pages.donately.com Open in urlscan Pro
151.101.193.91 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://pages.donately.com/
Effective URL:
https://pages.donately.com/demo//1
Submission: On October 15 via api (October 15th 2023, 6:10:01 pm UTC) from US — Scanned from DE

Summary HTTP 102 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 41 IPs in 3 countries across 32 domains to perform 102 HTTP transactions. The main IP is 151.101.193.91, located in United States and belongs to FASTLY, US. The main domain is pages.donately.com.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on June 15th 2023. Valid for: a year.

This is the only time pages.donately.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 10	151.101.193.91 151.101.193.91	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	35.190.10.96 35.190.10.96	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:212... 2600:9000:2127:c200:a:891a:6d40:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
4	2a02:26f0:710... 2a02:26f0:7100::1720:ef23	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	146.75.116.157 146.75.116.157	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:bc59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2400:52e0:1e0... 2400:52e0:1e00::1082:1	200325 (BUNNYCDN) (BUNNYCDN)
2	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c04::9a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
4 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:1cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:f8a8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:991b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:4cba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:c07c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:e3a3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:7c0c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2400:52e0:1e0... 2400:52e0:1e00::1080:1	200325 (BUNNYCDN) (BUNNYCDN)
3	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	157.245.25.14 157.245.25.14	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2400:52e0:1e0... 2400:52e0:1e00::1081:1	200325 (BUNNYCDN) (BUNNYCDN)
6	2606:4700::68... 2606:4700::6812:b05d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.117.177.207 34.117.177.207	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2606:4700::68... 2606:4700::6811:cacc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
3	162.247.241.2 162.247.241.2	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
102	41

10 151.101.193.91 (United States) 1 redirects

ASN54113 (FASTLY, US)

pages.donately.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.donately.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.donately.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.10.96 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 96.10.190.35.bc.googleusercontent.com

collector-px963uiwkr.px-cloud.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:c200:a:891a:6d40:93a1 (United States)

ASN16509 (AMAZON-02, US)

uploads.donately.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:7100::1720:ef23 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:bc59 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:cc (United States)

ASN13335 (CLOUDFLARENET, US)

acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1e00::1082:1 (Germany)

ASN200325 (BUNNYCDN, SI)

onsite.optimonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c04::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1cc (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:f8a8 (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:991b (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4cba (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:c07c (United States)

ASN13335 (CLOUDFLARENET, US)

js.hubspotfeedback.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e3a3 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:7c0c (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1e00::1080:1 (Germany)

ASN200325 (BUNNYCDN, SI)

cdn-account.optimonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.245.25.14 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

front.optimonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1e00::1081:1 (Germany)

ASN200325 (BUNNYCDN, SI)

gs-cdn.optimonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:b05d (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.177.207 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 207.177.117.34.bc.googleusercontent.com

jfapiprod.optimonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:cacc (United States)

ASN13335 (CLOUDFLARENET, US)

feedback.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.247.241.2 (United States)

ASN23467 (NEWRELIC-AS-1, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	donately.com 1 redirects pages.donately.com api.donately.com uploads.donately.com cdn.donately.com	667 KB
9	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	699 KB
8	hubspot.com api.hubspot.com — Cisco Umbrella Rank: 5258 app.hubspot.com — Cisco Umbrella Rank: 6214 track.hubspot.com — Cisco Umbrella Rank: 2658 forms.hubspot.com — Cisco Umbrella Rank: 5406	27 KB
8	optimonk.com onsite.optimonk.com — Cisco Umbrella Rank: 48720 cdn-account.optimonk.com — Cisco Umbrella Rank: 48526 front.optimonk.com — Cisco Umbrella Rank: 26743 gs-cdn.optimonk.com — Cisco Umbrella Rank: 33517 jfapiprod.optimonk.com — Cisco Umbrella Rank: 30513	108 KB
6	hsappstatic.net static.hsappstatic.net — Cisco Umbrella Rank: 6516	313 KB
6	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2250 www.google-analytics.com — Cisco Umbrella Rank: 42	21 KB
5	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 416 www.linkedin.com — Cisco Umbrella Rank: 708 px4.ads.linkedin.com — Cisco Umbrella Rank: 6066	5 KB
4	google.de www.google.de — Cisco Umbrella Rank: 6147	733 B
4	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2714 www.google.com — Cisco Umbrella Rank: 2	724 B
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 stats.g.doubleclick.net — Cisco Umbrella Rank: 98	4 KB
4	licdn.com snap.licdn.com — Cisco Umbrella Rank: 981	15 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 187	173 KB
4	px-cloud.net collector-px963uiwkr.px-cloud.net	1 KB
3	nr-data.net bam-cell.nr-data.net — Cisco Umbrella Rank: 2586	2 KB
3	hubapi.com feedback.hubapi.com — Cisco Umbrella Rank: 23962 api.hubapi.com — Cisco Umbrella Rank: 3870	1 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 427	14 KB
3	gstatic.com fonts.gstatic.com	68 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 116	216 B
2	acsbapp.com acsbapp.com — Cisco Umbrella Rank: 4430 cdn.acsbapp.com — Cisco Umbrella Rank: 4621	221 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 250	8 KB
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 456	19 KB
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 5142	86 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3531	4 KB
1	hubspotfeedback.com js.hubspotfeedback.com — Cisco Umbrella Rank: 16941	10 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2519	21 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2528	20 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 5287	22 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 869	395 B
1	t.co t.co — Cisco Umbrella Rank: 614	376 B
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2742	1 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 792	15 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49	917 B
102	32

	Domain	Requested by
9	www.googletagmanager.com	pages.donately.com www.googletagmanager.com www.google-analytics.com js.hsadspixel.net
6	static.hsappstatic.net	app.hubspot.com
5	pages.donately.com	1 redirects pages.donately.com
4	front.optimonk.com	pages.donately.com front.optimonk.com
4	app.hubspot.com	js.hubspotfeedback.com js.usemessages.com static.hsappstatic.net app.hubspot.com
4	www.google.de
4	snap.licdn.com	www.googletagmanager.com snap.licdn.com js.hsadspixel.net
4	connect.facebook.net	pages.donately.com connect.facebook.net www.googletagmanager.com
4	api.donately.com	pages.donately.com
4	collector-px963uiwkr.px-cloud.net	pages.donately.com
3	bam-cell.nr-data.net	app.hubspot.com
3	www.google.com
3	px.ads.linkedin.com	3 redirects
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com
3	region1.google-analytics.com	www.googletagmanager.com
3	fonts.gstatic.com	fonts.googleapis.com
2	feedback.hubapi.com	static.hsappstatic.net
2	api.hubspot.com	js.usemessages.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	googleads.g.doubleclick.net	www.googletagmanager.com
2	www.facebook.com
2	cdnjs.cloudflare.com	pages.donately.com
1	js-agent.newrelic.com	app.hubspot.com
1	forms.hubspot.com	js.hsleadflows.net
1	api.hubapi.com	js.hsadspixel.net
1	jfapiprod.optimonk.com	gs-cdn.optimonk.com
1	gs-cdn.optimonk.com	pages.donately.com
1	track.hubspot.com
1	cdn-account.optimonk.com	pages.donately.com
1	js.hsleadflows.net	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	js.hubspotfeedback.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	cdn.acsbapp.com	acsbapp.com
1	px4.ads.linkedin.com
1	www.linkedin.com	1 redirects
1	analytics.twitter.com
1	t.co
1	region1.analytics.google.com	www.googletagmanager.com
1	onsite.optimonk.com	www.googletagmanager.com
1	acsbapp.com	pages.donately.com
1	cdn.donately.com	www.googletagmanager.com
1	js.hs-scripts.com	www.googletagmanager.com
1	static.ads-twitter.com	pages.donately.com
1	uploads.donately.com
1	fonts.googleapis.com	pages.donately.com
102	49

This site contains links to these domains. Also see Links.

Domain
accessibe.com
dashboard.donately.com

Subject Issuer	Validity	Valid
*.donately.com Sectigo RSA Organization Validation Secure Server CA	`2023-06-15` - `2024-06-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.px-cloud.net Sectigo RSA Domain Validation Secure Server CA	`2023-08-15` - `2024-09-13`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-07-24` - `2023-10-22`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 05	`2023-07-26` - `2024-01-22`	6 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
acsbapp.com GTS CA 1P5	`2023-08-30` - `2023-11-28`	3 months	crt.sh
onsite.optimonk.com R3	`2023-09-15` - `2023-12-14`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
cdn-account.optimonk.com R3	`2023-09-15` - `2023-12-14`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.optimonk.com AlphaSSL CA - SHA256 - G4	`2023-06-12` - `2024-07-13`	a year	crt.sh
gs-cdn.optimonk.com R3	`2023-09-02` - `2023-12-01`	3 months	crt.sh
hsappstatic.net Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
jfapiprod.optimonk.com GTS CA 1D4	`2023-09-16` - `2023-12-15`	3 months	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2023-04-07` - `2024-04-06`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-04-13` - `2024-05-14`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-18` - `2023-12-19`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://pages.donately.com/demo//1
Frame ID: B452319E5A5FF13C797FE5E5352AD619
Requests: 83 HTTP requests in this frame

Frame: https://app.hubspot.com/feedback-web-fetcher
Frame ID: C3B7B9A2044D1C80D82BA8EF04BEBD3D
Requests: 3 HTTP requests in this frame

Frame: https://app.hubspot.com/conversations-visitor/20073505/threads/utk/ed947afab75647948a8e413e2f1a8872?uuid=7165037ecd1c44bbbbf6f272b4bc047c&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=pages.donately.com&inApp53=false&messagesUtk=ed947afab75647948a8e413e2f1a8872&url=https%3A%2F%2Fpages.donately.com%2Fdemo%2F%2F1&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Frame ID: 30DE2DA3A5444C2532F62BCAFF857F50
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Donately Demo | Donately

Page URL History Show full URLs

http://pages.donately.com/ HTTP 301
https://pages.donately.com/demo//1 Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

PerimeterX (Security) Expand

Overall confidence: 100%
Detected patterns

Page Statistics

102
Requests

99 %
HTTPS

76 %
IPv6

32
Domains

49
Subdomains

41
IPs

3
Countries

2543 kB
Transfer

8209 kB
Size

38
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://accessibe.com/blog/knowledgebase/screen-reader-guide
Title: Accessibility Screen-Reader Guide, Feedback, and Issue Reporting

Search URL Search Domain Scan URL

URL: https://dashboard.donately.com/
Title: Sign In

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://pages.donately.com/ HTTP 301
https://pages.donately.com/demo//1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4794210&time=1697393398616&url=https%3A%2F%2Fpages.donately.com%2Fdemo%2F%2F1 HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4794210&time=1697393398616&url=https%3A%2F%2Fpages.donately.com%2Fdemo%2F%2F1&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4794210%26time%3D1697393398616%26url%3Dhttps%253A%252F%252Fpages.donately.com%252Fdemo%252F%252F1%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4794210&time=1697393398616&url=https%3A%2F%2Fpages.donately.com%2Fdemo%2F%2F1&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4794210&time=1697393398616&url=https%3A%2F%2Fpages.donately.com%2Fdemo%2F%2F1&cookiesTest=true&liSync=true&e_ipv6=AQJ4sT_2osQUGgAAAYs0h9ZoOc8X-86hV1WrW4LMakUwPMdjIhLBZdAHLbgnjMMvW4fRVhnfdjif

102 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 1 Show response
pages.donately.com/demo//
Redirect Chain

http://pages.donately.com/
https://pages.donately.com/demo//1

1 KB
1 KB

609ms
482ms

Document
text/html

151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://pages.donately.com/demo//1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

5ca0f3a2cf9cf153b7d2787562674c82a5b225073df82266f3da1816dc333ad9

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
age: 0
cache-control: public, max-age=0
content-encoding: gzip
content-length: 653
content-type: text/html; charset=UTF-8
date: Sun, 15 Oct 2023 18:09:55 GMT
etag: W/"4d3-18acd267808"
fastly-restarts: 1
last-modified: Mon, 25 Sep 2023 16:22:45 GMT
location: https://pages.donately.com/demo/\1
server: Cowboy
strict-transport-security: max-age=300
vary: Accept-Encoding
via: 1.1 vegur, 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-eddf8230022-FRA

Redirect headers

Accept-Ranges: bytes
Connection: close
Content-Length: 0
Date: Sun, 15 Oct 2023 18:09:54 GMT
Location: https://pages.donately.com/demo/\1
Retry-After: 0
Server: Varnish
Strict-Transport-Security: max-age=300
Via: 1.1 varnish
X-Cache: HIT
X-Cache-Hits: 0
X-Served-By: cache-fra-eddf8230138-FRA

GET
H2 200 css
fonts.googleapis.com/ 4 KB
917 B 86ms
31ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,900

Requested by

Host: pages.donately.com
URL: https://pages.donately.com/demo//1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

056b5e62d98f857e5f15753183c2b83c8872d71e3472602c7ee6b1c4f3afd277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.donately.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 15 Oct 2023 18:09:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 15 Oct 2023 17:05:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 15 Oct 2023 18:09:55 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 96ms
47ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: pages.donately.com
URL: https://pages.donately.com/demo//1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.donately.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 18:09:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 866968
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BvOVzav9cpD2kz1ooEPmCExluV2LpeVjPDUgVNUTto5G3afKLbWp4OcgPrCcxMdHTqm9xukPBc4eEmFXzWyxDI0OAM%2FnBMmX3p%2BBaLWs2jBC446l4IzomyFhdWmuE5p4qamWjHGlHck6JfZkL5wB8UK4"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 816a040f990c4d4f-FRA
expires: Fri, 04 Oct 2024 18:09:55 GMT

GET
H2 200 bootstrap-grid.min.css
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.0.0-beta/css/ 21 KB
2 KB 88ms
39ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.0.0-beta/css/bootstrap-grid.min.css

Requested by

Host: pages.donately.com
URL: https://pages.donately.com/demo//1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b768ac472570ed0d0f0f3d0979aeb7f852d03c96f8e7b2dacb6f52f8d4e20590

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.donately.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 18:09:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 8427574
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1436
last-modified: Mon, 04 May 2020 16:17:20 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04010-5514"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F244iQhzx6QhliPlh9m3938HCTMdU4odPXWIn5RG6GsbJ8lXiMO%2FQifNPRBaiqHs0rgTXbKTaLefjPQW20ctIt5ReZ33U7lMjZ0PM1KEbuGNMFoQkrXRc5%2F%2Bw%2Fd6jCQtTrMovAxOscor%2B5%2FAO5VC0dcI"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 816a040f99134d4f-FRA
expires: Fri, 04 Oct 2024 18:09:55 GMT

GET
H2 200 main.c93362e9.css
pages.donately.com/static/css/ 20 KB
5 KB 207ms
206ms Stylesheet
text/css 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://pages.donately.com/static/css/main.c93362e9.css

Requested by

Host: pages.donately.com
URL: https://pages.donately.com/demo//1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

550dbd6446f15647b16db7582374cf793e30098f6f597a3123f59e26cd2acdd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.donately.com/demo//1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 18:09:55 GMT
content-encoding: gzip
via: 1.1 vegur, 1.1 varnish
strict-transport-security: max-age=300
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 0
x-cache: MISS
content-length: 4440
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1697393395&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=AtvRp4GaKQQbUeuxlngQjq0JBPyaIZwAs4Vl7LJG1zw%3D
x-served-by: cache-fra-eddf8230022-FRA
last-modified: Mon, 25 Sep 2023 16:22:45 GMT
server: Cowboy
x-timer: S1697393395.086960,VS0,VE110
etag: W/"4f05-18acd267808"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1697393395&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=AtvRp4GaKQQbUeuxlngQjq0JBPyaIZwAs4Vl7LJG1zw%3D"}]}
content-type: text/css; charset=UTF-8
location: https://pages.donately.com/demo/\1
cache-control: public, max-age=0
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 main.60214106.js Show response
pages.donately.com/static/js/ 2 MB
416 KB 868ms
867ms Script
application/javascript 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://pages.donately.com/static/js/main.60214106.js

Requested by

Host: pages.donately.com
URL: https://pages.donately.com/demo//1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

1d5a47f215ee188b1f2712e4c8668b5b34a7e4adb8c5e23c846a8eaf4e8dfac6

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.donately.com/demo//1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 18:09:55 GMT
content-encoding: gzip
via: 1.1 vegur, 1.1 varnish
strict-transport-security: max-age=300
age: 0
x-cache: MISS
content-length: 425221
x-served-by: cache-fra-eddf8230022-FRA
last-modified: Mon, 25 Sep 2023 16:22:45 GMT
server: Cowboy
x-timer: S1697393395.087121,VS0,VE803
etag: W/"1803f0-18acd267808"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
location: https://pages.donately.com/demo/\1
cache-control: public, max-age=0
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 init.js Show response
pages.donately.com/963UiWkR/ 164 KB
73 KB 49ms
49ms Script
application/javascript 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://pages.donately.com/963UiWkR/init.js

Requested by

Host: pages.donately.com
URL: https://pages.donately.com/demo//1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

136f9f18f89b3bd34b6bd406475c5e04df36743a49f3c38e64be23f3baf0cc96

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.donately.com/demo//1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 18:09:55 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=300
age: 13
x-cache: HIT
content-length: 74862
x-served-by: cache-fra-eddf8230022-FRA
etag: "291dc-/vbJaywXA+5WVkA9bdzJ/T7zonI"
x-px-hash: OTk1MThjMGY0MWQyM2E1ZjZiYjI0MTNlYzdjZTg5ZmRhZjU0MmI4NjYwNjdhYmEwNzgxNjNiMzgwZTJkN2NkYg==
vary: Accept-Encoding
active-cdn: Akamai
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
location: https://pages.donately.com/demo/\1
access-control-expose-headers: active-cdn,x-served-by,Akamai-Request-BC
cache-control: max-age=600
accept-ranges: bytes
x-cache-hits: 1

POST
H2 200 collector Show response
collector-px963uiwkr.px-cloud.net/api/v2/ 540 B
795 B 142ms
72ms XHR
application/json 35.190.10.96
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-px963uiwkr.px-cloud.net/api/v2/collector
Requested by: Host: pages.donately.com
URL: https://pages.donately.com/963UiWkR/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 96.10.190.35.bc.googleusercontent.com
Software: /
Resource Hash: cb89c9398eec44422a525a4a798c0d8fcf9f1ebd3df466d5e650a15c82b15675

Request headers

Referer: https://pages.donately.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sun, 15 Oct 2023 18:09:54 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://pages.donately.com
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 540

OPTIONS
H2 200 demo
api.donately.com/v2/accounts/ Frame 0
0 400ms
338ms Preflight 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.donately.com/v2/accounts/demo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'none'

Request headers

Accept: */*
Access-Control-Request-Headers: donately-version,x-donately-pages
Access-Control-Request-Method: GET
Origin: https://pages.donately.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: donately-version,x-donately-pages
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 7200
content-security-policy: default-src 'none'; script-src 'none'
date: Sun, 15 Oct 2023 18:09:57 GMT
expect-ct: max-age=86400, report-uri="https://donately.report-uri.io/r/default/ct/reportOnly"
fastly-restarts: 1
referrer-policy: origin-when-cross-origin
server: Cowboy
via: 1.1 vegur, 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-download-options: noopen
x-served-by: cache-fra-eddf8230125-FRA

GET
H2 200 demo Show response
api.donately.com/v2/accounts/ 3 KB
3 KB 428ms
427ms Fetch
application/json 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.donately.com/v2/accounts/demo

Requested by

Host: pages.donately.com
URL: https://pages.donately.com/static/js/main.60214106.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

ae05afb8d83da632952f4fdfbf753d36cc866f02d50be3820ba0bcca6190b61f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

X-Donately-Pages: true
Referer: https://pages.donately.com/
Donately-Version: 2019-03-15
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-security-policy: default-src 'none'; script-src 'none'
via: 1.1 vegur, 1.1 varnish
date: Sun, 15 Oct 2023 18:09:58 GMT
x-cache: MISS
fastly-restarts: 1
x-request-id: 62554b71-0f00-4eb2-9953-e73c0481248e
x-served-by: cache-fra-eddf8230125-FRA
x-runtime: 0.031624
referrer-policy: origin-when-cross-origin
server: Cowboy
etag: W/"ae05afb8d83da632952f4fdfbf753d36"
x-download-options: noopen
access-control-max-age: 7200
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
expect-ct: max-age=86400, report-uri="https://donately.report-uri.io/r/default/ct/reportOnly"
vary: Origin
accept-ranges: bytes
x-rack-cache: miss
x-cache-hits: 0

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 75ms
22ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pages.donately.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 21:18:33 GMT
x-content-type-options: nosniff
age: 75084
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Oct 2024 21:18:33 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 93ms
43ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pages.donately.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 04:39:37 GMT
x-content-type-options: nosniff
age: 307820
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Oct 2024 04:39:37 GMT

POST
H2 200 collector Show response
collector-px963uiwkr.px-cloud.net/api/v2/ 388 B
453 B 79ms
78ms XHR
application/json 35.190.10.96
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-px963uiwkr.px-cloud.net/api/v2/collector
Requested by: Host: pages.donately.com
URL: https://pages.donately.com/963UiWkR/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 96.10.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 76c0b4583bc3c8f91c79cf349515d99e5fe8910b801a711934eb988c00c502ad

Request headers

Referer: https://pages.donately.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sun, 15 Oct 2023 18:09:57 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://pages.donately.com
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 388

OPTIONS
H2 200 config.json
api.donately.com/v2/forms/frm_10e53b9fd92d/ Frame 0
0 361ms
361ms Preflight 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.donately.com/v2/forms/frm_10e53b9fd92d/config.json

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'none'

Request headers

Accept: */*
Access-Control-Request-Headers: donately-version,x-donately-pages,x-px-cookie
Access-Control-Request-Method: GET
Origin: https://pages.donately.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: donately-version,x-donately-pages,x-px-cookie
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 7200
content-security-policy: default-src 'none'; script-src 'none'
date: Sun, 15 Oct 2023 18:09:58 GMT
expect-ct: max-age=86400, report-uri="https://donately.report-uri.io/r/default/ct/reportOnly"
fastly-restarts: 1
referrer-policy: origin-when-cross-origin
server: Cowboy
via: 1.1 vegur, 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-download-options: noopen
x-served-by: cache-fra-eddf8230125-FRA

GET
H2 200 config.json Show response
api.donately.com/v2/forms/frm_10e53b9fd92d/ 1 KB
2 KB 332ms
331ms Fetch
application/json 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.donately.com/v2/forms/frm_10e53b9fd92d/config.json

Requested by

Host: pages.donately.com
URL: https://pages.donately.com/static/js/main.60214106.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

c2dfbfb20ca7d5870a8ba197e983223631650fdcb6e742d29f541ce9c0687796

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

X-Donately-Pages: true
Referer: https://pages.donately.com/
Donately-Version: 2019-03-15
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
X-PX-Cookie: eyJ1IjoiMGIzNmJiMzAtNmI4Ni0xMWVlLWI1MGYtOTFiNzVmNzA0NWNmIiwidiI6IjBhYThlYzdjLTZiODYtMTFlZS04ZjBhLTQ5MjY3MzliMjEyNiIsInQiOjE2OTczOTM2OTc2NDUsImgiOiI2NzcwMGM3NmNlZjcxOGYxNzJmYTIyN2E4ZDM5ZGY5OTJkNTYwOTAyZGU0ZTI0ZjIxN2NiYTY0NjI0OGZhMmFlIn0=

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-security-policy: default-src 'none'; script-src 'none'
via: 1.1 vegur, 1.1 varnish
date: Sun, 15 Oct 2023 18:09:58 GMT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 0
x-cache: MISS
content-length: 1214
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1697393398&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=sglIMUdMrJrMvcou%2BrWy4dSDbDA7h3X%2F8CXAa9cH4bo%3D
x-request-id: 3b7a3603-733c-4b6d-86a5-ed55ddd5d685
x-served-by: cache-fra-eddf8230125-FRA
x-runtime: 0.015638
x-content-digest: b257696f7346520e3ca4a4d551cb945a2b51040f
referrer-policy: origin-when-cross-origin
server: Cowboy
x-timer: S1697393398.447039,VS0,VE305
etag: W/"c2dfbfb20ca7d5870a8ba197e9832236"
x-download-options: noopen
access-control-max-age: 7200
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1697393398&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=sglIMUdMrJrMvcou%2BrWy4dSDbDA7h3X%2F8CXAa9cH4bo%3D"}]}
access-control-allow-origin: *
access-control-expose-headers
cache-control: public, no-cache
content-type: application/json; charset=utf-8
expect-ct: max-age=86400, report-uri="https://donately.report-uri.io/r/default/ct/reportOnly"
vary: Origin
accept-ranges: bytes
x-rack-cache: stale, valid, store
x-cache-hits: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 222 KB
79 KB 106ms
42ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-37PDV783XE

Requested by

Host: pages.donately.com
URL: https://pages.donately.com/static/js/main.60214106.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

02fee140c1bed01a5487bd5a7397f3fdf41ddc7126a61e13b80d0cbc3caecabc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.donately.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 18:09:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80390
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 15 Oct 2023 18:09:58 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 198 KB
53 KB 88ms
24ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: pages.donately.com
URL: https://pages.donately.com/static/js/main.60214106.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

564a53ce84ae022b30816d44aa48589ebfe170c226b098d0245c47fe13341c67

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.donately.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 15 Oct 2023 18:09:58 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53498
x-xss-protection: 0
pragma: public
x-fb-debug: eaCAlqy0xosohIx+haTdF0gSRRLeJOKBt+9gyDW23NTn4XZk1w3XgY5191Jkq2EolU7wnsPSjnPgMJoY8iHnLw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 275 KB
92 KB 163ms
101ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-ND2HF9M&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Requested by

Host: pages.donately.com
URL: https://pages.donately.com/demo//1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

953dcc8f234056b411e23d19f978d537c3e2586a107628ac40e411ec8ab40754

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.donately.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 18:09:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94030
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 15 Oct 2023 18:09:58 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 115 KB
44 KB 138ms
76ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PRNQX7S&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Requested by

Host: pages.donately.com
URL: https://pages.donately.com/demo//1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5a4be11fabdf1ba411d7a8332115ba80381fe2d25029feb708cab65334e8d251

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.donately.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 18:09:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 45211
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 15 Oct 2023 18:09:58 GMT

GET
H2 200 large_Screen_Shot_2021-03-08_at_10.02.38_AM.png
uploads.donately.com/production/account/logo/act_ba7d12ab27bb/ 20 KB
21 KB 613ms
506ms Image
image/png 2600:9000:2127:c200:a:891a:6d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.donately.com/production/account/logo/act_ba7d12ab27bb/large_Screen_Shot_2021-03-08_at_10.02.38_AM.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:c200:a:891a:6d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8c222cbf581db8ab01e02aba545cc75610f81e5a05256b1a19b1db3271836bde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.donately.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 18:09:59 GMT
via: 1.1 d05dc840d6cf3901928326ad8b6d38c2.cloudfront.net (CloudFront)
last-modified: Wed, 22 Sep 2021 11:45:03 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
etag: "057234eeb74d481cd460ecc3b675dce2"
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 20715
x-amz-cf-id: C2JKsjKgE4kLztRViLKpzdMyJENHHIIZq67iYnJ3zLwM3lDtbu0Tdg==

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 22 KB
22 KB 23ms
22ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pages.donately.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 07:45:31 GMT
x-content-type-options: nosniff
age: 469467
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22504
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:12:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Oct 2024 07:45:31 GMT

GET
H2 200 1786190664817954 Show response
connect.facebook.net/signals/config/ 132 KB
35 KB 164ms
164ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1786190664817954?v=2.9.134&r=stable&domain=pages.donately.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f19275bfeb4f0fc44207a0c2ed8baf6fb977079458d73c04cb890457baecd2b3

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.donately.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 15 Oct 2023 18:09:58 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: l99x6B+aDqXaFnyXrtaXjYWM/qr3kNt5VNLW0ezRly2+tuGmqpoe9B1oVYNFJFEWUcEO4nwLu/eO3OzRqInEsQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 222 KB
79 KB 45ms
45ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-37PDV783XE&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PRNQX7S&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5f45251eb6969d8602ce2b9d3d0b6dbd5b07d828c6a90e08e2910b46f8e566eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.donately.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 18:09:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80430
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 15 Oct 2023 18:09:58 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 214 KB
77 KB 44ms
44ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZJ93F8ZFMB&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PRNQX7S&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

05ad22332e91db3bbe5506fceb3fbf2af65ee30b115b079c669d8a53ad45cb75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.donately.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 18:09:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78315
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 15 Oct 2023 18:09:58 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 89ms
30ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-37PDV783XE&gtm=45je3ab0&_p=1995403399&cid=583097138.1697393398&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1697393398&sct=1&seg=0&dl=https%3A%2F%2Fpages.donately.com%2Fdemo%2F%2F1&dt=Donately%20Demo%20%7C%20Donately&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-37PDV783XE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.donately.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Oct 2023 18:09:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pages.donately.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 12 KB
4 KB 101ms
24ms Script
application/x-javascript 2a02:26f0:7100::1720:ef23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ND2HF9M&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100::1720:ef23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

28a26321734fb5f8c8fe42b5503f162fdf1469bf97e2d9c503a83cc2b3c534cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.donately.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 18:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 Sep 2023 13:41:52 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=44286
accept-ranges: bytes
content-length: 3822

GET
H2 200 bat.js Show response
bat.bing.com/ 44 KB
13 KB 136ms
52ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ND2HF9M&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a7006c9765b3997f8d2ff41cc0560fe325677b74d57c26084c958431d2325574

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.donately.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sun, 15 Oct 2023 18:09:58 GMT
last-modified: Thu, 12 Oct 2023 17:36:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0DA55F2407B242A8A193F49E574B852E Ref B: FRAEDGE1707 Ref C: 2023-10-15T18:09:58Z
etag: "808ec9ad32fdd91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12978

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 79ms
24ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ND2HF9M&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.donately.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 15 Oct 2023 17:49:42 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1216
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 15 Oct 2023 19:49:42 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 198 KB
52 KB 23ms
22ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ND2HF9M&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

564a53ce84ae022b30816d44aa48589ebfe170c226b098d0245c47fe13341c67

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.donately.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 15 Oct 2023 18:09:58 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53498
x-xss-protection: 0
pragma: public
x-fb-debug: u3PyPVH/YhWVPAMEh9ZGlTpwFlFJqUIuA/IeRktOZ1THV/Rl0drWRQ3vgCwXQ6/z1i075N/eBj9sTl3Aiax2YA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 104ms
27ms Script
application/javascript 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: pages.donately.com
URL: https://pages.donately.com/demo//1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.donately.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 18:09:58 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-eddf8230116-FRA

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 229 KB
79 KB 40ms
38ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-939933942

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ND2HF9M&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

41228bdcf5e46f853feab1197dadce5d5a583b19baf8b3da6a277e94a7c806b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.donately.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 18:09:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80824
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 15 Oct 2023 18:09:58 GMT

GET
H2 200 20073505.js Show response
js.hs-scripts.com/ 3 KB
1 KB 493ms
419ms Script
application/javascript 2606:4700::6810:bc59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/20073505.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ND2HF9M&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:bc59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7159b31c8e31726567aede8246659a740f87389f99cfbbc7e50b73511d8552f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.donately.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 18:09:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 7abe1858-b9a4-47de-b925-01179700bf90
x-envoy-upstream-service-time: 6
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 7abe1858-b9a4-47de-b925-01179700bf90
last-modified: Sun, 15 Oct 2023 16:06:23 GMT
server: cloudflare
x-trace: 2B4EA98DC3A75E365B42BE7CB984A01526C4C9BEFA000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://pages.donately.com
x-evy-trace-virtual-host: all
cache-control: public, max-age=60
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5b5c96c966-fvfc4
cf-ray: 816a04243c1c9b9b-FRA
expires: Sun, 15 Oct 2023 18:10:58 GMT

GET
H2 200 donately-mktg.min.js Show response
cdn.donately.com/dntly-mktg/1.3/ 498 KB
146 KB 60ms
39ms Script
application/javascript 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.donately.com/dntly-mktg/1.3/donately-mktg.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ND2HF9M&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

dbff8c90c842c4524efbe3565b99889f7830070fe78072b1f1602029e39d756b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.donately.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id: SGePNedEyRX2jBmNBWT.ZzV1oWCaji6_
content-encoding: gzip
via: 1.1 varnish
date: Sun, 15 Oct 2023 18:09:58 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31557600; includeSubdomains
x-amz-request-id: E1691XK2FC6RPSFE
age: 866
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 148383
x-amz-id-2: 7NkDGvnWrMUR8813PsnQSFDz1N7cBMwpYfqEMJJIhFe+5A+2DlpOiLSnGOOVB7O3F8s4n1f300s=
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230022-FRA
referrer-policy: origin-when-cross-origin
last-modified: Wed, 04 Oct 2023 16:23:41 GMT
server: AmazonS3
x-timer: S1697393398.385010,VS0,VE4
etag: "7371413028ae8be90a5efef383d4e344"
expect-ct: max-age=86400; report-uri='https://donately.report-uri.io/r/default/ct/reportOnly'
vary: Accept-Encoding
content-type: application/javascript
x-download-options: noopen
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 app.js Show response
acsbapp.com/apps/app/dist/js/ 750 KB
220 KB 219ms
156ms Script
application/javascript 2606:4700:10::6816:cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://acsbapp.com/apps/app/dist/js/app.js
Requested by: Host: pages.donately.com
URL: https://pages.donately.com/demo//1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb1716d6ddc1ffb2aa84bca299ebcff6c9685820595c9d24aad1c3d6647f8f29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.donately.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 18:09:58 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-guploader-uploadid: ADPycdtyC62urAX5kejFU4ME9tWj85t2bxguf8cc4IDxtnwfzjAibKmOSHsa1WKDi3yJTe86cf_Z0oEwQxHuv7HOm-1GVLaNFpk7
x-goog-storage-class: STANDARD
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
last-modified: Thu, 21 Sep 2023 09:44:16 GMT
server: cloudflare
etag: W/"d92721be7cf39b11c5d6e09610aadaeb"
vary: Accept-Encoding
x-goog-hash: crc32c=uCZ0pg==, md5=2SchvnzzmxHF1uCWEKra6w==
x-goog-generation: 1695289456172111
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=300, must-revalidate
x-goog-stored-content-length: 768448
cf-ray: 816a04242b67bbbc-FRA
expires: Mon, 14 Oct 2024 18:09:58 GMT

GET
H2 200 script.js Show response
onsite.optimonk.com/ 167 KB
53 KB 157ms
75ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://onsite.optimonk.com/script.js?account=203840

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ND2HF9M&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1082 /

Resource Hash

8fdc320ae8ca724c05bc1a39e7ae4cb671d230eede90a94b971fa2e142877566

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.donately.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 18:09:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
cdn-edgestorageid: 1080
x-dns-prefetch-control: off
cdn-cachedat: 10/15/2023 18:09:58
cdn-pullzone: 950289
x-xss-protection: 1; mode=block
server: BunnyCDN-DE1-1082
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"29a05-QNpFKcoQIhZkZB+Ej4D2PIl+eWo"
x-download-options: noopen
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: EXPIRED
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
cache-control: public, max-age=180
cdn-requestid: ec69898d1069417e72157708b58f1f4d
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 277 KB
91 KB 45ms
45ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-9BCP6ZNWKE&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ND2HF9M&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a11ecc5c49845f3d3568559accf6efeb1865a668554e73dc9e2148b4774dc05e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.donately.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 18:09:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93006
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 15 Oct 2023 18:09:58 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 32ms
31ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-ZJ93F8ZFMB&gtm=45je3ab0&_p=1995403399&cid=583097138.1697393398&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697393398&sct=1&seg=0&dl=https%3A%2F%2Fpages.donately.com%2Fdemo%2F%2F1&dt=Donately%20Demo%20%7C%20Donately&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZJ93F8ZFMB&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.donately.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Oct 2023 18:09:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pages.donately.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collector Show response
collector-px963uiwkr.px-cloud.net/api/v2/ 32 B
49 B 46ms
45ms XHR
application/json 35.190.10.96
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-px963uiwkr.px-cloud.net/api/v2/collector
Requested by: Host: pages.donately.com
URL: https://pages.donately.com/963UiWkR/init.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 96.10.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 18b925cd64514a921ab80648d3fdeabc79813ca6be20b6aa4f9a1504f49b29d3

Request headers

Referer: https://pages.donately.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sun, 15 Oct 2023 18:09:57 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://pages.donately.com
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32

GET
H3 200 535174410012356 Show response
connect.facebook.net/signals/config/ 122 KB
32 KB 169ms
169ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/535174410012356?v=2.9.134&r=stable&domain=pages.donately.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f6380e2263720df8c51b4808d65d44c9f625ecf2740f58909855cfac92456947

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.donately.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 15 Oct 2023 18:09:58 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: wtmQPP+zSgbCI99HIM2uQ2dOQVn9UfvgQWtlPVOwCR1AVWjaS2sqshwdhkC3ZPhqkYYqoEzexiVu5pTqm/qEcQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 105ms
28ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1786190664817954&ev=PageView&dl=https%3A%2F%2Fpages.donately.com%2Fdemo%2F%2F1&rl=&if=false&ts=1697393398431&cd[0]=%2F&cd[1]=d&cd[2]=e&cd[3]=m&cd[4]=o&cd[5]=%2F&cd[6]=%2F&cd[7]=1&sw=1600&sh=1200&v=2.9.134&r=stable&ec=0&o=30&fbp=fb.1.1697393398430.753166187&ler=empty&it=1697393398237&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.donately.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 15 Oct 2023 18:09:58 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
211 B 31ms
31ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1995403399&t=pageview&_s=1&dl=https%3A%2F%2Fpages.donately.com%2Fdemo%2F%2F1&ul=en-us&de=UTF-8&dt=Donately%20Demo%20%7C%20Donately&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACAAI~&jid=1827505791&gjid=1026855260&cid=583097138.1697393398&tid=UA-25909623-1&_gid=1899506219.1697393398&_r=1&_slc=1&gtm=45He3ab0n81ND2HF9M&z=1657911074

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://pages.donately.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 15 Oct 2023 18:09:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pages.donately.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
83 B 31ms
29ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1995403399&t=pageview&_s=1&dl=https%3A%2F%2Fpages.donately.com%2Fdemo%2F%2F1&ul=en-us&de=UTF-8&dt=Donately%20Demo%20%7C%20Donately&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACAAI~&jid=1890540373&gjid=1601710216&cid=583097138.1697393398&tid=UA-25909623-6&_gid=1899506219.1697393398&_r=1&_slc=1&gtm=45He3ab0n81ND2HF9M&z=2006952125

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

90a31b546b5bf5e36f3b3e97f8d2c4404813868e2f9e9d5370d81fa19096ee6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://pages.donately.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 15 Oct 2023 18:09:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pages.donately.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/939933942/ 3 KB
2 KB 112ms
46ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/939933942/?random=1697393398497&cv=11&fst=1697393398497&bg=ffffff&guid=ON&async=1&gtm=45be3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.donately.com%2Fdemo%2F%2F1&hn=www.googleadservices.com&frm=0&tiba=Donately%20Demo%20%7C%20Donately&auid=1794384057.1697393398&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-939933942

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b451b9405771fd55dadf3260a04c73e4c87b99e57eb6f41579a8459be64fc62c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.donately.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Oct 2023 18:09:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 34ms
33ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-9BCP6ZNWKE&_ono=1&gtm=45je3ab0&_p=1995403399&_gaz=1&cid=583097138.1697393398&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1697393398&sct=1&seg=0&dl=https%3A%2F%2Fpages.donately.com%2Fdemo%2F%2F1&dt=Donately%20Demo%20%7C%20Donately&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9BCP6ZNWKE&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.donately.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Oct 2023 18:09:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pages.donately.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 108ms
33ms Ping
text/plain 2a00:1450:400c:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&_ono=1&tid=G-9BCP6ZNWKE&cid=583097138.1697393398&gtm=45je3ab0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9BCP6ZNWKE&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.donately.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Oct 2023 18:09:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pages.donately.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 140ms
67ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ono=1&tid=G-9BCP6ZNWKE&cid=583097138.1697393398&gtm=45je3ab0&aip=1&z=236600201

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.donately.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Oct 2023 18:09:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 32ms
32ms Script
application/x-javascript 2a02:26f0:7100::1720:ef23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100::1720:ef23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5b3086a886aa8649ecbf496ac913a1aa443926cd2fff610be2d136c9598bcd8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.donately.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 18:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 15 Oct 2023 08:32:45 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=51802
accept-ranges: bytes
content-length: 3272

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
351 B 98ms
32ms XHR
text/plain 2a00:1450:400c:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-25909623-1&cid=583097138.1697393398&jid=1827505791&gjid=1026855260&_gid=1899506219.1697393398&_u=YCDACEAABAAAACAAI~&z=836725696

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pages.donately.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 15 Oct 2023 18:09:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pages.donately.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 226 KB
80 KB 48ms
48ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5WKQJZMWDG&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8f675ad281a0766f332b9e33d2fb1c6c13aabee59a00c420d311c5189c4bf5fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.donately.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 18:09:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82097
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 15 Oct 2023 18:09:58 GMT

GET
H2 200 adsct
t.co/i/ 43 B
376 B 274ms
209ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=e6654f1b-4113-4df3-9281-e418f0b92ac7&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=2c342901-5b89-42d7-878c-505eaaf0d17e&tw_document_href=https%3A%2F%2Fpages.donately.com%2Fdemo%2F%2F1&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3eo6&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.donately.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-response-time: 186
date: Sun, 15 Oct 2023 18:09:58 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 0e278ce244ad3feb
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 55653a1165d5a1bfc667b6c9a8d16a19976ca932ae86e1c13ae99219e4583eeb
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
395 B 274ms
212ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=e6654f1b-4113-4df3-9281-e418f0b92ac7&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=2c342901-5b89-42d7-878c-505eaaf0d17e&tw_document_href=https%3A%2F%2Fpages.donately.com%2Fdemo%2F%2F1&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3eo6&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.donately.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-response-time: 186
date: Sun, 15 Oct 2023 18:09:58 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: a22caca5d880b5ea
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 2513e7b379f125e96d7edb9e1efca576271cfb0bf56b3c0afcb9a546b5578eaa
content-length: 43

GET
H2 204 56351414.js Show response
bat.bing.com/p/action/ 0
117 B 76ms
75ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/56351414.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.donately.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Sun, 15 Oct 2023 18:09:58 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2472A6839BFA4E9E80B4B411529D79F9 Ref B: FRAEDGE1707 Ref C: 2023-10-15T18:09:58Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
286 B 49ms
49ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=56351414&tm=gtm002&Ver=2&mid=d92cf80c-12cc-4148-a803-c95edfddfb42&sid=0d3086006b8611ee85f277ec19e4ca3e&vid=0d3075e06b8611ee8fa187f3167bcbc7&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Donately%20Demo%20%7C%20Donately&p=https%3A%2F%2Fpages.donately.com%2Fdemo%2F%2F1&r=&lt=3119&evt=pageLoad&sv=1&rn=528580

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.donately.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 15 Oct 2023 18:09:58 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4F2F5F9C3CE543BDA10DDCD57DFED0CF Ref B: FRAEDGE1707 Ref C: 2023-10-15T18:09:58Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4794210&time=1697393398616&url=https%3A%2F%2Fpages.donately.com%2Fdemo%2F%2F1
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4794210&time=1697393398616&url=https%3A%2F%2Fpages.donately.com%2Fdemo%2F%2F1&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4794210%26time%3D1697393398616%26url%3Dhttps%253A%252F%252Fpages.donately.com%252...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4794210&time=1697393398616&url=https%3A%2F%2Fpages.donately.com%2Fdemo%2F%2F1&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4794210&time=1697393398616&url=https%3A%2F%2Fpages.donately.com%2Fdemo%2F%2F1&cookiesTest=true&liSync=true&e_ipv6=AQJ4sT_2osQUGgAAAYs0h9ZoOc8X-86...

0
266 B

277ms
200ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4794210&time=1697393398616&url=https%3A%2F%2Fpages.donately.com%2Fdemo%2F%2F1&cookiesTest=true&liSync=true&e_ipv6=AQJ4sT_2osQUGgAAAYs0h9ZoOc8X-86hV1WrW4LMakUwPMdjIhLBZdAHLbgnjMMvW4fRVhnfdjif
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.donately.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 18:09:59 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 4F13F1DC31AB45C6A36087B2DF6941AA Ref B: FRAEDGE1722 Ref C: 2023-10-15T18:09:59Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYHxTKhqzow++rLCpTDZw==

Redirect headers

date: Sun, 15 Oct 2023 18:09:58 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: E1FAC1D7728C4548BD20B87600BBA588 Ref B: FRAEDGE1217 Ref C: 2023-10-15T18:09:59Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4794210&time=1697393398616&url=https%3A%2F%2Fpages.donately.com%2Fdemo%2F%2F1&cookiesTest=true&liSync=true&e_ipv6=AQJ4sT_2osQUGgAAAYs0h9ZoOc8X-86hV1WrW4LMakUwPMdjIhLBZdAHLbgnjMMvW4fRVhnfdjif
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYHxTKdapssXCZ975/ujw==

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 33ms
33ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=535174410012356&ev=PageView&dl=https%3A%2F%2Fpages.donately.com&rl=&if=false&ts=1697393398621&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=28&fbp=fb.1.1697393398430.753166187&ler=empty&cs_est=true&pm=1&hrl=b77d7b&it=1697393398237&coo=false&tm=1&cs_cc=1&cas=1289722501122568%2C2280140928755610%2C3164739136917719%2C2935756349873593%2C3112083878863116%2C2736582273082085%2C1526153127451533&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.donately.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 15 Oct 2023 18:09:58 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/939933942/ 42 B
455 B 98ms
40ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/939933942/?random=1697393398497&cv=11&fst=1697392800000&bg=ffffff&guid=ON&async=1&gtm=45be3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.donately.com%2Fdemo%2F%2F1&frm=0&tiba=Donately%20Demo%20%7C%20Donately&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1798133813&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.donately.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Oct 2023 18:09:58 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/939933942/ 42 B
455 B 49ms
36ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/939933942/?random=1697393398497&cv=11&fst=1697392800000&bg=ffffff&guid=ON&async=1&gtm=45be3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.donately.com%2Fdemo%2F%2F1&frm=0&tiba=Donately%20Demo%20%7C%20Donately&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1798133813&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.donately.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Oct 2023 18:09:58 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 config.json Show response
cdn.acsbapp.com/config/pages.donately.com/ 163 B
721 B 215ms
145ms Fetch
application/json 2606:4700:10::6816:1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.acsbapp.com/config/pages.donately.com/config.json
Requested by: Host: acsbapp.com
URL: https://acsbapp.com/apps/app/dist/js/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e31b7b6baa904b283e88d7ee5e7963d295861d168c04b68122ea73d2caf2f675

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.donately.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 18:09:58 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-guploader-uploadid: ADPycdvS_dPUljC9KFMnvcvj1hOOWy9p3fIjgi6wRipjEb1-_iIe36t4lO6-3IgMSeZrwCvJcUvg3Uhoump9dlcpVw_Egl4FUlXL
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
last-modified: Wed, 08 Feb 2023 13:49:03 GMT
server: cloudflare
etag: W/"8d219e159f27fb70db241196352834ee"
vary: Accept-Encoding
x-goog-generation: 1675864142957111
content-type: application/json
access-control-allow-origin: *
x-goog-hash: crc32c=ItZQcg==, md5=jSGeFZ8n+3DbJBGWNSg07g==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=300, must-revalidate
x-goog-stored-content-length: 163
cf-ray: 816a04265d1518cb-FRA
expires: Mon, 14 Oct 2024 18:09:58 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 66ms
65ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-25909623-1&cid=583097138.1697393398&jid=1827505791&_u=YCDACEAABAAAACAAI~&z=1804390862

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.donately.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Oct 2023 18:09:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 66ms
65ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-25909623-1&cid=583097138.1697393398&jid=1827505791&_u=YCDACEAABAAAACAAI~&z=1804390862

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.donately.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Oct 2023 18:09:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 31ms
30ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-5WKQJZMWDG&gtm=45je3ab0&_p=1995403399&ul=en-us&sr=1600x1200&cid=583097138.1697393398&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fpages.donately.com%2Fdemo%2F%2F1&dt=Donately%20Demo%20%7C%20Donately&sid=1697393398&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5WKQJZMWDG&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.donately.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Oct 2023 18:09:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pages.donately.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 76 KB
22 KB 108ms
41ms Script
application/javascript 2606:4700::6811:f8a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.usemessages.com/conversations-embed.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/20073505.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:f8a8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10e7b81bac41ad0da1d3f4a3498669f984e84db9d54eedf10e8e7d5b059c5d08

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.donately.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 18:09:58 GMT
x-amz-version-id: q7mMdyrgJRb2V1PNW0MT.lJmDYHWhi5r
via: 1.1 05133180bbd1649d4b8f97441bf305e8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
age: 507
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.14392/bundles/project.js&cfRay=8169f7c199fa3609-FRA
x-cache: Hit from cloudfront
x-hubspot-correlation-id: eb2eb452-1e79-41b7-93ee-fa644c79f73c
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 1
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: eb2eb452-1e79-41b7-93ee-fa644c79f73c
last-modified: Tue, 10 Oct 2023 02:47:57 UTC
server: cloudflare
etag: W/"8150bb6bff68cbcd9e5f8f6c23b586ae"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-7c89bb96b9-q9rvq
cf-ray: 816a04274bf33642-FRA
x-amz-cf-id: NFr5JQeJ2yYXCuEoWdx-xROlaOqSyGskXBqTsEXo1lRq9mDHaZTk-g==
x-hs-target-asset: conversations-embed/static-1.14392/bundles/project.js

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/20073505/ 66 KB
20 KB 594ms
527ms Script
text/javascript 2606:4700:4400::ac40:991b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/20073505/banner.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/20073505.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 227a122dffc5daac38f4b63304be3c3e32e860829127ca4cfeae71776d9109f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.donately.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 18:09:59 GMT
x-amz-version-id: NudaJgKW.4LNq7B_qB2lWebfh9ZqkSiq
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 2GSY70NJ24H8GBVX
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 35a1225b-463d-4e78-b1ab-c6b3cf1dcc21
x-envoy-upstream-service-time: 38
x-amz-id-2: j6YsK+thVhu8RwjRQmT4Q2FHE/umUXh5gclazxQ5zJI01yGaRdbP9vF6CRkZJevJPH1mRoZ7QSK3pX6ibsd6Ww==
x-evy-trace-listener: listener_https
x-request-id: 35a1225b-463d-4e78-b1ab-c6b3cf1dcc21
x-evy-trace-route-configuration: listener_https/all
last-modified: Tue, 26 Sep 2023 21:31:53 GMT
server: cloudflare
etag: W/"5ed59c282b9dee1607ad405e28c8baf7"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://pages.donately.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-85c95667b4-fc6l5
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 816a04274ff991ef-FRA
expires: Sun, 15 Oct 2023 18:14:59 GMT

GET
H2 200 20073505.js Show response
js.hs-analytics.net/analytics/1697393100000/ 66 KB
21 KB 222ms
156ms Script
text/javascript 2606:4700::6810:4cba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1697393100000/20073505.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/20073505.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4cba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3582e7b1df50f31e79b71d340368e8f428d9f399c2fabd9879819ad04f52c55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.donately.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 18:09:59 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: GF8MB5JS1MJEXV2B
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 7d103192-a2d2-4699-849a-5fa0dbd38733
x-envoy-upstream-service-time: 16
x-amz-id-2: 0B4KliGvz1eW6JWAPiE9+1RswaH9a12Mj8mL2K6w9nC5Nn0+YU2iBocUN724DJttMyyDqgTShVs=
x-evy-trace-listener: listener_https
x-request-id: 7d103192-a2d2-4699-849a-5fa0dbd38733
x-evy-trace-route-configuration: listener_https/all
last-modified: Thu, 12 Oct 2023 15:36:18 GMT
server: cloudflare
etag: W/"89891037d79d7f8eac2931059e500c2b"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-85c95667b4-mlgh4
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 816a04274b4abbd7-FRA
expires: Sun, 15 Oct 2023 18:14:59 GMT

GET
H2 200 feedbackweb-new.js Show response
js.hubspotfeedback.com/ 28 KB
10 KB 201ms
134ms Script
application/javascript 2606:4700::6810:c07c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hubspotfeedback.com/feedbackweb-new.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/20073505.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:c07c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50b27838420829457f40e3fdc9db022be07a9062b936b0748ae971a0583f462b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://pages.donately.com/
Origin: https://pages.donately.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 18:09:59 GMT
x-amz-version-id: KwL6GYrB8u8ivddNBBpFkWpaqCNzzhAN
via: 1.1 68a3b1d5c75429221abc685a453afb60.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-amz-cf-pop: IAD12-P3
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: b196c579-e6aa-4f5f-8bc0-772f0effed44
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=feedback-web-renderer-ui/static-1.16751/bundles/popupInjector.js&cfRay=816a04274c0e2bd3-FRA
x-cache: Hit from cloudfront
cache-tag: staticjsapp-feedback-web-renderer-script-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 3
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: b196c579-e6aa-4f5f-8bc0-772f0effed44
last-modified: Mon, 09 Oct 2023 08:14:52 UTC
server: cloudflare
etag: W/"696b4aef8b9ccf9459413c408ebffeec"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
x-hs-cache-status: HIT
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-7c89bb96b9-cq5v7
cf-ray: 816a04274c0e2bd3-FRA
x-amz-cf-id: IkzgmUxVQtj5R0ybdaBBvAaNw2OB9lUGf_-VhI5AmsBLywFhFqj_sg==
x-hs-target-asset: feedback-web-renderer-ui/static-1.16751/bundles/popupInjector.js

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
4 KB 95ms
34ms Script
application/javascript 2606:4700::6811:e3a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsadspixel.net/fb.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/20073505.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:e3a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1e4e3cba3eeeb3ad74ae67c1f42012ebb51d8497482e5c01d404579d49c6b04

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.donately.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 18:09:58 GMT
x-amz-version-id: MiORZOji2P27E5f3usS102mv5dcg0lYn
via: 1.1 3d4bfc42e9575ee1f9559241c9e3f464.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
age: 239
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.485/bundles/pixels-release.js&cfRay=8169fe4be8413642-FRA
x-cache: Hit from cloudfront
x-hubspot-correlation-id: eff44515-8741-4020-89be-e28b3b2caab6
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 0
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: eff44515-8741-4020-89be-e28b3b2caab6
last-modified: Tue, 19 Sep 2023 08:21:28 UTC
server: cloudflare
etag: W/"1bce211846e6a6691aa314979e0a21fb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-7c89bb96b9-27cn8
cf-ray: 816a04274c7b3627-FRA
x-amz-cf-id: 7gVbdkPdYdNTT_Ik0g7PeVnWmCHkiD-j2HRRUlX5FirtidPqVH6duw==
x-hs-target-asset: adsscriptloaderstatic/static-1.485/bundles/pixels-release.js

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 540 KB
86 KB 223ms
161ms Script
application/javascript 2606:4700::6812:7c0c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsleadflows.net/leadflows.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/20073505.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c0c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b399c5e2375b9f5d108af3cc74f7d665747a5d1955f5fde2db7f110b30a1f65e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://pages.donately.com/
Origin: https://pages.donately.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-encoding: br
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.1250/bundle/main/lead-flows-release.js&cfRay=816a04274c7f2c16-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"b41828c438dcec976b93ddee1edebd6d"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=86400, max-age=0
x-hs-target-asset: lead-flows-js/static-1.1250/bundle/main/lead-flows-release.js
date: Sun, 15 Oct 2023 18:09:59 GMT
x-amz-version-id: w9qtR_oGTBab1H9Wt5L5qiHDqxRKIaLE
via: 1.1 16df6ade68382d048f8aad1f7e39da28.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: MISS
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 52d1d2a7-389b-43e6-afcd-e8e967adab98
x-cache: RefreshHit from cloudfront
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 23
x-evy-trace-route-configuration: listener_https/all
x-request-id: 52d1d2a7-389b-43e6-afcd-e8e967adab98
last-modified: Mon, 04 Sep 2023 12:55:59 UTC
server: cloudflare
access-control-max-age: 3000
x-hs-cache-status: MISS
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-7c89bb96b9-q9rvq
cf-ray: 816a04274c7f2c16-FRA
x-amz-cf-id: 0novnNdNFwgAySnIDxue9HSVUuuvi6-a1V-pWb3gwNZxc_MMwQSYKA==

GET
H2 200 accountInfo.json Show response
cdn-account.optimonk.com/203840/ 169 B
835 B 184ms
108ms XHR
application/json 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-account.optimonk.com/203840/accountInfo.json
Requested by: Host: pages.donately.com
URL: https://pages.donately.com/demo//1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 6b953bca214488f269ef29ac2dc25d3710323320eb13701620cbbf00c42e8d00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.donately.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 18:09:59 GMT
content-encoding: br
cdn-edgestorageid: 1082
cdn-storageserver: DE-383
cdn-cachedat: 10/13/2023 11:38:18
cdn-pullzone: 951434
last-modified: Tue, 10 Oct 2023 16:54:56 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 639
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"652581e0-a9"
x-bunnycdn-countrycode: DE
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cdn-cache: REVALIDATED
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
access-control-expose-headers: X-BunnyCDN-CountryCode
cache-control: public, max-age=30
cdn-requestid: 6cb060e2147d8854ef29d9f43e50b950
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 217ms
146ms Preflight
text/plain 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=20073505&conversations-embed=static-1.14392&mobile=false&messagesUtk=ed947afab75647948a8e413e2f1a8872&traceId=ed947afab75647948a8e413e2f1a8872

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: https://pages.donately.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://pages.donately.com
allow: HEAD,GET,OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 816a04281f2290f2-FRA
content-length: 18
content-type: text/plain; charset=utf-8
date: Sun, 15 Oct 2023 18:09:59 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w0HeXIE25UA4T30mhwTfxTozBP%2BL%2FfYxF%2BlKyysRUvsmBCYi1PB5jqVXYOu58GbKb0VSTkmjykqxKazJwOqpJkqBnbne6CtXsi9VdrEOVvSrJFSEjV%2BHQgPJAIR1CZIjxBU372nn5BPhIPLe4A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 2
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5b5c96c966-2nv8j
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 1ba48013-b400-4e95-a34f-8521cf8530f2
x-request-id: 1ba48013-b400-4e95-a34f-8521cf8530f2
x-trace: 2BEF0A4C3C943018DF4C59F8DD93727FE17E2E13BD000000000000000000

GET
H2 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 2 KB
2 KB 274ms
273ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0822c11822a1d14a89055468d5429f2adbbca95fefda30c67e3740492dbc71f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pages.donately.com/
accept-language: de-DE,de;q=0.9
X-HubSpot-Messages-Uri: https://pages.donately.com/demo//1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 18:09:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 5099b14d-ba78-4e9d-8665-d271b8630200
x-envoy-upstream-service-time: 131
content-length: 1263
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 5099b14d-ba78-4e9d-8665-d271b8630200
server: cloudflare
x-trace: 2B8ADD440A2A8070719A33316105716801D245E297000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://pages.donately.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5b5c96c966-bnq2n
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ieTfDk2cdgtlR5aY6PFoUjbUEJJJDpDALMjXpKmyXh2cApZI8mOaRo%2FeMU6Yul3IrF7kZFl83PVFk7eN%2FDiV%2F4CfN1V7u8HsKKiugdfZrzUGcD5E46x0f8pUIzf3a6lF8rgSDpxpj9KV9tJuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 816a0429081c90f2-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H2 200 feedback-web-fetcher Show response
app.hubspot.com/ Frame C3B7 1 KB
2 KB 167ms
101ms Document
text/html 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/feedback-web-fetcher

Requested by

Host: js.hubspotfeedback.com
URL: https://js.hubspotfeedback.com/feedbackweb-new.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1086bad581365b193a63c2eac53440a18b6f113403be1776d3c8b9be374e1d27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	no-sniff

Request headers

Referer: https://pages.donately.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 29896
cache-control: max-age=0, no-cache, no-store
cf-cache-status: HIT
cf-ray: 816a0428cb36383e-FRA
content-encoding: br
content-security-policy-report-only: script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: *.fullstory.com fullstory.com apis.google.com; report-uri https://send.hsbrowserreports.com/csp/report?resource=feedback-web-renderer-ui/static-1.16751/html/fetcher.html&cfRay=816a0428cb36383e&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Ffeedback-web-fetcher&referrer=https%3A%2F%2Fpages.donately.com%2F&cfenv=prod&pdt=2023-10-15&csp=ro
content-type: text/html; charset=utf-8
date: Sun, 15 Oct 2023 18:09:59 GMT
expires: Mon, 16 Oct 2023 18:09:59 GMT
last-modified: Sun, 08 Oct 2023 07:48:33 GMT
nel: {"report_to":"nel","max_age":86400}
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]} {"group":"nel","max_age":86400,"endpoints":[{"url":"https://nel.hsbrowserreports.com/browser/reporting/reports"}]}
reporting-endpoints: default="https://send.hsbrowserreports.com/csp/reports?cfRay=816a0428cb36383e&resource=feedback-web-renderer-ui/static-1.16751/html/fetcher.html"
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
x-amz-cf-id: FGOLFM7nEylIevNpGuKIg3OAPKog75HZaPtMAPl37jSNnJ4p6l4k5g==
x-amz-cf-pop: FRA56-P2
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: 7BKezq4m6lUy60bp97D8auM_Bj2q8bT2
x-cache: Hit from cloudfront
x-content-type-options: no-sniff
x-hs-target-asset: feedback-web-renderer-ui/static-1.16751/html/fetcher.html
x-hs-worker-debug-mode: false

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 221ms
153ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3857904254&v=1.1&a=20073505&pu=https%3A%2F%2Fpages.donately.com%2Fdemo%2F%2F1&t=Donately+Demo+%7C+Donately&cts=1697393399082&vi=81b3ec992a1cb6882c649e9fb7a39174&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.donately.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 18:09:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 9567f551-fea9-4df9-9717-14967a7db628
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 9
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 9567f551-fea9-4df9-9717-14967a7db628
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=72DXlNNg1KGspJ1S3e8T7oLhTkLrFy7XMptYspAl8vbKqSsEw7qV7ykbNunRZkZU3D7wEGcV5GVWiqwJLASBr3%2BeUNn16HZp7WzxUo3L6%2BM%2FO%2F7yLZLezPrmXYw77h%2BwawiARZf0TlxgPmg9MoEi"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-674b9fb979-fc5kj
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 816a0428cd023a7c-FRA
x-robots-tag: none

POST
H2 200 after-pre-init Show response
front.optimonk.com/public/203840/embedded/ 152 B
508 B 102ms
31ms XHR
text/html 157.245.25.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://front.optimonk.com/public/203840/embedded/after-pre-init

Requested by

Host: pages.donately.com
URL: https://pages.donately.com/demo//1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.245.25.14 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

7647a4c48c5804e526f18b451327c1496cfbb04e6c01b806e7e8991cd60c3c42

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pages.donately.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sun, 15 Oct 2023 18:09:59 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
etag: W/"98-lC3A9CNC58A3Xk5qtOzmLLQkxH0"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Accept-Encoding
content-type: text/html; charset=utf-8
x-dns-prefetch-control: off
access-control-allow-origin: *
cache-control: no-cache
x-xss-protection: 1; mode=block

GET
H2 200 jfclientsdk.min.js Show response
gs-cdn.optimonk.com/jfclientsdk/latest/ 90 KB
31 KB 96ms
27ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://gs-cdn.optimonk.com/jfclientsdk/latest/jfclientsdk.min.js?ts=14
Requested by: Host: pages.donately.com
URL: https://pages.donately.com/demo//1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: 55dbd0e83e9d146778625976b8231c58419ec23b690f25dc5cd4c27667ca713d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.donately.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 18:09:59 GMT
content-encoding: br
cdn-edgestorageid: 1081
x-guploader-uploadid: ADPycdu_GCTvMTZajU6VSD5tvHDT5IA1_t_ryRMR3NcmpZwRsM51JxTHQf6xnfJbPDqnvG86fkz-z6yUc_XJpnss2nZ1DmzmihNM
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
cdn-cachedat: 10/09/2023 19:28:15
cdn-pullzone: 592317
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
last-modified: Mon, 09 Oct 2023 19:28:11 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"863d7f9742fbb3e78601d44762fa0077"
vary: Accept-Encoding, Accept-Encoding
x-goog-generation: 1696879691149932
content-type: application/javascript
cdn-cache: HIT
x-goog-hash: crc32c=O/S94Q==, md5=hj1/l0L7s+eGAdRHYvoAdw==
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
cache-control: public, max-age=2592000
x-goog-stored-content-length: 91837
cdn-requestid: 69e9534fc860b98d2ea553442df75a7b
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 preload.js Show response
front.optimonk.com/public/203840/js/ 5 KB
2 KB 107ms
38ms Script
application/javascript 157.245.25.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://front.optimonk.com/public/203840/js/preload.js?

Requested by

Host: pages.donately.com
URL: https://pages.donately.com/demo//1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.245.25.14 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

27316240bda37d3174c535665880582194ecf4c3df623da0859da73b87bd1a1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.donately.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 18:09:59 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
etag: W/"149b-gXhO0PPJQUP6DSYrmm6Bolbwxk8"
x-download-options: noopen
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=1350
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 preload-base.29ff07ef.js Show response
front.optimonk.com/ 63 KB
20 KB 55ms
54ms Script
application/javascript 157.245.25.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://front.optimonk.com/preload-base.29ff07ef.js

Requested by

Host: front.optimonk.com
URL: https://front.optimonk.com/public/203840/js/preload.js?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.245.25.14 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

25b17535c32193d3ed8de07e0f5500976a7c509245c9ce60ef7ebff1b7eb6650

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.donately.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 18:09:59 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
etag: W/"fd5a-jx3GTt91lwydOb27ZsAa9ZbgBJM"
x-download-options: noopen
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=604800
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 fetcher.js Show response
static.hsappstatic.net/feedback-web-renderer-ui/static-1.16751/bundles/ Frame C3B7 16 KB
7 KB 104ms
37ms Script
application/javascript 2606:4700::6812:b05d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/feedback-web-renderer-ui/static-1.16751/bundles/fetcher.js

Requested by

Host: app.hubspot.com
URL: https://app.hubspot.com/feedback-web-fetcher

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b05d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da3f36aabd9484f11a09cc9e17ce2d85a782346b363065be5668ac732f6631af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 18:09:59 GMT
x-amz-version-id: Gu9WvfVkh5554tt_peNvwW1FaOhLPJvH
via: 1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P2
age: 554084
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
server-timing: cfr;desc=816a0429ec59bbfe-FRA
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 08 Oct 2023 07:48:33 GMT
server: cloudflare
etag: W/"42cc1340b75cae2f3a47a8ca695cc778"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nA7IV2wAPsbgz8c44Pn9nxzykqkV0fGlpXU%2FLpm2tlzjNsnIb5hCGCtUyVKTN%2FZqKMDAN1F0NGJmB19vc7Rm9a7pY%2FGCminl%2Fr4lQIt2h7lLBJAf%2BDa%2Bn0rb8PXAldxO5bJ66wujJeU9nNLrCIMjALfbM0U%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
timing-allow-origin: *
cf-ray: 816a0429ec59bbfe-FRA
x-amz-cf-id: gvfVUf3m58OtAPqJ-4T5sZNo4RGBRpvvk9sfzMUJS9duhllcUR28rw==
expires: Mon, 14 Oct 2024 18:09:59 GMT

POST
H2 200 / Show response
jfapiprod.optimonk.com/v2/ 26 B
196 B 213ms
157ms Fetch
application/json 34.117.177.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://jfapiprod.optimonk.com/v2/
Requested by: Host: gs-cdn.optimonk.com
URL: https://gs-cdn.optimonk.com/jfclientsdk/latest/jfclientsdk.min.js?ts=14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.177.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.177.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 3e9b76cd18916b141392804403064f5b92bcbf054ca0b20036d44b04405fd854

Request headers

Referer: https://pages.donately.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 15 Oct 2023 18:09:59 GMT
via: 1.1 google
etag: W/"1a-oDk6RB3+SLV96sulj5WuSYroQto"
content-length: 26
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json; charset=utf-8

POST
H2 200 load Show response
front.optimonk.com/public/203840/js/ 0
346 B 29ms
28ms XHR
application/javascript 157.245.25.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://front.optimonk.com/public/203840/js/load

Requested by

Host: front.optimonk.com
URL: https://front.optimonk.com/preload-base.29ff07ef.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.245.25.14 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pages.donately.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sun, 15 Oct 2023 18:09:59 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
x-dns-prefetch-control: off
access-control-allow-origin: *
cache-control: no-cache
x-xss-protection: 1; mode=block

OPTIONS
H2 200 web-config
feedback.hubapi.com/feedback/public/v1/ Frame 0
0 202ms
136ms Preflight
text/plain 2606:4700::6811:cacc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://feedback.hubapi.com/feedback/public/v1/web-config?portalId=20073505&utk=81b3ec992a1cb6882c649e9fb7a39174&bundleVersion=1.16751&currentUrl=https%3A%2F%2Fpages.donately.com%2Fdemo%2F%2F1&pageUrl=https%3A%2F%2Fpages.donately.com%2Fdemo%2F%2F1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cacc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: x-hs-referer
Access-Control-Request-Method: GET
Origin: https://app.hubspot.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, X-Hubspot-Static-App-Info, X-HS-Referer
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://app.hubspot.com
access-control-expose-headers: X-Origin-Hublet
access-control-max-age: 180
allow: HEAD,GET,OPTIONS
cache-control: max-age=0, no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 816a042a98f63620-FRA
content-length: 18
content-type: text/plain; charset=utf-8
date: Sun, 15 Oct 2023 18:09:59 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U6GEnMOmMndp36j%2FQhLdfth06uaDHTNBDXtQcdi4yZDFo5CesQEreTrPUSsLRAWPNACC9nRx1%2FCThcW6FzKgMwWl6fhsAlNeWTXgXq3wWfM8xdcBG5V7gRfe3Sz5K%2BVrPZYL%2BypBm5M%2BwblIqkV2ngo%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 2
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/star-hubapi-td/envoy-proxy-7c94c977f7-hq9sn
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: ceca258d-b2f2-4bde-91a9-8c00e928d349
x-request-id: ceca258d-b2f2-4bde-91a9-8c00e928d349
x-trace: 2B5DE37133BA2F1E12B3D7434409B8C1A664222553000000000000000000

GET
H2 200 web-config Show response
feedback.hubapi.com/feedback/public/v1/ Frame C3B7 36 B
497 B 150ms
150ms XHR
application/json 2606:4700::6811:cacc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/feedback-web-renderer-ui/static-1.16751/bundles/fetcher.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cacc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84aaf4cf9056f7961e4840854423429ee7c3b16c1252c63f01ddf229b412e204

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.hubspot.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
X-HS-Referer: https://pages.donately.com/demo//1

Response headers

x-origin-hublet: na1
date: Sun, 15 Oct 2023 18:09:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 10313cea-5271-4122-b2d6-33aa01e067d7
x-envoy-upstream-service-time: 9
content-length: 36
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 10313cea-5271-4122-b2d6-33aa01e067d7
server: cloudflare
x-trace: 2BC5CF761C9BFAA9F27020CF397B0BC7303E7E806E000000000000000000
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://app.hubspot.com
x-evy-trace-virtual-host: all
access-control-expose-headers: X-Origin-Hublet
access-control-max-age: 180
access-control-allow-credentials: true
cache-control: max-age=0, no-cache, no-store
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BUu%2BB0IJy%2Ftobt0q%2BtGzxve%2FFshtVtw69kvmB9FfydLh6oxMWBNbqRSvZGeBLH2GpVKlB8SYBSfock5NHeoKU25pREFhqlFOBa%2FaPzOUMwBTDR%2BvA2OyOE6ydDBofqnQXHEULCWTihVPyuhbdWbU6jE%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/star-hubapi-td/envoy-proxy-7c94c977f7-h55tt
access-control-allow-headers: Content-Type, X-Hubspot-Static-App-Info, X-HS-Referer
cf-ray: 816a042b6a883620-FRA

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 179 B
673 B 169ms
152ms XHR
application/json 2606:4700::6811:cacc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=20073505

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cacc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38e2b78b368d12ef24cd75d3f1d0cd3eebf485960b25f7ba5c9bfedbcc1e2637

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.donately.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 18:09:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 2768798c-638f-436a-a0e7-88d4d54d5829
content-encoding: br
x-envoy-upstream-service-time: 9
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 2768798c-638f-436a-a0e7-88d4d54d5829
server: cloudflare
x-trace: 2BCBA95048DCE747F6F4F0FFC5DFDC8BFE780198DB000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://pages.donately.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5b5c96c966-fjg5s
access-control-max-age: 180
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0elYN9CZcyCnDYy3yKxrbdDjMrtiPMiPgO25om5%2FcGgEOh%2B6yyd1XoY2URFSkPX%2BuJI8SBY7bTlqAn0Xq2QCaJTub6d3IRGTrznMOb0G2eb50PHgcdIAaAUO8MbFBf%2B4sNvAGv97UiTNqTHr"}],"group":"cf-nel","max_age":604800}
cf-ray: 816a042ab93e3620-FRA
access-control-allow-headers: *

GET
H2 200 ed947afab75647948a8e413e2f1a8872 Show response
app.hubspot.com/conversations-visitor/20073505/threads/utk/ Frame 30DE 53 KB
19 KB 174ms
174ms Document
text/html 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/conversations-visitor/20073505/threads/utk/ed947afab75647948a8e413e2f1a8872?uuid=7165037ecd1c44bbbbf6f272b4bc047c&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=pages.donately.com&inApp53=false&messagesUtk=ed947afab75647948a8e413e2f1a8872&url=https%3A%2F%2Fpages.donately.com%2Fdemo%2F%2F1&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45733d41744e0a8a67fabc96fc8f6b8b88c28d530e39378433a957e955537938

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	no-sniff

Request headers

Referer: https://pages.donately.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: false
age: 1188
cache-control: max-age=600
cache-tag: staticjsapp-conversations-visitor-ui-web-prod,staticjsapp-prod
cf-cache-status: DYNAMIC
cf-ray: 816a042acec4383e-FRA
content-encoding: br
content-security-policy-report-only: script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: connect.facebook.net www.gstatic.cn www.gstatic.com www.google.com www.recaptcha.net *.fullstory.com fullstory.com apis.google.com snap.licdn.com; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-visitor-ui/static-1.16851/html/index.html&cfRay=816a042acec4383e&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Fconversations-visitor%2F20073505%2Fthreads%2Futk%2Fed947afab75647948a8e413e2f1a8872%3Fuuid%3D7165037ecd1c44bbbbf6f272b4bc047c%26mobile%3Dfalse%26mobileSafari%3Dfalse%26hideWelcomeMessage%3Dfalse%26hstc%3Dnull%26domain%3Dpages.donately.com%26inApp53%3Dfalse%26messagesUtk%3Ded947afab75647948a8e413e2f1a8872%26url%3Dhttps%253A%252F%252Fpages.donately.com%252Fdemo%252F%252F1%26inline%3Dfalse%26isFullscreen%3Dfalse%26globalCookieOptOut%3Dnull%26isFirstVisitorSession%3Dtrue%26isAttachmentDisabled%3Dfalse%26isInitialInputFocusDisabled%3Dfalse%26enableWidgetCookieBanner%3Dfalse%26isInCMS%3Dfalse&referrer=https%3A%2F%2Fpages.donately.com%2F&cfenv=prod&pdt=2023-10-15&csp=ro
content-type: text/html; charset=utf-8
date: Sun, 15 Oct 2023 18:09:59 GMT
etag: W/"366ee676640a55b7bd421c6492e596f4"
last-modified: Tue, 10 Oct 2023 02:47:57 UTC
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]}
reporting-endpoints: default="https://send.hsbrowserreports.com/csp/reports?cfRay=816a042acec4383e&resource=conversations-visitor-ui/static-1.16851/html/index.html"
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
via: 1.1 c3d335addde48969fafe25d4064cee80.cloudfront.net (CloudFront)
x-amz-cf-id: f_Uu1ACdezVgqJdU2YwlrU6n0Ts8ni_oHvvb2ZXXuMtUKhsgchpRFQ==
x-amz-cf-pop: IAD12-P3
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: rg48cpZ2YzcWQF68TeS2kVdpJn6qdOg7
x-cache: Hit from cloudfront
x-content-type-options: no-sniff
x-envoy-upstream-service-time: 5
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-7c89bb96b9-27cn8
x-evy-trace-virtual-host: all
x-hs-cache-status: MISS
x-hs-target-asset: conversations-visitor-ui/static-1.16851/html/index.html
x-hs-worker-debug-mode: false
x-hubspot-correlation-id: 946b3517-e0eb-410b-9c68-88f46f249bd6
x-request-id: 946b3517-e0eb-410b-9c68-88f46f249bd6

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 178 B
935 B 177ms
160ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=20073505&utk=81b3ec992a1cb6882c649e9fb7a39174&__hstc=11177387.81b3ec992a1cb6882c649e9fb7a39174.1697393399080.1697393399080.1697393399080.1&__hssc=11177387.1.1697393399080&currentUrl=https%3A%2F%2Fpages.donately.com%2Fdemo%2F%2F1

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26d34426bf44246de41a86fab23c637232f6b1e21064db25027c70018f2da19a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.donately.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 18:09:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 3d1d3994-cccc-47f3-aa77-b6f26ec4c826
content-encoding: br
x-envoy-upstream-service-time: 20
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 3d1d3994-cccc-47f3-aa77-b6f26ec4c826
server: cloudflare
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://pages.donately.com
x-evy-trace-virtual-host: all
access-control-max-age: 180
access-control-allow-credentials: false
cache-control: max-age=0, no-cache, no-store
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A3nqU33nWtSUpjKKH0D6ThIDAkrZuZgYxeibzkZjoBP0ezEr5Wp1EAm0BPAZlC5ZBh%2FDOPOa0fMjrVZzYK5FhtC88AZ4buvs06I1N9cIpJyt3V85%2BtpY8%2FGTzQ3v1edrVXwyGDJ5JPrXDZPxdWky"}],"group":"cf-nel","max_age":604800}
x-robots-tag: none
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 816a042b4ad190f2-FRA
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-79986f96f-97gbm

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 229 KB
79 KB 41ms
40ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-939933942

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c4eea15dae81777ff0fe55d5691b5359051568ac58699de4981262691c2255cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.donately.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 18:09:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80880
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 15 Oct 2023 18:09:59 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/939933942/ 3 KB
2 KB 245ms
244ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/939933942/?random=1697393399624&cv=11&fst=1697393399624&bg=ffffff&guid=ON&async=1&gtm=45be3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.donately.com%2Fdemo%2F%2F1&hn=www.googleadservices.com&frm=0&tiba=Donately%20Demo%20%7C%20Donately&did=dZTQ1Zm&gdid=dZTQ1Zm&auid=1794384057.1697393398&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-939933942

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a6591e68e8e4e14cb50491bcb81c0d1bbdd51aa118220067ce7678add127c9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.donately.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Oct 2023 18:09:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1316
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 12 KB
4 KB 29ms
29ms Script
application/x-javascript 2a02:26f0:7100::1720:ef23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100::1720:ef23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

28a26321734fb5f8c8fe42b5503f162fdf1469bf97e2d9c503a83cc2b3c534cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.donately.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 18:09:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 Sep 2023 13:41:52 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=44285
accept-ranges: bytes
content-length: 3822

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/head-dlb/static-1.368/ Frame 30DE 44 KB
16 KB 38ms
36ms Script
application/javascript 2606:4700::6812:b05d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/head-dlb/static-1.368/bundle.production.js

Requested by

Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/20073505/threads/utk/ed947afab75647948a8e413e2f1a8872?uuid=7165037ecd1c44bbbbf6f272b4bc047c&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=pages.donately.com&inApp53=false&messagesUtk=ed947afab75647948a8e413e2f1a8872&url=https%3A%2F%2Fpages.donately.com%2Fdemo%2F%2F1&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b05d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15da0333da024365f065c44b1861355fac0211292dd57a0bb5f482ebcd166f4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 18:09:59 GMT
x-amz-version-id: wWLMJ6qW0lXJfco2m026CzodYMop32jV
via: 1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P2
age: 1031882
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
server-timing: cfr;desc=816a042befd2bbfe-FRA
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 11 Jul 2023 18:31:41 GMT
server: cloudflare
etag: W/"63ec2a77119dfb2ddcae56ab3a029230"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YEcOOqC29yDST0ROTJnYXSDxrzbRUcygFDprZymZMvIR06xRDITFRVOC8YN1lERNBX8HmdB7fXp9oCbQLwKsTnGziGLSliB8fmMxfz8v6pdeO2f68IWtOougOxg3pqreXGAbiS6l8L5Bj7qU0pg3zbYLQgw%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
timing-allow-origin: *
cf-ray: 816a042befd2bbfe-FRA
x-amz-cf-id: xEaqg5KAtuSyLjMFTa6Zc8RqlRvTY3Ioxy5ezGY5KFcb4l8RfHShCQ==
expires: Mon, 14 Oct 2024 18:09:59 GMT

GET
H3 200 visitor.css
static.hsappstatic.net/conversations-visitor-ui/static-1.16739/sass/ Frame 30DE 19 KB
4 KB 63ms
34ms Stylesheet
text/css 2606:4700::6812:b05d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.16739/sass/visitor.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:b05d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5378554e87e3ca5bf5814c807c57c8b5b03769cb252de7a36523f0ccb3de6417

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 18:09:59 GMT
x-amz-version-id: KvYReuCP2inqlK_SBKZk5q5oqXwYV.Wh
via: 1.1 e5b75c92aeb08b72d17d5fe9dd0647e0.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: CDG52-P2
age: 1140658
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
server-timing: cfr;desc=816a042c1f64036e-FRA
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 02 Oct 2023 13:13:59 GMT
server: cloudflare
etag: W/"605f1152f9ec93a0118808b7cec5f7e6"
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C0A0VrLE6pPgOMGi0BqunVdBDVTZQnunqZyYwbkVG%2B83FmhUNzXy6Ob1CxuTBX9L92Mmi%2F5xabFlxWlH%2B5oyL8nprz%2BEi%2BcUp6uuGRIbZIzxHmO10oq0OjatoHPwGJMJUrZWZbwQmKZcwVngzeYkK6Y7XVE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
timing-allow-origin: *
cf-ray: 816a042c1f64036e-FRA
x-amz-cf-id: 3BCOkeZn5umflQEPOuvkOzPuOZRgbEUXgmU_uF0dqvnzSKYMBttpHQ==
expires: Mon, 14 Oct 2024 18:09:59 GMT

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/hubspot-dlb/static-1.438/ Frame 30DE 295 KB
94 KB 39ms
38ms Script
application/javascript 2606:4700::6812:b05d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/hubspot-dlb/static-1.438/bundle.production.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b05d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

abb67ec9baf00b771641b3e783f5511c58621d346ee890fe8b82139b9d7c1005

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 18:09:59 GMT
x-amz-version-id: QR.7BVVxWRX648zgagdsk0.3qbRZHX6u
via: 1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P2
age: 2154037
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
server-timing: cfr;desc=816a042befd3bbfe-FRA
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 25 Jul 2023 10:27:02 GMT
server: cloudflare
etag: W/"e1432fc848986a403838f2466a71736c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XbBCGZ9FssvyWU%2FIAUuLWGq5s5sndRg%2BMns2wsu4n8nfA%2Bc7vmCwDlxA7eUI3EGJI7Ee6pUXs7okq4D%2FmDtC5kicncEoL%2FYGPPfMheVPkKt5JJrbRXOfK7ZSQqd%2Btfyls3UFQFr3AzohoHrgFc4vApD%2B9W4%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
timing-allow-origin: *
cf-ray: 816a042befd3bbfe-FRA
x-amz-cf-id: Q-DIeGOBFXSEer0tuh-bv2-2K52mWV0P8tHuGYmcGiHFoB1ebL4nCg==
expires: Mon, 14 Oct 2024 18:09:59 GMT

GET
H2 200 visitor.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.16851/bundles/ Frame 30DE 639 KB
190 KB 38ms
37ms Script
application/javascript 2606:4700::6812:b05d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.16851/bundles/visitor.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b05d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa6c179b7bd40056ad91fdf44a36f4bfc834013af7beb07c9df6196afca27b58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 18:09:59 GMT
x-amz-version-id: zR1NxpHF8ukaymxjjvJdJTmPExIMO6f8
via: 1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P2
age: 444112
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
server-timing: cfr;desc=816a042befd5bbfe-FRA
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 10 Oct 2023 14:29:56 GMT
server: cloudflare
etag: W/"874dd8228376298fcbd0eb5330ad2198"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UijyY0cPziU%2BoBxwfJsaD9rZJs9fqynhh%2BzoDK9wdcxO7%2BVKkqCQRtcS8qDqDxloRTsY3gGIqI82c%2B2OZQhEjMLMKnME2aac6x8ZcgFqUC4LMyII9tnI%2FkW0agk2Ln7q4hxHatK%2Bn5WVng0kG7UtaH8shj0%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
timing-allow-origin: *
cf-ray: 816a042befd5bbfe-FRA
x-amz-cf-id: YXgXvYUX6P0NwjB16DLbLKHd-ud2u_mOevMRDmsZct6FMDs4nd8Law==
expires: Mon, 14 Oct 2024 18:09:59 GMT

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 31ms
31ms Script
application/x-javascript 2a02:26f0:7100::1720:ef23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100::1720:ef23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5b3086a886aa8649ecbf496ac913a1aa443926cd2fff610be2d136c9598bcd8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.donately.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 18:09:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 15 Oct 2023 08:32:45 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=51801
accept-ranges: bytes
content-length: 3272

GET
H3 200 i18n-data-data-locales-en-us.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.16718/ Frame 30DE 776 B
1 KB 42ms
41ms Script
application/javascript 2606:4700::6812:b05d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.16718/i18n-data-data-locales-en-us.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:b05d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ad8c6b622ccdbde3d288a83c36673b0a56bec168ae53a79f14041f2a7f6e663

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 18:09:59 GMT
x-amz-version-id: aadNUcaz4d.P8zmjGD5JBZ75HBEgQACL
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P2
age: 1391341
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
server-timing: cfr;desc=816a042cdff65d7b-FRA
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 28 Sep 2023 18:31:43 GMT
server: cloudflare
etag: W/"8d32d8aec067cf3d9de8ed8ebba41cba"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=11BNOXRTlSmuxMnPANn1NdQwrN3ohHBv4%2FKrgiGBVqqIgOPMS1qYcTVc8X6n%2Fno%2B67R0%2FDmIaWhe9x0wpE9DtZjKz2%2BFlbVMqAbaF%2FqX7a3Ep9nI25HAoM2h694pet5VOQmbQ1CdFS6bOGzirbaVVgPERPo%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
timing-allow-origin: *
cf-ray: 816a042cdff65d7b-FRA
x-amz-cf-id: 3ouaTAXQg-zJrYbOptnlDcvTWq3d6wx2XB6A589_qyb8MNvIm3zwOw==
expires: Mon, 14 Oct 2024 18:09:59 GMT

GET
H2 200 nr-spa-1216.min.js Show response
js-agent.newrelic.com/ Frame 30DE 49 KB
19 KB 107ms
38ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa-1216.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id: UU.F5jvoumAjQChriwTQHbisCFw_OInU
content-encoding: br
via: 1.1 varnish
date: Sun, 15 Oct 2023 18:09:59 GMT
strict-transport-security: max-age=300
x-amz-request-id: CYHK4NX4K4K9QMW5
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 19141
x-amz-id-2: WEfAx159XR4RnzbYfxv3P+E71JX78MxVD9dh5n1V/aneSLPm0RzfzZd8jCu1GNwsSXewbWHVAO4=
x-served-by: cache-fra-etou8220099-FRA
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
server: AmazonS3
x-timer: S1697393400.967097,VS0,VE0
etag: "63e2df852d15ab21d7ff8fc4363222e8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 716

POST
H2 204 rhumb
app.hubspot.com/api/cartographer/v1/ Frame 30DE 0
1 KB 151ms
150ms Ping
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/api/cartographer/v1/rhumb?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.16851

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.16851/bundles/visitor.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.hubspot.com/conversations-visitor/20073505/threads/utk/ed947afab75647948a8e413e2f1a8872?uuid=7165037ecd1c44bbbbf6f272b4bc047c&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=pages.donately.com&inApp53=false&messagesUtk=ed947afab75647948a8e413e2f1a8872&url=https%3A%2F%2Fpages.donately.com%2Fdemo%2F%2F1&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 15 Oct 2023 18:10:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 2c7d97c0-9a54-4079-ba5b-c5a800128d7c
x-envoy-upstream-service-time: 5
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 2c7d97c0-9a54-4079-ba5b-c5a800128d7c
server: cloudflare
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F25gbjz7ASHMwXDABG%2BZ1M8%2BIsc3M4v3HLbkibT2VQ5VuywYialAIGvsjz%2FiZ3mLw6O0RSmqVZLX9hZ6yZIpLQexofTKs4jVH2Nf45UQSdOydzmlrB6rbFk1UPtLa3SQ%2BjkNPtZ51Elw4KUqvw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://app.hubspot.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5b5c96c966-wmpbb
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing, X-Hubspot-Correct-Hublet, X-HubSpot-Auth-Failure
access-control-max-age: 604800
access-control-allow-credentials: true
x-evy-trace-virtual-host: all
cf-ray: 816a042d7af3383e-FRA
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer
timing-allow-origin: *

GET
H2 200 5 Show response
app.hubspot.com/api/livechat-public/v1/feedback/survey/ Frame 30DE 16 B
623 B 166ms
166ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/api/livechat-public/v1/feedback/survey/5?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.16851&conversations-visitor-ui=static-1.16851&traceId=ed947afab75647948a8e413e2f1a8872&sessionId=AMOaWbLAPSTv__viBeqWM3lov1h-VDZDzYDMr1Z3nhN9D3q-K5GKhfhHN5RPlv0meHcBdH6VzdmmY6Xk9H38taxz6wg9bvtIeDe79EsFcnvPXRus9hw_CAFpinBHixbQhTA5Ueb0J4134ONCl6B5Bmfh9lKeXRAEUiH7yItpMZMRMeGSGMjWT-8

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26b3426b2593763c96d0890b4a77a0bbf66d13fc512b0c6b138a23c290f30a2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://app.hubspot.com/conversations-visitor/20073505/threads/utk/ed947afab75647948a8e413e2f1a8872?uuid=7165037ecd1c44bbbbf6f272b4bc047c&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=pages.donately.com&inApp53=false&messagesUtk=ed947afab75647948a8e413e2f1a8872&url=https%3A%2F%2Fpages.donately.com%2Fdemo%2F%2F1&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 18:10:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 93db5a54-d864-43b4-afc9-d86ce0918933
x-envoy-upstream-service-time: 14
content-length: 16
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 93db5a54-d864-43b4-afc9-d86ce0918933
server: cloudflare
x-trace: 2BDACC1E7D73C4CC4F0F3B610010A129508160C245000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5b5c96c966-wts5f
x-evy-trace-virtual-host: all
access-control-allow-credentials: false
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RepmW0GFHvj1ITIL0ABzZaIzzwQ8yrjd%2FNC07pC%2BRkn3DfkuKHTyncVSly2bujxU7hslr6d71k%2BuRrnbfF654YMkvbgrPo1uGVyBl1Wnp7%2F%2FFEAGELYQ3vnEvWRz0LTKmY%2Fa4nrmdHSp8hyg1w%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 816a042d8b09383e-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H2 200 /
www.google.com/pagead/1p-user-list/939933942/ 42 B
108 B 38ms
36ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/939933942/?random=1697393399624&cv=11&fst=1697392800000&bg=ffffff&guid=ON&async=1&gtm=45be3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.donately.com%2Fdemo%2F%2F1&frm=0&tiba=Donately%20Demo%20%7C%20Donately&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4233774287&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.donately.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Oct 2023 18:09:59 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/939933942/ 42 B
64 B 36ms
35ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/939933942/?random=1697393399624&cv=11&fst=1697392800000&bg=ffffff&guid=ON&async=1&gtm=45be3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.donately.com%2Fdemo%2F%2F1&frm=0&tiba=Donately%20Demo%20%7C%20Donately&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4233774287&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.donately.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Oct 2023 18:09:59 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collector Show response
collector-px963uiwkr.px-cloud.net/api/v2/ 32 B
49 B 44ms
43ms XHR
application/json 35.190.10.96
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-px963uiwkr.px-cloud.net/api/v2/collector
Requested by: Host: pages.donately.com
URL: https://pages.donately.com/963UiWkR/init.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 96.10.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 18b925cd64514a921ab80648d3fdeabc79813ca6be20b6aa4f9a1504f49b29d3

Request headers

Referer: https://pages.donately.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sun, 15 Oct 2023 18:09:59 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://pages.donately.com
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32

GET
H/1.1 200
OK f9d051f404 Show response
bam-cell.nr-data.net/1/ Frame 30DE 56 B
965 B 306ms
179ms Script
text/javascript 162.247.241.2
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/f9d051f404?a=205242107&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=515&ck=1&ref=https://app.hubspot.com/conversations-visitor/20073505/threads/utk/ed947afab75647948a8e413e2f1a8872&be=249&fe=398&dc=345&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1697393399474,%22n%22:0,%22f%22:0,%22dn%22:0,%22dne%22:0,%22c%22:0,%22ce%22:0,%22rq%22:1,%22rp%22:175,%22rpe%22:177,%22dl%22:178,%22di%22:345,%22ds%22:345,%22de%22:346,%22dc%22:398,%22l%22:398,%22le%22:398%7D,%22navigation%22:%7B%7D%7D&fp=450&fcp=450&ja=%7B%22nrSnippetVersion%22:%221216%22,%22environment%22:%22prod%22,%22deployed%22:true,%22hublet%22:%22na1%22,%22hsOlderBrowserVersion%22:false,%22conditionalPolyfillsInstalled%22:false,%22portalId%22:20073505,%22package%22:%22conversations-visitor-ui%22,%22packageVersion%22:%221.16851%22,%22template%22:%22visitor-index.html.tsx%22,%22user-online%22:true,%22visibility%22:%22visible%22,%22currentVisibility%22:%22visible%22,%22isEmbeddedInProduct%22:%22false%22,%22isInlineEmbeddedWidget%22:false,%22reactRhumbVersion%22:%221.9661%22,%22reaganVersion%22:%22react-rhumb%22,%22route%22:%22/%22,%22numReaganChecksStarted%22:1,%22numPreviousReaganChecksAborted%22:0,%22avgDurationBeforePreviousReaganAborts%22:0,%22numPreviousReaganChecksFailed%22:0,%22numPreviousReaganChecksSuccessful%22:0%7D&jsonp=NREUM.setToken
Requested by: Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/20073505/threads/utk/ed947afab75647948a8e413e2f1a8872?uuid=7165037ecd1c44bbbbf6f272b4bc047c&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=pages.donately.com&inApp53=false&messagesUtk=ed947afab75647948a8e413e2f1a8872&url=https%3A%2F%2Fpages.donately.com%2Fdemo%2F%2F1&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.2 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9745c48d0b4c918d466da4acdb3f786ef5cda4c69ac0b6009d76cff67e6325d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sun, 15 Oct 2023 18:10:00 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=weFfNpjheXLyn83b4q09XzPCm3FUe%2FDu2TeZMOQmKq%2FVQAGj9Mk4SuoZOlCy1%2BK%2FRAruf8OzHHj%2BAltAAhRUg2oqHqn%2FGoPSIVQAqtLE1ktOj2S4FL252h7zNKroZpiv%2Bg2rDNPm"}],"group":"cf-nel","max_age":604800}
Vary: Accept-Encoding
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
CF-Ray: 816a042ecb9d2c75-FRA

POST
H/1.1 204
No Content f9d051f404 Show response
bam-cell.nr-data.net/ins/1/ Frame 30DE 0
668 B 156ms
155ms XHR
text/plain 162.247.241.2
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/ins/1/f9d051f404?a=205242107&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=827&ck=1&ref=https://app.hubspot.com/conversations-visitor/20073505/threads/utk/ed947afab75647948a8e413e2f1a8872
Requested by: Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/20073505/threads/utk/ed947afab75647948a8e413e2f1a8872?uuid=7165037ecd1c44bbbbf6f272b4bc047c&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=pages.donately.com&inApp53=false&messagesUtk=ed947afab75647948a8e413e2f1a8872&url=https%3A%2F%2Fpages.donately.com%2Fdemo%2F%2F1&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.2 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://app.hubspot.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type: text/plain

Response headers

Date: Sun, 15 Oct 2023 18:10:00 GMT
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sfSCpWOUY46pojcRAoy5exW4N2QZ9eUfgCyFCOZT6c%2BwwS0Y7vHt5YWQ6t3wrrva8WLXMGepTdqBIFY0CMMlj5i5rnV88DJLvITz1U6Y7i6dU2M1vKqfPa24DHxDQ7KiyAeHhjgA"}],"group":"cf-nel","max_age":604800}
Access-Control-Allow-Origin: https://app.hubspot.com
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 816a042ffd782c75-FRA

POST
H/1.1 200
OK f9d051f404 Show response
bam-cell.nr-data.net/events/1/ Frame 30DE 24 B
735 B 221ms
171ms XHR
image/gif 162.247.241.2
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/events/1/f9d051f404?a=205242107&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=831&ck=1&ref=https://app.hubspot.com/conversations-visitor/20073505/threads/utk/ed947afab75647948a8e413e2f1a8872
Requested by: Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/20073505/threads/utk/ed947afab75647948a8e413e2f1a8872?uuid=7165037ecd1c44bbbbf6f272b4bc047c&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=pages.donately.com&inApp53=false&messagesUtk=ed947afab75647948a8e413e2f1a8872&url=https%3A%2F%2Fpages.donately.com%2Fdemo%2F%2F1&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.2 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://app.hubspot.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type: text/plain

Response headers

Date: Sun, 15 Oct 2023 18:10:00 GMT
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://app.hubspot.com
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6bbqGDvsPSBwJiLceGF5oZ7v8q2Tx3dELXKOWD9TmbzdQ%2FL2qILcH%2FHsI0pADJKrigtvzxPbxRAohkHEU8UQbC%2F0V0Hw72tqz63AUVAHF6zlUWlhnOffjCMEo6kSDc%2Bks2gwigif"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 816a04304aca6946-FRA
Content-Length: 24

Verdicts & Comments Add Verdict or Comment

111 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

38 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pages.donately.com/	1970-01-21 00:15:29	Name: _pxhd Value: cHGD6I4Q9rErLtgLsy32XXRtsnxWJbugFsTFixmj8IATOH-Pv-m4xDTlDlKbRZjV36RoPZyYGmynJtJidzHDAw==:f7K943xgThFjoNoQtT6iB1WH/1ojLEaMDeSXOrv6ZbjyeK6XDazI28l4ONkObcn/7tZy2XyOChI7zdQOialHkDORjXy7QzjPR5CQm-dzCY0=
.donately.com/	1970-01-21 00:15:29	Name: _pxvid Value: 0aa8ec7c-6b86-11ee-8f0a-4926739b2126
.donately.com/	1969-12-31 23:59:59	Name: pxcts Value: 0b49a203-6b86-11ee-8a1b-e39c07816f9c
.donately.com/	1970-01-20 15:29:53	Name: _px2 Value: eyJ1IjoiMGIzNmJiMzAtNmI4Ni0xMWVlLWI1MGYtOTFiNzVmNzA0NWNmIiwidiI6IjBhYThlYzdjLTZiODYtMTFlZS04ZjBhLTQ5MjY3MzliMjEyNiIsInQiOjE2OTczOTM2OTc2NDUsImgiOiI2NzcwMGM3NmNlZjcxOGYxNzJmYTIyN2E4ZDM5ZGY5OTJkNTYwOTAyZGU0ZTI0ZjIxN2NiYTY0NjI0OGZhMmFlIn0=
.donately.com/	1970-01-21 01:05:53	Name: _ga_37PDV783XE Value: GS1.1.1697393398.1.1.1697393398.0.0.0
.donately.com/	1970-01-20 17:39:29	Name: _gcl_au Value: 1.1.1794384057.1697393398
.donately.com/	1970-01-21 01:05:53	Name: _ga_ZJ93F8ZFMB Value: GS1.1.1697393398.1.1.1697393398.0.0.0
.donately.com/	1970-01-20 17:39:29	Name: _fbp Value: fb.1.1697393398430.753166187
.donately.com/	1970-01-20 15:31:19	Name: _gid Value: GA1.2.1899506219.1697393398
.donately.com/	1970-01-20 15:29:53	Name: _gat_UA-25909623-1 Value: 1
.donately.com/	1970-01-20 15:29:53	Name: _gat_UA-25909623-6 Value: 1
.donately.com/	1970-01-21 01:05:53	Name: _ga Value: GA1.1.583097138.1697393398
.donately.com/	1970-01-21 01:05:53	Name: _ga_9BCP6ZNWKE Value: GS1.1.1697393398.1.0.1697393398.60.0.0
.donately.com/	1970-01-20 15:31:19	Name: _uetsid Value: 0d3086006b8611ee85f277ec19e4ca3e
.donately.com/	1970-01-21 00:51:29	Name: _uetvid Value: 0d3075e06b8611ee8fa187f3167bcbc7
.bing.com/	1970-01-21 00:51:29	Name: MUID Value: 020C63D1114A68B53843707A104A69B6
.donately.com/	1970-01-21 01:05:53	Name: _ga_5WKQJZMWDG Value: GS1.2.1697393398.1.0.1697393398.0.0.0
.donately.com/	1970-01-20 17:39:29	Name: dntly_origin Value: d664f30f71eee882c47c256b9a10e25a881fb6369d32eb2ef1ce76e96cfd75a6dafd17c5f66ec904da640ef84ee4573190d8b4b3b2dc4928b6813253b1b5ed994006693fb27aaa48e98158ede1c1166f4ecb17d4786ffcbb0232d87711ed854744191cc9c1b26e7c4fed5558884be71d6202da687451100b12257d51f0b2d3cd7c54147404e723378e9196085585b81ed6977f2872a7a2083bcc42b5b76293f3
.t.co/	1970-01-21 01:05:53	Name: muc_ads Value: 874722ea-1144-410a-9ebf-268ca30a0ae5
.twitter.com/	1970-01-21 01:05:53	Name: personalization_id Value: "v1_ql9O6nMGPM+Sb7ttwGxpxw=="
.linkedin.com/	1970-01-20 17:39:29	Name: li_sugr Value: 41d4ee6b-2571-4884-9dae-24dbe6966b39
.linkedin.com/	1970-01-21 00:15:29	Name: bcookie Value: "v=2&df2dc239-b41a-49fa-85bc-18b333184357"
.linkedin.com/	1970-01-20 15:31:19	Name: lidc Value: "b=OGST00:s=O:r=O:a=O:p=O:g=3101:u=1:x=1:i=1697393398:t=1697479798:v=2:sig=AQGsi52X5JB75Xa-xqkjdxVF06DwDmgx"
pages.donately.com/	1970-01-21 00:16:55	Name: optiMonkClientId Value: a1ef627d-1c96-d052-6d06-de45877cdade
.linkedin.com/	1970-01-20 16:13:05	Name: UserMatchHistory Value: AQIjrHwN6Bc-gAAAAYs0h9TS0EgZtKhTkjWkFCvxWyH6jCe1l-9d59uK_w5y01hNwEUqXIcbSBkBqw
.linkedin.com/	1970-01-20 16:13:05	Name: AnalyticsSyncHistory Value: AQLp_6kZpTgAmgAAAYs0h9TSEMFm-i2R3Oapi04hnOTUswcY2Rw9fpqnk-_o6bWAyqLn-50HW2YUpsAuo4-i_g
pages.donately.com/	1969-12-31 23:59:59	Name: optiMonkSession Value: 1697393399
pages.donately.com/	1970-01-21 00:16:55	Name: optiMonkEmbedded203840 Value: N4IgFghgzgMglgWzgFwEoFMIGMzoCYgBcAZhADZToC+QA===
.www.linkedin.com/	1970-01-21 00:15:29	Name: bscookie Value: "v=1&20231015180959e983fd4a-d01e-4eef-8eb4-ad401b8d7496AQGwCJDmU7qyky9nztDTGGiFUmgXjWhY"
.linkedin.com/	1970-01-20 19:49:05	Name: li_gc Value: MTswOzE2OTczOTMzOTk7MjswMjGNFTKF5fo7QVYct377rlqVLXqDDlLAKoLHwSUfkU8kag==
.hubspot.com/	1970-01-20 15:29:55	Name: __cf_bm Value: Y3jheumxszOg5GGIDxLS1VL.m9ZFYDmCGNMXOBPSWDY-1697393399-0-AVaSIXqQ2J9FviRVZKJ3MMWzVPbghi2eZ/HZJ1nqZXNUa7q1sJlfsdIsBeDVM/JrPvIrTTcWfjLXGhWx/v/n4J8=
.donately.com/	1970-01-20 19:49:05	Name: __hstc Value: 11177387.81b3ec992a1cb6882c649e9fb7a39174.1697393399080.1697393399080.1697393399080.1
.donately.com/	1970-01-20 19:49:05	Name: hubspotutk Value: 81b3ec992a1cb6882c649e9fb7a39174
.donately.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.donately.com/	1970-01-20 15:29:55	Name: __hssc Value: 11177387.1.1697393399080
.doubleclick.net/	1970-01-21 00:51:29	Name: IDE Value: AHWqTUmeharsIi6H4yXWYSTLYNhV0A5qHiHUgIrNxrZi_V9t3ytfkjEeQcM4kTTC
.pages.donately.com/	1970-01-20 19:49:05	Name: messagesUtk Value: ed947afab75647948a8e413e2f1a8872
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 6df2bdaed318d625

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=300

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acsbapp.com
analytics.twitter.com
api.donately.com
api.hubapi.com
api.hubspot.com
app.hubspot.com
bam-cell.nr-data.net
bat.bing.com
cdn-account.optimonk.com
cdn.acsbapp.com
cdn.donately.com
cdnjs.cloudflare.com
collector-px963uiwkr.px-cloud.net
connect.facebook.net
feedback.hubapi.com
fonts.googleapis.com
fonts.gstatic.com
forms.hubspot.com
front.optimonk.com
googleads.g.doubleclick.net
gs-cdn.optimonk.com
jfapiprod.optimonk.com
js-agent.newrelic.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hsleadflows.net
js.hubspotfeedback.com
js.usemessages.com
onsite.optimonk.com
pages.donately.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
region1.google-analytics.com
snap.licdn.com
static.ads-twitter.com
static.hsappstatic.net
stats.g.doubleclick.net
t.co
track.hubspot.com
uploads.donately.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
104.244.42.133
104.244.42.3
13.107.42.14
146.75.116.157
151.101.193.91
151.101.2.137
157.245.25.14
162.247.241.2
2001:4860:4802:34::36
2400:52e0:1e00::1080:1
2400:52e0:1e00::1081:1
2400:52e0:1e00::1082:1
2600:9000:2127:c200:a:891a:6d40:93a1
2606:4700:10::6816:1cc
2606:4700:10::6816:cc
2606:4700:4400::ac40:991b
2606:4700::6810:4cba
2606:4700::6810:bc59
2606:4700::6810:c07c
2606:4700::6811:180e
2606:4700::6811:cacc
2606:4700::6811:e3a3
2606:4700::6811:f8a8
2606:4700::6812:7c0c
2606:4700::6812:b05d
2606:4700::6813:9a53
2606:4700::6813:9b53
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:806::200a
2a00:1450:4001:808::2003
2a00:1450:4001:808::200e
2a00:1450:4001:812::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2008
2a00:1450:400c:c04::9a
2a02:26f0:7100::1720:ef23
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
34.117.177.207
35.190.10.96
02fee140c1bed01a5487bd5a7397f3fdf41ddc7126a61e13b80d0cbc3caecabc
056b5e62d98f857e5f15753183c2b83c8872d71e3472602c7ee6b1c4f3afd277
05ad22332e91db3bbe5506fceb3fbf2af65ee30b115b079c669d8a53ad45cb75
0822c11822a1d14a89055468d5429f2adbbca95fefda30c67e3740492dbc71f4
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
1086bad581365b193a63c2eac53440a18b6f113403be1776d3c8b9be374e1d27
10e7b81bac41ad0da1d3f4a3498669f984e84db9d54eedf10e8e7d5b059c5d08
136f9f18f89b3bd34b6bd406475c5e04df36743a49f3c38e64be23f3baf0cc96
15da0333da024365f065c44b1861355fac0211292dd57a0bb5f482ebcd166f4b
18b925cd64514a921ab80648d3fdeabc79813ca6be20b6aa4f9a1504f49b29d3
1d5a47f215ee188b1f2712e4c8668b5b34a7e4adb8c5e23c846a8eaf4e8dfac6
227a122dffc5daac38f4b63304be3c3e32e860829127ca4cfeae71776d9109f8
25b17535c32193d3ed8de07e0f5500976a7c509245c9ce60ef7ebff1b7eb6650
26b3426b2593763c96d0890b4a77a0bbf66d13fc512b0c6b138a23c290f30a2a
26d34426bf44246de41a86fab23c637232f6b1e21064db25027c70018f2da19a
27316240bda37d3174c535665880582194ecf4c3df623da0859da73b87bd1a1e
28a26321734fb5f8c8fe42b5503f162fdf1469bf97e2d9c503a83cc2b3c534cd
2ad8c6b622ccdbde3d288a83c36673b0a56bec168ae53a79f14041f2a7f6e663
38e2b78b368d12ef24cd75d3f1d0cd3eebf485960b25f7ba5c9bfedbcc1e2637
3e9b76cd18916b141392804403064f5b92bcbf054ca0b20036d44b04405fd854
41228bdcf5e46f853feab1197dadce5d5a583b19baf8b3da6a277e94a7c806b1
45733d41744e0a8a67fabc96fc8f6b8b88c28d530e39378433a957e955537938
50b27838420829457f40e3fdc9db022be07a9062b936b0748ae971a0583f462b
5378554e87e3ca5bf5814c807c57c8b5b03769cb252de7a36523f0ccb3de6417
545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe
550dbd6446f15647b16db7582374cf793e30098f6f597a3123f59e26cd2acdd3
55dbd0e83e9d146778625976b8231c58419ec23b690f25dc5cd4c27667ca713d
564a53ce84ae022b30816d44aa48589ebfe170c226b098d0245c47fe13341c67
5a4be11fabdf1ba411d7a8332115ba80381fe2d25029feb708cab65334e8d251
5a6591e68e8e4e14cb50491bcb81c0d1bbdd51aa118220067ce7678add127c9f
5b3086a886aa8649ecbf496ac913a1aa443926cd2fff610be2d136c9598bcd8b
5ca0f3a2cf9cf153b7d2787562674c82a5b225073df82266f3da1816dc333ad9
5f45251eb6969d8602ce2b9d3d0b6dbd5b07d828c6a90e08e2910b46f8e566eb
6b953bca214488f269ef29ac2dc25d3710323320eb13701620cbbf00c42e8d00
7159b31c8e31726567aede8246659a740f87389f99cfbbc7e50b73511d8552f1
7647a4c48c5804e526f18b451327c1496cfbb04e6c01b806e7e8991cd60c3c42
76c0b4583bc3c8f91c79cf349515d99e5fe8910b801a711934eb988c00c502ad
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
84aaf4cf9056f7961e4840854423429ee7c3b16c1252c63f01ddf229b412e204
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8c222cbf581db8ab01e02aba545cc75610f81e5a05256b1a19b1db3271836bde
8f675ad281a0766f332b9e33d2fb1c6c13aabee59a00c420d311c5189c4bf5fe
8fdc320ae8ca724c05bc1a39e7ae4cb671d230eede90a94b971fa2e142877566
90a31b546b5bf5e36f3b3e97f8d2c4404813868e2f9e9d5370d81fa19096ee6c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
953dcc8f234056b411e23d19f978d537c3e2586a107628ac40e411ec8ab40754
a11ecc5c49845f3d3568559accf6efeb1865a668554e73dc9e2148b4774dc05e
a7006c9765b3997f8d2ff41cc0560fe325677b74d57c26084c958431d2325574
aa6c179b7bd40056ad91fdf44a36f4bfc834013af7beb07c9df6196afca27b58
abb67ec9baf00b771641b3e783f5511c58621d346ee890fe8b82139b9d7c1005
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae05afb8d83da632952f4fdfbf753d36cc866f02d50be3820ba0bcca6190b61f
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b399c5e2375b9f5d108af3cc74f7d665747a5d1955f5fde2db7f110b30a1f65e
b451b9405771fd55dadf3260a04c73e4c87b99e57eb6f41579a8459be64fc62c
b768ac472570ed0d0f0f3d0979aeb7f852d03c96f8e7b2dacb6f52f8d4e20590
c2dfbfb20ca7d5870a8ba197e983223631650fdcb6e742d29f541ce9c0687796
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c4eea15dae81777ff0fe55d5691b5359051568ac58699de4981262691c2255cf
cb1716d6ddc1ffb2aa84bca299ebcff6c9685820595c9d24aad1c3d6647f8f29
cb89c9398eec44422a525a4a798c0d8fcf9f1ebd3df466d5e650a15c82b15675
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
da3f36aabd9484f11a09cc9e17ce2d85a782346b363065be5668ac732f6631af
dbff8c90c842c4524efbe3565b99889f7830070fe78072b1f1602029e39d756b
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1e4e3cba3eeeb3ad74ae67c1f42012ebb51d8497482e5c01d404579d49c6b04
e31b7b6baa904b283e88d7ee5e7963d295861d168c04b68122ea73d2caf2f675
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f19275bfeb4f0fc44207a0c2ed8baf6fb977079458d73c04cb890457baecd2b3
f3582e7b1df50f31e79b71d340368e8f428d9f399c2fabd9879819ad04f52c55
f6380e2263720df8c51b4808d65d44c9f625ecf2740f58909855cfac92456947
f9745c48d0b4c918d466da4acdb3f786ef5cda4c69ac0b6009d76cff67e6325d

pages.donately.com Open in urlscan Pro 151.101.193.91 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

102 Requests

99 %HTTPS

76 %IPv6

32 Domains

49 Subdomains

41 IPs

3 Countries

2543 kBTransfer

8209 kBSize

38 Cookies

2 Outgoing links

Page URL History

Redirected requests

102 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

pages.donately.com Open in urlscan Pro
151.101.193.91 Public Scan

Screenshot
Live screenshot

Full Image

102
Requests

99 %
HTTPS

76 %
IPv6

32
Domains

49
Subdomains

41
IPs

3
Countries

2543 kB
Transfer

8209 kB
Size

38
Cookies

102 HTTP transactions
0 data transactions