddc4d190193d59c03b.html
Frame ID: F887DDA52481E4FFD1265A2C1C2C5151
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-payment-69de34d1928dd4099646693d5935c76d.html
Frame ID: 7B9BD18AEDC8430FBE244E31658E4269
Requests: 15 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcSzh0lAAAAAK3tmGuiaquWJLr7e_NpdtzGjL6f&co=aHR0cHM6Ly9ob3N0Lm54dC5ibGFja2JhdWQuY29tOjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=vqyunbmbjm1
Frame ID: 287E7F333761990D5D31077FDF6B0A10
Requests: 8 HTTP requests in this frame

Frame: https://js.stripe.com/v3/hcaptcha-invisible-0e5c0d1175acf203e2bcb801f787e576.html
Frame ID: EECCD9AE6754FC786D9AB6DCB3ED25CC
Requests: 2 HTTP requests in this frame

Frame: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.21/HCaptchaInvisible.html?id=35c05819-92e5-4288-884e-ed252b45708c&origin=https%3A%2F%2Fjs.stripe.com
Frame ID: D98CDB650F7C1D0F571CFB631415DC36
Requests: 4 HTTP requests in this frame

Frame: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.21/GooglePay.html?id=7b8e9361-081d-43ba-8ef4-5c63f30fd1d7&origin=https%3A%2F%2Fjs.stripe.com
Frame ID: FF780AB256041BC3E91323842B2D13AD
Requests: 1 HTTP requests in this frame

Frame: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.21/GooglePay.html?id=c89bae12-39f4-41a9-9de9-b4798f8caa04&origin=https%3A%2F%2Fjs.stripe.com
Frame ID: 9FC31182EA8AEDD8F1C37DE53E3ED1D3
Requests: 7 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/fadb9c6/static/hcaptcha.html?_v=o8z956hz5p
Frame ID: EC1B3DD05868F8918B6963D23FD649B8
Requests: 5 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fb.stripecdn.com&mid=
Frame ID: 62C2A1DBCC40CFD482FB15BFB028F9B6
Requests: 1 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/generate_gpay_btn_img?buttonColor=black&browserLocale=en&buttonSizeMode=fill&enableGpayNewButtonAsset=false&allowedPaymentMethods=%5B%7B%22type%22%3A%22CARD%22%2C%22parameters%22%3A%7B%22allowedAuthMethods%22%3A%5B%22PAN_ONLY%22%2C%22CRYPTOGRAM_3DS%22%5D%2C%22allowedCardNetworks%22%3A%5B%22AMEX%22%2C%22DISCOVER%22%2C%22JCB%22%2C%22MASTERCARD%22%2C%22VISA%22%5D%7D%7D%5D&gpayButtonVariantType=1
Frame ID: AFC38AC06A52BE47E0D101ECAEA1474A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home | Firefly Children & Family Alliance

Page URL History Show full URLs

http://fireflyin.org/ HTTP 301
https://fireflyin.org/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

jQuery Mobile (Mobile Frameworks) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]mobile(?:-([\d.]))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

hCaptcha (Security) Expand

Overall confidence: 100%
Detected patterns

https://hcaptcha.com/([\d]+?)/api.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

213
Requests

97 %
HTTPS

56 %
IPv6

21
Domains

32
Subdomains

28
IPs

5
Countries

8026 kB
Transfer

23328 kB
Size

8
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://trainwithfirefly.org/
Title: Foster & Adoptive Parents

Search URL Search Domain Scan URL

URL: https://vizi.vizirecruiter.com/Firefly-Children-Family-Alliance-4320/index.html
Title: Search Jobs

Search URL Search Domain Scan URL

URL: https://vizi.vizirecruiter.com/Firefly-Children-Family-Alliance-4320/index.html#?level=%5B%22Intern%22%5D
Title: Search Internships

Search URL Search Domain Scan URL

URL: https://goo.gl/maps/stH4maq6sE3KQiy56
Title: 1575 Dr. Martin Luther King Jr. StreetIndianapolis, Indiana, 46202

Search URL Search Domain Scan URL

URL: https://www.facebook.com/FireflyIndiana
Title: Follow

Search URL Search Domain Scan URL

URL: https://twitter.com/fireflyIndiana
Title: Follow

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCrEmFlY1c4izh8ZG293KrPg
Title: Follow

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/fireflyindiana/
Title: Follow

Search URL Search Domain Scan URL

URL: https://www.instagram.com/fireflyindiana/
Title: Follow

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://fireflyin.org/ HTTP 301
https://fireflyin.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

213 HTTP transactions
17 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
fireflyin.org/
Redirect Chain

http://fireflyin.org/
https://fireflyin.org/

207 KB
36 KB

1305ms
1087ms

Document
text/html

104.248.232.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://fireflyin.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 104.248.232.0 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: childrensbureau.org
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 5964e9a2fd749eb4387996012b85a9e09d16555f6fddd22ec0ecc62e61d54f4c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Length: 36301
Content-Type: text/html; charset=UTF-8
Date: Wed, 06 Mar 2024 19:54:05 GMT
Link: <https://fireflyin.org/wp-json/>; rel="https://api.w.org/", <https://fireflyin.org/wp-json/wp/v2/pages/22>; rel="alternate"; type="application/json", <https://fireflyin.org/>; rel=shortlink
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 178
Content-Type: text/html
Date: Wed, 06 Mar 2024 19:54:04 GMT
Location: https://fireflyin.org/
Server: nginx/1.18.0 (Ubuntu)

GET
H2 200 main.js Show response
sky.blackbaudcdn.net/static/og-web-loader/1/ 656 B
839 B 817ms
425ms Script
application/javascript 18.245.60.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sky.blackbaudcdn.net/static/og-web-loader/1/main.js

Requested by

Host: fireflyin.org
URL: https://fireflyin.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-53.fra60.r.cloudfront.net

Software

Resource Hash

4a94c25cdd03e6914787a74e2567fd94776190010f74b2100cb0768019d0467c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fireflyin.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

request-context: appId=cid-v1:97accf10-7710-4206-9726-3866ea91e9c5
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 06 Mar 2024 19:54:06 GMT
via: 1.1 4d156fc02c81ad97b906c107779265e2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
etag: "0x8DBF2B802C42545"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache
x-amz-cf-id: 7y2FVD6450twDFSKqkWH3Gh-oUcVy78brpt-eBwmRgzbunJOg9vCjQ==
expires: 0

GET
H/1.1 200
OK styles.css
fireflyin.org/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 94ms
93ms Stylesheet
text/css 104.248.232.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://fireflyin.org/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.1
Requested by: Host: fireflyin.org
URL: https://fireflyin.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 104.248.232.0 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: childrensbureau.org
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fireflyin.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Wed, 06 Mar 2024 19:54:05 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 Oct 2023 18:38:40 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"65298eb0-b2b"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK frontend.css
fireflyin.org/wp-content/plugins/safety-exit/assets/css/ 2 KB
869 B 187ms
93ms Stylesheet
text/css 104.248.232.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://fireflyin.org/wp-content/plugins/safety-exit/assets/css/frontend.css?ver=6.4.3
Requested by: Host: fireflyin.org
URL: https://fireflyin.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 104.248.232.0 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: childrensbureau.org
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: b4f8dd2748d635d8cb478346da88d77109e69c0c643845a0a84b2c1ff87d2535

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fireflyin.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Wed, 06 Mar 2024 19:54:05 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 Oct 2023 18:38:43 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"65298eb3-77b"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive

GET
H2 200 all.css
use.fontawesome.com/releases/v5.3.1/css/ 48 KB
11 KB 75ms
34ms Stylesheet
text/css 2606:4700:e6::ac40:cf26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.3.1/css/all.css?ver=6.4.3
Requested by: Host: fireflyin.org
URL: https://fireflyin.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cf26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 604dcf1f11698655f75046bb92f98aaa9477e1c16b01c5fc415e78794393ffb9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fireflyin.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 19:54:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 01:45:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 425126
etag: W/"10519cfd3206802f58315b877a9beab5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l5LSLEiNwK6Gkk6gOdTd6cR4SO7NPWLv9Eqbscd%2F4WgEP4%2Bk0TF6Mtx3nMbeEz2g22hWiNtJQk05FTRyjbCvuy1QotIJK74foO6ShVXTa1KV5e8xgUpLkW4M3ef3sWdn%2FHgBXzgA775SWzHSKOiDqIkX"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 8604e54aa81b371a-FRA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK wpcf7-redirect-frontend.min.css
fireflyin.org/wp-content/plugins/wpcf7-redirect/build/css/ 316 B
416 B 272ms
90ms Stylesheet
text/css 104.248.232.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://fireflyin.org/wp-content/plugins/wpcf7-redirect/build/css/wpcf7-redirect-frontend.min.css?ver=1.1
Requested by: Host: fireflyin.org
URL: https://fireflyin.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 104.248.232.0 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: childrensbureau.org
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 9c0647c53dde19cd56b2dfd0626db41f3db20c92984e1e6a4d469c19e4823adf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fireflyin.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Wed, 06 Mar 2024 19:54:06 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 Oct 2023 18:37:02 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"65298e4e-13c"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK trp-language-switcher.css
fireflyin.org/wp-content/plugins/translatepress-multilingual/assets/css/ 3 KB
1 KB 277ms
93ms Stylesheet
text/css 104.248.232.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://fireflyin.org/wp-content/plugins/translatepress-multilingual/assets/css/trp-language-switcher.css?ver=2.6.3
Requested by: Host: fireflyin.org
URL: https://fireflyin.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 104.248.232.0 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: childrensbureau.org
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 925f2ffb7b49a93b36740141ddfbd7487d8ef3de84f2c9c8be4cec4e584b0c18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fireflyin.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Wed, 06 Mar 2024 19:54:06 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 Oct 2023 18:37:03 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"65298e4f-b1b"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK et-divi-dynamic-tb-63-tb-62-22-late.css
fireflyin.org/wp-content/et-cache/22/ 2 KB
801 B 278ms
94ms Stylesheet
text/css 104.248.232.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://fireflyin.org/wp-content/et-cache/22/et-divi-dynamic-tb-63-tb-62-22-late.css?ver=1709635799
Requested by: Host: fireflyin.org
URL: https://fireflyin.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 104.248.232.0 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: childrensbureau.org
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 96e4f01951ca37245fa6f8941258e7221d7274ee48f56190df7368fdfef226c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fireflyin.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Wed, 06 Mar 2024 19:54:06 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Mar 2024 10:50:00 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"65e6f8d8-6af"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK et-divi-dynamic-tb-63-tb-62-22.css
fireflyin.org/wp-content/et-cache/22/ 80 KB
11 KB 278ms
93ms Stylesheet
text/css 104.248.232.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://fireflyin.org/wp-content/et-cache/22/et-divi-dynamic-tb-63-tb-62-22.css?ver=1709635799
Requested by: Host: fireflyin.org
URL: https://fireflyin.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 104.248.232.0 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: childrensbureau.org
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 992272e8a8fb59c28ec9f7ea71da6cb82a7345294ba7e48878aff610a922878e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fireflyin.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Wed, 06 Mar 2024 19:54:06 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Mar 2024 10:49:59 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"65e6f8d7-140eb"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK style.css
fireflyin.org/wp-content/themes/divi-child/ 4 KB
2 KB 279ms
93ms Stylesheet
text/css 104.248.232.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://fireflyin.org/wp-content/themes/divi-child/style.css?ver=4.19.2
Requested by: Host: fireflyin.org
URL: https://fireflyin.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 104.248.232.0 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: childrensbureau.org
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 188f7effb28ee4b2877bbe39e062e195243957ec2432db9c0f1215273761ffa4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fireflyin.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Wed, 06 Mar 2024 19:54:06 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Feb 2024 11:13:50 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"65df156e-e13"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK jquery.min.js Show response
fireflyin.org/wp-includes/js/jquery/ 86 KB
35 KB 475ms
194ms Script
application/javascript 104.248.232.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://fireflyin.org/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: fireflyin.org
URL: https://fireflyin.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 104.248.232.0 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: childrensbureau.org
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fireflyin.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Wed, 06 Mar 2024 19:54:06 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Nov 2023 01:40:14 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"654ae6fe-15601"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK jquery-migrate.min.js Show response
fireflyin.org/wp-includes/js/jquery/ 13 KB
6 KB 375ms
94ms Script
application/javascript 104.248.232.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://fireflyin.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: fireflyin.org
URL: https://fireflyin.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 104.248.232.0 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: childrensbureau.org
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fireflyin.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Wed, 06 Mar 2024 19:54:06 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Aug 2023 01:39:26 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"64d2ee4e-3509"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK frontend.js Show response
fireflyin.org/wp-content/plugins/safety-exit/assets/js/ 266 B
497 B 376ms
95ms Script
application/javascript 104.248.232.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://fireflyin.org/wp-content/plugins/safety-exit/assets/js/frontend.js?ver=6.4.3
Requested by: Host: fireflyin.org
URL: https://fireflyin.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 104.248.232.0 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: childrensbureau.org
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 76f9c768df6c7cb26c0a5be0b4c211059351f898129ebe76eca29de0a04e832e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fireflyin.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Wed, 06 Mar 2024 19:54:06 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 Oct 2023 18:38:43 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"65298eb3-10a"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK et-core-unified-22.min.css
fireflyin.org/wp-content/et-cache/22/ 10 KB
3 KB 279ms
92ms Stylesheet
text/css 104.248.232.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://fireflyin.org/wp-content/et-cache/22/et-core-unified-22.min.css?ver=1709635697
Requested by: Host: fireflyin.org
URL: https://fireflyin.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 104.248.232.0 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: childrensbureau.org
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 9fc31694c05d7057ef7c90d7ec83995c00ebc13dbd29a3f7099a138ddeae1bdf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fireflyin.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Wed, 06 Mar 2024 19:54:06 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Mar 2024 10:48:17 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"65e6f871-28d5"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK et-core-unified-tb-63-tb-62-deferred-22.min.css
fireflyin.org/wp-content/et-cache/22/ 21 KB
4 KB 365ms
93ms Stylesheet
text/css 104.248.232.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://fireflyin.org/wp-content/et-cache/22/et-core-unified-tb-63-tb-62-deferred-22.min.css?ver=1709635800
Requested by: Host: fireflyin.org
URL: https://fireflyin.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 104.248.232.0 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: childrensbureau.org
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f6097573756bc7b68a9b41b159baf034588cc11c1d19d823b2602dd042ab9356

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fireflyin.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Wed, 06 Mar 2024 19:54:06 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Mar 2024 10:50:00 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"65e6f8d8-55ee"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK logo.png
fireflyin.org/wp-content/uploads/2022/03/ 20 KB
20 KB 95ms
95ms Image
image/png 104.248.232.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fireflyin.org/wp-content/uploads/2022/03/logo.png
Requested by: Host: fireflyin.org
URL: https://fireflyin.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 104.248.232.0 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: childrensbureau.org
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 2d25f459e6ebcc92294c532916d06a76d3843997c00b7629d9cba2c7bd43fe9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fireflyin.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Wed, 06 Mar 2024 19:54:06 GMT
Last-Modified: Fri, 04 Mar 2022 22:20:38 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "622290b6-4ebc"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20156

GET
H/1.1 200
OK OurServices-ChildAbusePrevention.jpg
fireflyin.org/wp-content/uploads/2022/04/ 113 KB
113 KB 374ms
93ms Image
image/jpeg 104.248.232.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fireflyin.org/wp-content/uploads/2022/04/OurServices-ChildAbusePrevention.jpg
Requested by: Host: fireflyin.org
URL: https://fireflyin.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 104.248.232.0 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: childrensbureau.org
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: b07af49822e260dcc71a4cd0a6804bfade93cdead04d405a158f48c24e53a929

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fireflyin.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Wed, 06 Mar 2024 19:54:06 GMT
Last-Modified: Fri, 22 Apr 2022 14:53:20 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "6262c160-1c29d"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 115357

GET
H2 200 Subscribe.js Show response
editor.ne16.com/Subscribe/ 25 KB
25 KB 53ms
9ms Script
application/javascript 2600:9000:214f:7800:1b:350b:3f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://editor.ne16.com/Subscribe/Subscribe.js
Requested by: Host: fireflyin.org
URL: https://fireflyin.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:7800:1b:350b:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2b4b6ff31b01cd89b4cd5fe69717dddb3fbd05aefe56ba57b4592e7e4ac1890b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fireflyin.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 19:35:11 GMT
via: 1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-amz-cf-pop: FRA53-C1
age: 1134
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public
content-length: 25363
x-amz-cf-id: wXVAE0hWox1fYDpQvjO4f7BZI639vqmc_hhl3gJXLfyH558Gcp14Ow==
expires: Wed, 06 Mar 2024 20:29:19 GMT

GET
H/1.1 200
OK mediaelementplayer-legacy.min.css
fireflyin.org/wp-includes/js/mediaelement/ 11 KB
3 KB 91ms
91ms Stylesheet
text/css 104.248.232.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://fireflyin.org/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
Requested by: Host: fireflyin.org
URL: https://fireflyin.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 104.248.232.0 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: childrensbureau.org
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fireflyin.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Wed, 06 Mar 2024 19:54:06 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 Apr 2022 22:45:35 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"6261de8f-2bf8"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK wp-mediaelement.min.css
fireflyin.org/wp-includes/js/mediaelement/ 4 KB
2 KB 98ms
98ms Stylesheet
text/css 104.248.232.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://fireflyin.org/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.4.3
Requested by: Host: fireflyin.org
URL: https://fireflyin.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 104.248.232.0 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: childrensbureau.org
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fireflyin.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Wed, 06 Mar 2024 19:54:06 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 Apr 2022 22:45:35 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"6261de8f-105a"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK index.js Show response
fireflyin.org/wp-content/plugins/contact-form-7/includes/swv/js/ 11 KB
4 KB 91ms
91ms Script
application/javascript 104.248.232.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://fireflyin.org/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.1
Requested by: Host: fireflyin.org
URL: https://fireflyin.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 104.248.232.0 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: childrensbureau.org
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 5fe46d2da01452067736578431f6c6e8116a24e616f58c72d9d81fdb2c7c9569

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fireflyin.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Wed, 06 Mar 2024 19:54:06 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 Oct 2023 18:38:40 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"65298eb0-2a12"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK index.js Show response
fireflyin.org/wp-content/plugins/contact-form-7/includes/js/ 13 KB
5 KB 93ms
92ms Script
application/javascript 104.248.232.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://fireflyin.org/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.1
Requested by: Host: fireflyin.org
URL: https://fireflyin.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 104.248.232.0 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: childrensbureau.org
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fireflyin.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Wed, 06 Mar 2024 19:54:06 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 Oct 2023 18:38:40 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"65298eb0-328f"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK wpcf7r-fe.js Show response
fireflyin.org/wp-content/plugins/wpcf7-redirect/build/js/ 8 KB
2 KB 91ms
91ms Script
application/javascript 104.248.232.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://fireflyin.org/wp-content/plugins/wpcf7-redirect/build/js/wpcf7r-fe.js?ver=1.1
Requested by: Host: fireflyin.org
URL: https://fireflyin.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 104.248.232.0 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: childrensbureau.org
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: ecac4fc801141ce552220be4bb12969e2ee625e2cf08cf0edbac579a279b28f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fireflyin.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Wed, 06 Mar 2024 19:54:06 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 Oct 2023 18:37:02 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"65298e4e-1f8a"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK scripts.min.js Show response
fireflyin.org/wp-content/themes/Divi/js/ 268 KB
84 KB 94ms
94ms Script
application/javascript 104.248.232.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://fireflyin.org/wp-content/themes/Divi/js/scripts.min.js?ver=4.19.2
Requested by: Host: fireflyin.org
URL: https://fireflyin.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 104.248.232.0 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: childrensbureau.org
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 425c17cc0de74e7e5ce91bbb6ceb6405518d61a38d298938099ad3289ab5c1d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fireflyin.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Wed, 06 Mar 2024 19:54:06 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Nov 2022 21:12:20 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"6387c734-42f69"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK jquery.fitvids.js Show response
fireflyin.org/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/ 3 KB
2 KB 91ms
91ms Script
application/javascript 104.248.232.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://fireflyin.org/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.fitvids.js?ver=4.19.2
Requested by: Host: fireflyin.org
URL: https://fireflyin.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 104.248.232.0 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: childrensbureau.org
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 462747422c6af30aa81a0373fa1cfd736455cef52bdbb816f67be9531d84eace

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fireflyin.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Wed, 06 Mar 2024 19:54:06 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Nov 2022 21:12:20 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"6387c734-d15"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK jquery.mobile.js Show response
fireflyin.org/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/ 8 KB
3 KB 104ms
104ms Script
application/javascript 104.248.232.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://fireflyin.org/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.mobile.js?ver=4.19.2
Requested by: Host: fireflyin.org
URL: https://fireflyin.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 104.248.232.0 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: childrensbureau.org
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 55a084b5f4c439a2786141108b266370e0e4accc4e72629b2177dc6aa658d6c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fireflyin.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Wed, 06 Mar 2024 19:54:06 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Nov 2022 21:12:20 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"6387c734-1f18"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK easypiechart.js Show response
fireflyin.org/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/ 9 KB
4 KB 111ms
111ms Script
application/javascript 104.248.232.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://fireflyin.org/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/easypiechart.js?ver=4.19.2
Requested by: Host: fireflyin.org
URL: https://fireflyin.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 104.248.232.0 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: childrensbureau.org
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 5aa24e4ab926693e29ffb0d0ca1557141defd3ca61b3b4e7caebaa2fcd5bf327

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fireflyin.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Wed, 06 Mar 2024 19:54:06 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Nov 2022 21:12:20 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"6387c734-2466"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK common.js Show response
fireflyin.org/wp-content/themes/Divi/core/admin/js/ 1 KB
904 B 94ms
94ms Script
application/javascript 104.248.232.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://fireflyin.org/wp-content/themes/Divi/core/admin/js/common.js?ver=4.19.2
Requested by: Host: fireflyin.org
URL: https://fireflyin.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 104.248.232.0 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: childrensbureau.org
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fireflyin.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Wed, 06 Mar 2024 19:54:06 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Nov 2022 21:12:21 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"6387c735-53f"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 75ms
19ms Script
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LcNmFogAAAAANf9lmg1yN8XceAk5OO0Yo2DQ5gV&ver=3.0

Requested by

Host: fireflyin.org
URL: https://fireflyin.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0c3f0dfefcec7eee1385aa1164e86e62d5a55e2c3c7f56f1cc0ba69b02a911ed

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fireflyin.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 19:54:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 06 Mar 2024 19:54:06 GMT

GET
H/1.1 200
OK wp-polyfill-inert.min.js Show response
fireflyin.org/wp-includes/js/dist/vendor/ 8 KB
3 KB 95ms
95ms Script
application/javascript 104.248.232.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://fireflyin.org/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
Requested by: Host: fireflyin.org
URL: https://fireflyin.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 104.248.232.0 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: childrensbureau.org
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fireflyin.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Wed, 06 Mar 2024 19:54:06 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Mar 2023 03:37:13 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"642503e9-1feb"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK regenerator-runtime.min.js Show response
fireflyin.org/wp-includes/js/dist/vendor/ 6 KB
3 KB 96ms
95ms Script
application/javascript 104.248.232.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://fireflyin.org/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0
Requested by: Host: fireflyin.org
URL: https://fireflyin.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 104.248.232.0 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: childrensbureau.org
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fireflyin.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Wed, 06 Mar 2024 19:54:06 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Nov 2023 01:40:14 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"654ae6fe-19e1"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK wp-polyfill.min.js Show response
fireflyin.org/wp-includes/js/dist/vendor/ 112 KB
42 KB 190ms
189ms Script
application/javascript 104.248.232.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://fireflyin.org/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: fireflyin.org
URL: https://fireflyin.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 104.248.232.0 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: childrensbureau.org
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fireflyin.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Wed, 06 Mar 2024 19:54:06 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Nov 2023 01:40:14 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"654ae6fe-1c1b7"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK index.js Show response
fireflyin.org/wp-content/plugins/contact-form-7/modules/recaptcha/ 991 B
821 B 94ms
94ms Script
application/javascript 104.248.232.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://fireflyin.org/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.8.1
Requested by: Host: fireflyin.org
URL: https://fireflyin.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 104.248.232.0 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: childrensbureau.org
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 4f26e74a5392e23175b93e81e7b642e02c20d3ca132207dc7f00abfb7dae2b6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fireflyin.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Wed, 06 Mar 2024 19:54:06 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 Oct 2023 18:38:40 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"65298eb0-3df"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK mediaelement-and-player.min.js Show response
fireflyin.org/wp-includes/js/mediaelement/ 154 KB
46 KB 188ms
187ms Script
application/javascript 104.248.232.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://fireflyin.org/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.17
Requested by: Host: fireflyin.org
URL: https://fireflyin.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 104.248.232.0 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: childrensbureau.org
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: b15c3ea03d50c2430490e7416733a254feea4237bb60b54181bd3473ebe4149f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fireflyin.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Wed, 06 Mar 2024 19:54:06 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Nov 2022 03:37:28 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"6361e5f8-26935"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK mediaelement-migrate.min.js Show response
fireflyin.org/wp-includes/js/mediaelement/ 1 KB
861 B 95ms
95ms Script
application/javascript 104.248.232.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://fireflyin.org/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.4.3
Requested by: Host: fireflyin.org
URL: https://fireflyin.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 104.248.232.0 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: childrensbureau.org
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 6d161e98e47ae150b51211443eef37040fb6269dcf85ad2048548066dca99e6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fireflyin.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Wed, 06 Mar 2024 19:54:06 GMT
Content-Encoding: gzip
Last-Modified: Wed, 25 May 2022 03:37:16 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"628da46c-4a7"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK wp-mediaelement.min.js Show response
fireflyin.org/wp-includes/js/mediaelement/ 1 KB
849 B 92ms
92ms Script
application/javascript 104.248.232.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://fireflyin.org/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.4.3
Requested by: Host: fireflyin.org
URL: https://fireflyin.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 104.248.232.0 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: childrensbureau.org
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 79cb399203843f65199bec32bc4abac5dfd20f141d3e4ec1424bf00c7108fa45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fireflyin.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Wed, 06 Mar 2024 19:54:06 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Mar 2023 03:37:13 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"642503e9-453"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK sticky-elements.js Show response
fireflyin.org/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/ 212 KB
72 KB 94ms
94ms Script
application/javascript 104.248.232.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://fireflyin.org/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/sticky-elements.js?ver=4.19.2
Requested by: Host: fireflyin.org
URL: https://fireflyin.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 104.248.232.0 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: childrensbureau.org
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 0826d6c5a2249f46b088b74d85567d7f0bfa9cf7e583441efe8b8eba09f45da5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fireflyin.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Wed, 06 Mar 2024 19:54:06 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Nov 2022 21:12:20 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"6387c734-34f55"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 197 KB
72 KB 98ms
42ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NWB9SZK

Requested by

Host: fireflyin.org
URL: https://fireflyin.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e8df2be2827a56abf7c0a9c9a37387ceea6792ed400a656ca65061c42d32351e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fireflyin.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 19:54:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73029
x-xss-protection: 0
last-modified: Wed, 06 Mar 2024 19:18:05 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 06 Mar 2024 19:54:06 GMT

GET
H2 200 versions.json Show response
sky.blackbaudcdn.net/static/og-web-loader-versions/1/assets/ 46 B
516 B 173ms
124ms Fetch
application/json 18.245.60.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sky.blackbaudcdn.net/static/og-web-loader-versions/1/assets/versions.json

Requested by

Host: sky.blackbaudcdn.net
URL: https://sky.blackbaudcdn.net/static/og-web-loader/1/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-53.fra60.r.cloudfront.net

Software

Resource Hash

f5576a63ffa9fbbf25d1fdda45375693845d0ff2b975374a3918279513c969d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fireflyin.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

request-context: appId=cid-v1:97accf10-7710-4206-9726-3866ea91e9c5
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 06 Mar 2024 19:54:06 GMT
via: 1.1 98559aba51e0c88c6e74c88152fb63ae.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
etag: "0x8DC274E3352CAF8"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache
x-amz-cf-id: x-A3pyB5nK93wfhaNokCAgJ2Jjwgy6ldwQpFb57Z2DKfhuc0Q_ItFQ==
expires: 0

GET
H/1.1 200
OK preloader.gif
fireflyin.org/wp-content/themes/Divi/includes/builder/styles/images/ 9 KB
9 KB 165ms
93ms Image
image/gif 104.248.232.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fireflyin.org/wp-content/themes/Divi/includes/builder/styles/images/preloader.gif
Requested by: Host: fireflyin.org
URL: https://fireflyin.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 104.248.232.0 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: childrensbureau.org
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 27422f830d71474144ea902369ce78d178d1ace4e38a029ba2e359b7b55b4176

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fireflyin.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Wed, 06 Mar 2024 19:54:06 GMT
Last-Modified: Wed, 30 Nov 2022 21:12:21 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "6387c735-24d3"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9427

GET
DATA 200
OK truncated
/ 200 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 355bbabec3a324574a7278ae55858587cec26ec9785270cbfa155021c0fdb825

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4eac7162c8466505b1ecb410e0d7377c63742e05dcc66636eb002f00758059c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK Firefly-video.jpg
fireflyin.org/wp-content/uploads/2022/04/ 42 KB
42 KB 97ms
97ms Image
image/jpeg 104.248.232.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fireflyin.org/wp-content/uploads/2022/04/Firefly-video.jpg
Requested by: Host: fireflyin.org
URL: https://fireflyin.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 104.248.232.0 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: childrensbureau.org
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 9d4063b16d333f781970abcf1a462d48b0f844a34104db19186590ba07fd1775

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fireflyin.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Wed, 06 Mar 2024 19:54:06 GMT
Last-Modified: Fri, 22 Apr 2022 14:25:29 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "6262bad9-a7b9"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42937

GET
H/1.1 200
OK arrow-down-3101.svg
fireflyin.org/wp-content/plugins/translatepress-multilingual/assets/images/ 988 B
1 KB 91ms
90ms Image
image/svg+xml 104.248.232.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fireflyin.org/wp-content/plugins/translatepress-multilingual/assets/images/arrow-down-3101.svg
Requested by: Host: fireflyin.org
URL: https://fireflyin.org/wp-content/plugins/translatepress-multilingual/assets/css/trp-language-switcher.css?ver=2.6.3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 104.248.232.0 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: childrensbureau.org
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c91741f8e67dee084f2704b80ed96793b9ce64a05347699b37a07ae80b9bf8a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fireflyin.org/wp-content/plugins/translatepress-multilingual/assets/css/trp-language-switcher.css?ver=2.6.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Wed, 06 Mar 2024 19:54:06 GMT
Last-Modified: Fri, 13 Oct 2023 18:37:03 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "65298e4f-3dc"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 988

GET
H/1.1 200
OK modules.ttf
fireflyin.org/wp-content/themes/Divi/core/admin/fonts/modules/social/ 10 KB
10 KB 136ms
100ms Font
application/octet-stream 104.248.232.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://fireflyin.org/wp-content/themes/Divi/core/admin/fonts/modules/social/modules.ttf
Requested by: Host: fireflyin.org
URL: https://fireflyin.org/wp-content/et-cache/22/et-divi-dynamic-tb-63-tb-62-22-late.css?ver=1709635799
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 104.248.232.0 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: childrensbureau.org
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 57b1f974576a3372b5ebee24172d169426c645118081aced33137320bc972567

Request headers

Referer: https://fireflyin.org/wp-content/et-cache/22/et-divi-dynamic-tb-63-tb-62-22-late.css?ver=1709635799
Origin: https://fireflyin.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Wed, 06 Mar 2024 19:54:06 GMT
Last-Modified: Wed, 30 Nov 2022 21:12:21 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "6387c735-289c"
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10396

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.3.1/webfonts/ 66 KB
66 KB 90ms
35ms Font
font/woff2 2606:4700:e6::ac40:cf26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.3.1/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.3.1/css/all.css?ver=6.4.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cf26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca3ea16761b7d443c64cfd99dd1cf8aa84790a25bb4709582935956fe71d014d

Request headers

Referer: https://use.fontawesome.com/releases/v5.3.1/css/all.css?ver=6.4.3
Origin: https://fireflyin.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 19:54:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 392
alt-svc: h3=":443"; ma=86400
content-length: 67400
last-modified: Fri, 22 Sep 2023 01:45:31 GMT
server: cloudflare
etag: "14a08198ec7d1eb96d515362293fed36"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=asfzk%2FSbTtmCiDR7XpE0MyS9yrjQyp9ySLg%2Fyu9MNncUOeR873Yp5sCrnXDuWwfujOcdSSuqD1AmO9bBsFGnpLmscxvDYWMIVKsnIofFeSlEzUdMqsXC%2ByCqarzeUYz2AQY55ii7pezRMjwVvds3ex7L"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8604e54ffd3e2bcf-FRA

GET
H/1.1 206
Partial Content fireflyheader-1.mp4
fireflyin.org/wp-content/uploads/2022/04/ 128 KB
0 94ms
94ms Media
video/mp4 104.248.232.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://fireflyin.org/wp-content/uploads/2022/04/fireflyheader-1.mp4
Requested by: Host: fireflyin.org
URL: https://fireflyin.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 104.248.232.0 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: childrensbureau.org
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://fireflyin.org/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Range: bytes=0-

Response headers

Date: Wed, 06 Mar 2024 19:54:06 GMT
Last-Modified: Thu, 21 Apr 2022 13:27:19 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "62615bb7-3254fa"
Content-Type: video/mp4
Content-Range: bytes 0-3298553/3298554
Connection: keep-alive
Content-Length: 3298554

GET
H/1.1 206
Partial Content brandreveal_forwebsite-240p.mp4
fireflyin.org/wp-content/uploads/2022/04/ 112 KB
0 94ms
94ms Media
video/mp4 104.248.232.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://fireflyin.org/wp-content/uploads/2022/04/brandreveal_forwebsite-240p.mp4
Requested by: Host: fireflyin.org
URL: https://fireflyin.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 104.248.232.0 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: childrensbureau.org
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://fireflyin.org/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Range: bytes=0-

Response headers

Date: Wed, 06 Mar 2024 19:54:06 GMT
Last-Modified: Wed, 20 Apr 2022 17:16:37 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "62603ff5-251b6f"
Content-Type: video/mp4
Content-Range: bytes 0-2431854/2431855
Connection: keep-alive
Content-Length: 2431855

GET
DATA 200
OK truncated
/ 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK dots.png
fireflyin.org/wp-content/uploads/2022/03/ 534 B
781 B 93ms
93ms Image
image/png 104.248.232.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fireflyin.org/wp-content/uploads/2022/03/dots.png
Requested by: Host: fireflyin.org
URL: https://fireflyin.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 104.248.232.0 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: childrensbureau.org
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c3aa25fcba5dc96ee29ea26c64a361220b72200232e6ab5cc0ba0422d9fb0d6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fireflyin.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Wed, 06 Mar 2024 19:54:06 GMT
Last-Modified: Thu, 03 Mar 2022 23:02:37 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "6221490d-216"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 534

GET
H/1.1 200
OK Our-Services-Family-Preservation-Services-980x980.jpg
fireflyin.org/wp-content/uploads/2022/04/ 124 KB
124 KB 181ms
181ms Image
image/jpeg 104.248.232.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fireflyin.org/wp-content/uploads/2022/04/Our-Services-Family-Preservation-Services-980x980.jpg
Requested by: Host: fireflyin.org
URL: https://fireflyin.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 104.248.232.0 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: childrensbureau.org
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 608e92c7af4ca1f340829b390e28012c5b484b9414514043bc16475352bb973a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fireflyin.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Wed, 06 Mar 2024 19:54:06 GMT
Last-Modified: Mon, 18 Apr 2022 19:28:52 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "625dbbf4-1ee8b"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 126603

GET
H/1.1 200
OK Our-Services-YouthPlacement.jpg
fireflyin.org/wp-content/uploads/2022/04/ 170 KB
170 KB 133ms
93ms Image
image/jpeg 104.248.232.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fireflyin.org/wp-content/uploads/2022/04/Our-Services-YouthPlacement.jpg
Requested by: Host: fireflyin.org
URL: https://fireflyin.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 104.248.232.0 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: childrensbureau.org
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d7d9090422512a2eaafe6e8287b6354f5a1b47cc0e63e2e696316cffb950410

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fireflyin.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Wed, 06 Mar 2024 19:54:07 GMT
Last-Modified: Fri, 22 Apr 2022 14:19:56 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "6262b98c-2a64a"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 173642

GET
H/1.1 200
OK OurServices-RecoveryServices.jpg
fireflyin.org/wp-content/uploads/2022/04/ 112 KB
113 KB 101ms
95ms Image
image/jpeg 104.248.232.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fireflyin.org/wp-content/uploads/2022/04/OurServices-RecoveryServices.jpg
Requested by: Host: fireflyin.org
URL: https://fireflyin.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 104.248.232.0 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: childrensbureau.org
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a98551744f5ba68140ab1252c8e91bdc860a144d1c023772f1d966adf0b0c648

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fireflyin.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Wed, 06 Mar 2024 19:54:07 GMT
Last-Modified: Fri, 22 Apr 2022 14:54:04 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "6262c18c-1c136"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 114998

GET
H/1.1 200
OK Resources-FAQs-1-980x980.jpg
fireflyin.org/wp-content/uploads/2022/04/ 120 KB
121 KB 94ms
94ms Image
image/jpeg 104.248.232.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fireflyin.org/wp-content/uploads/2022/04/Resources-FAQs-1-980x980.jpg
Requested by: Host: fireflyin.org
URL: https://fireflyin.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 104.248.232.0 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: childrensbureau.org
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a7da6330c310419977d21d964bd042c61607bebb96e4137b99af4e26436c7d89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fireflyin.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Wed, 06 Mar 2024 19:54:07 GMT
Last-Modified: Mon, 18 Apr 2022 19:23:15 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "625dbaa3-1e17e"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 123262

GET
H/1.1 200
OK Resources-Events-2.jpg
fireflyin.org/wp-content/uploads/2022/04/ 207 KB
207 KB 190ms
93ms Image
image/jpeg 104.248.232.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fireflyin.org/wp-content/uploads/2022/04/Resources-Events-2.jpg
Requested by: Host: fireflyin.org
URL: https://fireflyin.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 104.248.232.0 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: childrensbureau.org
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 6331bf3bfce9b5fce44479f9b4f6df6f91156099b291abe021246ccb2d45b601

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fireflyin.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Wed, 06 Mar 2024 19:54:07 GMT
Last-Modified: Mon, 25 Apr 2022 12:43:25 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "6266976d-33b0e"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 211726

GET
H/1.1 200
OK Resources-Mental-Health-1-980x980.jpg
fireflyin.org/wp-content/uploads/2022/04/ 104 KB
104 KB 238ms
184ms Image
image/jpeg 104.248.232.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fireflyin.org/wp-content/uploads/2022/04/Resources-Mental-Health-1-980x980.jpg
Requested by: Host: fireflyin.org
URL: https://fireflyin.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 104.248.232.0 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: childrensbureau.org
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: b3b37b16614ee52fc6e3241e80afbe1876ccc2c88451bacf467ab97987d1794b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fireflyin.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Wed, 06 Mar 2024 19:54:07 GMT
Last-Modified: Mon, 18 Apr 2022 19:25:58 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "625dbb46-1a0c1"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 106689

GET
H/1.1 200
OK Resources-News-and-Library-1-980x980.jpg
fireflyin.org/wp-content/uploads/2022/04/ 153 KB
153 KB 93ms
93ms Image
image/jpeg 104.248.232.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fireflyin.org/wp-content/uploads/2022/04/Resources-News-and-Library-1-980x980.jpg
Requested by: Host: fireflyin.org
URL: https://fireflyin.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 104.248.232.0 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: childrensbureau.org
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 8345da81a78752f0809554bbb71f00a6117aa477017f507de3c9a0ce9ac9281d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fireflyin.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Wed, 06 Mar 2024 19:54:07 GMT
Last-Modified: Mon, 18 Apr 2022 19:26:57 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "625dbb81-2624d"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 156237

GET
H/1.1 200
OK et-divi-dynamic-tb-63-tb-62-22-late.css
fireflyin.org/wp-content/et-cache/22/ 2 KB
801 B 153ms
94ms Stylesheet
text/css 104.248.232.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://fireflyin.org/wp-content/et-cache/22/et-divi-dynamic-tb-63-tb-62-22-late.css
Requested by: Host: fireflyin.org
URL: https://fireflyin.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 104.248.232.0 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: childrensbureau.org
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 96e4f01951ca37245fa6f8941258e7221d7274ee48f56190df7368fdfef226c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fireflyin.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Wed, 06 Mar 2024 19:54:06 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Mar 2024 10:50:00 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"65e6f8d8-6af"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive

GET
DATA 200
OK truncated
/ 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 351 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ 494 KB
197 KB 62ms
20ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LcNmFogAAAAANf9lmg1yN8XceAk5OO0Yo2DQ5gV&ver=3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5564f45c0991c7cceb19c0fb637ee44b119fb14c6cbf3691540a9cad11e1edf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fireflyin.org/
Origin: https://fireflyin.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 19:55:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 172711
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 200579
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 05:02:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Mar 2025 19:55:35 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 308 KB
99 KB 45ms
45ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2VE2RP1YFF&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NWB9SZK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2cb66f8435ff46aff53edaf2ed4f1946d0a4d83c634262c00d82218b601d8c76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fireflyin.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 19:54:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 101616
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 06 Mar 2024 19:54:06 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 30ms
7ms Script
text/javascript 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NWB9SZK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fireflyin.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 06 Mar 2024 19:38:42 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 924
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 06 Mar 2024 21:38:42 GMT

GET
H2 200 main.js Show response
sky.blackbaudcdn.net/static/adaptive-donor-form-loader/5.7.0/ 7 KB
3 KB 7ms
7ms Script
application/javascript 18.245.60.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sky.blackbaudcdn.net/static/adaptive-donor-form-loader/5.7.0/main.js

Requested by

Host: sky.blackbaudcdn.net
URL: https://sky.blackbaudcdn.net/static/og-web-loader/1/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-53.fra60.r.cloudfront.net

Software

Resource Hash

230a21984309e088d6361f54d47a49592eb307c826ec1ce32d3a08c2ffcc1852

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fireflyin.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:00:42 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4d156fc02c81ad97b906c107779265e2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
age: 2505204
etag: "0x8DC274BF7B96531"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
x-amz-cf-id: IXUQBgyawaS3Ze6zbv3c-58JS3D_3higvfz52AGdkS5dVk_aY_IHhg==
request-context: appId=cid-v1:97accf10-7710-4206-9726-3866ea91e9c5

GET
H2 200 adaptive-donor-form Show response
host.nxt.blackbaud.com/ Frame A5BD 7 KB
3 KB 291ms
162ms Document
text/html 2600:9000:2394:8a00:2:68c1:1040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://host.nxt.blackbaud.com/adaptive-donor-form?formId=dfba46a0-3e16-4628-81f5-7e230561d381&envId=p-9z6Up4Vb10-q_nAoD_KRZw&zone=usa&loaderId=f246b62e-d40a-4815-aacf-b95c146cd89a

Requested by

Host: sky.blackbaudcdn.net
URL: https://sky.blackbaudcdn.net/static/adaptive-donor-form-loader/5.7.0/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2394:8a00:2:68c1:1040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5aecf890c0cc556daa37c2a1b31adfac37be0ba469e9edd681560808200af41e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fireflyin.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
cache-control: no-store, must-revalidate, no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 06 Mar 2024 19:54:07 GMT
expires: 0
pragma: no-cache
request-context: appId=cid-v1:384bd1e9-d5cd-4602-8610-6d580ed3e637
section-io-cache: Miss
section-io-id: 0ca6f20332c1cb86f60eac5cb4dbb37c
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 varnish (Varnish/7.0), 1.1 3bdef981159de9c713020c64476ba0e4.cloudfront.net (CloudFront)
x-amz-cf-id: BaBNgQq27JcQNDtDF4xBbUMqQdKLItTjxTqQz6v0eBPWcA15qJ9YEw==
x-amz-cf-pop: AMS1-P2
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-varnish: 917868
x-xss-protection: 1; mode=block

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
221 B 14ms
14ms XHR
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=792946689&t=pageview&_s=1&dl=https%3A%2F%2Ffireflyin.org%2F&ul=en-us&de=UTF-8&dt=Home%20%7C%20Firefly%20Children%20%26%20Family%20Alliance&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=535226953&gjid=21641060&cid=889275734.1709754847&tid=UA-226112193-1&_gid=452079137.1709754847&_r=1&_slc=1&gtm=45He4340n81NWB9SZKv862681431za220&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=2048174917

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1d56b6aac3051bdfef9ce8d014f88fccb1a64517d3d89a362c6c7576ed8d6268

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fireflyin.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 06 Mar 2024 19:54:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fireflyin.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
348 B 62ms
21ms XHR
text/plain 2a00:1450:400c:c02::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-226112193-1&cid=889275734.1709754847&jid=535226953&gjid=21641060&_gid=452079137.1709754847&npa=1&_u=YEBAAEAAAAAAACAAI~&z=17032511

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c02::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fireflyin.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 06 Mar 2024 19:54:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fireflyin.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 312 KB
101 KB 48ms
47ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2VE2RP1YFF&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b67bd4b013aea21a4a993f50dbe3a9deb4884e9a90ff5c748c91a8a539162abe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fireflyin.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 19:54:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 103380
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 06 Mar 2024 19:54:06 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
253 B 36ms
15ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-2VE2RP1YFF&gtm=45je4340v869023037z8862681431za220&_p=1709754845837&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=889275734.1709754847&ecid=1534674238&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&ec_mode=a&_eu=EAAI&_s=1&sid=1709754846&sct=1&seg=0&dl=https%3A%2F%2Ffireflyin.org%2F&dt=Home%20%7C%20Firefly%20Children%20%26%20Family%20Alliance&en=page_view&_fv=1&_ss=1&tfd=2681
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2VE2RP1YFF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fireflyin.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Mar 2024 19:54:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fireflyin.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 21ms
21ms Ping
text/plain 2a00:1450:400c:c02::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-2VE2RP1YFF&cid=889275734.1709754847&gtm=45je4340v869023037z8862681431za220&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2VE2RP1YFF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c02::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fireflyin.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Mar 2024 19:54:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fireflyin.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 55ms
35ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-2VE2RP1YFF&cid=889275734.1709754847&gtm=45je4340v869023037z8862681431za220&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=222898596

Requested by

Host: fireflyin.org
URL: https://fireflyin.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fireflyin.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Mar 2024 19:54:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
296 B 32ms
32ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-226112193-1&cid=889275734.1709754847&jid=535226953&npa=1&_u=YEBAAEAAAAAAACAAI~&z=1949223656

Requested by

Host: fireflyin.org
URL: https://fireflyin.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fireflyin.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Mar 2024 19:54:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 52ms
34ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-226112193-1&cid=889275734.1709754847&jid=535226953&npa=1&_u=YEBAAEAAAAAAACAAI~&z=1949223656

Requested by

Host: fireflyin.org
URL: https://fireflyin.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fireflyin.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Mar 2024 19:54:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET fireflyheader-1.mp4
fireflyin.org/wp-content/uploads/2022/04/ 0
0

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 9469 46 KB
28 KB 38ms
38ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcNmFogAAAAANf9lmg1yN8XceAk5OO0Yo2DQ5gV&co=aHR0cHM6Ly9maXJlZmx5aW4ub3JnOjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=yaca62e1y7hk

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c3efe9a0ea5b87bff3eea5d75481acaebfe21048d0488da6b851414ffb5bf980

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Rlk6iGDeB0PZpl27UrJAog' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fireflyin.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Rlk6iGDeB0PZpl27UrJAog' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 06 Mar 2024 19:54:07 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 206
Partial Content fireflyheader-1.mp4
fireflyin.org/wp-content/uploads/2022/04/ 496 KB
0 96ms
96ms Media
video/mp4 104.248.232.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://fireflyin.org/wp-content/uploads/2022/04/fireflyheader-1.mp4
Requested by: Host: fireflyin.org
URL: https://fireflyin.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 104.248.232.0 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: childrensbureau.org
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://fireflyin.org/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Range: bytes=0-

Response headers

Date: Wed, 06 Mar 2024 19:54:07 GMT
Last-Modified: Thu, 21 Apr 2022 13:27:19 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "62615bb7-3254fa"
Content-Type: video/mp4
Content-Range: bytes 0-3298553/3298554
Connection: keep-alive
Content-Length: 3298554

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ Frame 9469 55 KB
24 KB 22ms
8ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcNmFogAAAAANf9lmg1yN8XceAk5OO0Yo2DQ5gV&co=aHR0cHM6Ly9maXJlZmx5aW4ub3JnOjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=yaca62e1y7hk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 17:55:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 179947
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 05:02:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Mar 2025 17:55:00 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ Frame 9469 494 KB
196 KB 26ms
12ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5564f45c0991c7cceb19c0fb637ee44b119fb14c6cbf3691540a9cad11e1edf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 19:55:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 172712
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 200579
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 05:02:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Mar 2025 19:55:35 GMT

GET
H2 200 notifications-client.global.min.js Show response
sky.blackbaudcdn.net/static/notifications-client/1.4.1/ Frame A5BD 100 KB
30 KB 15ms
14ms Script
application/javascript 18.245.60.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sky.blackbaudcdn.net/static/notifications-client/1.4.1/notifications-client.global.min.js

Requested by

Host: host.nxt.blackbaud.com
URL: https://host.nxt.blackbaud.com/adaptive-donor-form?formId=dfba46a0-3e16-4628-81f5-7e230561d381&envId=p-9z6Up4Vb10-q_nAoD_KRZw&zone=usa&loaderId=f246b62e-d40a-4815-aacf-b95c146cd89a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-53.fra60.r.cloudfront.net

Software

Resource Hash

476d8423431fa6f56fe0fb5ca7be484361ccf188d82d6ea8fc33d8b8f6d52c98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://host.nxt.blackbaud.com/
Origin: https://host.nxt.blackbaud.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 03:29:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 98559aba51e0c88c6e74c88152fb63ae.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
age: 4897475
etag: "0x8DA01200D79D863"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: https://host.nxt.blackbaud.com
cache-control: public,max-age=31536000
x-amz-cf-id: uV1ErR7FzmYrY_ag31JlWvtMMOw3IEX5re03dJzOM6w5n_3efE_C9w==
request-context: appId=cid-v1:97accf10-7710-4206-9726-3866ea91e9c5

GET
H2 200 auth-client.global.min.js Show response
sky.blackbaudcdn.net/static/auth-client/2.78.0/ Frame A5BD 57 KB
13 KB 23ms
23ms Script
application/javascript 18.245.60.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sky.blackbaudcdn.net/static/auth-client/2.78.0/auth-client.global.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-53.fra60.r.cloudfront.net

Software

Resource Hash

c87d9de9ec04be00f785ea3222b2772e8a5e2fc7d899ce0e8835aaf963ca9ab1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://host.nxt.blackbaud.com/
Origin: https://host.nxt.blackbaud.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 23 Feb 2024 15:43:05 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 98559aba51e0c88c6e74c88152fb63ae.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
age: 1051862
etag: "0x8DC34861697D0E6"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: https://host.nxt.blackbaud.com
cache-control: public,max-age=31536000
x-amz-cf-id: mJg6VQH5HlljLAm_cKICNiaMDiY3hCDcBzoAjR3Czyl0OZSeA0RZOw==
request-context: appId=cid-v1:97accf10-7710-4206-9726-3866ea91e9c5

GET
H2 200 styles.5e7389ded1f21dfa.css
sky.blackbaudcdn.net/skyuxapps/adaptive-donor-form/ Frame A5BD 66 KB
8 KB 27ms
26ms Stylesheet
text/css 18.245.60.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sky.blackbaudcdn.net/skyuxapps/adaptive-donor-form/styles.5e7389ded1f21dfa.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-53.fra60.r.cloudfront.net

Software

Resource Hash

fd7177f560efc55f4216af7e64660f6f4574677e4369addf1a22e4f38c54717a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://host.nxt.blackbaud.com/
Origin: https://host.nxt.blackbaud.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 17:42:26 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 98559aba51e0c88c6e74c88152fb63ae.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
age: 7901
etag: "0x8DC3E018E15DB78"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: https://host.nxt.blackbaud.com
cache-control: public,max-age=31536000
x-amz-cf-id: qchQtbzWBiosdwgRuXQmEEaA7iFv7RDVguxbDBJxvFrBjDwQBrA2Og==
request-context: appId=cid-v1:97accf10-7710-4206-9726-3866ea91e9c5

GET
H2 200 / Show response
js.stripe.com/v3/ Frame A5BD 603 KB
168 KB 36ms
7ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

d755399768a475f3e89812712463a076e3546bd711e0ddcbfb8300e408f3b5cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://host.nxt.blackbaud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Mar 2024 19:54:07 GMT
via: 1.1 varnish
age: 41
x-cache: HIT
content-length: 171141
x-request-id: f2d6bef1-a955-4614-8464-68594de5c4b5
x-served-by: cache-fra-eddf8230079-FRA
last-modified: Wed, 06 Mar 2024 18:44:59 GMT
server: Fastly
etag: "5b995dabe2aec9190b4766003d3128c3"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 49

GET
H2 200 runtime.988200f981b535ef.js Show response
sky.blackbaudcdn.net/skyuxapps/adaptive-donor-form/ Frame A5BD 3 KB
2 KB 28ms
27ms Script
application/javascript 18.245.60.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sky.blackbaudcdn.net/skyuxapps/adaptive-donor-form/runtime.988200f981b535ef.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-53.fra60.r.cloudfront.net

Software

Resource Hash

f7e33a9d7d623e79b2c6e0d0cb14bec07f94578cac031bc0a866140f8f4aefb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://host.nxt.blackbaud.com/
Origin: https://host.nxt.blackbaud.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 17:42:26 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 98559aba51e0c88c6e74c88152fb63ae.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
age: 7901
etag: "0x8DC3E01850BA72D"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: https://host.nxt.blackbaud.com
cache-control: public,max-age=31536000
x-amz-cf-id: kd0_nJGZ7eR5ZAZVApChEOHW6hCgEGGk5eJiwwt01MFo9s106MXSCA==
request-context: appId=cid-v1:97accf10-7710-4206-9726-3866ea91e9c5

GET
H2 200 polyfills.01933d73621d69dd.js Show response
sky.blackbaudcdn.net/skyuxapps/adaptive-donor-form/ Frame A5BD 33 KB
11 KB 28ms
28ms Script
application/javascript 18.245.60.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sky.blackbaudcdn.net/skyuxapps/adaptive-donor-form/polyfills.01933d73621d69dd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-53.fra60.r.cloudfront.net

Software

Resource Hash

fdc683b37bd1dd00b83793f6a7102cc1d2c71a74ff173916f6428809ffe28fc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://host.nxt.blackbaud.com/
Origin: https://host.nxt.blackbaud.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 01:50:39 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 98559aba51e0c88c6e74c88152fb63ae.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
age: 6545008
etag: "0x8DC01A01A5560F5"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: https://host.nxt.blackbaud.com
cache-control: public,max-age=31536000
x-amz-cf-id: b8TcBpkBoPXPF2xr2PVb_GYE2hBeSOKtp4MkiWU3QfhbtC9B2PJTEQ==
request-context: appId=cid-v1:97accf10-7710-4206-9726-3866ea91e9c5

GET
H2 200 main.01f0d3faee2e1c42.js Show response
sky.blackbaudcdn.net/skyuxapps/adaptive-donor-form/ Frame A5BD 3 MB
731 KB 29ms
29ms Script
application/javascript 18.245.60.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sky.blackbaudcdn.net/skyuxapps/adaptive-donor-form/main.01f0d3faee2e1c42.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-53.fra60.r.cloudfront.net

Software

Resource Hash

ec00d8171377b4e8e904b8235233f6b70d997ecdb9770d0a5dbb36716c91adcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://host.nxt.blackbaud.com/
Origin: https://host.nxt.blackbaud.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 17:42:26 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 98559aba51e0c88c6e74c88152fb63ae.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
age: 7901
etag: "0x8DC3E018DEA8C0C"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: https://host.nxt.blackbaud.com
cache-control: public,max-age=31536000
x-amz-cf-id: 9OuItDdXApMvLCx1RxNihBMMAVZEss_dcYllFBl2ZoN_HwXkfLVzTA==
request-context: appId=cid-v1:97accf10-7710-4206-9726-3866ea91e9c5

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame A5BD 30 KB
7 KB 86ms
37ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: sky.blackbaudcdn.net
URL: https://sky.blackbaudcdn.net/skyuxapps/adaptive-donor-form/styles.5e7389ded1f21dfa.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sky.blackbaudcdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 19:54:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 722
age: 8516789
cdn-cachedat: 10/31/2023 18:48:06
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 9e61a4e37a75208649ae6b63a0cb4f72
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 8604e552fa3a3a9d-FRA
cdn-requestpullsuccess: True

GET
H2 200 skyux-icons.min.css
sky.blackbaudcdn.net/static/skyux-icons/6.10.1/assets/css/ Frame A5BD 9 KB
2 KB 9ms
8ms Stylesheet
text/css 18.245.60.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sky.blackbaudcdn.net/static/skyux-icons/6.10.1/assets/css/skyux-icons.min.css

Requested by

Host: sky.blackbaudcdn.net
URL: https://sky.blackbaudcdn.net/skyuxapps/adaptive-donor-form/styles.5e7389ded1f21dfa.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-53.fra60.r.cloudfront.net

Software

Resource Hash

4b0505c9409b63bf7caba18c1b7edee347161aca1536a3ba91ffbd2e0e7b844c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sky.blackbaudcdn.net/skyuxapps/adaptive-donor-form/styles.5e7389ded1f21dfa.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 10:43:50 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4d156fc02c81ad97b906c107779265e2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
age: 205817
etag: "0x8DC38D262EE7000"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: public,max-age=31536000
x-amz-cf-id: 9iBJ9dCi90_joVT_S4umNMbypMvDfPD9nJRo2jwyk-WQ_CdBfDHehA==
request-context: appId=cid-v1:97accf10-7710-4206-9726-3866ea91e9c5

GET
H2 200 css
fonts.googleapis.com/ Frame A5BD 8 KB
2 KB 51ms
19ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans|Roboto&display=swap

Requested by

Host: sky.blackbaudcdn.net
URL: https://sky.blackbaudcdn.net/skyuxapps/adaptive-donor-form/styles.5e7389ded1f21dfa.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cab8ee51fe3f2c48a8bb85a002ea87dc02c1b3514f81eb145ad4b513e11accf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sky.blackbaudcdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 06 Mar 2024 19:54:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 06 Mar 2024 19:38:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Mar 2024 19:54:07 GMT

GET
H3 200 sLPIoIr_9R2H1vFE63bCW9_RmUPMbLk-XyKwDAco0G4.js Show response
www.google.com/js/bg/ Frame 9469 17 KB
7 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/sLPIoIr_9R2H1vFE63bCW9_RmUPMbLk-XyKwDAco0G4.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0b3c8a08afff51d87d6f144eb76c25bdfd19943cc6cb93e5f22b00c0728d06e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcNmFogAAAAANf9lmg1yN8XceAk5OO0Yo2DQ5gV&co=aHR0cHM6Ly9maXJlZmx5aW4ub3JnOjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=yaca62e1y7hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 05:19:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 138884
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6937
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Mar 2025 05:19:23 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 9469 2 KB
2 KB 16ms
15ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 14:54:26 GMT
x-content-type-options: nosniff
age: 190781
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 11 Mar 2024 14:54:26 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9469 15 KB
16 KB 40ms
9ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 19:32:19 GMT
x-content-type-options: nosniff
age: 174108
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Mar 2025 19:32:19 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9469 15 KB
15 KB 44ms
13ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 14:26:30 GMT
x-content-type-options: nosniff
age: 538057
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Feb 2025 14:26:30 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 9469 102 B
134 B 16ms
15ms Other
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a8bfdecce5d2156da95876601ab50733e863513e3689ce32498a8370e79a5687

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcNmFogAAAAANf9lmg1yN8XceAk5OO0Yo2DQ5gV&co=aHR0cHM6Ly9maXJlZmx5aW4ub3JnOjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=yaca62e1y7hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 19:54:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 06 Mar 2024 19:54:07 GMT

GET
H2 200 BLKBSans-Regular.woff
sky.blackbaudcdn.net/static/skyux-fonts/2.0.0/assets/ Frame A5BD 32 KB
32 KB 7ms
7ms Font
application/x-font-woff 18.245.60.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sky.blackbaudcdn.net/static/skyux-fonts/2.0.0/assets/BLKBSans-Regular.woff

Requested by

Host: sky.blackbaudcdn.net
URL: https://sky.blackbaudcdn.net/skyuxapps/adaptive-donor-form/styles.5e7389ded1f21dfa.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-53.fra60.r.cloudfront.net

Software

Resource Hash

08e1bc83b1500ff23f4393c9907ffcfad541ef2e342df772bc2a3445d7392b76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://sky.blackbaudcdn.net/skyuxapps/adaptive-donor-form/styles.5e7389ded1f21dfa.css
Origin: https://host.nxt.blackbaud.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 23:44:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 98559aba51e0c88c6e74c88152fb63ae.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
age: 8280590
etag: "0x8D91A0BEFD54A62"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
content-type: application/x-font-woff
access-control-allow-origin: https://host.nxt.blackbaud.com
cache-control: public,max-age=31536000
x-amz-cf-id: sU_l755y4PN4xVkVHeLGT_caXlqTx2TUDpN4AU5ye4RxPQwr2VYdWQ==
request-context: appId=cid-v1:97accf10-7710-4206-9726-3866ea91e9c5

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame A5BD 75 KB
76 KB 100ms
60ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://host.nxt.blackbaud.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 19:54:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 752
age: 8615908
cdn-cachedat: 10/31/2023 19:08:24
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: e9e8f1be83c83039a8bbc7235d8a8816
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 8604e554afca1e64-FRA
cdn-requestpullsuccess: True

GET
H2 200 skyux-icons.woff2
sky.blackbaudcdn.net/static/skyux-icons/6.10.1/assets/font/ Frame A5BD 33 KB
33 KB 8ms
8ms Font
font/woff2 18.245.60.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sky.blackbaudcdn.net/static/skyux-icons/6.10.1/assets/font/skyux-icons.woff2?86278406

Requested by

Host: sky.blackbaudcdn.net
URL: https://sky.blackbaudcdn.net/static/skyux-icons/6.10.1/assets/css/skyux-icons.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-53.fra60.r.cloudfront.net

Software

Resource Hash

fbcff8e51d53ce1ceb9de11f750b8f65d2d05636e0d325673e6813ce1b58275d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://sky.blackbaudcdn.net/static/skyux-icons/6.10.1/assets/css/skyux-icons.min.css
Origin: https://host.nxt.blackbaud.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 10:43:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 98559aba51e0c88c6e74c88152fb63ae.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
age: 205816
etag: "0x8DC38D263D26D98"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
content-type: font/woff2
access-control-allow-origin: https://host.nxt.blackbaud.com
cache-control: public,max-age=31536000
x-amz-cf-id: eLYxW8UHBRaR59HRToHXOXbej3WPSc9RCVsze8xBO-6zxQUnDU_aTA==
request-context: appId=cid-v1:97accf10-7710-4206-9726-3866ea91e9c5

GET
H2 200 56.3d912170b99d9597.js Show response
sky.blackbaudcdn.net/skyuxapps/adaptive-donor-form/ Frame A5BD 524 B
878 B 7ms
7ms Script
application/javascript 18.245.60.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sky.blackbaudcdn.net/skyuxapps/adaptive-donor-form/56.3d912170b99d9597.js

Requested by

Host: sky.blackbaudcdn.net
URL: https://sky.blackbaudcdn.net/skyuxapps/adaptive-donor-form/runtime.988200f981b535ef.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-53.fra60.r.cloudfront.net

Software

Resource Hash

6dadf4ea156167682099ccf1f02c661b97d2272614948b2f1ec7bcc8679a6867

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://host.nxt.blackbaud.com/
Origin: https://host.nxt.blackbaud.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 17:16:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 98559aba51e0c88c6e74c88152fb63ae.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
age: 182235
etag: "0x8DC3C6AB9C16312"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: https://host.nxt.blackbaud.com
cache-control: public,max-age=31536000
x-amz-cf-id: NOdSfLPy7H9KfijhZrmXln2wuiO9k9Eq2M8zzaGWqX6NywcOJhx97A==
request-context: appId=cid-v1:97accf10-7710-4206-9726-3866ea91e9c5

GET fireflyheader-1.mp4
fireflyin.org/wp-content/uploads/2022/04/ 0
0

GET
H2 200 jmH.js Show response
cl.qualaroo.com/ki.js/63657/ Frame A5BD 195 KB
57 KB 98ms
60ms Script
application/ecmascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cl.qualaroo.com/ki.js/63657/jmH.js
Requested by: Host: fireflyin.org
URL: https://fireflyin.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: faff1769734ca1dd1a0d83b076cc10b6669ed2acef60e075d3c6230187869287

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://host.nxt.blackbaud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 19:54:07 GMT
content-encoding: gzip
cdn-edgestorageid: 1080
x-amz-request-id: KPCZE4P50W2XCGRY
x-amz-server-side-encryption: AES256
cdn-cachedat: 03/06/2024 17:56:48
cdn-pullzone: 92714
x-amz-id-2: oNRhiBLzZzvcnkfTWvRhtT6zddxFRJzqrtu1tTmf3jtMqEUSpv838qlKprqomS1q2Py6IxefkZA=
last-modified: Wed, 06 Mar 2024 17:54:39 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "c0cf0af69cb8701881ac5101558a259b"
vary: Accept-Encoding, Accept-Encoding
content-type: application/ecmascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 50c043fb-dcd1-4574-9faf-b60384f66f78
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=0, s-maxage=3600
cdn-requestid: 61812435a2afb7b07b68a170d4e9bcdb
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html Show response
js.stripe.com/v3/ Frame 0972 200 B
818 B 7ms
7ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://host.nxt.blackbaud.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 3178567
cache-control: max-age=31536000
content-encoding: br
content-length: 154
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 06 Mar 2024 19:54:07 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Fri, 11 Nov 2022 20:25:37 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 404607
x-content-type-options: nosniff
x-request-id: dcb36e89-ca78-44a1-a0e7-081684c9cfcd
x-served-by: cache-fra-eddf8230079-FRA

GET
H2 200 m-outer-15a2b40a058ddff1cffdb63779fe3de1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 0972 526 B
451 B 38ms
38ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Mar 2024 19:54:07 GMT
via: 1.1 varnish
age: 3166477
x-cache: HIT
content-length: 315
x-request-id: 4559e4eb-5dd7-4d35-9eb2-47b129c2086c
x-served-by: cache-fra-eddf8230079-FRA
last-modified: Fri, 11 Nov 2022 20:25:36 GMT
server: Fastly
etag: "d96c709017743c0759cf3853d1806ba5"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 385314

GET
H/1.1 206
Partial Content fireflyheader-1.mp4
fireflyin.org/wp-content/uploads/2022/04/ 21 KB
22 KB 93ms
93ms Media
video/mp4 104.248.232.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://fireflyin.org/wp-content/uploads/2022/04/fireflyheader-1.mp4
Requested by: Host: fireflyin.org
URL: https://fireflyin.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 104.248.232.0 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: childrensbureau.org
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 9e9bd376420a27f7dad5c748669ad023f54bdb574bef08b71fd8907fa07f8ad4

Request headers

Referer: https://fireflyin.org/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Range: bytes=3276800-

Response headers

Date: Wed, 06 Mar 2024 19:54:07 GMT
Last-Modified: Thu, 21 Apr 2022 13:27:19 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "62615bb7-3254fa"
Content-Type: video/mp4
Content-Range: bytes 3276800-3298553/3298554
Connection: keep-alive
Content-Length: 21754

OPTIONS
H2 204 dfba46a0-3e16-4628-81f5-7e230561d381
fms-pusa01.app.blackbaud.net/txntr/formlayout/ Frame 0
0 441ms
187ms Preflight 104.209.152.250
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://fms-pusa01.app.blackbaud.net/txntr/formlayout/dfba46a0-3e16-4628-81f5-7e230561d381?formId=dfba46a0-3e16-4628-81f5-7e230561d381&envid=p-9z6Up4Vb10-q_nAoD_KRZw&loaderId=f246b62e-d40a-4815-aacf-b95c146cd89a&bbcid=spa-adaptive-donor-form

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.209.152.250 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-session-id
Access-Control-Request-Method: GET
Origin: https://host.nxt.blackbaud.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-session-id
access-control-allow-methods: GET, PUT, PATCH, HEAD, DELETE, POST, OPTIONS
access-control-allow-origin: https://host.nxt.blackbaud.com
access-control-max-age: 3600
date: Wed, 06 Mar 2024 19:54:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin

OPTIONS
H2 204 environmentformconfiguration
fms-pusa01.app.blackbaud.net/txntr/ Frame 0
0 440ms
186ms Preflight 104.209.152.250
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://fms-pusa01.app.blackbaud.net/txntr/environmentformconfiguration?formId=dfba46a0-3e16-4628-81f5-7e230561d381&envid=p-9z6Up4Vb10-q_nAoD_KRZw&loaderId=f246b62e-d40a-4815-aacf-b95c146cd89a&bbcid=spa-adaptive-donor-form

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.209.152.250 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-session-id
Access-Control-Request-Method: GET
Origin: https://host.nxt.blackbaud.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-session-id
access-control-allow-methods: DELETE, PATCH, HEAD, OPTIONS, GET, PUT, POST
access-control-allow-origin: https://host.nxt.blackbaud.com
access-control-max-age: 3600
date: Wed, 06 Mar 2024 19:54:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin

POST
H2 200 / Show response
api-js.mixpanel.com/groups/ Frame A5BD 1 B
62 B 109ms
69ms XHR
application/json 35.186.241.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api-js.mixpanel.com/groups/?ip=1&_=1709754847542

Requested by

Host: sky.blackbaudcdn.net
URL: https://sky.blackbaudcdn.net/skyuxapps/adaptive-donor-form/polyfills.01933d73621d69dd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.241.51 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

51.241.186.35.bc.googleusercontent.com

Software

envoy /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://host.nxt.blackbaud.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=604800; includeSubDomains
date: Wed, 06 Mar 2024 19:54:07 GMT
via: 1.1 google
server: envoy
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://host.nxt.blackbaud.com
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 50
access-control-allow-headers: X-Requested-With
content-length: 1
alt-svc: clear

POST
H2 200 / Show response
api-js.mixpanel.com/groups/ Frame A5BD 1 B
342 B 103ms
64ms XHR
application/json 35.186.241.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api-js.mixpanel.com/groups/?ip=1&_=1709754847543

Requested by

Host: sky.blackbaudcdn.net
URL: https://sky.blackbaudcdn.net/skyuxapps/adaptive-donor-form/polyfills.01933d73621d69dd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.241.51 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

51.241.186.35.bc.googleusercontent.com

Software

envoy /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://host.nxt.blackbaud.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=604800; includeSubDomains
date: Wed, 06 Mar 2024 19:54:07 GMT
via: 1.1 google
server: envoy
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://host.nxt.blackbaud.com
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 46
access-control-allow-headers: X-Requested-With
content-length: 1
alt-svc: clear

POST
H2 200 / Show response
api-js.mixpanel.com/groups/ Frame A5BD 1 B
63 B 106ms
67ms XHR
application/json 35.186.241.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api-js.mixpanel.com/groups/?ip=1&_=1709754847543

Requested by

Host: sky.blackbaudcdn.net
URL: https://sky.blackbaudcdn.net/skyuxapps/adaptive-donor-form/polyfills.01933d73621d69dd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.241.51 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

51.241.186.35.bc.googleusercontent.com

Software

envoy /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://host.nxt.blackbaud.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=604800; includeSubDomains
date: Wed, 06 Mar 2024 19:54:07 GMT
via: 1.1 google
server: envoy
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://host.nxt.blackbaud.com
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 48
access-control-allow-headers: X-Requested-With
content-length: 1
alt-svc: clear

POST
H2 200 / Show response
api-js.mixpanel.com/groups/ Frame A5BD 1 B
62 B 109ms
70ms XHR
application/json 35.186.241.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api-js.mixpanel.com/groups/?ip=1&_=1709754847543

Requested by

Host: sky.blackbaudcdn.net
URL: https://sky.blackbaudcdn.net/skyuxapps/adaptive-donor-form/polyfills.01933d73621d69dd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.241.51 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

51.241.186.35.bc.googleusercontent.com

Software

envoy /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://host.nxt.blackbaud.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=604800; includeSubDomains
date: Wed, 06 Mar 2024 19:54:07 GMT
via: 1.1 google
server: envoy
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://host.nxt.blackbaud.com
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 51
access-control-allow-headers: X-Requested-With
content-length: 1
alt-svc: clear

GET
H2 200 dfba46a0-3e16-4628-81f5-7e230561d381 Show response
fms-pusa01.app.blackbaud.net/txntr/formlayout/ Frame A5BD 48 KB
49 KB 326ms
325ms XHR
application/json 104.209.152.250
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: sky.blackbaudcdn.net
URL: https://sky.blackbaudcdn.net/skyuxapps/adaptive-donor-form/polyfills.01933d73621d69dd.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.209.152.250 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4280b5c699f23ad47b2745ca72041f053abc2348acf4c020a4255ba384a98693

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://host.nxt.blackbaud.com/
X-Session-Id: 9187d27f-4bc2-4684-af74-f3068c4d24d9
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 06 Mar 2024 19:54:08 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains, max-age=31536000; includeSubDomains
x-content-type-options: nosniff
vary: Origin
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: https://host.nxt.blackbaud.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
x-session-id: 9187d27f-4bc2-4684-af74-f3068c4d24d9
x-xss-protection: 1; mode=block
x-request-id: 1ae28c24-9f54-9223-b65d-764e3063962d
expires: 0

GET
H2 200 environmentformconfiguration Show response
fms-pusa01.app.blackbaud.net/txntr/ Frame A5BD 997 B
1 KB 222ms
222ms XHR
application/json 104.209.152.250
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: sky.blackbaudcdn.net
URL: https://sky.blackbaudcdn.net/skyuxapps/adaptive-donor-form/polyfills.01933d73621d69dd.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.209.152.250 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7bc224bd9328dee1c068036bbe0b6418520f1782d34d044d943d62d2ad5aa5b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://host.nxt.blackbaud.com/
X-Session-Id: 9187d27f-4bc2-4684-af74-f3068c4d24d9
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 06 Mar 2024 19:54:08 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains, max-age=31536000; includeSubDomains
x-content-type-options: nosniff
vary: Origin
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: https://host.nxt.blackbaud.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
x-session-id: 9187d27f-4bc2-4684-af74-f3068c4d24d9
x-xss-protection: 1; mode=block
x-request-id: f5d10bec-bb6f-9482-9f48-6562b9a81f63
expires: 0

GET
H2 200 inner.html Show response
m.stripe.network/ Frame A2AB 930 B
2 KB 53ms
10ms Document
text/html 99.86.4.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.85 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-85.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 21
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 06 Mar 2024 19:53:47 GMT
etag: "06bfcd88af438673a8bf9b845a11aa6e"
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
x-amz-cf-id: WrADPBqvODomLDNo57MFEJ0WC4TFOrJECMLxNt1FQBG3N542PG16sw==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame A2AB 87 KB
14 KB 10ms
10ms Script
text/javascript 99.86.4.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.85 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-85.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 19:53:12 GMT
content-encoding: br
via: 1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
age: 56
x-content-type-options: nosniff
etag: W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop: FRA6-C1
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: C7oZsbKgeH6xCSlUKvuEX-OH-Ioqw8m3pvBUVjVrNyTOvgBWtL89XA==

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 9469 13 KB
10 KB 75ms
74ms XHR
application/json 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LcNmFogAAAAANf9lmg1yN8XceAk5OO0Yo2DQ5gV

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7cbaccbde78fe7baa47abf35bb8cc15619d03783407e27c91eaf190736f95036

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcNmFogAAAAANf9lmg1yN8XceAk5OO0Yo2DQ5gV&co=aHR0cHM6Ly9maXJlZmx5aW4ub3JnOjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=yaca62e1y7hk
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Wed, 06 Mar 2024 19:54:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 06 Mar 2024 19:54:07 GMT

GET
H/1.1 206
Partial Content fireflyheader-1.mp4
fireflyin.org/wp-content/uploads/2022/04/ 3 MB
0 93ms
93ms Media
video/mp4 104.248.232.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://fireflyin.org/wp-content/uploads/2022/04/fireflyheader-1.mp4
Requested by: Host: fireflyin.org
URL: https://fireflyin.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 104.248.232.0 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: childrensbureau.org
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://fireflyin.org/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Range: bytes=98304-

Response headers

Date: Wed, 06 Mar 2024 19:54:07 GMT
Last-Modified: Thu, 21 Apr 2022 13:27:19 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "62615bb7-3254fa"
Content-Type: video/mp4
Content-Range: bytes 98304-3298553/3298554
Connection: keep-alive
Content-Length: 3200250

GET
H2 200 frame.html Show response
dntcl.qualaroo.com/ Frame 0893 323 B
711 B 31ms
6ms Document
text/html 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://dntcl.qualaroo.com/frame.html
Requested by: Host: cl.qualaroo.com
URL: https://cl.qualaroo.com/ki.js/63657/jmH.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: 2e8900ba4a5768754de4fc21bcdde72bdcafa25c6c766a7f3bc44bf6c21fc412

Request headers

Referer: https://host.nxt.blackbaud.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=604800
cdn-cache: HIT
cdn-cachedat: 03/04/2024 07:12:15
cdn-edgestorageid: 1080
cdn-fileserver: 639
cdn-proxyver: 1.04
cdn-pullzone: 99568
cdn-requestcountrycode: DE
cdn-requestid: 051e14c77394c1ec5776f96d7af88dcf
cdn-requestpullcode: 206
cdn-requestpullsuccess: True
cdn-status: 200
cdn-storageserver: DE-679
cdn-uid: 50c043fb-dcd1-4574-9faf-b60384f66f78
content-encoding: gzip
content-type: text/html
date: Wed, 06 Mar 2024 19:54:07 GMT
last-modified: Sun, 09 Jul 2023 20:56:17 GMT
server: BunnyCDN-DE1-1081
vary: Accept-Encoding

POST
H2 200 6 Show response
m.stripe.com/ Frame A2AB 156 B
670 B 560ms
175ms XHR
application/json 44.241.19.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.241.19.114 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-241-19-114.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

a2519c1ec30ac431bbea8a94385994f6d996a690a7c6973d46cfff40a939ec58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 06 Mar 2024 19:54:08 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1709754848162428
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1709754848162085
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 SubscribeData.ashx Show response
editor.ne16.com/Subscribe/ 348 B
686 B 480ms
465ms XHR
application/json 2600:9000:214f:7800:1b:350b:3f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://editor.ne16.com/Subscribe/SubscribeData.ashx?p=9d8e534d-7dbd-4da5-a514-9e0af91a8579&l=1001695&m=&mailid=&c=%5B%5D&d=%5B%22FirstName_%22%2C%22LastName_%22%2C%22emailaddr_%22%2C%22demographics%22%2C%22Source_%22%2C%22list%22%5D&a=%5B%22childrensbureauinc%22%5D&keyword=&u=https%3A%2F%2Ffireflyin.org%2F
Requested by: Host: editor.ne16.com
URL: https://editor.ne16.com/Subscribe/Subscribe.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:7800:1b:350b:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a66d67202d69eaa6a28aa14109004bde6e76a3e505b0e96060404a134ed31c4a

Request headers

Accept: application/json
Referer: https://fireflyin.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 19:54:08 GMT
via: 1.1 7549433a09d06354ea864d169b689e50.cloudfront.net (CloudFront)
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-amz-cf-pop: FRA53-C1
x-powered-by: ASP.NET
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private
content-length: 348
x-amz-cf-id: e3Srmi2w3Ttw8jdqHCcEEJETcKF4L_Nehi6XbcdKfQ_Gk897YnfI5g==

POST
H2 200 / Show response
api-js.mixpanel.com/groups/ Frame A5BD 1 B
59 B 73ms
72ms XHR
application/json 35.186.241.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api-js.mixpanel.com/groups/?ip=1&_=1709754848214

Requested by

Host: sky.blackbaudcdn.net
URL: https://sky.blackbaudcdn.net/skyuxapps/adaptive-donor-form/polyfills.01933d73621d69dd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.241.51 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

51.241.186.35.bc.googleusercontent.com

Software

envoy /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://host.nxt.blackbaud.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=604800; includeSubDomains
date: Wed, 06 Mar 2024 19:54:08 GMT
via: 1.1 google
server: envoy
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://host.nxt.blackbaud.com
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 51
access-control-allow-headers: X-Requested-With
content-length: 1
alt-svc: clear

POST
H2 200 / Show response
api-js.mixpanel.com/groups/ Frame A5BD 1 B
62 B 67ms
66ms XHR
application/json 35.186.241.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api-js.mixpanel.com/groups/?ip=1&_=1709754848214

Requested by

Host: sky.blackbaudcdn.net
URL: https://sky.blackbaudcdn.net/skyuxapps/adaptive-donor-form/polyfills.01933d73621d69dd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.241.51 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

51.241.186.35.bc.googleusercontent.com

Software

envoy /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://host.nxt.blackbaud.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=604800; includeSubDomains
date: Wed, 06 Mar 2024 19:54:08 GMT
via: 1.1 google
server: envoy
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://host.nxt.blackbaud.com
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 47
access-control-allow-headers: X-Requested-With
content-length: 1
alt-svc: clear

POST
H2 200 / Show response
api-js.mixpanel.com/groups/ Frame A5BD 1 B
59 B 71ms
71ms XHR
application/json 35.186.241.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api-js.mixpanel.com/groups/?ip=1&_=1709754848215

Requested by

Host: sky.blackbaudcdn.net
URL: https://sky.blackbaudcdn.net/skyuxapps/adaptive-donor-form/polyfills.01933d73621d69dd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.241.51 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

51.241.186.35.bc.googleusercontent.com

Software

envoy /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://host.nxt.blackbaud.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=604800; includeSubDomains
date: Wed, 06 Mar 2024 19:54:08 GMT
via: 1.1 google
server: envoy
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://host.nxt.blackbaud.com
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 50
access-control-allow-headers: X-Requested-With
content-length: 1
alt-svc: clear

POST
H2 200 / Show response
api-js.mixpanel.com/groups/ Frame A5BD 1 B
62 B 74ms
73ms XHR
application/json 35.186.241.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api-js.mixpanel.com/groups/?ip=1&_=1709754848215

Requested by

Host: sky.blackbaudcdn.net
URL: https://sky.blackbaudcdn.net/skyuxapps/adaptive-donor-form/polyfills.01933d73621d69dd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.241.51 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

51.241.186.35.bc.googleusercontent.com

Software

envoy /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://host.nxt.blackbaud.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=604800; includeSubDomains
date: Wed, 06 Mar 2024 19:54:08 GMT
via: 1.1 google
server: envoy
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://host.nxt.blackbaud.com
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 55
access-control-allow-headers: X-Requested-With
content-length: 1
alt-svc: clear

POST
H2 200 / Show response
api-js.mixpanel.com/groups/ Frame A5BD 1 B
59 B 67ms
67ms XHR
application/json 35.186.241.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api-js.mixpanel.com/groups/?ip=1&_=1709754848215

Requested by

Host: sky.blackbaudcdn.net
URL: https://sky.blackbaudcdn.net/skyuxapps/adaptive-donor-form/polyfills.01933d73621d69dd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.241.51 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

51.241.186.35.bc.googleusercontent.com

Software

envoy /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://host.nxt.blackbaud.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=604800; includeSubDomains
date: Wed, 06 Mar 2024 19:54:08 GMT
via: 1.1 google
server: envoy
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://host.nxt.blackbaud.com
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 48
access-control-allow-headers: X-Requested-With
content-length: 1
alt-svc: clear

POST
H2 200 / Show response
api-js.mixpanel.com/groups/ Frame A5BD 1 B
59 B 72ms
71ms XHR
application/json 35.186.241.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api-js.mixpanel.com/groups/?ip=1&_=1709754848216

Requested by

Host: sky.blackbaudcdn.net
URL: https://sky.blackbaudcdn.net/skyuxapps/adaptive-donor-form/polyfills.01933d73621d69dd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.241.51 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

51.241.186.35.bc.googleusercontent.com

Software

envoy /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://host.nxt.blackbaud.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=604800; includeSubDomains
date: Wed, 06 Mar 2024 19:54:08 GMT
via: 1.1 google
server: envoy
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://host.nxt.blackbaud.com
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 48
access-control-allow-headers: X-Requested-With
content-length: 1
alt-svc: clear

POST
H2 200 / Show response
api-js.mixpanel.com/groups/ Frame A5BD 1 B
62 B 59ms
58ms XHR
application/json 35.186.241.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api-js.mixpanel.com/groups/?ip=1&_=1709754848216

Requested by

Host: sky.blackbaudcdn.net
URL: https://sky.blackbaudcdn.net/skyuxapps/adaptive-donor-form/polyfills.01933d73621d69dd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.241.51 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

51.241.186.35.bc.googleusercontent.com

Software

envoy /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://host.nxt.blackbaud.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=604800; includeSubDomains
date: Wed, 06 Mar 2024 19:54:08 GMT
via: 1.1 google
server: envoy
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://host.nxt.blackbaud.com
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 37
access-control-allow-headers: X-Requested-With
content-length: 1
alt-svc: clear

POST
H2 200 / Show response
api-js.mixpanel.com/groups/ Frame A5BD 1 B
62 B 66ms
66ms XHR
application/json 35.186.241.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api-js.mixpanel.com/groups/?ip=1&_=1709754848216

Requested by

Host: sky.blackbaudcdn.net
URL: https://sky.blackbaudcdn.net/skyuxapps/adaptive-donor-form/polyfills.01933d73621d69dd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.241.51 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

51.241.186.35.bc.googleusercontent.com

Software

envoy /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://host.nxt.blackbaud.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=604800; includeSubDomains
date: Wed, 06 Mar 2024 19:54:08 GMT
via: 1.1 google
server: envoy
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://host.nxt.blackbaud.com
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 40
access-control-allow-headers: X-Requested-With
content-length: 1
alt-svc: clear

OPTIONS
H2 204 857a637a-a461-4b7c-9ffd-9272c813bf6c
fms-pusa01.app.blackbaud.net/brand/public/brandingcards/ Frame 0
0 109ms
109ms Preflight 104.209.152.250
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://fms-pusa01.app.blackbaud.net/brand/public/brandingcards/857a637a-a461-4b7c-9ffd-9272c813bf6c?formId=dfba46a0-3e16-4628-81f5-7e230561d381&envid=p-9z6Up4Vb10-q_nAoD_KRZw&loaderId=f246b62e-d40a-4815-aacf-b95c146cd89a&bbcid=spa-adaptive-donor-form

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.209.152.250 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-session-id
Access-Control-Request-Method: GET
Origin: https://host.nxt.blackbaud.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-session-id
access-control-allow-methods: DELETE, PUT, OPTIONS, POST, GET, HEAD, PATCH
access-control-allow-origin: https://host.nxt.blackbaud.com
access-control-max-age: 3600
date: Wed, 06 Mar 2024 19:54:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin

GET
H2 200 857a637a-a461-4b7c-9ffd-9272c813bf6c Show response
fms-pusa01.app.blackbaud.net/brand/public/brandingcards/ Frame A5BD 887 B
1 KB 128ms
128ms XHR
application/json 104.209.152.250
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: sky.blackbaudcdn.net
URL: https://sky.blackbaudcdn.net/skyuxapps/adaptive-donor-form/polyfills.01933d73621d69dd.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.209.152.250 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ee908efc0bb6eb88179d65ad0c1e345ae7c821be8d4f8b8ab8615dc2b6bc9a46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://host.nxt.blackbaud.com/
X-Session-Id: 9187d27f-4bc2-4684-af74-f3068c4d24d9
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 06 Mar 2024 19:54:08 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains, max-age=31536000; includeSubDomains
x-content-type-options: nosniff
vary: Origin
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: https://host.nxt.blackbaud.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
x-session-id: 9187d27f-4bc2-4684-af74-f3068c4d24d9
x-xss-protection: 1; mode=block
x-request-id: 54add155-c05c-9033-b299-2b01966af42b
expires: 0

OPTIONS
H2 204 paymentconfiguration
pco-pusa01.app.blackbaud.net/check/v1/ Frame 0
0 154ms
110ms Preflight 104.209.152.250
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pco-pusa01.app.blackbaud.net/check/v1/paymentconfiguration?macfgid=4627ffa0-a4a0-482e-bc4d-c425f06a7a59&envid=p-9z6Up4Vb10-q_nAoD_KRZw&formId=dfba46a0-3e16-4628-81f5-7e230561d381&loaderId=f246b62e-d40a-4815-aacf-b95c146cd89a&bbcid=spa-adaptive-donor-form

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.209.152.250 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-session-id
Access-Control-Request-Method: GET
Origin: https://host.nxt.blackbaud.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-session-id
access-control-allow-methods: GET
access-control-allow-origin: https://host.nxt.blackbaud.com
access-control-max-age: 14400
cache-control: no-store, must-revalidate, no-cache
date: Wed, 06 Mar 2024 19:54:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
x-content-type-options: nosniff

GET
H2 200 paymentconfiguration Show response
pco-pusa01.app.blackbaud.net/check/v1/ Frame A5BD 2 KB
2 KB 107ms
106ms XHR
application/json 104.209.152.250
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: sky.blackbaudcdn.net
URL: https://sky.blackbaudcdn.net/skyuxapps/adaptive-donor-form/polyfills.01933d73621d69dd.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.209.152.250 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e64f2cf4a5d5fa11cdb50b20a4b3ca1d0ea710976f5208eeff861933584c59da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://host.nxt.blackbaud.com/
X-Session-Id: 9187d27f-4bc2-4684-af74-f3068c4d24d9
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 06 Mar 2024 19:54:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://host.nxt.blackbaud.com
cache-control: no-store, must-revalidate, no-cache
content-length: 1646

GET
DATA 200
OK truncated
/ Frame A5BD 713 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9defa7ec30813b2d438cc732941531aadf9cb59677ae86f358ac94557dc2697e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame A5BD 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 96c0ece7228e54be11c46479000849c8a5344aef8e98939ce2a8bee7e4486efc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame A5BD 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a53073174fc1505bde602ab8b9ed02d7206dcec3904c000ac65aae5112b4bb60

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame A5BD 951 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d14ca0e909234ef3a81f593aa143960c1bf04feb527360f15e9d46f05faa0cf9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame A5BD 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 26d6ff4e73c9f7e3d19b8a6a0aee4c19ceeb8cf754e40fff9d4e18ea1c9b7d8c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame A5BD 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f23bd61a50ddb47e77b1d538b8c80541f6505652bfd226492e2073871ff1b8e2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame A5BD 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 590744d6c7a9ed19632f43e11fdef33aaa97fa2f652eacf4d1276e92864dd388

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame A5BD 725 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f8b69b24877322fc432a92b49b1ad60499484de0f30994960b0ccc579bb7a641

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 flags.webp
sky.blackbaudcdn.net/static/skyux-public-assets/1.0.0-beta.3/assets/images/intl-tel-input/ Frame A5BD 27 KB
27 KB 8ms
8ms Image
image/webp 18.245.60.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sky.blackbaudcdn.net/static/skyux-public-assets/1.0.0-beta.3/assets/images/intl-tel-input/flags.webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-53.fra60.r.cloudfront.net

Software

Resource Hash

26c3407a5d88577b47001ff725f569136e9caf493c21d1f9dcdd4215c5e211ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://host.nxt.blackbaud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 13:46:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 4d156fc02c81ad97b906c107779265e2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
age: 4860455
etag: "0x8DBA31D19A2F733"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: public,max-age=31536000
x-amz-cf-id: _zdeoHbkngWOdhmsSPkoeqb5HD-kO-lx_XCmxjQbG881mU2_NndeJg==
request-context: appId=cid-v1:97accf10-7710-4206-9726-3866ea91e9c5

GET
DATA 200
OK truncated
/ Frame A5BD 342 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cfcf2514bb80868a8ea7ab0936dee6575f8ce6dc5ccf76a2a6bdb15b55a0daf5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 BLKBSans-Semibold.woff
sky.blackbaudcdn.net/static/skyux-fonts/2.0.0/assets/ Frame A5BD 32 KB
32 KB 8ms
7ms Font
application/x-font-woff 18.245.60.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sky.blackbaudcdn.net/static/skyux-fonts/2.0.0/assets/BLKBSans-Semibold.woff

Requested by

Host: sky.blackbaudcdn.net
URL: https://sky.blackbaudcdn.net/skyuxapps/adaptive-donor-form/styles.5e7389ded1f21dfa.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-53.fra60.r.cloudfront.net

Software

Resource Hash

095a4e31a4c39e7fa61ca412d67ba427155e8326e3fc80a02cd3c79daa1d5b99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://sky.blackbaudcdn.net/skyuxapps/adaptive-donor-form/styles.5e7389ded1f21dfa.css
Origin: https://host.nxt.blackbaud.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 07:53:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 98559aba51e0c88c6e74c88152fb63ae.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
age: 20347213
etag: "0x8D91A0BEFDAA2E8"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
content-type: application/x-font-woff
access-control-allow-origin: https://host.nxt.blackbaud.com
cache-control: public,max-age=31536000
x-amz-cf-id: 2YABCiM__a2ry4OLKW28JHZ7FKX_SPg1Op97FaflkM3UVnZZU-Pyhw==
request-context: appId=cid-v1:97accf10-7710-4206-9726-3866ea91e9c5

GET
H2 200 BLKBSans-Light.woff
sky.blackbaudcdn.net/static/skyux-fonts/2.0.0/assets/ Frame A5BD 32 KB
32 KB 10ms
10ms Font
application/x-font-woff 18.245.60.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sky.blackbaudcdn.net/static/skyux-fonts/2.0.0/assets/BLKBSans-Light.woff

Requested by

Host: sky.blackbaudcdn.net
URL: https://sky.blackbaudcdn.net/skyuxapps/adaptive-donor-form/styles.5e7389ded1f21dfa.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-53.fra60.r.cloudfront.net

Software

Resource Hash

ff4185fa4d38354c04d6be5a1ef30272385d0ab8578de592a74befc1dcc975ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://sky.blackbaudcdn.net/skyuxapps/adaptive-donor-form/styles.5e7389ded1f21dfa.css
Origin: https://host.nxt.blackbaud.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 11:05:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 98559aba51e0c88c6e74c88152fb63ae.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
age: 12300546
etag: "0x8D91A0BEFCA4B2B"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
content-type: application/x-font-woff
access-control-allow-origin: https://host.nxt.blackbaud.com
cache-control: public,max-age=31536000
x-amz-cf-id: fimyWO33EjjUb9iDCM0kmTjty_SDe0nu66nywc_SADsCKk8Trd2-jQ==
request-context: appId=cid-v1:97accf10-7710-4206-9726-3866ea91e9c5

GET
H2 200 BLKBSans-Italic.woff
sky.blackbaudcdn.net/static/skyux-fonts/2.0.0/assets/ Frame A5BD 33 KB
33 KB 14ms
14ms Font
application/x-font-woff 18.245.60.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sky.blackbaudcdn.net/static/skyux-fonts/2.0.0/assets/BLKBSans-Italic.woff

Requested by

Host: sky.blackbaudcdn.net
URL: https://sky.blackbaudcdn.net/skyuxapps/adaptive-donor-form/styles.5e7389ded1f21dfa.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-53.fra60.r.cloudfront.net

Software

Resource Hash

1798d3ce1abe12fe5caa45d00a86e66b3dda52c5820c31c572d7738608f2a384

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://sky.blackbaudcdn.net/skyuxapps/adaptive-donor-form/styles.5e7389ded1f21dfa.css
Origin: https://host.nxt.blackbaud.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 05:14:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 98559aba51e0c88c6e74c88152fb63ae.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
age: 5409572
etag: "0x8D91A0BEFC519C3"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
content-type: application/x-font-woff
access-control-allow-origin: https://host.nxt.blackbaud.com
cache-control: public,max-age=31536000
x-amz-cf-id: pYcmpMlARXZQkmOoIeFiKYXIsYoVWhv_iC2pcFGpHU2d4LZ6G8DPtg==
request-context: appId=cid-v1:97accf10-7710-4206-9726-3866ea91e9c5

GET
H/1.1 200
OK p-9z6Up4Vb10-q_nAoD_KRZw%2F857a637a-a461-4b7c-9ffd-9272c813bf6c%2Fhero
s21pusa01afmsv2blkbsa03.blob.core.windows.net/branding-user-image/ Frame A5BD 2 MB
2 MB 647ms
153ms Image
application/octet-stream 20.150.43.196
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s21pusa01afmsv2blkbsa03.blob.core.windows.net/branding-user-image/p-9z6Up4Vb10-q_nAoD_KRZw%2F857a637a-a461-4b7c-9ffd-9272c813bf6c%2Fhero?lastModified=2024-01-19T15:15:19.069312Z
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.150.43.196 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 378cc2a49d28e06e45bdec325472be92aee8772159b083c3c3beaa9e519b4476

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://host.nxt.blackbaud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 06 Mar 2024 19:54:09 GMT
Last-Modified: Fri, 19 Jan 2024 15:15:19 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: iurSLz3m34POncvvcVOFEw==
ETag: 0x8DC190172BE0CF5
Vary: Origin
Content-Type: application/octet-stream
x-ms-request-id: 3f30991a-801e-0077-0f00-7001e6000000
x-ms-version: 2009-09-19
Content-Length: 1696005

GET
H3 200 api.js Show response
www.google.com/recaptcha/ Frame A5BD 1 KB
905 B 20ms
20ms Script
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LcSzh0lAAAAAK3tmGuiaquWJLr7e_NpdtzGjL6f&onload=ng2recaptchaloaded

Requested by

Host: sky.blackbaudcdn.net
URL: https://sky.blackbaudcdn.net/skyuxapps/adaptive-donor-form/main.01f0d3faee2e1c42.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

49c47b03aad93c56140eeaa0505abc1132ef1205994bc7a28bd5a0b6ce6dd7da

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://host.nxt.blackbaud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 19:54:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 06 Mar 2024 19:54:09 GMT

GET
H2 200 controller-5d32e60b1cb234351f931b77526b2e3c.html Show response
js.stripe.com/v3/ Frame EB42 325 B
909 B 11ms
11ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-5d32e60b1cb234351f931b77526b2e3c.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

d79e9c08e103617347551a52a7e6b07e2847b0225b7ea2559ec4f2fff088df8b

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://host.nxt.blackbaud.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 37
cache-control: max-age=60, stale-while-revalidate=900
content-encoding: br
content-length: 190
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 06 Mar 2024 19:54:09 GMT
etag: "5d32e60b1cb234351f931b77526b2e3c"
last-modified: Wed, 06 Mar 2024 18:02:14 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 35
x-content-type-options: nosniff
x-request-id: ab9be02c-1d64-457f-b8fb-b3d325abe3ac
x-served-by: cache-fra-eddf8230079-FRA

GET
H2 200 elements-inner-express-checkout-8d42ac02930eada169d1b7d8d63c8d68.html Show response
js.stripe.com/v3/ Frame BF3F 577 B
1 KB 14ms
14ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-express-checkout-8d42ac02930eada169d1b7d8d63c8d68.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

73381d5273b6b7891ca828c1f4443c596cacb155ed756112133d174dfc4e64f1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://host.nxt.blackbaud.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 6388
cache-control: max-age=31536000
content-encoding: br
content-length: 309
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 06 Mar 2024 19:54:09 GMT
etag: "8d42ac02930eada169d1b7d8d63c8d68"
last-modified: Wed, 06 Mar 2024 18:02:15 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 21
x-content-type-options: nosniff
x-request-id: d2a13c55-d62c-48a5-8860-cb4a330f8a2a
x-served-by: cache-fra-eddf8230079-FRA

GET
H2 200 elements-inner-loader-ui-eb1d7a8323f738ddc4d190193d59c03b.html Show response
js.stripe.com/v3/ Frame F887 474 B
353 B 13ms
13ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-loader-ui-eb1d7a8323f738ddc4d190193d59c03b.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

3d62e00176b51a12b936a23a23a00a404202e60af086d2df0de4495a3ab3cb67

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://host.nxt.blackbaud.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 6479
cache-control: max-age=31536000
content-encoding: br
content-length: 248
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 06 Mar 2024 19:54:09 GMT
etag: "eb1d7a8323f738ddc4d190193d59c03b"
last-modified: Wed, 06 Mar 2024 18:02:15 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 63
x-content-type-options: nosniff
x-request-id: 2d3f349f-5c20-45af-b24c-523399a767a1
x-served-by: cache-fra-eddf8230079-FRA

GET
H2 200 elements-inner-payment-69de34d1928dd4099646693d5935c76d.html Show response
js.stripe.com/v3/ Frame 7B9B 559 B
411 B 11ms
10ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-payment-69de34d1928dd4099646693d5935c76d.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ea2f6d1a7e13c102aced9b4e5269c269bba3d9028334e0e7a4c6fb30d64c89f1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://host.nxt.blackbaud.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 6479
cache-control: max-age=31536000
content-encoding: br
content-length: 302
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 06 Mar 2024 19:54:09 GMT
etag: "69de34d1928dd4099646693d5935c76d"
last-modified: Wed, 06 Mar 2024 18:02:15 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 69
x-content-type-options: nosniff
x-request-id: 1487067b-aaef-4703-a39a-05fe3bc4fdfa
x-served-by: cache-fra-eddf8230079-FRA

OPTIONS
H2 204 donorcoverdisplayrates
pco-pusa01.app.blackbaud.net/check/v1/feeoffsets/ Frame 0
0 103ms
103ms Preflight 104.209.152.250
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pco-pusa01.app.blackbaud.net/check/v1/feeoffsets/donorcoverdisplayrates?applicationName=Online%20Giving_RENXT_Optimized%20Donation%20Form&macfgid=4627ffa0-a4a0-482e-bc4d-c425f06a7a59&envid=p-9z6Up4Vb10-q_nAoD_KRZw&formId=dfba46a0-3e16-4628-81f5-7e230561d381&loaderId=f246b62e-d40a-4815-aacf-b95c146cd89a&bbcid=spa-adaptive-donor-form

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.209.152.250 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-session-id
Access-Control-Request-Method: GET
Origin: https://host.nxt.blackbaud.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-session-id
access-control-allow-methods: GET
access-control-allow-origin: https://host.nxt.blackbaud.com
access-control-max-age: 14400
cache-control: no-store, must-revalidate, no-cache
date: Wed, 06 Mar 2024 19:54:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
x-content-type-options: nosniff

GET
H2 200 donorcoverdisplayrates Show response
pco-pusa01.app.blackbaud.net/check/v1/feeoffsets/ Frame A5BD 252 B
487 B 132ms
132ms XHR
application/json 104.209.152.250
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: sky.blackbaudcdn.net
URL: https://sky.blackbaudcdn.net/skyuxapps/adaptive-donor-form/polyfills.01933d73621d69dd.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.209.152.250 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

363317add36999729dbb20483a488da2cbdd65de2f0d7cbd18961740f43ab682

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://host.nxt.blackbaud.com/
X-Session-Id: 9187d27f-4bc2-4684-af74-f3068c4d24d9
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 06 Mar 2024 19:54:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://host.nxt.blackbaud.com
cache-control: no-store, must-revalidate, no-cache
content-length: 252

GET
H2 200 shared-2a3d8f28eba28c4b514865a0f9427187.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame EB42 537 KB
130 KB 8ms
8ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-2a3d8f28eba28c4b514865a0f9427187.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-5d32e60b1cb234351f931b77526b2e3c.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

69bd30af5614fb379aa7a47bf3f14f4df4875498d2bb422d1cf8c59c45be1412

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-5d32e60b1cb234351f931b77526b2e3c.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Mar 2024 19:54:09 GMT
via: 1.1 varnish
age: 6540
x-cache: HIT
content-length: 133301
x-request-id: 6ab88337-d207-4e44-ae88-71d39c8a6879
x-served-by: cache-fra-eddf8230079-FRA
last-modified: Wed, 06 Mar 2024 18:02:28 GMT
server: Fastly
etag: "352560f8c2562f730d642c7729aa9c79"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 28

GET
H2 200 controller-2197c8553b147e3cb3548733f55b20da.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame EB42 701 KB
184 KB 8ms
8ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-2197c8553b147e3cb3548733f55b20da.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-5d32e60b1cb234351f931b77526b2e3c.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

7a283fcc422af007d6ad452403a4afa298dc4be70a3efe43eaf73f21e6baa29d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-5d32e60b1cb234351f931b77526b2e3c.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Mar 2024 19:54:09 GMT
via: 1.1 varnish
age: 6541
x-cache: HIT
content-length: 188157
x-request-id: 741b344b-d536-45b1-bd31-a960f32c7902
x-served-by: cache-fra-eddf8230079-FRA
last-modified: Wed, 06 Mar 2024 18:02:25 GMT
server: Fastly
etag: "e9aa1a7fa1faf803bb575384dcc63248"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 27

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ Frame A5BD 494 KB
196 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LcSzh0lAAAAAK3tmGuiaquWJLr7e_NpdtzGjL6f&onload=ng2recaptchaloaded

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5564f45c0991c7cceb19c0fb637ee44b119fb14c6cbf3691540a9cad11e1edf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://host.nxt.blackbaud.com/
Origin: https://host.nxt.blackbaud.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 19:55:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 172714
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 200579
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 05:02:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Mar 2025 19:55:35 GMT

GET
H2 200 shared-2a3d8f28eba28c4b514865a0f9427187.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame BF3F 537 KB
130 KB 12ms
10ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-2a3d8f28eba28c4b514865a0f9427187.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-express-checkout-8d42ac02930eada169d1b7d8d63c8d68.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

69bd30af5614fb379aa7a47bf3f14f4df4875498d2bb422d1cf8c59c45be1412

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-express-checkout-8d42ac02930eada169d1b7d8d63c8d68.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Mar 2024 19:54:09 GMT
via: 1.1 varnish
age: 6540
x-cache: HIT
content-length: 133301
x-request-id: ed8008cf-5eae-4c40-be48-48f4871027cb
x-served-by: cache-fra-eddf8230079-FRA
last-modified: Wed, 06 Mar 2024 18:02:28 GMT
server: Fastly
etag: "352560f8c2562f730d642c7729aa9c79"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 29

GET
H2 200 elements-inner-express-checkout-4eabaa087df0f6dbeaf504917ebfd8b2.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame BF3F 746 KB
223 KB 24ms
21ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-express-checkout-4eabaa087df0f6dbeaf504917ebfd8b2.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-express-checkout-8d42ac02930eada169d1b7d8d63c8d68.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a37bb14e36dda3cb1a65039711fa06291306696b5f8f0d97614a2b63c8cb9ea4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-express-checkout-8d42ac02930eada169d1b7d8d63c8d68.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Mar 2024 19:54:09 GMT
via: 1.1 varnish
age: 6387
x-cache: HIT
content-length: 228218
x-request-id: fd3e1043-1ac0-49c4-b064-e3eb3bf06072
x-served-by: cache-fra-eddf8230079-FRA
last-modified: Wed, 06 Mar 2024 18:02:26 GMT
server: Fastly
etag: "55498838d828e241224e393ad54850b1"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1

GET
H2 200 elements-inner-express-checkout-32b3272d3c948231e8a443774c023083.css
js.stripe.com/v3/fingerprinted/css/ Frame BF3F 48 KB
9 KB 12ms
9ms Stylesheet
text/css 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-express-checkout-32b3272d3c948231e8a443774c023083.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-express-checkout-8d42ac02930eada169d1b7d8d63c8d68.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e8a0c6972e731486508286db4fc96ecf443f5046a1c8caef91f9ee75cc47b1ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-express-checkout-8d42ac02930eada169d1b7d8d63c8d68.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Mar 2024 19:54:09 GMT
via: 1.1 varnish
age: 179047
x-cache: HIT
content-length: 8773
x-request-id: 93bc9168-28c5-481c-9001-c1e1665641d5
x-served-by: cache-fra-eddf8230079-FRA
last-modified: Mon, 04 Mar 2024 18:06:05 GMT
server: Fastly
etag: "e09e236204ef9fedf56a62adbbf82306"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 183

GET
H2 200 shared-2a3d8f28eba28c4b514865a0f9427187.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame F887 537 KB
131 KB 13ms
10ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-2a3d8f28eba28c4b514865a0f9427187.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-loader-ui-eb1d7a8323f738ddc4d190193d59c03b.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

69bd30af5614fb379aa7a47bf3f14f4df4875498d2bb422d1cf8c59c45be1412

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-loader-ui-eb1d7a8323f738ddc4d190193d59c03b.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Mar 2024 19:54:09 GMT
via: 1.1 varnish
age: 6540
x-cache: HIT
content-length: 133301
x-request-id: 6a34fdaa-5425-430a-a5f7-6844719cef95
x-served-by: cache-fra-eddf8230079-FRA
last-modified: Wed, 06 Mar 2024 18:02:28 GMT
server: Fastly
etag: "352560f8c2562f730d642c7729aa9c79"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 31

GET
H2 200 elements-inner-loader-ui-2cefbae6145eb72f3d8dfcdfecc3de20.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame F887 80 KB
21 KB 12ms
10ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-loader-ui-2cefbae6145eb72f3d8dfcdfecc3de20.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-loader-ui-eb1d7a8323f738ddc4d190193d59c03b.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

670011d71cc155ca49cf846fd15ba0ead023e5ce48f68fdb0c20977abfb3b47d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-loader-ui-eb1d7a8323f738ddc4d190193d59c03b.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Mar 2024 19:54:09 GMT
via: 1.1 varnish
age: 438326
x-cache: HIT
content-length: 21819
x-request-id: 463f7f96-d634-4a67-8f2b-4bff11dce822
x-served-by: cache-fra-eddf8230079-FRA
last-modified: Fri, 01 Mar 2024 18:03:22 GMT
server: Fastly
etag: "a2018c656d658a504e3065d9715a9337"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2966

GET
H2 200 elements-inner-loader-ui-8280ae4b208100b39e54c761c8923c28.css
js.stripe.com/v3/fingerprinted/css/ Frame F887 12 KB
2 KB 13ms
11ms Stylesheet
text/css 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-loader-ui-8280ae4b208100b39e54c761c8923c28.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-loader-ui-eb1d7a8323f738ddc4d190193d59c03b.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e0807ef5f00434936b6eab2b9277d152f8d208782a224278e0a38de34f189647

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-loader-ui-eb1d7a8323f738ddc4d190193d59c03b.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Mar 2024 19:54:09 GMT
via: 1.1 varnish
age: 1101630
x-cache: HIT
content-length: 2375
x-request-id: 5575415b-cf1d-47c3-887a-6f9d5b220e5a
x-served-by: cache-fra-eddf8230079-FRA
last-modified: Wed, 20 Sep 2023 21:36:03 GMT
server: Fastly
etag: "38a666341521b61c68b51d6862e8ee37"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 5519

GET
H2 200 shared-2a3d8f28eba28c4b514865a0f9427187.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 7B9B 537 KB
131 KB 13ms
11ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-2a3d8f28eba28c4b514865a0f9427187.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-69de34d1928dd4099646693d5935c76d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

69bd30af5614fb379aa7a47bf3f14f4df4875498d2bb422d1cf8c59c45be1412

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-69de34d1928dd4099646693d5935c76d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Mar 2024 19:54:09 GMT
via: 1.1 varnish
age: 6540
x-cache: HIT
content-length: 133301
x-request-id: d0d5d8e0-30f2-4461-a3d7-db5ada9a6da8
x-served-by: cache-fra-eddf8230079-FRA
last-modified: Wed, 06 Mar 2024 18:02:28 GMT
server: Fastly
etag: "352560f8c2562f730d642c7729aa9c79"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 30

GET
H2 200 elements-inner-payment-7f11a820c6d8ee7fd24b7dc986cc73f4.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 7B9B 1 MB
336 KB 13ms
11ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-payment-7f11a820c6d8ee7fd24b7dc986cc73f4.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-69de34d1928dd4099646693d5935c76d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

56f7ec16b1ac3c45be1f91cc07d172f3c4c731695d78cface099c00b97dbd83c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-69de34d1928dd4099646693d5935c76d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Mar 2024 19:54:09 GMT
via: 1.1 varnish
age: 6478
x-cache: HIT
content-length: 343300
x-request-id: 95fb6ee6-e1ca-4c16-8622-c107db7b8704
x-served-by: cache-fra-eddf8230079-FRA
last-modified: Wed, 06 Mar 2024 18:02:26 GMT
server: Fastly
etag: "bdcc1d9ffc0e3e2fca1cce7e0a852c51"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2

GET
H2 200 elements-inner-payment-f9518b1ffa48876388bf5b0f330cb1cc.css
js.stripe.com/v3/fingerprinted/css/ Frame 7B9B 143 KB
21 KB 12ms
10ms Stylesheet
text/css 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-payment-f9518b1ffa48876388bf5b0f330cb1cc.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-69de34d1928dd4099646693d5935c76d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

7f1f7fe99c8b91a935f845fbbee83b09def535fa7c85eafb8bc24595f24edac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-69de34d1928dd4099646693d5935c76d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Mar 2024 19:54:09 GMT
via: 1.1 varnish
age: 523773
x-cache: HIT
content-length: 21779
x-request-id: 2b6edfd8-77f4-47e6-8013-4e773597071f
x-served-by: cache-fra-eddf8230079-FRA
last-modified: Thu, 29 Feb 2024 18:20:32 GMT
server: Fastly
etag: "e6f553c76307df80d82860f8dd77a3f6"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3354

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame EB42 474 B
612 B 52ms
21ms Fetch
application/json 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2a3d8f28eba28c4b514865a0f9427187.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

bf2d0855e79103e6503cc314e24db0f9a5dfd4cabb4b8c93913b09e398008dda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-5d32e60b1cb234351f931b77526b2e3c.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 06 Mar 2024 19:54:09 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 31
x-cache: HIT
content-length: 297
x-request-id: cd8ea910-bfca-458a-9957-1219ce34a045
x-served-by: cache-fra-eddf8230069-FRA
last-modified: Wed, 06 Mar 2024 18:44:59 GMT
server: Fastly
etag: "52c9b8bed274d64a86207a45039eb1e3"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 39

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame EB42 474 B
368 B 44ms
22ms Fetch
application/json 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2a3d8f28eba28c4b514865a0f9427187.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

bf2d0855e79103e6503cc314e24db0f9a5dfd4cabb4b8c93913b09e398008dda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-5d32e60b1cb234351f931b77526b2e3c.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 06 Mar 2024 19:54:09 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 31
x-cache: HIT
content-length: 297
x-request-id: 9d1354a2-69d9-4514-b424-7f8ef42f29cc
x-served-by: cache-fra-eddf8230069-FRA
last-modified: Wed, 06 Mar 2024 18:44:59 GMT
server: Fastly
etag: "52c9b8bed274d64a86207a45039eb1e3"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 39

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 287E 45 KB
28 KB 53ms
53ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcSzh0lAAAAAK3tmGuiaquWJLr7e_NpdtzGjL6f&co=aHR0cHM6Ly9ob3N0Lm54dC5ibGFja2JhdWQuY29tOjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=vqyunbmbjm1

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e1789820d31ae10d40398105d19bf5a2e112c8d80dac9b55659a5e2d5ddfadfe

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-G8Tyt2WyS3Bi7actclPkWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://host.nxt.blackbaud.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-G8Tyt2WyS3Bi7actclPkWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 06 Mar 2024 19:54:09 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame BF3F 474 B
371 B 26ms
26ms Fetch
application/json 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2a3d8f28eba28c4b514865a0f9427187.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

bf2d0855e79103e6503cc314e24db0f9a5dfd4cabb4b8c93913b09e398008dda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-express-checkout-8d42ac02930eada169d1b7d8d63c8d68.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 06 Mar 2024 19:54:09 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 31
x-cache: HIT
content-length: 297
x-request-id: f8031ff2-ddbd-4c51-8845-ae9ecd82519a
x-served-by: cache-fra-eddf8230069-FRA
last-modified: Wed, 06 Mar 2024 18:44:59 GMT
server: Fastly
etag: "52c9b8bed274d64a86207a45039eb1e3"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 40

GET
H2 200 2887-5e8142915ffb9da7489d99988a9b5472.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 7B9B 148 KB
39 KB 10ms
10ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/2887-5e8142915ffb9da7489d99988a9b5472.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/elements-inner-payment-7f11a820c6d8ee7fd24b7dc986cc73f4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

4f832756048b0e8b3b439e51d1d93cc0fea2c41ec0b957ae2365f406f76bdaa8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-69de34d1928dd4099646693d5935c76d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Mar 2024 19:54:09 GMT
via: 1.1 varnish
age: 1188938
x-cache: HIT
content-length: 39881
x-request-id: e359dc33-e398-48b2-8802-b52878fec989
x-served-by: cache-fra-eddf8230079-FRA
last-modified: Thu, 21 Dec 2023 18:13:37 GMT
server: Fastly
etag: "b660106a1c57d223c3c6c3adb2dce0ab"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1047

GET
H2 200 phone-numbers-lib-ecb70658f322874fe923ef7bae435c3c.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 7B9B 2 KB
1 KB 12ms
12ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/phone-numbers-lib-ecb70658f322874fe923ef7bae435c3c.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/elements-inner-payment-7f11a820c6d8ee7fd24b7dc986cc73f4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

1caf10f9b394d7b88acfe5e2075a8e0ca981d162ef33bce0ab573470f34dbd48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-69de34d1928dd4099646693d5935c76d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Mar 2024 19:54:09 GMT
via: 1.1 varnish
age: 1113336
x-cache: HIT
content-length: 1043
x-request-id: 8eb407cf-30ac-4a19-9f9c-881a076d5733
x-served-by: cache-fra-eddf8230079-FRA
last-modified: Thu, 21 Dec 2023 18:13:42 GMT
server: Fastly
etag: "f09b0b36e5eb89b6d315f7ebcf979f98"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 5479

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 7B9B 474 B
372 B 10ms
10ms Fetch
application/json 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2a3d8f28eba28c4b514865a0f9427187.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

bf2d0855e79103e6503cc314e24db0f9a5dfd4cabb4b8c93913b09e398008dda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-payment-69de34d1928dd4099646693d5935c76d.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 06 Mar 2024 19:54:09 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 31
x-cache: HIT
content-length: 297
x-request-id: d743c537-c40b-45a8-b252-1d252f8c1d06
x-served-by: cache-fra-eddf8230069-FRA
last-modified: Wed, 06 Mar 2024 18:44:59 GMT
server: Fastly
etag: "52c9b8bed274d64a86207a45039eb1e3"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 41

GET
H2 200 sessions Show response
api.stripe.com/v1/elements/ Frame EB42 12 KB
13 KB 410ms
324ms Fetch
application/json 34.241.59.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.stripe.com/v1/elements/sessions?key=pk_live_PIgfgtbeSSGEw3k9419FHnJE&_stripe_version=2019-12-03%3Bserver_side_confirmation_beta%3Dv1&type=deferred_intent&locale=en-US&deferred_intent[mode]=payment&deferred_intent[amount]=15000&deferred_intent[currency]=usd&deferred_intent[on_behalf_of]=acct_1CG76XBEGY3d4oq1&referrer_host=host.nxt.blackbaud.com&top_level_referrer_host=fireflyin.org&currency=usd&stripe_js_id=f9f8b606-3455-4b4e-b80d-a072b9553322

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2a3d8f28eba28c4b514865a0f9427187.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.241.59.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

api-34-241-59-225.stripe.com

Software

nginx /

Resource Hash

29ec16f53c5ddd49a7dd95fd45aa1f20402e69cfd3d28755fb50698efa3e8ec1

Security Headers

Name	Value
Content-Security-Policy	report-uri https://q.stripe.com/csp-report?p=v1%2Felements%2Fsessions; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 06 Mar 2024 19:54:09 GMT
content-security-policy: report-uri https://q.stripe.com/csp-report?p=v1%2Felements%2Fsessions; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
strict-transport-security: max-age=63072000; includeSubDomains; preload
stripe-version: 2019-12-03;server_side_confirmation_beta=v1
request-id: req_AkLXSo5bnqsGKo
content-length: 12532
server: nginx
x-stripe-routing-context-priority-tier: livemode-critical
access-control-max-age: 300
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Request-Id, Stripe-Manage-Version, Stripe-Should-Retry, X-Stripe-External-Auth-Required, X-Stripe-Privileged-Session-Required
cache-control: no-cache, no-store
access-control-allow-credentials: true
vary: Origin
timing-allow-origin: https://js.stripe.com
cross-origin-opener-policy-report-only: same-origin; report-to=https://q.stripe.com/coop-report

GET
H2 200 get-cookie Show response
merchant-ui-api.stripe.com/link/ Frame EB42 35 B
762 B 241ms
167ms Fetch
application/json 198.137.150.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://merchant-ui-api.stripe.com/link/get-cookie?referrer_host=host.nxt.blackbaud.com

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2a3d8f28eba28c4b514865a0f9427187.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.137.150.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

8d0c04f065692bfeb27d08b1aa3c98a734abdfdabd44cc5f5757e20ac6ff7ff3

Security Headers

Name	Value
Content-Security-Policy	report-uri https://q.stripe.com/csp-report?p=link%2Fget-cookie; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 06 Mar 2024 19:54:09 GMT
content-security-policy: report-uri https://q.stripe.com/csp-report?p=link%2Fget-cookie; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
strict-transport-security: max-age=63072000; includeSubDomains; preload
cross-origin-resource-policy: same-site
content-length: 35
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
access-control-max-age: 300
access-control-allow-methods: GET, POST
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://js.stripe.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin
access-control-allow-headers: accept, content-type, x-requested-with, x-stripe-csrf-token
cross-origin-opener-policy-report-only: same-origin; report-to=https://q.stripe.com/coop-report
expires: 0

GET
H2 200 sessions Show response
api.stripe.com/v1/elements/ Frame EB42 12 KB
13 KB 430ms
345ms Fetch
application/json 34.241.59.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2a3d8f28eba28c4b514865a0f9427187.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.241.59.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

api-34-241-59-225.stripe.com

Software

nginx /

Resource Hash

227fa37eae227174b556268a16309bf060ce0de6b79b2e86e6f93db6007d4080

Security Headers

Name	Value
Content-Security-Policy	report-uri https://q.stripe.com/csp-report?p=v1%2Felements%2Fsessions; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 06 Mar 2024 19:54:09 GMT
content-security-policy: report-uri https://q.stripe.com/csp-report?p=v1%2Felements%2Fsessions; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
strict-transport-security: max-age=63072000; includeSubDomains; preload
stripe-version: 2019-12-03;server_side_confirmation_beta=v1
request-id: req_VNS7idlBxJasp8
content-length: 12532
server: nginx
x-stripe-routing-context-priority-tier: livemode-critical
access-control-max-age: 300
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Request-Id, Stripe-Manage-Version, Stripe-Should-Retry, X-Stripe-External-Auth-Required, X-Stripe-Privileged-Session-Required
cache-control: no-cache, no-store
access-control-allow-credentials: true
vary: Origin
timing-allow-origin: https://js.stripe.com
cross-origin-opener-policy-report-only: same-origin; report-to=https://q.stripe.com/coop-report

GET
H2 200 sessions Show response
api.stripe.com/v1/elements/ Frame EB42 12 KB
13 KB 409ms
325ms Fetch
application/json 34.241.59.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2a3d8f28eba28c4b514865a0f9427187.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.241.59.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

api-34-241-59-225.stripe.com

Software

nginx /

Resource Hash

4963556eaeb5fc2e53502f85c34d2645dc1440326fa751ad43a1a61648df8e8b

Security Headers

Name	Value
Content-Security-Policy	report-uri https://q.stripe.com/csp-report?p=v1%2Felements%2Fsessions; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 06 Mar 2024 19:54:09 GMT
content-security-policy: report-uri https://q.stripe.com/csp-report?p=v1%2Felements%2Fsessions; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
strict-transport-security: max-age=63072000; includeSubDomains; preload
stripe-version: 2019-12-03;server_side_confirmation_beta=v1
request-id: req_8Y2kfpuAHVGtWc
content-length: 12532
server: nginx
x-stripe-routing-context-priority-tier: livemode-critical
access-control-max-age: 300
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Request-Id, Stripe-Manage-Version, Stripe-Should-Retry, X-Stripe-External-Auth-Required, X-Stripe-Privileged-Session-Required
cache-control: no-cache, no-store
access-control-allow-credentials: true
vary: Origin
timing-allow-origin: https://js.stripe.com
cross-origin-opener-policy-report-only: same-origin; report-to=https://q.stripe.com/coop-report

GET
H2 200 sessions Show response
api.stripe.com/v1/elements/ Frame EB42 12 KB
13 KB 384ms
301ms Fetch
application/json 34.241.59.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.stripe.com/v1/elements/sessions?key=pk_live_PIgfgtbeSSGEw3k9419FHnJE&_stripe_version=2019-12-03%3Bserver_side_confirmation_beta%3Dv1&type=deferred_intent&locale=en-US&deferred_intent[mode]=payment&deferred_intent[amount]=15000&deferred_intent[currency]=usd&deferred_intent[payment_method_types][0]=card&deferred_intent[capture_method]=manual&referrer_host=host.nxt.blackbaud.com&top_level_referrer_host=fireflyin.org&currency=usd&stripe_js_id=f9f8b606-3455-4b4e-b80d-a072b9553322

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2a3d8f28eba28c4b514865a0f9427187.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.241.59.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

api-34-241-59-225.stripe.com

Software

nginx /

Resource Hash

e1983b02916f918cdaadae3915edcb3e8915c9096c40ffdad7ee8108a164f584

Security Headers

Name	Value
Content-Security-Policy	report-uri https://q.stripe.com/csp-report?p=v1%2Felements%2Fsessions; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 06 Mar 2024 19:54:09 GMT
content-security-policy: report-uri https://q.stripe.com/csp-report?p=v1%2Felements%2Fsessions; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
strict-transport-security: max-age=63072000; includeSubDomains; preload
stripe-version: 2019-12-03;server_side_confirmation_beta=v1
request-id: req_pdZHYSLmMSi0yn
content-length: 12511
server: nginx
x-stripe-routing-context-priority-tier: livemode-critical
access-control-max-age: 300
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Request-Id, Stripe-Manage-Version, Stripe-Should-Retry, X-Stripe-External-Auth-Required, X-Stripe-Privileged-Session-Required
cache-control: no-cache, no-store
access-control-allow-credentials: true
vary: Origin
timing-allow-origin: https://js.stripe.com
cross-origin-opener-policy-report-only: same-origin; report-to=https://q.stripe.com/coop-report

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ Frame 287E 55 KB
24 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcSzh0lAAAAAK3tmGuiaquWJLr7e_NpdtzGjL6f&co=aHR0cHM6Ly9ob3N0Lm54dC5ibGFja2JhdWQuY29tOjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=vqyunbmbjm1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 17:55:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 179949
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 05:02:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Mar 2025 17:55:00 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ Frame 287E 494 KB
196 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5564f45c0991c7cceb19c0fb637ee44b119fb14c6cbf3691540a9cad11e1edf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 19:55:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 172714
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 200579
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 05:02:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Mar 2025 19:55:35 GMT

POST
H2 200 b Show response
r.stripe.com/ Frame EB42 0
274 B 1138ms
355ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2a3d8f28eba28c4b514865a0f9427187.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 06 Mar 2024 19:54:10 GMT
x-stripe-server-envoy-start-time-us: 1709754850438047
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1709754850437709
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame EB42 0
273 B 1315ms
533ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2a3d8f28eba28c4b514865a0f9427187.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 06 Mar 2024 19:54:10 GMT
x-stripe-server-envoy-start-time-us: 1709754850616597
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1709754850616406
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame EB42 0
273 B 1136ms
355ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2a3d8f28eba28c4b514865a0f9427187.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 06 Mar 2024 19:54:10 GMT
x-stripe-server-envoy-start-time-us: 1709754850437713
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1709754850437407
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame EB42 0
273 B 1136ms
356ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2a3d8f28eba28c4b514865a0f9427187.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 06 Mar 2024 19:54:10 GMT
x-stripe-server-envoy-start-time-us: 1709754850437633
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1709754850436990
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame EB42 0
273 B 1135ms
355ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2a3d8f28eba28c4b514865a0f9427187.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 06 Mar 2024 19:54:10 GMT
x-stripe-server-envoy-start-time-us: 1709754850437622
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1709754850437286
access-control-allow-credentials: true
content-length: 0

POST
H2 200 6 Show response
m.stripe.com/ Frame A2AB 156 B
669 B 177ms
177ms XHR
application/json 44.241.19.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.241.19.114 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-241-19-114.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

a2519c1ec30ac431bbea8a94385994f6d996a690a7c6973d46cfff40a939ec58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 06 Mar 2024 19:54:09 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1709754849495429
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 4
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1709754849494634
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 6 Show response
m.stripe.com/ Frame A2AB 156 B
669 B 242ms
242ms XHR
application/json 44.241.19.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.241.19.114 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-241-19-114.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

a2519c1ec30ac431bbea8a94385994f6d996a690a7c6973d46cfff40a939ec58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 06 Mar 2024 19:54:09 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1709754849545212
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 6
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1709754849544530
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H3 200 sLPIoIr_9R2H1vFE63bCW9_RmUPMbLk-XyKwDAco0G4.js Show response
www.google.com/js/bg/ Frame 287E 17 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/sLPIoIr_9R2H1vFE63bCW9_RmUPMbLk-XyKwDAco0G4.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0b3c8a08afff51d87d6f144eb76c25bdfd19943cc6cb93e5f22b00c0728d06e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcSzh0lAAAAAK3tmGuiaquWJLr7e_NpdtzGjL6f&co=aHR0cHM6Ly9ob3N0Lm54dC5ibGFja2JhdWQuY29tOjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=vqyunbmbjm1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 05:19:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 138886
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6937
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Mar 2025 05:19:23 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 287E 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 14:54:26 GMT
x-content-type-options: nosniff
age: 190783
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 11 Mar 2024 14:54:26 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 287E 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 19:32:19 GMT
x-content-type-options: nosniff
age: 174110
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Mar 2025 19:32:19 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 287E 15 KB
15 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 14:26:30 GMT
x-content-type-options: nosniff
age: 538059
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Feb 2025 14:26:30 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 287E 102 B
134 B 16ms
16ms Other
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a8bfdecce5d2156da95876601ab50733e863513e3689ce32498a8370e79a5687

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcSzh0lAAAAAK3tmGuiaquWJLr7e_NpdtzGjL6f&co=aHR0cHM6Ly9ob3N0Lm54dC5ibGFja2JhdWQuY29tOjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=vqyunbmbjm1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 19:54:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 06 Mar 2024 19:54:09 GMT

POST
H2 200 b Show response
r.stripe.com/ Frame EB42 0
273 B 1188ms
534ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2a3d8f28eba28c4b514865a0f9427187.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 06 Mar 2024 19:54:10 GMT
x-stripe-server-envoy-start-time-us: 1709754850617436
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1709754850616554
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame EB42 0
273 B 185ms
184ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2a3d8f28eba28c4b514865a0f9427187.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 06 Mar 2024 19:54:10 GMT
x-stripe-server-envoy-start-time-us: 1709754850623879
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 5
x-stripe-client-envoy-start-time-us: 1709754850623648
access-control-allow-credentials: true
content-length: 0

GET
H2 200 hcaptcha-invisible-0e5c0d1175acf203e2bcb801f787e576.html Show response
js.stripe.com/v3/ Frame EECC 71 KB
25 KB 30ms
30ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/hcaptcha-invisible-0e5c0d1175acf203e2bcb801f787e576.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

36abc5f56cd1a70979705ee063586905bfbe5fda3985e57d3362d341f702bd66

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; object-src 'none'; script-src 'self' 'sha256-w6FP3FnVOT7iiaU2C84B0B/klNSkNG4rSOvHgNh8n5U='; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 6492
cache-control: max-age=31536000
content-encoding: br
content-length: 25165
content-security-policy: base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; object-src 'none'; script-src 'self' 'sha256-w6FP3FnVOT7iiaU2C84B0B/klNSkNG4rSOvHgNh8n5U='; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 06 Mar 2024 19:54:09 GMT
etag: "0e5c0d1175acf203e2bcb801f787e576"
last-modified: Wed, 06 Mar 2024 18:02:29 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 370
x-content-type-options: nosniff
x-request-id: 214fd816-f74d-48fa-a662-371cdf75a988
x-served-by: cache-fra-eddf8230079-FRA

POST
H2 200 b Show response
r.stripe.com/ Frame EB42 0
273 B 180ms
179ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2a3d8f28eba28c4b514865a0f9427187.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 06 Mar 2024 19:54:10 GMT
x-stripe-server-envoy-start-time-us: 1709754850624911
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1709754850624655
access-control-allow-credentials: true
content-length: 0

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame EECC 474 B
372 B 8ms
8ms Fetch
application/json 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/hcaptcha-invisible-0e5c0d1175acf203e2bcb801f787e576.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

bf2d0855e79103e6503cc314e24db0f9a5dfd4cabb4b8c93913b09e398008dda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/hcaptcha-invisible-0e5c0d1175acf203e2bcb801f787e576.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 06 Mar 2024 19:54:09 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 31
x-cache: HIT
content-length: 297
x-request-id: 63388d5b-e88a-4cfd-8ba0-aa430d50582f
x-served-by: cache-fra-eddf8230069-FRA
last-modified: Wed, 06 Mar 2024 18:44:59 GMT
server: Fastly
etag: "52c9b8bed274d64a86207a45039eb1e3"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 42

GET
H2 200 HCaptchaInvisible.html Show response
b.stripecdn.com/stripethirdparty-srv/assets/v20.21/ Frame D98C 419 B
819 B 441ms
414ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://b.stripecdn.com/stripethirdparty-srv/assets/v20.21/HCaptchaInvisible.html?id=35c05819-92e5-4288-884e-ed252b45708c&origin=https%3A%2F%2Fjs.stripe.com

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/hcaptcha-invisible-0e5c0d1175acf203e2bcb801f787e576.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

7046e325bee6e4ffd4581616a2b76772f5749fbd45eb77998a1b5810ed476d2e

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'; connect-src 'self' https://hcaptcha.com https://.hcaptcha.com https://errors.stripe.com; default-src 'self'; form-action 'none'; frame-src https://hcaptcha.com https://.hcaptcha.com; img-src 'self'; object-src 'none'; script-src 'self' https://hcaptcha.com https://.hcaptcha.com; style-src 'self' https://hcaptcha.com https://.hcaptcha.com; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
cache-control: max-age=60, stale-while-revalidate=900
content-encoding: br
content-length: 283
content-security-policy: base-uri 'self'; connect-src 'self' https://hcaptcha.com https://*.hcaptcha.com https://errors.stripe.com; default-src 'self'; form-action 'none'; frame-src https://hcaptcha.com https://*.hcaptcha.com; img-src 'self'; object-src 'none'; script-src 'self' https://hcaptcha.com https://*.hcaptcha.com; style-src 'self' https://hcaptcha.com https://*.hcaptcha.com; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 06 Mar 2024 19:54:10 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-request-id: eefa9651-6881-4317-896b-0f0e27a4bb30
x-served-by: cache-fra-eddf8230079-FRA
x-timer: S1709754850.207825,VS0,VE406

GET
H2 200 visa-729c05c240c4bdb47b03ac81d9945bfe.svg
js.stripe.com/v3/fingerprinted/img/ Frame 7B9B 3 KB
1 KB 10ms
9ms Image
image/svg+xml 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://js.stripe.com/v3/fingerprinted/img/visa-729c05c240c4bdb47b03ac81d9945bfe.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

d0b63ce61a6e0367ae657102f479f114fa8851a0e95d1894971dd5cddb426725

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-69de34d1928dd4099646693d5935c76d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Mar 2024 19:54:09 GMT
via: 1.1 varnish
age: 3688311
x-cache: HIT
content-length: 1330
x-request-id: b0a26f2d-2baf-48b3-bae8-640ef4cc8413
x-served-by: cache-fra-eddf8230079-FRA
last-modified: Tue, 01 Aug 2023 17:33:40 GMT
server: Fastly
etag: "729c05c240c4bdb47b03ac81d9945bfe"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 9953

GET
H2 200 mastercard-4d8844094130711885b5e41b28c9848f.svg
js.stripe.com/v3/fingerprinted/img/ Frame 7B9B 523 B
429 B 10ms
9ms Image
image/svg+xml 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://js.stripe.com/v3/fingerprinted/img/mastercard-4d8844094130711885b5e41b28c9848f.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

747fca640bc3ae35c7422e023f27cf4a0953b7fe694bfb8bb528b50b70bd15ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-69de34d1928dd4099646693d5935c76d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Mar 2024 19:54:09 GMT
via: 1.1 varnish
age: 1096341
x-cache: HIT
content-length: 295
x-request-id: 7fa10055-5056-4d86-b895-3b8d18bbb4b0
x-served-by: cache-fra-eddf8230079-FRA
last-modified: Tue, 19 Sep 2023 20:03:57 GMT
server: Fastly
etag: "4d8844094130711885b5e41b28c9848f"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 9324

GET
H2 200 amex-a49b82f46c5cd6a96a6e418a6ca1717c.svg
js.stripe.com/v3/fingerprinted/img/ Frame 7B9B 2 KB
1 KB 17ms
16ms Image
image/svg+xml 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://js.stripe.com/v3/fingerprinted/img/amex-a49b82f46c5cd6a96a6e418a6ca1717c.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

07483f00631032dfd02e79d3de16d990830ec530b691c236b58a641b4b752458

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-69de34d1928dd4099646693d5935c76d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Mar 2024 19:54:09 GMT
via: 1.1 varnish
age: 3012546
x-cache: HIT
content-length: 751
x-request-id: 2c4f8bde-689d-4b4a-9452-046b506071f6
x-served-by: cache-fra-eddf8230079-FRA
last-modified: Wed, 05 Jul 2023 20:15:44 GMT
server: Fastly
etag: "a49b82f46c5cd6a96a6e418a6ca1717c"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 7772

GET
H2 200 discover-ac52cd46f89fa40a29a0bfb954e33173.svg
js.stripe.com/v3/fingerprinted/img/ Frame 7B9B 6 KB
2 KB 12ms
11ms Image
image/svg+xml 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://js.stripe.com/v3/fingerprinted/img/discover-ac52cd46f89fa40a29a0bfb954e33173.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

856072e1bdc38ddb50ad23c7ffaff6ddbb8ed3019620f205b07782ee33fa10ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-69de34d1928dd4099646693d5935c76d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Mar 2024 19:54:09 GMT
via: 1.1 varnish
age: 3081203
x-cache: HIT
content-length: 1984
x-request-id: 61866b2c-cc34-4369-9205-b17713c98554
x-served-by: cache-fra-eddf8230079-FRA
last-modified: Mon, 02 Oct 2023 21:38:28 GMT
server: Fastly
etag: "ac52cd46f89fa40a29a0bfb954e33173"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 4328

GET
H2 200 diners-fbcbd3360f8e3f629cdaa80e93abdb8b.svg
js.stripe.com/v3/fingerprinted/img/ Frame 7B9B 3 KB
1 KB 12ms
12ms Image
image/svg+xml 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://js.stripe.com/v3/fingerprinted/img/diners-fbcbd3360f8e3f629cdaa80e93abdb8b.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

b4c048d9606a05c5cf4acad544e94d1d4f9c76284a7a69eaf2268af2e44bd95d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-69de34d1928dd4099646693d5935c76d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Mar 2024 19:54:09 GMT
via: 1.1 varnish
age: 3078537
x-cache: HIT
content-length: 1042
x-request-id: a566aa94-3930-4d92-9456-b924171fa490
x-served-by: cache-fra-eddf8230079-FRA
last-modified: Tue, 03 Oct 2023 20:17:56 GMT
server: Fastly
etag: "fbcbd3360f8e3f629cdaa80e93abdb8b"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 4314

GET
H2 200 jcb-271fd06e6e7a2c52692ffa91a95fb64f.svg
js.stripe.com/v3/fingerprinted/img/ Frame 7B9B 2 KB
1 KB 12ms
11ms Image
image/svg+xml 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://js.stripe.com/v3/fingerprinted/img/jcb-271fd06e6e7a2c52692ffa91a95fb64f.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

3d1ec759e322c0da35ee5e9b2ee664f4815b157bf59f121559e0f1ac1fa216cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-69de34d1928dd4099646693d5935c76d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Mar 2024 19:54:09 GMT
via: 1.1 varnish
age: 7988758
x-cache: HIT
content-length: 923
x-request-id: 9cf99f88-b042-4f60-82e2-c574342cb15b
x-served-by: cache-fra-eddf8230079-FRA
last-modified: Mon, 02 Oct 2023 21:38:29 GMT
server: Fastly
etag: "271fd06e6e7a2c52692ffa91a95fb64f"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 6120

GET
H2 200 unionpay-8a10aefc7295216c338ba4e1224627a1.svg
js.stripe.com/v3/fingerprinted/img/ Frame 7B9B 13 KB
6 KB 12ms
12ms Image
image/svg+xml 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://js.stripe.com/v3/fingerprinted/img/unionpay-8a10aefc7295216c338ba4e1224627a1.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

3cd41a77ef3c37c2affe67c940b630dd8f96a16b6e56158088f796a0e62476b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-69de34d1928dd4099646693d5935c76d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Mar 2024 19:54:09 GMT
via: 1.1 varnish
age: 3001897
x-cache: HIT
content-length: 5769
x-request-id: 0de9dc72-e9d3-4d67-8c8d-377fb81c89dc
x-served-by: cache-fra-eddf8230079-FRA
last-modified: Tue, 03 Oct 2023 20:17:59 GMT
server: Fastly
etag: "8a10aefc7295216c338ba4e1224627a1"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 7592

GET
H2 200 elo-efe873e884e6c9eb817f23a120caaa3e.svg
js.stripe.com/v3/fingerprinted/img/ Frame 7B9B 4 KB
2 KB 12ms
12ms Image
image/svg+xml 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://js.stripe.com/v3/fingerprinted/img/elo-efe873e884e6c9eb817f23a120caaa3e.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

cee09780489392eef2b3927b2f3d98d0f131325b8589bc42494d7f935a59b298

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-69de34d1928dd4099646693d5935c76d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Mar 2024 19:54:09 GMT
via: 1.1 varnish
age: 1108363
x-cache: HIT
content-length: 1790
x-request-id: 11012709-d28b-4cc1-81e9-bd6771e80a10
x-served-by: cache-fra-eddf8230079-FRA
last-modified: Mon, 09 Oct 2023 20:07:11 GMT
server: Fastly
etag: "efe873e884e6c9eb817f23a120caaa3e"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 270

GET GooglePay.html
b.stripecdn.com/stripethirdparty-srv/assets/v20.21/ Frame FF78 0
0

GET
H2 200 GooglePay.html Show response
b.stripecdn.com/stripethirdparty-srv/assets/v20.21/ Frame 9FC3 387 B
789 B 460ms
435ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://b.stripecdn.com/stripethirdparty-srv/assets/v20.21/GooglePay.html?id=c89bae12-39f4-41a9-9de9-b4798f8caa04&origin=https%3A%2F%2Fjs.stripe.com

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/elements-inner-express-checkout-4eabaa087df0f6dbeaf504917ebfd8b2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

851f820db6c4b2530faa7a8394aef1229fe9f2fcea0261277132935c840d19fd

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'; connect-src 'self' https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; font-src https://fonts.gstatic.com; form-action 'none'; frame-src 'self' https://pay.google.com; img-src 'self' data: https://www.gstatic.com; script-src 'self' https://pay.google.com 'unsafe-inline'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
cache-control: max-age=60, stale-while-revalidate=900
content-encoding: br
content-length: 272
content-security-policy: base-uri 'self'; connect-src 'self' https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; font-src https://fonts.gstatic.com; form-action 'none'; frame-src 'self' https://pay.google.com; img-src 'self' data: https://www.gstatic.com; script-src 'self' https://pay.google.com 'unsafe-inline'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 06 Mar 2024 19:54:10 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-request-id: a3d21f25-1a7c-4c0e-adc6-4999b89957ea
x-served-by: cache-fra-eddf8230079-FRA
x-timer: S1709754850.207714,VS0,VE423

POST
H2 200 b Show response
r.stripe.com/ Frame EB42 0
273 B 187ms
186ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2a3d8f28eba28c4b514865a0f9427187.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 06 Mar 2024 19:54:10 GMT
x-stripe-server-envoy-start-time-us: 1709754850617340
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1709754850616590
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame EB42 0
273 B 179ms
179ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2a3d8f28eba28c4b514865a0f9427187.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 06 Mar 2024 19:54:10 GMT
x-stripe-server-envoy-start-time-us: 1709754850623968
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1709754850623719
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame EB42 0
273 B 182ms
181ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2a3d8f28eba28c4b514865a0f9427187.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 06 Mar 2024 19:54:10 GMT
x-stripe-server-envoy-start-time-us: 1709754850624987
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1709754850624721
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame EB42 0
273 B 207ms
206ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2a3d8f28eba28c4b514865a0f9427187.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 06 Mar 2024 19:54:10 GMT
x-stripe-server-envoy-start-time-us: 1709754850653041
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1709754850652454
access-control-allow-credentials: true
content-length: 0

GET
H2 200 api.js Show response
hcaptcha.com/1/ Frame D98C 376 KB
107 KB 89ms
48ms Script
application/javascript 104.19.218.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hcaptcha.com/1/api.js?onload=captchaLoad&render=explicit

Requested by

Host: b.stripecdn.com
URL: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.21/HCaptchaInvisible.html?id=35c05819-92e5-4288-884e-ed252b45708c&origin=https%3A%2F%2Fjs.stripe.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.218.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8372e4920304819a1afe1cb4a33def279a032e5d0154b53df47d05abdfc8077

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b.stripecdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 19:54:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 eeb2f3ca588ea4437f4b97ed276a6664.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-content-type-options: nosniff
x-amz-version-id: Y83AnVQfVaYtiCkhua7rz_C8xbCj9kI1
age: 0
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 26 Feb 2024 13:10:44 GMT
server: cloudflare
etag: W/"cf161ae1463888e6b05f1ecd1d11305b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
cf-ray: 8604e568ad733602-FRA
x-amz-cf-id: D68CkmpiOEjShu3VnESBrxVxYC2MxVBzLP81M2QR1SthXrYm_-4J9g==

GET
H2 200 vendors~AddressAutocomplete~AffirmInContext~AmazonPayButton~AuthMap~DemoPayButton~DynamicMap~GoogleA~35711e2c.292fe004c7b932cf1066.bundle.js Show response
b.stripecdn.com/stripethirdparty-srv/assets/v20.21/ Frame D98C 114 KB
37 KB 7ms
6ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://b.stripecdn.com/stripethirdparty-srv/assets/v20.21/vendors~AddressAutocomplete~AffirmInContext~AmazonPayButton~AuthMap~DemoPayButton~DynamicMap~GoogleA~35711e2c.292fe004c7b932cf1066.bundle.js

Requested by

Host: b.stripecdn.com
URL: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.21/HCaptchaInvisible.html?id=35c05819-92e5-4288-884e-ed252b45708c&origin=https%3A%2F%2Fjs.stripe.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

fa38eebb1eca7c94241152ae35cec12209d942905dc49f6d00dbe50636441258

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.21/HCaptchaInvisible.html?id=35c05819-92e5-4288-884e-ed252b45708c&origin=https%3A%2F%2Fjs.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Wed, 06 Mar 2024 19:54:10 GMT
x-content-type-options: nosniff
content-encoding: br
via: 1.1 varnish
age: 92536
x-cache: HIT
content-length: 38076
x-request-id: 2056f9e9-4aae-4cb7-baa6-05aa7445e248
x-served-by: cache-fra-eddf8230079-FRA
server: Fastly
x-timer: S1709754851.623804,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=31536000, public
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3171

GET
H2 200 HCaptchaInvisible.b27e55a4db75cd3e653a.bundle.js Show response
b.stripecdn.com/stripethirdparty-srv/assets/v20.21/ Frame D98C 18 KB
7 KB 7ms
7ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://b.stripecdn.com/stripethirdparty-srv/assets/v20.21/HCaptchaInvisible.b27e55a4db75cd3e653a.bundle.js

Requested by

Host: b.stripecdn.com
URL: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.21/HCaptchaInvisible.html?id=35c05819-92e5-4288-884e-ed252b45708c&origin=https%3A%2F%2Fjs.stripe.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

eccf72d793ee9369fb1c8217a3cebd89e035b728e6eae08b7e12332886b0f95e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.21/HCaptchaInvisible.html?id=35c05819-92e5-4288-884e-ed252b45708c&origin=https%3A%2F%2Fjs.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Wed, 06 Mar 2024 19:54:10 GMT
x-content-type-options: nosniff
content-encoding: br
via: 1.1 varnish
age: 92536
x-cache: HIT
content-length: 7278
x-request-id: 526200c3-f174-4bae-927b-0ac018f01aa2
x-served-by: cache-fra-eddf8230079-FRA
server: Fastly
x-timer: S1709754851.623952,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=31536000, public
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3150

GET
H2 200 GooglePay.56e28c37fcaa691fdbfa.css
b.stripecdn.com/stripethirdparty-srv/assets/v20.21/ Frame 9FC3 183 B
329 B 14ms
13ms Stylesheet
text/css 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://b.stripecdn.com/stripethirdparty-srv/assets/v20.21/GooglePay.56e28c37fcaa691fdbfa.css

Requested by

Host: b.stripecdn.com
URL: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.21/GooglePay.html?id=c89bae12-39f4-41a9-9de9-b4798f8caa04&origin=https%3A%2F%2Fjs.stripe.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

0f17c24dfb8298079b4168491a9f912edd6fe4d019fae29cdb44a7cbad39e870

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.21/GooglePay.html?id=c89bae12-39f4-41a9-9de9-b4798f8caa04&origin=https%3A%2F%2Fjs.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Wed, 06 Mar 2024 19:54:10 GMT
x-content-type-options: nosniff
content-encoding: br
via: 1.1 varnish
age: 91908
x-cache: HIT
content-length: 155
x-request-id: 3b3913b7-db4f-45f1-843f-2a86a1bbb2d1
x-served-by: cache-fra-eddf8230079-FRA
server: Fastly
x-timer: S1709754851.646855,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/css; charset=utf-8
cache-control: max-age=31536000, public
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 8

GET
H2 200 vendors~AddressAutocomplete~AffirmInContext~AmazonPayButton~AuthMap~DemoPayButton~DynamicMap~GoogleA~35711e2c.292fe004c7b932cf1066.bundle.js Show response
b.stripecdn.com/stripethirdparty-srv/assets/v20.21/ Frame 9FC3 114 KB
37 KB 15ms
14ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://b.stripecdn.com/stripethirdparty-srv/assets/v20.21/vendors~AddressAutocomplete~AffirmInContext~AmazonPayButton~AuthMap~DemoPayButton~DynamicMap~GoogleA~35711e2c.292fe004c7b932cf1066.bundle.js

Requested by

Host: b.stripecdn.com
URL: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.21/GooglePay.html?id=c89bae12-39f4-41a9-9de9-b4798f8caa04&origin=https%3A%2F%2Fjs.stripe.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

fa38eebb1eca7c94241152ae35cec12209d942905dc49f6d00dbe50636441258

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.21/GooglePay.html?id=c89bae12-39f4-41a9-9de9-b4798f8caa04&origin=https%3A%2F%2Fjs.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Wed, 06 Mar 2024 19:54:10 GMT
x-content-type-options: nosniff
content-encoding: br
via: 1.1 varnish
age: 92536
x-cache: HIT
content-length: 38076
x-request-id: 32feddf2-022a-430f-9245-4fee50a6fbef
x-served-by: cache-fra-eddf8230079-FRA
server: Fastly
x-timer: S1709754851.647302,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=31536000, public
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3172

GET
H2 200 GooglePay.dee991e28c0883f6d6ca.bundle.js Show response
b.stripecdn.com/stripethirdparty-srv/assets/v20.21/ Frame 9FC3 12 KB
5 KB 15ms
14ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://b.stripecdn.com/stripethirdparty-srv/assets/v20.21/GooglePay.dee991e28c0883f6d6ca.bundle.js

Requested by

Host: b.stripecdn.com
URL: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.21/GooglePay.html?id=c89bae12-39f4-41a9-9de9-b4798f8caa04&origin=https%3A%2F%2Fjs.stripe.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

9668d5aed8b85d862f7dd6f3b0f4d2546915e1269a6ad6048a9ced3bb68cdabd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.21/GooglePay.html?id=c89bae12-39f4-41a9-9de9-b4798f8caa04&origin=https%3A%2F%2Fjs.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Wed, 06 Mar 2024 19:54:10 GMT
x-content-type-options: nosniff
content-encoding: br
via: 1.1 varnish
age: 91908
x-cache: HIT
content-length: 4958
x-request-id: d46e0492-744b-49d4-b3ba-04d618ca1598
x-served-by: cache-fra-eddf8230079-FRA
server: Fastly
x-timer: S1709754851.647307,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=31536000, public
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 8

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame 9FC3 117 KB
36 KB 134ms
75ms Script
application/javascript 2a00:1450:400c:c0b::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: b.stripecdn.com
URL: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.21/GooglePay.dee991e28c0883f6d6ca.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7cdee22c53155d11e84b813cfdb7e937bea8d7fb8af904aa67266b2b418fc9bc

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-MSq-_DeQnB2XxBhRVnQzrg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b.stripecdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 19:54:10 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-MSq-_DeQnB2XxBhRVnQzrg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/gp/p/_/InstantbuyFrontendHttp/web-reports?context=eJzjKtHikmII0JBiWFYqxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-Z4k48ZxJ885zp3ZeXTDxfXzJJALEGEG_38WAR85nOeiR6OivfuumsKkCsu346aygQO6XPYA0CYp_6GawxQCzEw_Fo8uL1bAIzvn18ywQA5Dcz0Q"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Wed, 06 Mar 2024 19:54:10 GMT

POST
H2 200 b Show response
r.stripe.com/ Frame EB42 0
273 B 180ms
180ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2a3d8f28eba28c4b514865a0f9427187.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 06 Mar 2024 19:54:10 GMT
x-stripe-server-envoy-start-time-us: 1709754850801967
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 7
x-stripe-client-envoy-start-time-us: 1709754850801438
access-control-allow-credentials: true
content-length: 0

GET
H2 200 hcaptcha.html Show response
newassets.hcaptcha.com/captcha/v1/fadb9c6/static/ Frame EC1B 2 KB
1 KB 31ms
23ms Document
text/html 104.19.218.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/fadb9c6/static/hcaptcha.html?_v=o8z956hz5p

Requested by

Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js?onload=captchaLoad&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.218.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6906af8c231d23388500af97f7a4ee397c09e208c7151ca55e6c8e90bc7b389

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://b.stripecdn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 440
alt-svc: h3=":443"; ma=86400
cache-control: max-age=1209600
cf-cache-status: HIT
cf-ray: 8604e5694e2f3602-FRA
content-encoding: br
content-type: text/html
cross-origin-embedder-policy: credentialless
cross-origin-resource-policy: cross-origin
date: Wed, 06 Mar 2024 19:54:10 GMT
last-modified: Mon, 26 Feb 2024 13:10:44 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 530e9f4b5e6084726110986459f0c18c.cloudfront.net (CloudFront)
x-amz-cf-id: Wk3oeLwejBVd_313bmO9s4pm2MFyor9sKTUKXmntjA5u0qwD5ZupvA==
x-amz-cf-pop: VIE50-C2
x-amz-server-side-encryption: AES256
x-amz-version-id: w380JAJSDRpHmjdLNet.Oei.HbAumRcl
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 hcaptcha.js Show response
newassets.hcaptcha.com/captcha/v1/fadb9c6/ Frame EC1B 376 KB
106 KB 18ms
18ms Script
application/javascript 104.19.218.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/fadb9c6/hcaptcha.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/fadb9c6/static/hcaptcha.html?_v=o8z956hz5p

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.218.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8372e4920304819a1afe1cb4a33def279a032e5d0154b53df47d05abdfc8077

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newassets.hcaptcha.com/captcha/v1/fadb9c6/static/hcaptcha.html?_v=o8z956hz5p
Origin: https://newassets.hcaptcha.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 19:54:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 eeb2f3ca588ea4437f4b97ed276a6664.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-content-type-options: nosniff
x-amz-version-id: Y83AnVQfVaYtiCkhua7rz_C8xbCj9kI1
age: 793828
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 26 Feb 2024 13:10:44 GMT
server: cloudflare
etag: W/"cf161ae1463888e6b05f1ecd1d11305b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
cf-ray: 8604e5696e5e3602-FRA
x-amz-cf-id: D68CkmpiOEjShu3VnESBrxVxYC2MxVBzLP81M2QR1SthXrYm_-4J9g==

POST
H2 200 checksiteconfig Show response
api.hcaptcha.com/ Frame EC1B 719 B
816 B 39ms
33ms XHR
application/json 104.19.218.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hcaptcha.com/checksiteconfig?v=fadb9c6&host=b.stripecdn.com&sitekey=463b917e-e264-403f-ad34-34af0ee10294&sc=1&swa=1&spst=1

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/fadb9c6/hcaptcha.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.218.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aac6e1165f64ce9a91a921be11de02da7932a5d152f8fd365c8ef701564f10ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://newassets.hcaptcha.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 06 Mar 2024 19:54:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://newassets.hcaptcha.com
access-control-allow-credentials: true
cf-ray: 8604e569ceec3602-FRA
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent
alt-svc: h3=":443"; ma=86400

GET payframe
pay.google.com/gp/p/ui/ Frame 62C2 0
0

GET css
fonts.googleapis.com/ Frame 9FC3 0
0

GET generate_gpay_btn_img
pay.google.com/gp/p/ Frame AFC3 0
0

GET payment_white_36dp.png
www.gstatic.com/images/icons/material/system/1x/ Frame 9FC3 0
0

POST
H2 200 b Show response
r.stripe.com/ Frame EB42 0
273 B 175ms
175ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2a3d8f28eba28c4b514865a0f9427187.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 06 Mar 2024 19:54:10 GMT
x-stripe-server-envoy-start-time-us: 1709754850948440
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1709754850948149
access-control-allow-credentials: true
content-length: 0

GET
H3 200 hsw.js Show response
newassets.hcaptcha.com/c/4753532/ Frame EC1B 505 KB
220 KB 30ms
30ms Script
application/javascript 104.19.218.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/c/4753532/hsw.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/fadb9c6/hcaptcha.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.218.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0dc7511f9f3b8369a23f2a94f49b27b025a3719b0fba66b2c20701d6ab82820

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newassets.hcaptcha.com/captcha/v1/fadb9c6/static/hcaptcha.html?_v=o8z956hz5p
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 19:54:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 ab23076896ec73a1a830c9cdc49fcac4.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-content-type-options: nosniff
x-amz-version-id: xYmORh03N7Se5zk_65rH8kcKE5HmZuvB
age: 556382
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 27 Feb 2024 12:49:07 GMT
server: cloudflare
etag: W/"33b2f95bda4299b75e695ffc983fcda5"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 8604e56a0bb12c63-FRA
x-amz-cf-id: pm0N9izETZhr-x0SkhtYHSyARhU8mdhwVy1v9YIVja3rTGlkW26EVw==

POST
H3 200 463b917e-e264-403f-ad34-34af0ee10294 Show response
api.hcaptcha.com/getcaptcha/ Frame EC1B 3 KB
4 KB 313ms
312ms XHR
application/octet-stream 104.19.218.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hcaptcha.com/getcaptcha/463b917e-e264-403f-ad34-34af0ee10294

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/fadb9c6/hcaptcha.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.218.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ddd59b540748397b34dcea2a2f82d68930d90475c1740bb45f05032315f4f9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json, application/octet-stream
Referer: https://newassets.hcaptcha.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 06 Mar 2024 19:54:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: https://newassets.hcaptcha.com
access-control-allow-credentials: true
cf-ray: 8604e56b4d662c63-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3221

POST
H2 200 b Show response
r.stripe.com/ Frame EB42 0
273 B 176ms
175ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2a3d8f28eba28c4b514865a0f9427187.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 06 Mar 2024 19:54:11 GMT
x-stripe-server-envoy-start-time-us: 1709754851491618
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1709754851490914
access-control-allow-credentials: true
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fireflyin.org
URL: https://fireflyin.org/wp-content/uploads/2022/04/fireflyheader-1.mp4

Domain: fireflyin.org
URL: https://fireflyin.org/wp-content/uploads/2022/04/fireflyheader-1.mp4

Domain: b.stripecdn.com
URL: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.21/GooglePay.html?id=7b8e9361-081d-43ba-8ef4-5c63f30fd1d7&origin=https%3A%2F%2Fjs.stripe.com

Domain: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fb.stripecdn.com&mid=

Domain: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans:500

Domain: pay.google.com
URL: https://pay.google.com/gp/p/generate_gpay_btn_img?buttonColor=black&browserLocale=en&buttonSizeMode=fill&enableGpayNewButtonAsset=false&allowedPaymentMethods=%5B%7B%22type%22%3A%22CARD%22%2C%22parameters%22%3A%7B%22allowedAuthMethods%22%3A%5B%22PAN_ONLY%22%2C%22CRYPTOGRAM_3DS%22%5D%2C%22allowedCardNetworks%22%3A%5B%22AMEX%22%2C%22DISCOVER%22%2C%22JCB%22%2C%22MASTERCARD%22%2C%22VISA%22%5D%7D%7D%5D&gpayButtonVariantType=1

Domain: www.gstatic.com
URL: https://www.gstatic.com/images/icons/material/system/1x/payment_white_36dp.png

Verdicts & Comments Add Verdict or Comment

130 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 23:15:06	Name: _GRECAPTCHA Value: 09ACzWgXoOKMMj0ijTFMBfPogUwtOsOdQaDSD2fSRCjoFz4NM-qCAMRn9hZtKGT5r133_TJ85h-625W3_Xp4ep2pA
.fireflyin.org/	1970-01-20 18:57:21	Name: _gid Value: GA1.2.452079137.1709754847
.fireflyin.org/	1970-01-20 18:55:54	Name: _gat_UA-226112193-1 Value: 1
.fireflyin.org/	1970-01-21 04:31:54	Name: _ga_2VE2RP1YFF Value: GS1.1.1709754846.1.0.1709754846.60.0.1534674238
.fireflyin.org/	1970-01-21 04:31:54	Name: _ga Value: GA1.1.889275734.1709754847
host.nxt.blackbaud.com/	1970-01-21 03:41:30	Name: ai_user Value: 7pchPw0a8R9grMSGhLw10d\|2024-03-06T19:54:07.413Z
m.stripe.com/	1970-01-21 04:31:54	Name: m Value: 52e6988d-693a-4e5d-a0b2-2c4ec4befd75265415
.google.com/	1970-01-20 23:19:26	Name: NID Value: 512=gu-Rz3LcqBs6nr_KkvRrvapbqPvBQt7ci4RlJb7WoUlSVrnkUP55udShOf2jaHGPRBsmM0TDDW1c9JHtnbsaa6x1ad8KofhMq1gxuPXK7_AUk4TL_VueHQklLZunV2R_jikErZB9hx8HiIvXPirGBw-sCd7M4lHCQIK13-ilz0s

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://fireflyin.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fireflyin.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fireflyin.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fireflyin.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fireflyin.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fireflyin.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fireflyin.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fireflyin.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fireflyin.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fireflyin.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fireflyin.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fireflyin.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fireflyin.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-js.mixpanel.com
api.hcaptcha.com
api.stripe.com
b.stripecdn.com
cl.qualaroo.com
dntcl.qualaroo.com
editor.ne16.com
fireflyin.org
fms-pusa01.app.blackbaud.net
fonts.googleapis.com
fonts.gstatic.com
hcaptcha.com
host.nxt.blackbaud.com
js.stripe.com
m.stripe.com
m.stripe.network
maxcdn.bootstrapcdn.com
merchant-ui-api.stripe.com
newassets.hcaptcha.com
pay.google.com
pco-pusa01.app.blackbaud.net
r.stripe.com
region1.analytics.google.com
s21pusa01afmsv2blkbsa03.blob.core.windows.net
sky.blackbaudcdn.net
stats.g.doubleclick.net
use.fontawesome.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
b.stripecdn.com
fireflyin.org
fonts.googleapis.com
pay.google.com
www.gstatic.com
104.19.218.90
104.209.152.250
104.248.232.0
151.101.128.176
18.245.60.53
198.137.150.81
20.150.43.196
2001:4860:4802:32::178
2001:4860:4802:32::36
2400:52e0:1e00::1081:1
2600:9000:214f:7800:1b:350b:3f00:93a1
2600:9000:2394:8a00:2:68c1:1040:93a1
2606:4700::6812:acf
2606:4700:e6::ac40:cf26
2a00:1450:4001:80f::2004
2a00:1450:4001:811::2003
2a00:1450:4001:81c::2008
2a00:1450:4001:828::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:831::2003
2a00:1450:400c:c02::9b
2a00:1450:400c:c0b::5c
34.241.59.225
35.186.241.51
44.241.19.114
54.187.119.242
99.86.4.85
07483f00631032dfd02e79d3de16d990830ec530b691c236b58a641b4b752458
0826d6c5a2249f46b088b74d85567d7f0bfa9cf7e583441efe8b8eba09f45da5
08e1bc83b1500ff23f4393c9907ffcfad541ef2e342df772bc2a3445d7392b76
095a4e31a4c39e7fa61ca412d67ba427155e8326e3fc80a02cd3c79daa1d5b99
0c3f0dfefcec7eee1385aa1164e86e62d5a55e2c3c7f56f1cc0ba69b02a911ed
0f17c24dfb8298079b4168491a9f912edd6fe4d019fae29cdb44a7cbad39e870
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
1798d3ce1abe12fe5caa45d00a86e66b3dda52c5820c31c572d7738608f2a384
188f7effb28ee4b2877bbe39e062e195243957ec2432db9c0f1215273761ffa4
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea
1caf10f9b394d7b88acfe5e2075a8e0ca981d162ef33bce0ab573470f34dbd48
1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c
1d56b6aac3051bdfef9ce8d014f88fccb1a64517d3d89a362c6c7576ed8d6268
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
227fa37eae227174b556268a16309bf060ce0de6b79b2e86e6f93db6007d4080
230a21984309e088d6361f54d47a49592eb307c826ec1ce32d3a08c2ffcc1852
26c3407a5d88577b47001ff725f569136e9caf493c21d1f9dcdd4215c5e211ca
26d6ff4e73c9f7e3d19b8a6a0aee4c19ceeb8cf754e40fff9d4e18ea1c9b7d8c
27422f830d71474144ea902369ce78d178d1ace4e38a029ba2e359b7b55b4176
29ec16f53c5ddd49a7dd95fd45aa1f20402e69cfd3d28755fb50698efa3e8ec1
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b4b6ff31b01cd89b4cd5fe69717dddb3fbd05aefe56ba57b4592e7e4ac1890b
2cb66f8435ff46aff53edaf2ed4f1946d0a4d83c634262c00d82218b601d8c76
2d25f459e6ebcc92294c532916d06a76d3843997c00b7629d9cba2c7bd43fe9d
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2e8900ba4a5768754de4fc21bcdde72bdcafa25c6c766a7f3bc44bf6c21fc412
355bbabec3a324574a7278ae55858587cec26ec9785270cbfa155021c0fdb825
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
363317add36999729dbb20483a488da2cbdd65de2f0d7cbd18961740f43ab682
36abc5f56cd1a70979705ee063586905bfbe5fda3985e57d3362d341f702bd66
378cc2a49d28e06e45bdec325472be92aee8772159b083c3c3beaa9e519b4476
3cd41a77ef3c37c2affe67c940b630dd8f96a16b6e56158088f796a0e62476b9
3d1ec759e322c0da35ee5e9b2ee664f4815b157bf59f121559e0f1ac1fa216cf
3d62e00176b51a12b936a23a23a00a404202e60af086d2df0de4495a3ab3cb67
3d7d9090422512a2eaafe6e8287b6354f5a1b47cc0e63e2e696316cffb950410
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
425c17cc0de74e7e5ce91bbb6ceb6405518d61a38d298938099ad3289ab5c1d3
4280b5c699f23ad47b2745ca72041f053abc2348acf4c020a4255ba384a98693
462747422c6af30aa81a0373fa1cfd736455cef52bdbb816f67be9531d84eace
476d8423431fa6f56fe0fb5ca7be484361ccf188d82d6ea8fc33d8b8f6d52c98
4963556eaeb5fc2e53502f85c34d2645dc1440326fa751ad43a1a61648df8e8b
49c47b03aad93c56140eeaa0505abc1132ef1205994bc7a28bd5a0b6ce6dd7da
4a94c25cdd03e6914787a74e2567fd94776190010f74b2100cb0768019d0467c
4b0505c9409b63bf7caba18c1b7edee347161aca1536a3ba91ffbd2e0e7b844c
4f26e74a5392e23175b93e81e7b642e02c20d3ca132207dc7f00abfb7dae2b6d
4f832756048b0e8b3b439e51d1d93cc0fea2c41ec0b957ae2365f406f76bdaa8
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5564f45c0991c7cceb19c0fb637ee44b119fb14c6cbf3691540a9cad11e1edf3
55a084b5f4c439a2786141108b266370e0e4accc4e72629b2177dc6aa658d6c8
56f7ec16b1ac3c45be1f91cc07d172f3c4c731695d78cface099c00b97dbd83c
57b1f974576a3372b5ebee24172d169426c645118081aced33137320bc972567
590744d6c7a9ed19632f43e11fdef33aaa97fa2f652eacf4d1276e92864dd388
5964e9a2fd749eb4387996012b85a9e09d16555f6fddd22ec0ecc62e61d54f4c
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5aa24e4ab926693e29ffb0d0ca1557141defd3ca61b3b4e7caebaa2fcd5bf327
5aecf890c0cc556daa37c2a1b31adfac37be0ba469e9edd681560808200af41e
5fe46d2da01452067736578431f6c6e8116a24e616f58c72d9d81fdb2c7c9569
604dcf1f11698655f75046bb92f98aaa9477e1c16b01c5fc415e78794393ffb9
608e92c7af4ca1f340829b390e28012c5b484b9414514043bc16475352bb973a
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
6331bf3bfce9b5fce44479f9b4f6df6f91156099b291abe021246ccb2d45b601
670011d71cc155ca49cf846fd15ba0ead023e5ce48f68fdb0c20977abfb3b47d
69bd30af5614fb379aa7a47bf3f14f4df4875498d2bb422d1cf8c59c45be1412
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d161e98e47ae150b51211443eef37040fb6269dcf85ad2048548066dca99e6f
6dadf4ea156167682099ccf1f02c661b97d2272614948b2f1ec7bcc8679a6867
6ddd59b540748397b34dcea2a2f82d68930d90475c1740bb45f05032315f4f9c
7046e325bee6e4ffd4581616a2b76772f5749fbd45eb77998a1b5810ed476d2e
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
73381d5273b6b7891ca828c1f4443c596cacb155ed756112133d174dfc4e64f1
747fca640bc3ae35c7422e023f27cf4a0953b7fe694bfb8bb528b50b70bd15ce
76f9c768df6c7cb26c0a5be0b4c211059351f898129ebe76eca29de0a04e832e
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79cb399203843f65199bec32bc4abac5dfd20f141d3e4ec1424bf00c7108fa45
7a283fcc422af007d6ad452403a4afa298dc4be70a3efe43eaf73f21e6baa29d
7bc224bd9328dee1c068036bbe0b6418520f1782d34d044d943d62d2ad5aa5b2
7cbaccbde78fe7baa47abf35bb8cc15619d03783407e27c91eaf190736f95036
7cdee22c53155d11e84b813cfdb7e937bea8d7fb8af904aa67266b2b418fc9bc
7f1f7fe99c8b91a935f845fbbee83b09def535fa7c85eafb8bc24595f24edac5
8345da81a78752f0809554bbb71f00a6117aa477017f507de3c9a0ce9ac9281d
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
851f820db6c4b2530faa7a8394aef1229fe9f2fcea0261277132935c840d19fd
856072e1bdc38ddb50ad23c7ffaff6ddbb8ed3019620f205b07782ee33fa10ae
8d0c04f065692bfeb27d08b1aa3c98a734abdfdabd44cc5f5757e20ac6ff7ff3
925f2ffb7b49a93b36740141ddfbd7487d8ef3de84f2c9c8be4cec4e584b0c18
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
9668d5aed8b85d862f7dd6f3b0f4d2546915e1269a6ad6048a9ced3bb68cdabd
96c0ece7228e54be11c46479000849c8a5344aef8e98939ce2a8bee7e4486efc
96e4f01951ca37245fa6f8941258e7221d7274ee48f56190df7368fdfef226c6
992272e8a8fb59c28ec9f7ea71da6cb82a7345294ba7e48878aff610a922878e
9c0647c53dde19cd56b2dfd0626db41f3db20c92984e1e6a4d469c19e4823adf
9d4063b16d333f781970abcf1a462d48b0f844a34104db19186590ba07fd1775
9defa7ec30813b2d438cc732941531aadf9cb59677ae86f358ac94557dc2697e
9e9bd376420a27f7dad5c748669ad023f54bdb574bef08b71fd8907fa07f8ad4
9fc31694c05d7057ef7c90d7ec83995c00ebc13dbd29a3f7099a138ddeae1bdf
a2519c1ec30ac431bbea8a94385994f6d996a690a7c6973d46cfff40a939ec58
a37bb14e36dda3cb1a65039711fa06291306696b5f8f0d97614a2b63c8cb9ea4
a53073174fc1505bde602ab8b9ed02d7206dcec3904c000ac65aae5112b4bb60
a66d67202d69eaa6a28aa14109004bde6e76a3e505b0e96060404a134ed31c4a
a7da6330c310419977d21d964bd042c61607bebb96e4137b99af4e26436c7d89
a8bfdecce5d2156da95876601ab50733e863513e3689ce32498a8370e79a5687
a98551744f5ba68140ab1252c8e91bdc860a144d1c023772f1d966adf0b0c648
aac6e1165f64ce9a91a921be11de02da7932a5d152f8fd365c8ef701564f10ae
ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60
b07af49822e260dcc71a4cd0a6804bfade93cdead04d405a158f48c24e53a929
b0b3c8a08afff51d87d6f144eb76c25bdfd19943cc6cb93e5f22b00c0728d06e
b0dc7511f9f3b8369a23f2a94f49b27b025a3719b0fba66b2c20701d6ab82820
b15c3ea03d50c2430490e7416733a254feea4237bb60b54181bd3473ebe4149f
b3b37b16614ee52fc6e3241e80afbe1876ccc2c88451bacf467ab97987d1794b
b4c048d9606a05c5cf4acad544e94d1d4f9c76284a7a69eaf2268af2e44bd95d
b4f8dd2748d635d8cb478346da88d77109e69c0c643845a0a84b2c1ff87d2535
b67bd4b013aea21a4a993f50dbe3a9deb4884e9a90ff5c748c91a8a539162abe
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
bf2d0855e79103e6503cc314e24db0f9a5dfd4cabb4b8c93913b09e398008dda
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
c3aa25fcba5dc96ee29ea26c64a361220b72200232e6ab5cc0ba0422d9fb0d6c
c3efe9a0ea5b87bff3eea5d75481acaebfe21048d0488da6b851414ffb5bf980
c87d9de9ec04be00f785ea3222b2772e8a5e2fc7d899ce0e8835aaf963ca9ab1
c91741f8e67dee084f2704b80ed96793b9ce64a05347699b37a07ae80b9bf8a0
ca3ea16761b7d443c64cfd99dd1cf8aa84790a25bb4709582935956fe71d014d
cab8ee51fe3f2c48a8bb85a002ea87dc02c1b3514f81eb145ad4b513e11accf6
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cee09780489392eef2b3927b2f3d98d0f131325b8589bc42494d7f935a59b298
cfcf2514bb80868a8ea7ab0936dee6575f8ce6dc5ccf76a2a6bdb15b55a0daf5
d0b63ce61a6e0367ae657102f479f114fa8851a0e95d1894971dd5cddb426725
d14ca0e909234ef3a81f593aa143960c1bf04feb527360f15e9d46f05faa0cf9
d4eac7162c8466505b1ecb410e0d7377c63742e05dcc66636eb002f00758059c
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d755399768a475f3e89812712463a076e3546bd711e0ddcbfb8300e408f3b5cd
d79e9c08e103617347551a52a7e6b07e2847b0225b7ea2559ec4f2fff088df8b
da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e0807ef5f00434936b6eab2b9277d152f8d208782a224278e0a38de34f189647
e1789820d31ae10d40398105d19bf5a2e112c8d80dac9b55659a5e2d5ddfadfe
e1983b02916f918cdaadae3915edcb3e8915c9096c40ffdad7ee8108a164f584
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64f2cf4a5d5fa11cdb50b20a4b3ca1d0ea710976f5208eeff861933584c59da
e6906af8c231d23388500af97f7a4ee397c09e208c7151ca55e6c8e90bc7b389
e8a0c6972e731486508286db4fc96ecf443f5046a1c8caef91f9ee75cc47b1ec
e8df2be2827a56abf7c0a9c9a37387ceea6792ed400a656ca65061c42d32351e
ea2f6d1a7e13c102aced9b4e5269c269bba3d9028334e0e7a4c6fb30d64c89f1
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
ec00d8171377b4e8e904b8235233f6b70d997ecdb9770d0a5dbb36716c91adcb
ecac4fc801141ce552220be4bb12969e2ee625e2cf08cf0edbac579a279b28f1
eccf72d793ee9369fb1c8217a3cebd89e035b728e6eae08b7e12332886b0f95e
ee908efc0bb6eb88179d65ad0c1e345ae7c821be8d4f8b8ab8615dc2b6bc9a46
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f23bd61a50ddb47e77b1d538b8c80541f6505652bfd226492e2073871ff1b8e2
f5576a63ffa9fbbf25d1fdda45375693845d0ff2b975374a3918279513c969d3
f6097573756bc7b68a9b41b159baf034588cc11c1d19d823b2602dd042ab9356
f7e33a9d7d623e79b2c6e0d0cb14bec07f94578cac031bc0a866140f8f4aefb1
f8372e4920304819a1afe1cb4a33def279a032e5d0154b53df47d05abdfc8077
f8b69b24877322fc432a92b49b1ad60499484de0f30994960b0ccc579bb7a641
fa38eebb1eca7c94241152ae35cec12209d942905dc49f6d00dbe50636441258
faff1769734ca1dd1a0d83b076cc10b6669ed2acef60e075d3c6230187869287
fbcff8e51d53ce1ceb9de11f750b8f65d2d05636e0d325673e6813ce1b58275d
fd7177f560efc55f4216af7e64660f6f4574677e4369addf1a22e4f38c54717a
fdc683b37bd1dd00b83793f6a7102cc1d2c71a74ff173916f6428809ffe28fc5
ff4185fa4d38354c04d6be5a1ef30272385d0ab8578de592a74befc1dcc975ad

fireflyin.org Open in urlscan Pro 104.248.232.0 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

213 Requests

97 %HTTPS

56 %IPv6

21 Domains

32 Subdomains

28 IPs

5 Countries

8026 kBTransfer

23328 kBSize

8 Cookies

9 Outgoing links

Page URL History

Redirected requests

213 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 17 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

fireflyin.org Open in urlscan Pro
104.248.232.0 Public Scan

Screenshot
Live screenshot

Full Image

213
Requests

97 %
HTTPS

56 %
IPv6

21
Domains

32
Subdomains

28
IPs

5
Countries

8026 kB
Transfer

23328 kB
Size

8
Cookies

213 HTTP transactions
17 data transactions