ocsp.apple.com/ocsp03-apsecc12g101
892 B URL ocsp.apple.com/ocsp03-apsecc12g101
IP
Hash 63ecaa5fd1ddae8b10190be893fe8872
00ba34d49c820add5cba8c06e26e657f033060b8
ceeb5dcda4bd3b4512780d0cbdd2bfb6e2936c0ea4f8fe2e114aa56a48f1e5bc
POST /ocsp03-apsecc12g101 HTTP/1.1
Host: ocsp.apple.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Apple
Date: Fri, 08 Dec 2023 18:59:44 GMT
Content-Type: application/ocsp-response
Content-Length: 892
Expires: Sat, 09 Dec 2023 01:35:11 GMT
ETag: "00ba34d49c820add5cba8c06e26e657f033060b8"
Last-Modified: Fri, 08 Dec 2023 17:35:11 GMT
Age: 6
Via: http/1.1 dkvib1-3p-pst-004.ts.apple.com (acdn/111.14403), http/1.1 dkvib1-3p-pac-004.ts.apple.com (acdn/111.14403), http/1.1 dkvib1-3p-pfe-004.ts.apple.com (acdn/111.14403), http/1.1 sesto4-edge-lx-002.ts.apple.com (acdn/111.14403), http/1.1 sesto4-edge-bx-008.ts.apple.com (acdn/111.14403)
X-Cache: miss, miss, miss, miss, miss
CDNUUID: 83b40f5a-2ae6-46bf-b45f-d83261d856b8-84532501
Connection: keep-alive
www.donationalerts.com/static/assets/fonts/inter/Inter-Regular.woff2
200 OK 100 kB URL GET HTTP/2 www.donationalerts.com/static/assets/fonts/inter/Inter-Regular.woff2
IP
Requested by https://www.donationalerts.com/r/7tanto
Certificate IssuerGlobalSign nv-sa
Subject*.donationalerts.ru
FingerprintA4:2D:F8:7D:9B:F8:E1:6D:06:16:62:48:76:9F:BF:34:E0:C8:17:B3
ValidityTue, 10 Oct 2023 13:10:40 GMT - Sun, 10 Nov 2024 13:10:39 GMT
File type Web Open Font Format (Version 2), TrueType, length 100088, version 1.0\012- data
Size 100 kB (100088 bytes)
Hash 77812e2fead777db0dc806b1eaabc7fd
512526689a4fd677ffca333a9dc1d412ad44caaf
77677cd3d62f53fce403b743c6ab0dfacf6109cfa5f2c511a57b0779222c76de
GET /static/assets/fonts/inter/Inter-Regular.woff2 HTTP/1.1
Host: www.donationalerts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.donationalerts.com/static/donations/dist/css/app.ff2a1afb.css
Cookie: apid=328765263_72090c037faeb0943f560fddb48c7919
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 08 Dec 2023 18:59:44 GMT
content-type: font/woff2
content-length: 100088
last-modified: Thu, 07 Dec 2023 12:50:46 GMT
etag: "6571bfa6-186f8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET
accept-ranges: bytes
X-Firefox-Spdy: h2
1l-hit.my.games/v1/hit/101614.js?r=&u=0&rnd=0.48723779521934396
200 OK 420 B URL GET HTTP/1.1 1l-hit.my.games/v1/hit/101614.js?r=&u=0&rnd=0.48723779521934396
IP
Requested by https://www.donationalerts.com/r/7tanto
Certificate IssuerDigiCert Inc
Subject*.my.games
Fingerprint9B:00:30:1B:AF:F2:15:C5:C9:D5:3F:CB:A8:27:3B:D6:04:D1:F6:BD
ValidityWed, 19 Jul 2023 00:00:00 GMT - Thu, 18 Jul 2024 23:59:59 GMT
File type ASCII text, with very long lines (420), with no line terminators
Hash c15bfc3e299ff0396f7603ee4ef99510
29da8d25df18035fe835e0a1c7f6d1efb4433f5b
cd3a0aad08371ee5f6f95a9b3917a56cabe26a9eb8e79eb9c0fda3fe8596cb21
GET /v1/hit/101614.js?r=&u=0&rnd=0.48723779521934396 HTTP/1.1
Host: 1l-hit.my.games
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.donationalerts.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 08 Dec 2023 18:59:45 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Set-Cookie: mr1lad=657367a152c122b8-0-0-; expires=Fri, 15 Dec 2023 18:59:45 GMT; path=/; domain=.my.games; SameSite=None; Secure
mr1lext=; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; domain=.my.games; SameSite=None; Secure
Expires: Fri, 08 Dec 2023 18:59:44 GMT
Cache-Control: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js
200 OK 49 kB URL GET HTTP/1.1 applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js
IP
Requested by https://www.donationalerts.com/r/7tanto
Certificate IssuerApple Inc.
Subjectapplepay.cdn-apple.com
Fingerprint16:CE:D4:61:55:FF:98:71:02:84:A8:41:8D:69:5F:95:8C:DE:B3:0A
ValiditySat, 02 Dec 2023 18:09:24 GMT - Fri, 01 Mar 2024 18:19:24 GMT
File type Unicode text, UTF-8 text, with very long lines (60041)
Hash fc0f042d71449d68115f8efaa008b014
308368b1f3a27a95b93672ac33fc9f34d4afb6c4
afd584eb5736dd0208473226960ee2d03ca960465d28b21bf9e3a610c70899e5
GET /jsapi/v1/apple-pay-sdk.js HTTP/1.1
Host: applepay.cdn-apple.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.donationalerts.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Apple
Date: Thu, 07 Dec 2023 23:51:52 GMT
Content-Type: application/javascript
x-conversation-id: 0d83e287-34d2-0e7e-8c7d-47e7c9d4fe73
apple-seq: 0
apple-tk: false
apple-originating-system: wp-content-server-prod1-use1
strict-transport-security: max-age=31536000; includeSubdomains
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-credentials: false
access-control-allow-origin: *
cache-control: public, max-age=86401, stale-while-revalidate=86400
edge-control: cache-maxage=7d
vary: Accept-Encoding
content-encoding: gzip
x-envoy-upstream-service-time: 1
Age: 68873
Content-Length: 48790
Via: http/1.1 sesto4-edge-lx-004.ts.apple.com (acdn/111.14403), http/1.1 sesto4-edge-bx-012.ts.apple.com (acdn/111.14403)
X-Cache: hit-fresh, hit-fresh
CDNUUID: 4da95978-7806-4a01-b470-9d6015a1c1a9-3581566136
Connection: keep-alive
www.donationalerts.com/static/assets/fonts/inter/Inter-Bold.woff2
200 OK 107 kB URL GET HTTP/2 www.donationalerts.com/static/assets/fonts/inter/Inter-Bold.woff2
IP
Requested by https://www.donationalerts.com/r/7tanto
Certificate IssuerGlobalSign nv-sa
Subject*.donationalerts.ru
FingerprintA4:2D:F8:7D:9B:F8:E1:6D:06:16:62:48:76:9F:BF:34:E0:C8:17:B3
ValidityTue, 10 Oct 2023 13:10:40 GMT - Sun, 10 Nov 2024 13:10:39 GMT
File type Web Open Font Format (Version 2), TrueType, length 107300, version 1.0\012- data
Size 107 kB (107300 bytes)
Hash 741dc4163a97ffa354979f18802f6ca8
0e4b89a4a2801dd5e25364f439d7bfee47594762
20fd98b18d523471ae687971086817766649ce25f32e438d14711561a95bc9e9
GET /static/assets/fonts/inter/Inter-Bold.woff2 HTTP/1.1
Host: www.donationalerts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.donationalerts.com/static/donations/dist/css/app.ff2a1afb.css
Cookie: apid=328765263_72090c037faeb0943f560fddb48c7919
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 08 Dec 2023 18:59:44 GMT
content-type: font/woff2
content-length: 107300
last-modified: Thu, 07 Dec 2023 12:50:46 GMT
etag: "6571bfa6-1a324"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET
accept-ranges: bytes
X-Firefox-Spdy: h2
www.donationalerts.com/api/v1/currencies
200 OK 709 B URL GET HTTP/2 www.donationalerts.com/api/v1/currencies
IP
Requested by https://www.donationalerts.com/r/7tanto
Certificate IssuerGlobalSign nv-sa
Subject*.donationalerts.ru
FingerprintA4:2D:F8:7D:9B:F8:E1:6D:06:16:62:48:76:9F:BF:34:E0:C8:17:B3
ValidityTue, 10 Oct 2023 13:10:40 GMT - Sun, 10 Nov 2024 13:10:39 GMT
File type JSON data\012- , ASCII text, with very long lines (814), with no line terminators
Hash d0ba3ba2a9eea08da30293c862dc0fb0
8632ac4c6d4e9c5703e6159581f3a2ee3ca7b50b
b2cd448cb17d4a0c02d95d274e0e6a8a83ee163da6963477ccb4011a5db9410d
GET /api/v1/currencies HTTP/1.1
Host: www.donationalerts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en_US
Accept-Encoding: gzip, deflate, br
Referer: https://www.donationalerts.com/r/7tanto
DNT: 1
Connection: keep-alive
Cookie: apid=328765263_72090c037faeb0943f560fddb48c7919; laravel_session=eyJpdiI6Ikl6MDRqNEVOa244WkFobjBhZURzVVE9PSIsInZhbHVlIjoiQzJLUldVOXlHdDdhTVJwNTM2ZXZuODRzM3VHb0E3THBEcVR1T3V2a010R3pZK01EOFIxbTdsaUd0RVhvZlFCTUJWb0xIcnBZWFM0V2hrYmE5L0tEMjR4NU5ZWWQ5L0FzZnlyamEzM3FDYlRJTWNQMXN6S0VwdTRkTWpWM1A3VU4iLCJtYWMiOiJhNDNjYjRjOGU1MjUzMDViNjg0NDgwYTIxMzk0MTI0YTA5YzdjNDZlMmQ4YTQ3MWRiNmYwNzJkMWJkNmFlMDkwIiwidGFnIjoiIn0%3D; mr1lad=657367a152c122b8-0-0-
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 08 Dec 2023 18:59:45 GMT
content-type: application/json
cache-control: no-cache, private
content-language: en_US
content-security-policy: frame-ancestors 'self'
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
content-encoding: br
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a/ACg8ocKRuh01MGgvF28knXfpXGhMswNwxs66JTxFPQ4Zw7ey1g=s96-c
200 OK 4.8 kB URL GET HTTP/2 lh3.googleusercontent.com/a/ACg8ocKRuh01MGgvF28knXfpXGhMswNwxs66JTxFPQ4Zw7ey1g=s96-c
IP
Requested by https://www.donationalerts.com/r/7tanto
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint2E:01:38:64:37:3C:F9:F4:3C:95:49:F1:9E:D9:61:5F:63:48:CF:CE
ValidityMon, 23 Oct 2023 11:23:50 GMT - Mon, 15 Jan 2024 11:23:49 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 96x96, components 3\012- data
Hash c50146224031964749c285e0cecc6d15
4dc5275ea82c9aa4109130de2603c1ee459074e1
e7025ae89d83acf26e7c58730c899ba06a6086d5a106a03320bc28f9d840785c
GET /a/ACg8ocKRuh01MGgvF28knXfpXGhMswNwxs66JTxFPQ4Zw7ey1g=s96-c HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.donationalerts.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v7"
expires: Sat, 09 Dec 2023 18:59:45 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
x-content-type-options: nosniff
date: Fri, 08 Dec 2023 18:59:45 GMT
server: fife
content-length: 4823
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.donationalerts.com/static/assets/fonts/inter/Inter-Medium.woff2
200 OK 107 kB URL GET HTTP/2 www.donationalerts.com/static/assets/fonts/inter/Inter-Medium.woff2
IP
Requested by https://www.donationalerts.com/r/7tanto
Certificate IssuerGlobalSign nv-sa
Subject*.donationalerts.ru
FingerprintA4:2D:F8:7D:9B:F8:E1:6D:06:16:62:48:76:9F:BF:34:E0:C8:17:B3
ValidityTue, 10 Oct 2023 13:10:40 GMT - Sun, 10 Nov 2024 13:10:39 GMT
File type Web Open Font Format (Version 2), TrueType, length 106680, version 1.0\012- data
Size 107 kB (106680 bytes)
Hash 900f31022873fa16552980d331bebfcc
2843943d7ec3c9a041ea2979d1355231b509424a
a3878d7a4119b2c2112f6cf5bb937b5ba10644b615e0ffe8bd202d68f04b5bab
GET /static/assets/fonts/inter/Inter-Medium.woff2 HTTP/1.1
Host: www.donationalerts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.donationalerts.com/static/donations/dist/css/app.ff2a1afb.css
Cookie: apid=328765263_72090c037faeb0943f560fddb48c7919; laravel_session=eyJpdiI6Ikl6MDRqNEVOa244WkFobjBhZURzVVE9PSIsInZhbHVlIjoiQzJLUldVOXlHdDdhTVJwNTM2ZXZuODRzM3VHb0E3THBEcVR1T3V2a010R3pZK01EOFIxbTdsaUd0RVhvZlFCTUJWb0xIcnBZWFM0V2hrYmE5L0tEMjR4NU5ZWWQ5L0FzZnlyamEzM3FDYlRJTWNQMXN6S0VwdTRkTWpWM1A3VU4iLCJtYWMiOiJhNDNjYjRjOGU1MjUzMDViNjg0NDgwYTIxMzk0MTI0YTA5YzdjNDZlMmQ4YTQ3MWRiNmYwNzJkMWJkNmFlMDkwIiwidGFnIjoiIn0%3D; mr1lad=657367a152c122b8-0-0-
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 08 Dec 2023 18:59:45 GMT
content-type: font/woff2
content-length: 106680
last-modified: Thu, 07 Dec 2023 12:50:46 GMT
etag: "6571bfa6-1a0b8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET
accept-ranges: bytes
X-Firefox-Spdy: h2
www.donationalerts.com/static/assets/fonts/inter/Inter-SemiBold.woff2
200 OK 107 kB URL GET HTTP/2 www.donationalerts.com/static/assets/fonts/inter/Inter-SemiBold.woff2
IP
Requested by https://www.donationalerts.com/r/7tanto
Certificate IssuerGlobalSign nv-sa
Subject*.donationalerts.ru
FingerprintA4:2D:F8:7D:9B:F8:E1:6D:06:16:62:48:76:9F:BF:34:E0:C8:17:B3
ValidityTue, 10 Oct 2023 13:10:40 GMT - Sun, 10 Nov 2024 13:10:39 GMT
File type Web Open Font Format (Version 2), TrueType, length 107184, version 1.0\012- data
Size 107 kB (107184 bytes)
Hash 3d011804596fb2ccde4af51830a9a7d5
999e92214edfb5b102919586df4cfe16f7ddaccb
e9bb1331830a18e2504d966f1fa931e711cad726e454722f324d63534cec97d9
GET /static/assets/fonts/inter/Inter-SemiBold.woff2 HTTP/1.1
Host: www.donationalerts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.donationalerts.com/static/donations/dist/css/app.ff2a1afb.css
Cookie: apid=328765263_72090c037faeb0943f560fddb48c7919; laravel_session=eyJpdiI6Ikl6MDRqNEVOa244WkFobjBhZURzVVE9PSIsInZhbHVlIjoiQzJLUldVOXlHdDdhTVJwNTM2ZXZuODRzM3VHb0E3THBEcVR1T3V2a010R3pZK01EOFIxbTdsaUd0RVhvZlFCTUJWb0xIcnBZWFM0V2hrYmE5L0tEMjR4NU5ZWWQ5L0FzZnlyamEzM3FDYlRJTWNQMXN6S0VwdTRkTWpWM1A3VU4iLCJtYWMiOiJhNDNjYjRjOGU1MjUzMDViNjg0NDgwYTIxMzk0MTI0YTA5YzdjNDZlMmQ4YTQ3MWRiNmYwNzJkMWJkNmFlMDkwIiwidGFnIjoiIn0%3D; mr1lad=657367a152c122b8-0-0-
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 08 Dec 2023 18:59:45 GMT
content-type: font/woff2
content-length: 107184
last-modified: Thu, 07 Dec 2023 12:50:46 GMT
etag: "6571bfa6-1a2b0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET
accept-ranges: bytes
X-Firefox-Spdy: h2
static.donationalerts.ru/tts/preview/narcos.mp3
200 OK 31 kB URL GET HTTP/2 static.donationalerts.ru/tts/preview/narcos.mp3
IP
Requested by https://www.donationalerts.com/r/7tanto
Certificate IssuerGlobalSign nv-sa
Subject*.donationalerts.ru
FingerprintA4:2D:F8:7D:9B:F8:E1:6D:06:16:62:48:76:9F:BF:34:E0:C8:17:B3
ValidityTue, 10 Oct 2023 13:10:40 GMT - Sun, 10 Nov 2024 13:10:39 GMT
File type Audio file with ID3 version 2.4.0, contains:\012- MPEG ADTS, layer III, v2, 56 kbps, 22.05 kHz, Monaural\012- data
Hash f6aa5568b05724bbb14c512d148a75fa
c857f90913d480c383f71a8bc15d87aa77d54397
20ad757e11189d73fff0358549eefd662ee3aca4a3fc8f5b970586e153c0be80
GET /tts/preview/narcos.mp3 HTTP/1.1
Host: static.donationalerts.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://www.donationalerts.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 08 Dec 2023 18:59:46 GMT
content-length: 30947
last-modified: Wed, 10 Feb 2021 10:11:37 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
X-Firefox-Spdy: h2
static.donationalerts.ru/tts/preview/pitergr.mp3
200 OK 28 kB URL GET HTTP/2 static.donationalerts.ru/tts/preview/pitergr.mp3
IP
Requested by https://www.donationalerts.com/r/7tanto
Certificate IssuerGlobalSign nv-sa
Subject*.donationalerts.ru
FingerprintA4:2D:F8:7D:9B:F8:E1:6D:06:16:62:48:76:9F:BF:34:E0:C8:17:B3
ValidityTue, 10 Oct 2023 13:10:40 GMT - Sun, 10 Nov 2024 13:10:39 GMT
File type Audio file with ID3 version 2.4.0, contains:\012- MPEG ADTS, layer III, v2, 56 kbps, 22.05 kHz, Monaural\012- data
Hash 66642c47cce76184bc7872c1ea768da7
933418a4e195f4be3dc9fd4c1d4bc760d3a6c479
2b0c36d5a0926876963eaa53498a3c1f3886687566577c3c9c54cd4d7575c372
GET /tts/preview/pitergr.mp3 HTTP/1.1
Host: static.donationalerts.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://www.donationalerts.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 08 Dec 2023 18:59:46 GMT
content-length: 28021
last-modified: Fri, 29 Jan 2021 07:30:19 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
X-Firefox-Spdy: h2
static.donationalerts.ru/tts/preview/lois.mp3
200 OK 27 kB URL GET HTTP/2 static.donationalerts.ru/tts/preview/lois.mp3
IP
Requested by https://www.donationalerts.com/r/7tanto
Certificate IssuerGlobalSign nv-sa
Subject*.donationalerts.ru
FingerprintA4:2D:F8:7D:9B:F8:E1:6D:06:16:62:48:76:9F:BF:34:E0:C8:17:B3
ValidityTue, 10 Oct 2023 13:10:40 GMT - Sun, 10 Nov 2024 13:10:39 GMT
File type Audio file with ID3 version 2.4.0, contains:\012- MPEG ADTS, layer III, v2, 56 kbps, 22.05 kHz, Monaural\012- data
Hash 07c5131086d01a4ffedce0cf2591192e
9a819554655fd5a6619817af0a676849342e2174
c736b237981c9025b51971f95de9d725882ffc8695bceea08a4c07582f0fafdc
GET /tts/preview/lois.mp3 HTTP/1.1
Host: static.donationalerts.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://www.donationalerts.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 08 Dec 2023 18:59:46 GMT
content-length: 26976
last-modified: Fri, 29 Jan 2021 07:30:23 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
X-Firefox-Spdy: h2
static.donationalerts.ru/tts/preview/dedmoroz.mp3
200 OK 30 kB URL GET HTTP/2 static.donationalerts.ru/tts/preview/dedmoroz.mp3
IP
Requested by https://www.donationalerts.com/r/7tanto
Certificate IssuerGlobalSign nv-sa
Subject*.donationalerts.ru
FingerprintA4:2D:F8:7D:9B:F8:E1:6D:06:16:62:48:76:9F:BF:34:E0:C8:17:B3
ValidityTue, 10 Oct 2023 13:10:40 GMT - Sun, 10 Nov 2024 13:10:39 GMT
File type Audio file with ID3 version 2.4.0, contains:\012- MPEG ADTS, layer III, v2, 56 kbps, 22.05 kHz, Monaural\012- data
Hash 27aaccefa63d4e818b1ff2f24e6e8c52
65062fbfd653a3c3afc360678af810651f676899
87c0277b3e076506b726c2164eb6501ae973492a4facc10865193be0868f9d09
GET /tts/preview/dedmoroz.mp3 HTTP/1.1
Host: static.donationalerts.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://www.donationalerts.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 08 Dec 2023 18:59:46 GMT
content-length: 30529
last-modified: Thu, 22 Dec 2022 09:10:52 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
X-Firefox-Spdy: h2
static.donationalerts.ru/tts/preview/bratishkin.mp3
200 OK 21 kB URL GET HTTP/2 static.donationalerts.ru/tts/preview/bratishkin.mp3
IP
Requested by https://www.donationalerts.com/r/7tanto
Certificate IssuerGlobalSign nv-sa
Subject*.donationalerts.ru
FingerprintA4:2D:F8:7D:9B:F8:E1:6D:06:16:62:48:76:9F:BF:34:E0:C8:17:B3
ValidityTue, 10 Oct 2023 13:10:40 GMT - Sun, 10 Nov 2024 13:10:39 GMT
File type Audio file with ID3 version 2.4.0, contains:\012- MPEG ADTS, layer III, v2, 56 kbps, 22.05 kHz, Monaural\012- data
Hash 99e4ce56cf8eb097acf60e2f9025f1d6
87519816093933e275f68b4103695b2c7247aff5
9b3b678cdcaf7d972ba47305a3f70f78107bf250e4be4996d0b2460bdf443a8a
GET /tts/preview/bratishkin.mp3 HTTP/1.1
Host: static.donationalerts.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://www.donationalerts.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 08 Dec 2023 18:59:46 GMT
content-length: 20916
last-modified: Mon, 26 Dec 2022 12:55:51 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
X-Firefox-Spdy: h2
static.donationalerts.ru/tts/preview/stewie.mp3
200 OK 21 kB URL GET HTTP/2 static.donationalerts.ru/tts/preview/stewie.mp3
IP
Requested by https://www.donationalerts.com/r/7tanto
Certificate IssuerGlobalSign nv-sa
Subject*.donationalerts.ru
FingerprintA4:2D:F8:7D:9B:F8:E1:6D:06:16:62:48:76:9F:BF:34:E0:C8:17:B3
ValidityTue, 10 Oct 2023 13:10:40 GMT - Sun, 10 Nov 2024 13:10:39 GMT
File type Audio file with ID3 version 2.4.0, contains:\012- MPEG ADTS, layer III, v2, 56 kbps, 22.05 kHz, Monaural\012- data
Hash e4507bf95cd1775279e76cb0a889f136
d64e995a281e2205781766e54c9deeac8568ceef
60cb6c11559ced050db9303a64cdc40b74c3137216e703c5d9ed42d6ad32307b
GET /tts/preview/stewie.mp3 HTTP/1.1
Host: static.donationalerts.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://www.donationalerts.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 08 Dec 2023 18:59:46 GMT
content-length: 21125
last-modified: Fri, 29 Jan 2021 07:29:48 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
X-Firefox-Spdy: h2
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dI7ZCtdL_Ng.es5.O/am=AIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrjSb0_dWJWIiiOzDjbQtWaknDYnZQ/m=_b,_tp
200 OK 57 kB URL GET HTTP/2 www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dI7ZCtdL_Ng.es5.O/am=AIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrjSb0_dWJWIiiOzDjbQtWaknDYnZQ/m=_b,_tp
IP
Requested by https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwww.donationalerts.com&mid=
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (2336)
Hash 94e7e73565d4a9033f3d17e90c8d4597
08fc3654706ffef39f4a03b61ca246ef170b4182
ea4adb29be5eba9c9a83a841cf10088d5f058fd5f36758902b89911593070e85
GET /_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dI7ZCtdL_Ng.es5.O/am=AIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrjSb0_dWJWIiiOzDjbQtWaknDYnZQ/m=_b,_tp HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-length: 57399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 17:46:29 GMT
expires: Fri, 06 Dec 2024 17:46:29 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 07 Dec 2023 04:49:53 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
age: 90797
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
static.donationalerts.ru/tts/preview/jaina.mp3
200 OK 32 kB URL GET HTTP/2 static.donationalerts.ru/tts/preview/jaina.mp3
IP
Requested by https://www.donationalerts.com/r/7tanto
Certificate IssuerGlobalSign nv-sa
Subject*.donationalerts.ru
FingerprintA4:2D:F8:7D:9B:F8:E1:6D:06:16:62:48:76:9F:BF:34:E0:C8:17:B3
ValidityTue, 10 Oct 2023 13:10:40 GMT - Sun, 10 Nov 2024 13:10:39 GMT
File type Audio file with ID3 version 2.4.0, contains:\012- MPEG ADTS, layer III, v2, 56 kbps, 22.05 kHz, Monaural\012- data
Hash 8953411d8377535f48b28828e86fbe8c
8cb47784e64e691b40cc88aba9f82581ba28dc8f
7f388ee75ebf30648bf844af45724300a4938a1e75c8941d005fa20f91a3053d
GET /tts/preview/jaina.mp3 HTTP/1.1
Host: static.donationalerts.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://www.donationalerts.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 08 Dec 2023 18:59:46 GMT
content-length: 32096
last-modified: Wed, 10 Feb 2021 10:11:30 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
X-Firefox-Spdy: h2
static.donationalerts.ru/tts/preview/deadpool.mp3
200 OK 24 kB URL GET HTTP/2 static.donationalerts.ru/tts/preview/deadpool.mp3
IP
Requested by https://www.donationalerts.com/r/7tanto
Certificate IssuerGlobalSign nv-sa
Subject*.donationalerts.ru
FingerprintA4:2D:F8:7D:9B:F8:E1:6D:06:16:62:48:76:9F:BF:34:E0:C8:17:B3
ValidityTue, 10 Oct 2023 13:10:40 GMT - Sun, 10 Nov 2024 13:10:39 GMT
File type Audio file with ID3 version 2.4.0, contains:\012- MPEG ADTS, layer III, v2, 56 kbps, 22.05 kHz, Monaural\012- data
Hash e337e350e024662e4e816daffd6bc856
42ca0509ccea0535386ae2945ab7a0254a9d40c3
3caa779f376781319a488cb59c4d374cdcade388e39b6ae9b7e151b5e2f183b1
GET /tts/preview/deadpool.mp3 HTTP/1.1
Host: static.donationalerts.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://www.donationalerts.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 08 Dec 2023 18:59:46 GMT
content-length: 23946
last-modified: Wed, 10 Feb 2021 10:11:24 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
X-Firefox-Spdy: h2
static.donationalerts.ru/tts/preview/vinnie.mp3
200 OK 22 kB URL GET HTTP/2 static.donationalerts.ru/tts/preview/vinnie.mp3
IP
Requested by https://www.donationalerts.com/r/7tanto
Certificate IssuerGlobalSign nv-sa
Subject*.donationalerts.ru
FingerprintA4:2D:F8:7D:9B:F8:E1:6D:06:16:62:48:76:9F:BF:34:E0:C8:17:B3
ValidityTue, 10 Oct 2023 13:10:40 GMT - Sun, 10 Nov 2024 13:10:39 GMT
File type Audio file with ID3 version 2.4.0, contains:\012- MPEG ADTS, layer III, v2, 56 kbps, 22.05 kHz, Monaural\012- data
Hash ace209519faa612674c1298ca0ddd442
336f9349e5b1c870f2fea0e8c79e45ca8657e8b1
b7418313fb912b8b14b73176c089b42856be0dc58f4372216ea7356c4cc82c3c
GET /tts/preview/vinnie.mp3 HTTP/1.1
Host: static.donationalerts.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://www.donationalerts.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 08 Dec 2023 18:59:46 GMT
content-length: 22483
last-modified: Wed, 10 Feb 2021 10:11:42 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
X-Firefox-Spdy: h2
static.donationalerts.ru/tts/preview/rusrick.mp3
200 OK 22 kB URL GET HTTP/2 static.donationalerts.ru/tts/preview/rusrick.mp3
IP
Requested by https://www.donationalerts.com/r/7tanto
Certificate IssuerGlobalSign nv-sa
Subject*.donationalerts.ru
FingerprintA4:2D:F8:7D:9B:F8:E1:6D:06:16:62:48:76:9F:BF:34:E0:C8:17:B3
ValidityTue, 10 Oct 2023 13:10:40 GMT - Sun, 10 Nov 2024 13:10:39 GMT
File type Audio file with ID3 version 2.4.0, contains:\012- MPEG ADTS, layer III, v2, 56 kbps, 22.05 kHz, Monaural\012- data
Hash 2bde84e1b47ba27b07ce7e9610794810
075522ab434d7608d20c82719da109a53ccbf620
e7ac3418402d37e723d75ac9cd365aff181cd7c1de0501af3e3585c3f8124ed1
GET /tts/preview/rusrick.mp3 HTTP/1.1
Host: static.donationalerts.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://www.donationalerts.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 08 Dec 2023 18:59:46 GMT
content-length: 22274
last-modified: Fri, 29 Jan 2021 07:30:14 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
X-Firefox-Spdy: h2
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dI7ZCtdL_Ng.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.q9ijrumum2o.L.F4.O/am=AIYY/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrjeonKOJzY9R-1cthHRiVOnnKiBPA/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le
200 OK 27 kB URL GET HTTP/3 www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dI7ZCtdL_Ng.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.q9ijrumum2o.L.F4.O/am=AIYY/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrjeonKOJzY9R-1cthHRiVOnnKiBPA/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le
IP
Requested by https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwww.donationalerts.com&mid=
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (1245)
Hash 3e0717a2b6dff5ad5a9f07d0bb66c999
53d4656c23277f8ad1b7e4487d51fd919a472f23
5a6fb5e4327280fdecb2816f2d35ee013fc5a2c9d69b589a6cff4107b3c67d8a
GET /_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dI7ZCtdL_Ng.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.q9ijrumum2o.L.F4.O/am=AIYY/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrjeonKOJzY9R-1cthHRiVOnnKiBPA/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-length: 27331
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 17:46:31 GMT
expires: Fri, 06 Dec 2024 17:46:31 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Wed, 29 Nov 2023 02:36:23 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
age: 90795
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dI7ZCtdL_Ng.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.q9ijrumum2o.L.F4.O/am=AIYY/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrjeonKOJzY9R-1cthHRiVOnnKiBPA/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
200 OK 3.7 kB URL GET HTTP/3 www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dI7ZCtdL_Ng.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.q9ijrumum2o.L.F4.O/am=AIYY/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrjeonKOJzY9R-1cthHRiVOnnKiBPA/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
IP
Requested by https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwww.donationalerts.com&mid=
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (754)
Hash 891f94f10cc11262933067910b51d536
db754406888ffb7f9cf9fb9200538db595487742
11f2a67e22dc99fd00a9adba3da49729c5bca1e54d33f54f20f9506becee189e
GET /_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dI7ZCtdL_Ng.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.q9ijrumum2o.L.F4.O/am=AIYY/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrjeonKOJzY9R-1cthHRiVOnnKiBPA/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-length: 3727
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 17:46:32 GMT
expires: Fri, 06 Dec 2024 17:46:32 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Wed, 29 Nov 2023 02:36:23 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
age: 90794
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dI7ZCtdL_Ng.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.q9ijrumum2o.L.F4.O/am=AIYY/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrjeonKOJzY9R-1cthHRiVOnnKiBPA/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
200 OK 14 kB URL GET HTTP/3 www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dI7ZCtdL_Ng.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.q9ijrumum2o.L.F4.O/am=AIYY/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrjeonKOJzY9R-1cthHRiVOnnKiBPA/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
IP
Requested by https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwww.donationalerts.com&mid=
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (1499)
Hash 5fd578a17f6ae66dfca1419fdd8a69d4
4d60faac8c16269cb52e402b87e516a75597a129
b154ef162d6daf11cd2acb03f174b4c49437c13e484cdc8d4235a871cda65253
GET /_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dI7ZCtdL_Ng.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.q9ijrumum2o.L.F4.O/am=AIYY/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrjeonKOJzY9R-1cthHRiVOnnKiBPA/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-length: 14143
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 17:46:32 GMT
expires: Fri, 06 Dec 2024 17:46:32 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Wed, 29 Nov 2023 02:36:23 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
age: 90794
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pay.google.com/gp/p/_/InstantbuyFrontendBuyflowPayframeUi/jserror?script=https%3A%2F%2Fwww.gstatic.com%2F_%2Fmss%2Fboq-payments-consumer%2F_%2Fjs%2Fk%3Dboq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dI7ZCtdL_Ng.es5.O%2Fck%3Dboq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.q9ijrumum2o.L.F4.O%2Fam%3DAIYY%2Fd%3D1%2Fexm%3D_b%2C_tp%2Fexcm%3D_b%2C_tp%2Cpayframeview%2Fed%3D1%2Fwt%3D2%2Fujg%3D1%2Frs%3DAMitfrjeonKOJzY9R-1cthHRiVOnnKiBPA%2Fee%3DEmZ2Bf%3Azr1jrb%3BErl4fe%3AFloWmf%3BJsbNhc%3AXd8iUd%3BLBgRLc%3AXVMNvd%3BMe32dd%3AMEeYgc%3BNPKaK%3APVlQOd%3BNSEoX%3AlazG7b%3BOj465e%3AKG2eXe%3BPjplud%3AEEDORb%3BQGR0gd%3AMlhmy%3BSNUn3%3AZwDk9d%3Ba56pNe%3AJEfCwb%3BcEt90b%3Aws9Tlc%3BdIoSBb%3ASpsfSb%3BeBAeSb%3AzbML3c%3BiFQyKf%3AvfuNJf%3Bio8t5d%3AyDVVkb%3BkMFpHd%3AOTA3Ae%3BnAFL3%3ANTMZac%3BoGtAuc%3AsOXFj%3BqddgKe%3AxQtZb%3BsP4Vbe%3AVwDzFe%3BuY49fb%3ACOQbmf%3Bul9GGd%3AVDovNc%3BwR5FRb%3AsiKnQd%3ByEQyxe%3Ap8L0ob%3ByxTchf%3AKUM7Z%2Fm%3DDas5Le&error=The%20operation%20is%20insecure.&line=235
204 No Content 0 B URL POST HTTP/3 pay.google.com/gp/p/_/InstantbuyFrontendBuyflowPayframeUi/jserror?script=https%3A%2F%2Fwww.gstatic.com%2F_%2Fmss%2Fboq-payments-consumer%2F_%2Fjs%2Fk%3Dboq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dI7ZCtdL_Ng.es5.O%2Fck%3Dboq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.q9ijrumum2o.L.F4.O%2Fam%3DAIYY%2Fd%3D1%2Fexm%3D_b%2C_tp%2Fexcm%3D_b%2C_tp%2Cpayframeview%2Fed%3D1%2Fwt%3D2%2Fujg%3D1%2Frs%3DAMitfrjeonKOJzY9R-1cthHRiVOnnKiBPA%2Fee%3DEmZ2Bf%3Azr1jrb%3BErl4fe%3AFloWmf%3BJsbNhc%3AXd8iUd%3BLBgRLc%3AXVMNvd%3BMe32dd%3AMEeYgc%3BNPKaK%3APVlQOd%3BNSEoX%3AlazG7b%3BOj465e%3AKG2eXe%3BPjplud%3AEEDORb%3BQGR0gd%3AMlhmy%3BSNUn3%3AZwDk9d%3Ba56pNe%3AJEfCwb%3BcEt90b%3Aws9Tlc%3BdIoSBb%3ASpsfSb%3BeBAeSb%3AzbML3c%3BiFQyKf%3AvfuNJf%3Bio8t5d%3AyDVVkb%3BkMFpHd%3AOTA3Ae%3BnAFL3%3ANTMZac%3BoGtAuc%3AsOXFj%3BqddgKe%3AxQtZb%3BsP4Vbe%3AVwDzFe%3BuY49fb%3ACOQbmf%3Bul9GGd%3AVDovNc%3BwR5FRb%3AsiKnQd%3ByEQyxe%3Ap8L0ob%3ByxTchf%3AKUM7Z%2Fm%3DDas5Le&error=The%20operation%20is%20insecure.&line=235
IP
Requested by https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwww.donationalerts.com&mid=
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:3A:D9:47:14:B0:78:30:A1:BF:B4:45:F6:F5:81:AD:0A:C7:76:89
ValidityMon, 20 Nov 2023 08:02:55 GMT - Mon, 12 Feb 2024 08:02:54 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /gp/p/_/InstantbuyFrontendBuyflowPayframeUi/jserror?script=https%3A%2F%2Fwww.gstatic.com%2F_%2Fmss%2Fboq-payments-consumer%2F_%2Fjs%2Fk%3Dboq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dI7ZCtdL_Ng.es5.O%2Fck%3Dboq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.q9ijrumum2o.L.F4.O%2Fam%3DAIYY%2Fd%3D1%2Fexm%3D_b%2C_tp%2Fexcm%3D_b%2C_tp%2Cpayframeview%2Fed%3D1%2Fwt%3D2%2Fujg%3D1%2Frs%3DAMitfrjeonKOJzY9R-1cthHRiVOnnKiBPA%2Fee%3DEmZ2Bf%3Azr1jrb%3BErl4fe%3AFloWmf%3BJsbNhc%3AXd8iUd%3BLBgRLc%3AXVMNvd%3BMe32dd%3AMEeYgc%3BNPKaK%3APVlQOd%3BNSEoX%3AlazG7b%3BOj465e%3AKG2eXe%3BPjplud%3AEEDORb%3BQGR0gd%3AMlhmy%3BSNUn3%3AZwDk9d%3Ba56pNe%3AJEfCwb%3BcEt90b%3Aws9Tlc%3BdIoSBb%3ASpsfSb%3BeBAeSb%3AzbML3c%3BiFQyKf%3AvfuNJf%3Bio8t5d%3AyDVVkb%3BkMFpHd%3AOTA3Ae%3BnAFL3%3ANTMZac%3BoGtAuc%3AsOXFj%3BqddgKe%3AxQtZb%3BsP4Vbe%3AVwDzFe%3BuY49fb%3ACOQbmf%3Bul9GGd%3AVDovNc%3BwR5FRb%3AsiKnQd%3ByEQyxe%3Ap8L0ob%3ByxTchf%3AKUM7Z%2Fm%3DDas5Le&error=The%20operation%20is%20insecure.&line=235 HTTP/1.1
Host: pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay.google.com/
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 23447
Origin: https://pay.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 08 Dec 2023 18:59:46 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport, script-src 'nonce-ZfoZW9VnDv9CTYKo-Ny8Ww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy: same-origin
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=511=W5aDMq-UumDbb_BmqA4a4e6Wvx42xNYDYcluZHvjeyhoTPDq_LxLfMw6csKTVwcQ59RizYUcTZTcaQiD9qbpg04NMmw8NnWlDrAB234z9jkZEfQv-Vim9ydSnBXHZkwdHJnh0w-xH4ix78kGW4nvqtrQA28DFWpNfX8Yv1MDCME; expires=Sat, 08-Jun-2024 18:59:46 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pay.google.com/gp/p/js/pay.js
200 OK 37 kB URL GET HTTP/2 pay.google.com/gp/p/js/pay.js
IP
Requested by https://www.donationalerts.com/r/7tanto
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:3A:D9:47:14:B0:78:30:A1:BF:B4:45:F6:F5:81:AD:0A:C7:76:89
ValidityMon, 20 Nov 2023 08:02:55 GMT - Mon, 12 Feb 2024 08:02:54 GMT
File type gzip compressed data, max compression\012- data
Hash d259beb8967309ed5dd25acdfa1c5d31
d1785b68690294081a3963e31b05e09d31f34645
3b883f8a0ae6be785131db89ed4f71f437e180d8f73a9e74bb2020b2a755a8e1
GET /gp/p/js/pay.js HTTP/1.1
Host: pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.donationalerts.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
expires: Fri, 08 Dec 2023 18:59:45 GMT
date: Fri, 08 Dec 2023 18:59:45 GMT
cache-control: private, max-age=600
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy: same-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'nonce-PpFLkgnfb8mcbEkqtQtglA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=511=rB3rKWGpKEBD7WUgFSQzlZGJm-hpwcAzQpGnszNceG5T1wF4JyZhr_oxVHS2YJRsaUPnrf5lEomxoKS1kX0W6GNPvzfBQfBScfF-MCAdixD-TKWjx-UpezolN-mBASRuKezxKT4HzmRIbCTma00SeGAGTm5KBS0Ji2wuq27wHBY; expires=Sat, 08-Jun-2024 18:59:45 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
play.google.com/log?format=json&hasfast=true&authuser=0
200 OK 0 B URL OPTIONS HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP
Requested by https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwww.donationalerts.com&mid=
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://pay.google.com/
Origin: https://pay.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Fri, 08 Dec 2023 18:59:46 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+905; expires=Sun, 07-Dec-2025 18:59:46 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 08 Dec 2023 18:59:46 GMT
cache-control: private
X-Firefox-Spdy: h2
play.google.com/log?format=json&hasfast=true&authuser=0
200 OK 0 B URL OPTIONS HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP
Requested by https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwww.donationalerts.com&mid=
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://pay.google.com/
Origin: https://pay.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Fri, 08 Dec 2023 18:59:46 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+862; expires=Sun, 07-Dec-2025 18:59:46 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 08 Dec 2023 18:59:46 GMT
cache-control: private
X-Firefox-Spdy: h2
play.google.com/log?format=json&hasfast=true&authuser=0
200 OK 0 B URL OPTIONS HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP
Requested by https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwww.donationalerts.com&mid=
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://pay.google.com/
Origin: https://pay.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Fri, 08 Dec 2023 18:59:46 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+410; expires=Sun, 07-Dec-2025 18:59:46 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 08 Dec 2023 18:59:46 GMT
cache-control: private
X-Firefox-Spdy: h2
play.google.com/log?format=json&hasfast=true&authuser=0
200 OK 0 B URL OPTIONS HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP
Requested by https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwww.donationalerts.com&mid=
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://pay.google.com/
Origin: https://pay.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Fri, 08 Dec 2023 18:59:46 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+373; expires=Sun, 07-Dec-2025 18:59:46 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 08 Dec 2023 18:59:46 GMT
cache-control: private
X-Firefox-Spdy: h2
play.google.com/log?format=json&hasfast=true&authuser=0
200 OK 0 B URL OPTIONS HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP
Requested by https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwww.donationalerts.com&mid=
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://pay.google.com/
Origin: https://pay.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Fri, 08 Dec 2023 18:59:46 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+424; expires=Sun, 07-Dec-2025 18:59:46 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 08 Dec 2023 18:59:46 GMT
cache-control: private
X-Firefox-Spdy: h2
play.google.com/log?format=json&hasfast=true&authuser=0
200 OK 0 B URL OPTIONS HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP
Requested by https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwww.donationalerts.com&mid=
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://pay.google.com/
Origin: https://pay.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Fri, 08 Dec 2023 18:59:46 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+550; expires=Sun, 07-Dec-2025 18:59:46 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 08 Dec 2023 18:59:46 GMT
cache-control: private
X-Firefox-Spdy: h2
play.google.com/log?format=json&hasfast=true&authuser=0
200 OK 131 B URL OPTIONS HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP
Requested by https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwww.donationalerts.com&mid=
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash ca0b7e866005f6774d284b9f438ebfd2
53644f5ee3640189bdb223473ba6a2d46606c556
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 673
Origin: https://pay.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://pay.google.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Fri, 08 Dec 2023 18:59:46 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+884; expires=Sun, 07-Dec-2025 18:59:46 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 08 Dec 2023 18:59:46 GMT
X-Firefox-Spdy: h2
play.google.com/log?format=json&hasfast=true&authuser=0
200 OK 131 B URL OPTIONS HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP
Requested by https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwww.donationalerts.com&mid=
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash ca0b7e866005f6774d284b9f438ebfd2
53644f5ee3640189bdb223473ba6a2d46606c556
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 698
Origin: https://pay.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://pay.google.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Fri, 08 Dec 2023 18:59:46 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+637; expires=Sun, 07-Dec-2025 18:59:46 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 08 Dec 2023 18:59:46 GMT
X-Firefox-Spdy: h2
play.google.com/log?format=json&hasfast=true&authuser=0
200 OK 131 B URL OPTIONS HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP
Requested by https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwww.donationalerts.com&mid=
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash ca0b7e866005f6774d284b9f438ebfd2
53644f5ee3640189bdb223473ba6a2d46606c556
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 656
Origin: https://pay.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://pay.google.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Fri, 08 Dec 2023 18:59:47 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+356; expires=Sun, 07-Dec-2025 18:59:47 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 08 Dec 2023 18:59:47 GMT
X-Firefox-Spdy: h2
play.google.com/log?format=json&hasfast=true&authuser=0
200 OK 131 B URL OPTIONS HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP
Requested by https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwww.donationalerts.com&mid=
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash ca0b7e866005f6774d284b9f438ebfd2
53644f5ee3640189bdb223473ba6a2d46606c556
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 657
Origin: https://pay.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://pay.google.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Fri, 08 Dec 2023 18:59:47 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+861; expires=Sun, 07-Dec-2025 18:59:47 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 08 Dec 2023 18:59:47 GMT
X-Firefox-Spdy: h2
play.google.com/log?format=json&hasfast=true&authuser=0
200 OK 131 B URL OPTIONS HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP
Requested by https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwww.donationalerts.com&mid=
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash ca0b7e866005f6774d284b9f438ebfd2
53644f5ee3640189bdb223473ba6a2d46606c556
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 672
Origin: https://pay.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://pay.google.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Fri, 08 Dec 2023 18:59:47 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+834; expires=Sun, 07-Dec-2025 18:59:47 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 08 Dec 2023 18:59:47 GMT
X-Firefox-Spdy: h2
play.google.com/log?format=json&hasfast=true&authuser=0
200 OK 131 B URL OPTIONS HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP
Requested by https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwww.donationalerts.com&mid=
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash ca0b7e866005f6774d284b9f438ebfd2
53644f5ee3640189bdb223473ba6a2d46606c556
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 655
Origin: https://pay.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://pay.google.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Fri, 08 Dec 2023 18:59:47 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+911; expires=Sun, 07-Dec-2025 18:59:47 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 08 Dec 2023 18:59:47 GMT
X-Firefox-Spdy: h2
www.donationalerts.com/static/donations/dist/favicon.ico
200 OK 15 kB URL GET HTTP/2 www.donationalerts.com/static/donations/dist/favicon.ico
IP
Requested by https://www.donationalerts.com/r/7tanto
Certificate IssuerGlobalSign nv-sa
Subject*.donationalerts.ru
FingerprintA4:2D:F8:7D:9B:F8:E1:6D:06:16:62:48:76:9F:BF:34:E0:C8:17:B3
ValidityTue, 10 Oct 2023 13:10:40 GMT - Sun, 10 Nov 2024 13:10:39 GMT
File type MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash d966ede2003b499d018fd5b9a2d0a8e3
b8735ba7328f3f187a99412d811c28ac4639f0ed
360859ac177fa559f7b7bdc97d1f3d259d43495ba3ce5aa3d23baca1e61135b1
GET /static/donations/dist/favicon.ico HTTP/1.1
Host: www.donationalerts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.donationalerts.com/r/7tanto
DNT: 1
Connection: keep-alive
Cookie: apid=328765263_72090c037faeb0943f560fddb48c7919; laravel_session=eyJpdiI6Ikl6MDRqNEVOa244WkFobjBhZURzVVE9PSIsInZhbHVlIjoiQzJLUldVOXlHdDdhTVJwNTM2ZXZuODRzM3VHb0E3THBEcVR1T3V2a010R3pZK01EOFIxbTdsaUd0RVhvZlFCTUJWb0xIcnBZWFM0V2hrYmE5L0tEMjR4NU5ZWWQ5L0FzZnlyamEzM3FDYlRJTWNQMXN6S0VwdTRkTWpWM1A3VU4iLCJtYWMiOiJhNDNjYjRjOGU1MjUzMDViNjg0NDgwYTIxMzk0MTI0YTA5YzdjNDZlMmQ4YTQ3MWRiNmYwNzJkMWJkNmFlMDkwIiwidGFnIjoiIn0%3D; mr1lad=657367a152c122b8-0-0-
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 08 Dec 2023 18:59:45 GMT
content-type: image/x-icon
last-modified: Thu, 07 Dec 2023 12:50:47 GMT
etag: W/"6571bfa7-3aee"
content-security-policy: frame-ancestors 'self'
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
content-encoding: br
X-Firefox-Spdy: h2
www.donationalerts.com/api/v1/env/front
200 OK 1.5 kB URL GET HTTP/2 www.donationalerts.com/api/v1/env/front
IP
Requested by https://www.donationalerts.com/r/7tanto
Certificate IssuerGlobalSign nv-sa
Subject*.donationalerts.ru
FingerprintA4:2D:F8:7D:9B:F8:E1:6D:06:16:62:48:76:9F:BF:34:E0:C8:17:B3
ValidityTue, 10 Oct 2023 13:10:40 GMT - Sun, 10 Nov 2024 13:10:39 GMT
File type troff or preprocessor input, ASCII text, with very long lines (1701), with no line terminators
Hash 4aa63c7f9b93c90ef038f181c236a290
f625e074c40e30abd8f743e67e23066363921213
9cecfca65253a31f1996d1f0d8201f7b2102dcd17cfa7a80b5692b0a7f1a4d41
GET /api/v1/env/front HTTP/1.1
Host: www.donationalerts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.donationalerts.com/r/7tanto
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 08 Dec 2023 18:59:44 GMT
content-type: application/json
cache-control: no-cache, private
content-language: en_US
content-security-policy: frame-ancestors 'self'
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
content-encoding: br
X-Firefox-Spdy: h2
www.donationalerts.com/static/donations/dist/js/app.c02766a5.js
200 OK 386 kB URL GET HTTP/2 www.donationalerts.com/static/donations/dist/js/app.c02766a5.js
IP
Requested by https://www.donationalerts.com/r/7tanto
Certificate IssuerGlobalSign nv-sa
Subject*.donationalerts.ru
FingerprintA4:2D:F8:7D:9B:F8:E1:6D:06:16:62:48:76:9F:BF:34:E0:C8:17:B3
ValidityTue, 10 Oct 2023 13:10:40 GMT - Sun, 10 Nov 2024 13:10:39 GMT
Size 386 kB (385660 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /static/donations/dist/js/app.c02766a5.js HTTP/1.1
Host: www.donationalerts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.donationalerts.com/r/7tanto
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 08 Dec 2023 18:59:44 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 07 Dec 2023 12:50:47 GMT
etag: W/"6571bfa7-5e27c"
content-security-policy: frame-ancestors 'self'
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
content-encoding: br
X-Firefox-Spdy: h2
www.donationalerts.com/static/donations/localization/en_US.json?t=1702061991.488
200 OK 8.3 kB URL GET HTTP/2 www.donationalerts.com/static/donations/localization/en_US.json?t=1702061991.488
IP
Requested by https://www.donationalerts.com/r/7tanto
Certificate IssuerGlobalSign nv-sa
Subject*.donationalerts.ru
FingerprintA4:2D:F8:7D:9B:F8:E1:6D:06:16:62:48:76:9F:BF:34:E0:C8:17:B3
ValidityTue, 10 Oct 2023 13:10:40 GMT - Sun, 10 Nov 2024 13:10:39 GMT
File type troff or preprocessor input, Unicode text, UTF-8 text, with very long lines (8521), with no line terminators
Hash b07180a3673a52369b9fbe4243b74f72
814b04f1a1f93ba20e0c3f412de32428963d050d
b516f8633eb93839fde65c65ec109a221046799c8f17581f93195faa4ea10521
GET /static/donations/localization/en_US.json?t=1702061991.488 HTTP/1.1
Host: www.donationalerts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.donationalerts.com/r/7tanto
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 08 Dec 2023 18:59:44 GMT
content-type: application/json
last-modified: Thu, 07 Dec 2023 12:50:47 GMT
etag: W/"6571bfa7-2066"
content-security-policy: frame-ancestors 'self'
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
content-encoding: br
X-Firefox-Spdy: h2
www.donationalerts.com/api/v1/anonymouspayer
201 Created 77 B URL POST HTTP/2 www.donationalerts.com/api/v1/anonymouspayer
IP
Requested by https://www.donationalerts.com/r/7tanto
Certificate IssuerGlobalSign nv-sa
Subject*.donationalerts.ru
FingerprintA4:2D:F8:7D:9B:F8:E1:6D:06:16:62:48:76:9F:BF:34:E0:C8:17:B3
ValidityTue, 10 Oct 2023 13:10:40 GMT - Sun, 10 Nov 2024 13:10:39 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash a287aefdb8743a4f7c187a1c1aacdcb2
05c254497d660c8a0cd05d0497017b54fdf7ec48
1f7543dcdc4defce477640b1f8b6c54c9866a49b001e4e08f715a96b67305f51
POST /api/v1/anonymouspayer HTTP/1.1
Host: www.donationalerts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: undefined
Accept-Encoding: gzip, deflate, br
Referer: https://www.donationalerts.com/r/7tanto
Content-Type: application/json
Content-Length: 2
Origin: https://www.donationalerts.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 201 Created
server: nginx
date: Fri, 08 Dec 2023 18:59:44 GMT
content-type: application/json
cache-control: no-cache, private
access-control-allow-origin: https://www.donationalerts.com
access-control-allow-headers: Content-Type, x-Requested-With, Authorization, x-xsrf-token, accept-language, jwt
access-control-allow-credentials: true
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-language: en_US
content-security-policy: frame-ancestors 'self'
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
X-Firefox-Spdy: h2
pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwww.donationalerts.com&mid=
200 OK 19 kB URL GET HTTP/3 pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwww.donationalerts.com&mid=
IP
Requested by https://www.donationalerts.com/r/7tanto
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:3A:D9:47:14:B0:78:30:A1:BF:B4:45:F6:F5:81:AD:0A:C7:76:89
ValidityMon, 20 Nov 2023 08:02:55 GMT - Mon, 12 Feb 2024 08:02:54 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3784)
Hash d3dea97d4646ab603ae4fe51ff0e3df9
0c9279d6d4ebe693fb054b102e7728655e7e24f2
f729ebb428b6709220e695e85a2cc1db62a49bbd7fa4e0e824ff3597e8df738e
GET /gp/p/ui/payframe?origin=https%3A%2F%2Fwww.donationalerts.com&mid= HTTP/1.1
Host: pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.donationalerts.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
expires: Fri, 08 Dec 2023 18:59:46 GMT
date: Fri, 08 Dec 2023 18:59:46 GMT
cache-control: private, max-age=3600
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport, script-src 'nonce-K2Se3ODvMD4SSAWhqj5AVQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
cross-origin-resource-policy: same-site
cross-origin-opener-policy: same-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=LPIVzB4shFdfLomj9Bdg0pEMopalgQQdyG8tn6nUXxaxLmNV449ESYSkNHoCsppmhU9E1bEWb3cyMFVk9dyJJ1mk6Kpr5hIRDMNevDvWtrQEHjFG8_8W9cvG5D7EtwwDyEtdfJw0ssoaRt1--M3PquageAfoQ2INkmaNPkV_Myo; expires=Sat, 08-Jun-2024 18:59:45 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.donationalerts.com/r/7tanto
200 OK 970 B URL User Request GET HTTP/2 www.donationalerts.com/r/7tanto
IP
Certificate IssuerGlobalSign nv-sa
Subject*.donationalerts.ru
FingerprintA4:2D:F8:7D:9B:F8:E1:6D:06:16:62:48:76:9F:BF:34:E0:C8:17:B3
ValidityTue, 10 Oct 2023 13:10:40 GMT - Sun, 10 Nov 2024 13:10:39 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1012), with no line terminators
Hash 644b3ca0f6a0a1aa74b60dbbcf90c595
dad612deb2aae9314e8a1480b20bb62da2b0fd39
faa750095e6de7745aaa4c761e74c01c84df4a70ae7cfad544ae4b1fb4b4be2b
GET /r/7tanto HTTP/1.1
Host: www.donationalerts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 08 Dec 2023 18:59:43 GMT
content-type: text/html; charset=UTF-8
referrer-policy: no-referrer-when-downgrade
content-encoding: br
X-Firefox-Spdy: h2
www.donationalerts.com/api/v1/user/7tanto/donationpagesettings
200 OK 8.4 kB URL GET HTTP/2 www.donationalerts.com/api/v1/user/7tanto/donationpagesettings
IP
Requested by https://www.donationalerts.com/r/7tanto
Certificate IssuerGlobalSign nv-sa
Subject*.donationalerts.ru
FingerprintA4:2D:F8:7D:9B:F8:E1:6D:06:16:62:48:76:9F:BF:34:E0:C8:17:B3
ValidityTue, 10 Oct 2023 13:10:40 GMT - Sun, 10 Nov 2024 13:10:39 GMT
File type troff or preprocessor input, ASCII text, with very long lines (9833), with no line terminators
Hash 7d056e05f8abd8995a62c2b535979a1f
c0b6100ef9563af4e64fd8abdbf48220d9332721
f553b722b15d885fd7f2ca08451993a9c8770a9a2d0693554e2d3a67ac778396
GET /api/v1/user/7tanto/donationpagesettings HTTP/1.1
Host: www.donationalerts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en_US
Accept-Encoding: gzip, deflate, br
Referer: https://www.donationalerts.com/r/7tanto
DNT: 1
Connection: keep-alive
Cookie: apid=328765263_72090c037faeb0943f560fddb48c7919; laravel_session=eyJpdiI6Ikl6MDRqNEVOa244WkFobjBhZURzVVE9PSIsInZhbHVlIjoiQzJLUldVOXlHdDdhTVJwNTM2ZXZuODRzM3VHb0E3THBEcVR1T3V2a010R3pZK01EOFIxbTdsaUd0RVhvZlFCTUJWb0xIcnBZWFM0V2hrYmE5L0tEMjR4NU5ZWWQ5L0FzZnlyamEzM3FDYlRJTWNQMXN6S0VwdTRkTWpWM1A3VU4iLCJtYWMiOiJhNDNjYjRjOGU1MjUzMDViNjg0NDgwYTIxMzk0MTI0YTA5YzdjNDZlMmQ4YTQ3MWRiNmYwNzJkMWJkNmFlMDkwIiwidGFnIjoiIn0%3D; mr1lad=657367a152c122b8-0-0-
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 08 Dec 2023 18:59:45 GMT
content-type: application/json
cache-control: no-cache, private
content-language: en_US
content-security-policy: frame-ancestors 'self'
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
content-encoding: br
X-Firefox-Spdy: h2
www.donationalerts.com/static/donations/dist/css/app.ff2a1afb.css
200 OK 117 kB URL GET HTTP/2 www.donationalerts.com/static/donations/dist/css/app.ff2a1afb.css
IP
Requested by https://www.donationalerts.com/r/7tanto
Certificate IssuerGlobalSign nv-sa
Subject*.donationalerts.ru
FingerprintA4:2D:F8:7D:9B:F8:E1:6D:06:16:62:48:76:9F:BF:34:E0:C8:17:B3
ValidityTue, 10 Oct 2023 13:10:40 GMT - Sun, 10 Nov 2024 13:10:39 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 117 kB (117006 bytes)
Hash 8cb39547481b27e3f516d808b711ad85
e37c81f25e59b51d89021f90280da479fd4278bf
08a7da74d44eef136df0cb2b200ce0bcc3e63e7ac2d6784a301b9943c0be8447
GET /static/donations/dist/css/app.ff2a1afb.css HTTP/1.1
Host: www.donationalerts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.donationalerts.com/r/7tanto
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 08 Dec 2023 18:59:44 GMT
content-type: text/css
last-modified: Thu, 07 Dec 2023 12:50:47 GMT
etag: W/"6571bfa7-1c90e"
content-security-policy: frame-ancestors 'self'
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
content-encoding: br
X-Firefox-Spdy: h2
www.donationalerts.com/api/v1/session/token?spa_page=donations
202 Accepted 70 B URL GET HTTP/2 www.donationalerts.com/api/v1/session/token?spa_page=donations
IP
Requested by https://www.donationalerts.com/r/7tanto
Certificate IssuerGlobalSign nv-sa
Subject*.donationalerts.ru
FingerprintA4:2D:F8:7D:9B:F8:E1:6D:06:16:62:48:76:9F:BF:34:E0:C8:17:B3
ValidityTue, 10 Oct 2023 13:10:40 GMT - Sun, 10 Nov 2024 13:10:39 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash b65222eafbad382f2d50ab4556270e2c
9e94ce822c86ecbc4f0325f4064cc1817f04cd29
e46aa6f514b1b3524e8a8b9ef1eafa8f5633e613832252c4328f0d92558e3d63
GET /api/v1/session/token?spa_page=donations HTTP/1.1
Host: www.donationalerts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en_US
Accept-Encoding: gzip, deflate, br
Referer: https://www.donationalerts.com/r/7tanto
DNT: 1
Connection: keep-alive
Cookie: apid=328765263_72090c037faeb0943f560fddb48c7919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 202 Accepted
server: nginx
date: Fri, 08 Dec 2023 18:59:44 GMT
content-type: application/json
cache-control: no-cache, private
set-cookie: laravel_session=eyJpdiI6Ikl6MDRqNEVOa244WkFobjBhZURzVVE9PSIsInZhbHVlIjoiQzJLUldVOXlHdDdhTVJwNTM2ZXZuODRzM3VHb0E3THBEcVR1T3V2a010R3pZK01EOFIxbTdsaUd0RVhvZlFCTUJWb0xIcnBZWFM0V2hrYmE5L0tEMjR4NU5ZWWQ5L0FzZnlyamEzM3FDYlRJTWNQMXN6S0VwdTRkTWpWM1A3VU4iLCJtYWMiOiJhNDNjYjRjOGU1MjUzMDViNjg0NDgwYTIxMzk0MTI0YTA5YzdjNDZlMmQ4YTQ3MWRiNmYwNzJkMWJkNmFlMDkwIiwidGFnIjoiIn0%3D; path=/; domain=donationalerts.com; httponly
X-Firefox-Spdy: h2
www.donationalerts.com/static/donations/dist/js/chunk-vendors.23ddc01f.js
200 OK 644 kB URL GET HTTP/2 www.donationalerts.com/static/donations/dist/js/chunk-vendors.23ddc01f.js
IP
Requested by https://www.donationalerts.com/r/7tanto
Certificate IssuerGlobalSign nv-sa
Subject*.donationalerts.ru
FingerprintA4:2D:F8:7D:9B:F8:E1:6D:06:16:62:48:76:9F:BF:34:E0:C8:17:B3
ValidityTue, 10 Oct 2023 13:10:40 GMT - Sun, 10 Nov 2024 13:10:39 GMT
Size 644 kB (644342 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /static/donations/dist/js/chunk-vendors.23ddc01f.js HTTP/1.1
Host: www.donationalerts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.donationalerts.com/r/7tanto
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 08 Dec 2023 18:59:44 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 07 Dec 2023 12:50:47 GMT
etag: W/"6571bfa7-9d4f6"
content-security-policy: frame-ancestors 'self'
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
content-encoding: br
X-Firefox-Spdy: h2
www.donationalerts.com/api/v1/merchandise?user_id=10791090
200 OK 11 B URL GET HTTP/2 www.donationalerts.com/api/v1/merchandise?user_id=10791090
IP
Requested by https://www.donationalerts.com/r/7tanto
Certificate IssuerGlobalSign nv-sa
Subject*.donationalerts.ru
FingerprintA4:2D:F8:7D:9B:F8:E1:6D:06:16:62:48:76:9F:BF:34:E0:C8:17:B3
ValidityTue, 10 Oct 2023 13:10:40 GMT - Sun, 10 Nov 2024 13:10:39 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 0ea347f72827ba87cab78c4bb99a9a9d
5f8f9c4077c6f31a1b6055b4e58245ba214e671b
9349818b4ced37353f71550919472c2cba1a33f5d148868dcf22e61b86461249
GET /api/v1/merchandise?user_id=10791090 HTTP/1.1
Host: www.donationalerts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en_US
Accept-Encoding: gzip, deflate, br
Referer: https://www.donationalerts.com/r/7tanto
DNT: 1
Connection: keep-alive
Cookie: apid=328765263_72090c037faeb0943f560fddb48c7919; laravel_session=eyJpdiI6Ikl6MDRqNEVOa244WkFobjBhZURzVVE9PSIsInZhbHVlIjoiQzJLUldVOXlHdDdhTVJwNTM2ZXZuODRzM3VHb0E3THBEcVR1T3V2a010R3pZK01EOFIxbTdsaUd0RVhvZlFCTUJWb0xIcnBZWFM0V2hrYmE5L0tEMjR4NU5ZWWQ5L0FzZnlyamEzM3FDYlRJTWNQMXN6S0VwdTRkTWpWM1A3VU4iLCJtYWMiOiJhNDNjYjRjOGU1MjUzMDViNjg0NDgwYTIxMzk0MTI0YTA5YzdjNDZlMmQ4YTQ3MWRiNmYwNzJkMWJkNmFlMDkwIiwidGFnIjoiIn0%3D; mr1lad=657367a152c122b8-0-0-
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 08 Dec 2023 18:59:45 GMT
content-type: application/json
cache-control: no-cache, private
content-language: en_US
content-security-policy: frame-ancestors 'self'
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
content-encoding: br
X-Firefox-Spdy: h2
5.61.238.4
17.253.39.202
142.250.74.35
0.0.0.0