urlscan.io logo urlscan.io
SecurityTrails logo

rally.org Open in urlscan Pro
18.205.206.105  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://rally.org/
Effective URL: https://rally.org/
Submission: On December 23 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 4 countries across 11 domains to perform 27 HTTP transactions. The main IP is 18.205.206.105, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is rally.org.
TLS certificate: Issued by Amazon on January 25th 2022. Valid for: a year.
This is the only time rally.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 18.205.206.105 14618 (AMAZON-AES)
6 108.156.253.63 16509 (AMAZON-02)
1 172.217.16.130 15169 (GOOGLE)
3 2a03:2880:f02... 32934 (FACEBOOK)
1 108.156.253.100 16509 (AMAZON-02)
2 2a03:2880:f12... 32934 (FACEBOOK)
1 1 104.18.70.113 13335 (CLOUDFLAR...)
7 104.18.72.113 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 18.66.242.162 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 104.16.51.111 13335 (CLOUDFLAR...)
27 13
2    18.205.206.105 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-205-206-105.compute-1.amazonaws.com
rally.org
6    108.156.253.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-253-63.dus51.r.cloudfront.net
dokfbyhu9891x.cloudfront.net
1    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net
www.googleadservices.com
3    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
static.xx.fbcdn.net
1    108.156.253.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-253-100.dus51.r.cloudfront.net
d1l4fkgf9r656u.cloudfront.net
2    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)
assets.zendesk.com
7    104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)
static.zdassets.com
ekr.zdassets.com
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    18.66.242.162 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-242-162.dus51.r.cloudfront.net
dnn506yrbagrg.cloudfront.net
1    2a00:1450:400d:80a::2004 (Ireland)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    104.16.51.111 (None, )

ASN13335 (CLOUDFLARENET, US)
rally.zendesk.com
Apex Domain
Subdomains		 Transfer
8 cloudfront.net
dokfbyhu9891x.cloudfront.net
d1l4fkgf9r656u.cloudfront.net
dnn506yrbagrg.cloudfront.net
855 KB
7 zdassets.com
static.zdassets.com — Cisco Umbrella Rank: 1914
ekr.zdassets.com — Cisco Umbrella Rank: 2208
366 KB
3 zendesk.com
assets.zendesk.com — Cisco Umbrella Rank: 7662
rally.zendesk.com
2 KB
2 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 832
136 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 110
15 KB
2 rally.org
rally.org
8 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 6041
548 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
548 B
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
2 KB
1 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 149
3 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 162
17 KB
27 11
Domain Requested by
6 static.zdassets.com rally.org
assets.zendesk.com
static.zdassets.com
6 dokfbyhu9891x.cloudfront.net rally.org
dokfbyhu9891x.cloudfront.net
2 rally.zendesk.com static.zdassets.com
2 static.xx.fbcdn.net www.facebook.com
2 www.facebook.com rally.org
2 rally.org 1 redirects
1 ekr.zdassets.com assets.zendesk.com
1 www.google.de rally.org
1 www.google.com rally.org
1 dnn506yrbagrg.cloudfront.net rally.org
1 googleads.g.doubleclick.net www.googleadservices.com
1 assets.zendesk.com 1 redirects
1 d1l4fkgf9r656u.cloudfront.net rally.org
1 connect.facebook.net rally.org
1 www.googleadservices.com rally.org
27 15

This site contains links to these domains. Also see Links.

Domain
browsehappy.com
support.rally.org
blog.rally.org
facebook.com
twitter.com
Subject Issuer Validity Valid
rally.org
Amazon		 2022-01-25 -
2023-02-23		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-10-01 -
2022-12-30		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
zdassets.com
Cloudflare Inc ECC CA-3		 2022-11-10 -
2023-11-09		 a year crt.sh
rally.zendesk.com
Cloudflare Inc ECC CA-3		 2022-05-11 -
2023-05-10		 a year crt.sh

This page contains 4 frames:

Primary Page: https://rally.org/
Frame ID: 73CF6D5B456805135B4C8B8477196798
Requests: 22 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2FRally&send=false&layout=button_count&width=95&show_faces=false&font=arial&colorscheme=light&action=like&height=25px
Frame ID: 9DC31F573444C7224616FB490994BF3A
Requests: 3 HTTP requests in this frame

Frame: https://static.zdassets.com/ekr/asset_composer.js
Frame ID: D9F365D59B30B9A926362058BF99B583
Requests: 2 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/web-widget-framework-80d26f4cc026ac520e65.js
Frame ID: E81B2C5ED0A04F6B7A13F0BC62A82D08
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Rally.org | Easiest Online Fundraising. Raise Money by Sharing Your Story.

Page URL History Show full URLs

  1. http://rally.org/ HTTP 301
    https://rally.org/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Page Statistics

27
Requests

96 %
HTTPS

38 %
IPv6

11
Domains

15
Subdomains

13
IPs

4
Countries

1557 kB
Transfer

3872 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://rally.org/ HTTP 301
    https://rally.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://assets.zendesk.com/embeddable_framework/main.js HTTP 301
  • https://static.zdassets.com/ekr/asset_composer.js

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
rally.org/
Redirect Chain
  • http://rally.org/
  • https://rally.org/
18 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rally.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.205.206.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-205-206-105.compute-1.amazonaws.com
Software
nginx/1.21.3 /
Resource Hash
c3e536bf0edd4f2b25ac173cf898f5c9dfa83814e0b7ed02003caea580bff646
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 23 Dec 2022 05:01:15 GMT
etag
W/"6729fb7cd7dea7937c1b3fe74263724f"
server
nginx/1.21.3
status
200 OK
vary
Origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-request-id
cbb97092-cc3c-460c-8640-722fefc0c931
x-runtime
0.082331
x-ua-compatible
chrome=1
x-xss-protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Length
134
Content-Type
text/html
Date
Fri, 23 Dec 2022 05:01:15 GMT
Location
https://rally.org:443/
Server
awselb/2.0
base-1193639a232c057ccfe1c472afce309e.css
dokfbyhu9891x.cloudfront.net/assets/ 		943 KB
366 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dokfbyhu9891x.cloudfront.net/assets/base-1193639a232c057ccfe1c472afce309e.css
Requested by
Host: rally.org
URL: https://rally.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.156.253.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-253-63.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a18816f5cb95a3996cb6cc97280bd3f52f82f4b5496bea47127972c5280e09b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rally.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 02 Dec 2022 12:36:10 GMT
Content-Encoding
gzip
Via
1.1 d45a8c6f9f33ed6e98c7762d0a4f951a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
DUS51-P2
Age
1787106
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
373877
Last-Modified
Fri, 07 Dec 2018 07:21:26 GMT
Server
AmazonS3
ETag
"fd9155e68fced0a4066e48a37338c461"
Content-Type
text/css
Cache-Control
public, max-age=31557600
Accept-Ranges
bytes
X-Amz-Cf-Id
EZXDozApqI6Mi4k5Sb9nl_hVUXDijU1z-kESuNyJjliLEmCWmd2_IQ==
Expires
Sat, 07 Dec 2019 13:21:25 GMT
public-8cc4bf8f425759474978c6d7c5d728f0.css
dokfbyhu9891x.cloudfront.net/assets/ 		42 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dokfbyhu9891x.cloudfront.net/assets/public-8cc4bf8f425759474978c6d7c5d728f0.css
Requested by
Host: rally.org
URL: https://rally.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.156.253.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-253-63.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
437fbfbbbce1cd76ecb5794a32454e17429dbd1986b2a370d26b3e6b3e6f0fae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rally.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 15:43:48 GMT
Content-Encoding
gzip
Via
1.1 d45a8c6f9f33ed6e98c7762d0a4f951a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
DUS51-P2
Age
739048
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
6133
Last-Modified
Fri, 14 Jul 2017 05:56:16 GMT
Server
AmazonS3
ETag
"61d446f13ca4c107b745b1ca602d6015"
Content-Type
text/css
Cache-Control
public, max-age=31557600
Accept-Ranges
bytes
X-Amz-Cf-Id
Xa6R67R9NBgFaKFOCdBypkuDgMEvI6hCq5YOMkVUNHzWVPfzsJytOw==
Expires
Sat, 14 Jul 2018 12:05:40 GMT
core-314896a916c99b7cbdd4848fd0cc5622.js
dokfbyhu9891x.cloudfront.net/assets/ 		355 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dokfbyhu9891x.cloudfront.net/assets/core-314896a916c99b7cbdd4848fd0cc5622.js
Requested by
Host: rally.org
URL: https://rally.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.156.253.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-253-63.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d87f6fd0dca76477e0cfc02048a91e92fe5255abce3029a731624d5074b1d5d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rally.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 09 Dec 2022 04:33:03 GMT
Content-Encoding
gzip
Via
1.1 374989d04bb9f7efef831637d8f4b234.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
DUS51-P2
Age
1211293
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
100792
Last-Modified
Mon, 10 Jan 2022 07:20:25 GMT
Server
AmazonS3
ETag
"be008c13d1d8659335e963c24f7a538b"
Content-Type
text/javascript
Cache-Control
public, max-age=31557600
Accept-Ranges
bytes
X-Amz-Cf-Id
o1A-JkSZMgCRJkaPurP1oCNGxPsdRvkeAzgH7eFqW5J75HjQNyu9hQ==
Expires
Tue, 10 Jan 2023 13:20:24 GMT
conversion.js
www.googleadservices.com/pagead/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: rally.org
URL: https://rally.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
ebcd43274f956ef6d5c0f690695cc56c35a3a77180c9d1b80791febe4e27f601
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rally.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 05:01:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16823
x-xss-protection
0
server
cafe
etag
6351308751113588399
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 23 Dec 2022 05:01:15 GMT
fbds.js
connect.facebook.net/en_US/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbds.js
Requested by
Host: rally.org
URL: https://rally.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5906f2ff69bd4c24dfeeec4b54ccee201ad17ce80633a64662814159859351a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rally.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 23 Dec 2022 05:01:15 GMT
content-md5
eCqR+EvbpW5tX1JFU5hLOw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2166
x-fb-rlafr
0
x-fb-debug
a2h8StdF99nZfsv+KQR2M2ieu/7NMK0GEsjcRvfMTNK4bKOTPtjiPxzj0/Py/TlRx1EaJ2cWF6Iujtw8Xx2CJQ==
x-fb-trip-id
917726464
x-fb-content-md5
eb24d5e9521bb75c7216b9c4de584668
cross-origin-opener-policy
same-origin-allow-popups
etag
"80185830b093d4e895fb65e229ca3704"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
priority
u=3,i
expires
Fri, 23 Dec 2022 05:10:31 GMT
logos-s83d7352a3c-fa2b8e33ecea3bb58edc1b88ccb96d18.png
dokfbyhu9891x.cloudfront.net/assets/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dokfbyhu9891x.cloudfront.net/assets/logos-s83d7352a3c-fa2b8e33ecea3bb58edc1b88ccb96d18.png
Requested by
Host: dokfbyhu9891x.cloudfront.net
URL: https://dokfbyhu9891x.cloudfront.net/assets/base-1193639a232c057ccfe1c472afce309e.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.156.253.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-253-63.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
188432b329d5ebd92fe2486ca55e91ef389a077d58572a1ee49ec5f409ef3694

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dokfbyhu9891x.cloudfront.net/assets/base-1193639a232c057ccfe1c472afce309e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 10:52:48 GMT
Via
1.1 d45a8c6f9f33ed6e98c7762d0a4f951a.cloudfront.net (CloudFront)
Last-Modified
Fri, 14 Jul 2017 06:25:28 GMT
Server
AmazonS3
X-Amz-Cf-Pop
DUS51-P2
Age
2138907
ETag
"4423d15424cbacf5b5540636d09651aa"
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
public, max-age=31557600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12959
X-Amz-Cf-Id
TdpP2XXGwcKRcABVym24Av-4_7lBv14T1frmkPsh_lhSqiaRxLzDWw==
Expires
Sat, 14 Jul 2018 12:34:52 GMT
rally_home_header_generic_withoutText.jpg
d1l4fkgf9r656u.cloudfront.net/homepage_heroes/218/images/normal/ 		185 KB
186 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1l4fkgf9r656u.cloudfront.net/homepage_heroes/218/images/normal/rally_home_header_generic_withoutText.jpg?1424207291
Requested by
Host: rally.org
URL: https://rally.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.156.253.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-253-100.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7f53a0627c26f6a3d45fd8e204e286fae766a46e3e7a841ad294b8f709b39b95

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rally.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 22 Dec 2022 21:07:02 GMT
Via
1.1 672ccfdef8d96b8bfc26646386cb4488.cloudfront.net (CloudFront)
Last-Modified
Tue, 17 Feb 2015 21:08:13 GMT
Server
AmazonS3
X-Amz-Cf-Pop
DUS51-P2
Age
28454
ETag
"7ed80680e4b946082786f18fb7951758"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
189571
X-Amz-Cf-Id
5aTK_1jJSE5UDvFJjm1SU3QJLZ1Kf8Ik4t0eXVnNg1tnJN3M2pQ6Pg==
roughcloth-a3285fae17f4e6274001280b878e746c.jpg
dokfbyhu9891x.cloudfront.net/assets/home/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dokfbyhu9891x.cloudfront.net/assets/home/roughcloth-a3285fae17f4e6274001280b878e746c.jpg
Requested by
Host: dokfbyhu9891x.cloudfront.net
URL: https://dokfbyhu9891x.cloudfront.net/assets/public-8cc4bf8f425759474978c6d7c5d728f0.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.156.253.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-253-63.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7166268fede899de7365998e5398baf940c5d78988c2916c1346ac83d8b6f5e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dokfbyhu9891x.cloudfront.net/assets/public-8cc4bf8f425759474978c6d7c5d728f0.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 18 Dec 2022 13:24:28 GMT
Via
1.1 374989d04bb9f7efef831637d8f4b234.cloudfront.net (CloudFront)
Last-Modified
Mon, 07 Nov 2016 10:40:41 GMT
Server
AmazonS3
X-Amz-Cf-Pop
DUS51-P2
Age
401808
ETag
"dc8c22fb80a260210e116f2a193671ca"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
public, max-age=31557600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29358
X-Amz-Cf-Id
LEdmvlUfIMboAxMwu-IwKWNF2OyQS2AIECDg_c0a7rHGM8kfZ6OxNg==
Expires
Tue, 07 Nov 2017 16:40:40 GMT
sprites-sa94a49cb42-e27093b1973928437696dee9534ef4fe.png
dokfbyhu9891x.cloudfront.net/assets/home/ 		156 KB
156 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dokfbyhu9891x.cloudfront.net/assets/home/sprites-sa94a49cb42-e27093b1973928437696dee9534ef4fe.png
Requested by
Host: dokfbyhu9891x.cloudfront.net
URL: https://dokfbyhu9891x.cloudfront.net/assets/public-8cc4bf8f425759474978c6d7c5d728f0.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.156.253.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-253-63.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
51c56dfaae45f80c3f6e60b60db413304dd6103ae4a659390176a01e79b611f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dokfbyhu9891x.cloudfront.net/assets/public-8cc4bf8f425759474978c6d7c5d728f0.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 19 Dec 2022 01:33:13 GMT
Via
1.1 d45a8c6f9f33ed6e98c7762d0a4f951a.cloudfront.net (CloudFront)
Last-Modified
Tue, 08 Nov 2016 11:35:33 GMT
Server
AmazonS3
X-Amz-Cf-Pop
DUS51-P2
Age
358083
ETag
"e5a648b8c1323670cc4adda9187ab662"
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
public, max-age=31557600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
159426
X-Amz-Cf-Id
Y7aq5qiqZ_TDV9kqjK3Z3Nlo9sidriCpCNggzVSJmANfxBZuAcCroA==
Expires
Wed, 08 Nov 2017 17:35:33 GMT
truncated
/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9be2dc27dbd8b77394abadf062d067cbbab64d08c1244dd2ab56412af66c1e59

Request headers

Referer
Origin
https://rally.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
truncated
/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb56e474bc7e7b3fffbe109bcda8c1ba80fb216ae7164e8628e9a74780724a1a

Request headers

Referer
Origin
https://rally.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
truncated
/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0868adff4ad5d742dc8db9f3f969864397a8f57a64f038332684f44361d90ff3

Request headers

Referer
Origin
https://rally.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
truncated
/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e36143a396c47a6471445a88b7872226874cd885f3eaa00908668feeefffc94c

Request headers

Referer
Origin
https://rally.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
truncated
/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44a857700a9b0eb7a309f679236177b1008d9c25ae1099aa7e9ee07c191951a3

Request headers

Referer
Origin
https://rally.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
truncated
/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ce47de7de2c0be21f151ebe32206711a13e6519e428680e91357d63aba8e2860

Request headers

Referer
Origin
https://rally.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
like.php
www.facebook.com/plugins/ Frame 9DC3 		32 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2FRally&send=false&layout=button_count&width=95&show_faces=false&font=arial&colorscheme=light&action=like&height=25px
Requested by
Host: rally.org
URL: https://rally.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
908d9c21bb74190d185e272d4620172b7b2e6f298391d3587c05abde80451f6f
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rally.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Fri, 23 Dec 2022 05:01:15 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
WzQaaHMHJW4adNY97NUT7xOVLzgrlSu7mhp8DDFq2NXsPAtT4wAWrhlTYPf/jcth8H5GCQOrTLadgMXec4m/iA==
x-fb-rlafr
0
x-xss-protection
0
truncated
/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c98a9b10d6353e35c04ea5d412602f3d06136107dae98be18366c75036194148

Request headers

Referer
Origin
https://rally.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
asset_composer.js
static.zdassets.com/ekr/ Frame D9F3
Redirect Chain
  • https://assets.zendesk.com/embeddable_framework/main.js
  • https://static.zdassets.com/ekr/asset_composer.js
23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/ekr/asset_composer.js
Requested by
Host: rally.org
URL: https://rally.org/
Protocol
H2
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c71a7bdc6e1f2f8875556b690007a65be9e5ae1fb285f76d85180c89a3fa52d2
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rally.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 05:01:15 GMT
x-amz-version-id
57KHzv0Z81imwMa0XxScJAmcLiHhq1Ku
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
KCM77DDQVGEDQ38T
age
36
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
XftthlYlyLzycWuL0vAgrfZ3A0o6DKWAJ/d4P6ydSt49qAWVT8QsJEKarr/XA7hqtwOFCUZ8DOY=
last-modified
Thu, 28 Jul 2022 23:44:02 GMT
server
cloudflare
etag
W/"5cae6ce528dce0c327b2bcbaad459fdb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O0YvWr7McCJ0284vBXO5ZtPkicIQeukPDxFkcQLYnH8WazJxJ1r%2FjQ6zus1JSNWddfHrYmCHyCw5dk2e7OZ1E3EFxOQvQtIxWa6ALJjtlg7tsVyfbkMW1s41UgixV%2BXQGp180No%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=3600, s-maxage=60
cf-ray
77de89cedf3e5bf9-FRA

Redirect headers

date
Fri, 23 Dec 2022 05:01:15 GMT
strict-transport-security
max-age=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h4q4Zg3Kp4FHfF3gkcliEsg%2F6BnEpfwl1cDPrS05kBiIkJ%2FmGXYioa1rvob%2FDDzL7SfQVruF8r2fm6vQrSqCe%2BYL3X2ss7u5kF5TWzZsHeigLjT9JyVcuO9E5UpO3iNCtj6DAw%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://static.zdassets.com/ekr/asset_composer.js
cache-control
max-age=3600
cf-ray
77de89ce7e5b922b-FRA
expires
Fri, 23 Dec 2022 06:01:15 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1000265773/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1000265773/?random=1671771675893&cv=9&fst=1671771675893&num=1&label=d1WtCNPszAMQrbD73AM&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Frally.org%2F&tiba=Rally.org%20%7C%20Easiest%20Online%20Fundraising.%20Raise%20Money%20by%20Sharing%20Your%20Story.&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e64bf936ccd9a698537ffbf7ab9ee51a5e967cbcd84ae24beec0eaf9728ac312
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rally.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 05:01:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1004
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
7167.js
dnn506yrbagrg.cloudfront.net/pages/scripts/0020/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://dnn506yrbagrg.cloudfront.net/pages/scripts/0020/7167.js?464381
Requested by
Host: rally.org
URL: https://rally.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.242.162 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-242-162.dus51.r.cloudfront.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rally.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=732079366854853&ev=PixelInitialized&dl=https%3A%2F%2Frally.org%2F&rl=&if=false&ts=1671771675938
Requested by
Host: rally.org
URL: https://rally.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rally.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 23 Dec 2022 05:01:15 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.google.com/pagead/1p-user-list/1000265773/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1000265773/?random=1671771675893&cv=9&fst=1671771600000&num=1&label=d1WtCNPszAMQrbD73AM&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Frally.org%2F&tiba=Rally.org%20%7C%20Easiest%20Online%20Fundraising.%20Raise%20Money%20by%20Sharing%20Your%20Story.&fmt=3&is_vtc=1&random=2599942486&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: rally.org
URL: https://rally.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rally.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 05:01:16 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1000265773/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1000265773/?random=1671771675893&cv=9&fst=1671771600000&num=1&label=d1WtCNPszAMQrbD73AM&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Frally.org%2F&tiba=Rally.org%20%7C%20Easiest%20Online%20Fundraising.%20Raise%20Money%20by%20Sharing%20Your%20Story.&fmt=3&is_vtc=1&random=2599942486&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: rally.org
URL: https://rally.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rally.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 05:01:15 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame 9DC3 		299 B
523 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2FRally&send=false&layout=button_count&width=95&show_faces=false&font=arial&colorscheme=light&action=like&height=25px
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 05:01:15 GMT
x-content-type-options
nosniff
content-md5
OIlAxCmR79nrM/Ez4ygGlg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
299
x-fb-rlafr
0
x-fb-debug
Zp2GcU+v4gHQBi7cBKhNtWYpayYwoVN+va2BneAGGoYk0V7qwXdgo2qls1ERihiv8+WtH9OmLKALvYNqNF4Peg==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Mon, 11 Dec 2023 07:02:51 GMT
PAvlVbOucuu.js
static.xx.fbcdn.net/rsrc.php/v3iAxA4/yh/l/de_DE/ Frame 9DC3 		525 KB
135 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/yh/l/de_DE/PAvlVbOucuu.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2FRally&send=false&layout=button_count&width=95&show_faces=false&font=arial&colorscheme=light&action=like&height=25px
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8fae9fc740319880c3e4679da072da47e459f25538aa18a1ea2b6f5631b2c751
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 05:01:15 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
s2SYEaciDuD4A1fcqzzV0g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
138181
x-fb-rlafr
0
x-fb-debug
JjxQa7vXs8CuyMoWUM0H/7Qd+B24GU7RnkLp6gT+/2BRBjdpEznGTyTWDoGK60dKbW2rM0IS+Ur+E2q+1WrlyQ==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Tue, 19 Dec 2023 12:12:51 GMT
rally.zendesk.com
ekr.zdassets.com/compose/web_widget/ Frame D9F3 		351 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ekr.zdassets.com/compose/web_widget/rally.zendesk.com
Requested by
Host: assets.zendesk.com
URL: https://assets.zendesk.com/embeddable_framework/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
316154b6413bafdccba8323931d157e24bb2071b2944662e73d605fe88e17853
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rally.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 05:01:16 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
content-encoding
br
status
200 OK
cdn-cache-control
max-age=60
x-xss-protection
1; mode=block
x-request-id
77de89cf4edfbb38-SEA, 77de89cf4edfbb38-SEA
x-runtime
0.005360
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"316154b6413bafdccba8323931d157e2"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CjlcukS05B1IvkHw3tkbN0Uv8ACIX7PqiuT8MTayiB363FQLgZZz7%2BGDJ1I%2BcIFs1UzGtzpx1vI2688s1BVwaypusI3M6KmpI5v8DgExXxTiY6bMmF21vkQjt3As18PSkCo%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control
max-age=600, public, stale-while-revalidate=600, stale-if-error=21600
content-type
application/json; charset=utf-8
x-zendesk-zorg
yes
vary
Origin, Accept-Encoding
cf-ray
77de89cf4edfbb38-FRA
web-widget-framework-80d26f4cc026ac520e65.js
static.zdassets.com/web_widget/latest/ Frame E81B 		152 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/web-widget-framework-80d26f4cc026ac520e65.js
Requested by
Host: assets.zendesk.com
URL: https://assets.zendesk.com/embeddable_framework/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e10e0bc796486e3eb556f27262fd40ad9cd4b34541ba022b3a44ec8816d64210
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 05:01:16 GMT
x-amz-version-id
BijG1SZtZft6iu4XfUmwnaVs.g5q2jvS
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
F6C90QPGG109DKG0
age
611771
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
8erVSNftxl7arg9MoHqeHkVz88FOqgY7aYz+5a85m8+Rv00eFs11D9arZh2XSJoWEEKiwLL8o1s=
last-modified
Wed, 14 Dec 2022 15:41:53 GMT
server
cloudflare
etag
W/"34fbbf22dcbdf81917dd5b3e02a125e4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bogw1aOCHnbbMgK3imblDQ%2BFbBRVJwd05%2Fkx0woWWoC9dJBVh1fE7kt7ff5O0QXgC8%2F82DBKnp3qVVS5pX5s2g31UTd8XpZ4meXQAmloQk6xHAaV%2FGFrrK6lpOrp54cAuEO%2FuwQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
77de89d099945bf9-FRA
expires
Thu, 14 Dec 2023 15:41:52 GMT
config
rally.zendesk.com/embeddable/ Frame E81B 		422 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rally.zendesk.com/embeddable/config
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-80d26f4cc026ac520e65.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ecc097279b781d328b9cebb4c85f3ed848b26989e1a08799e0b161d45d40272
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 05:01:16 GMT
strict-transport-security
max-age=31536000;
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server
embeddable-app-server-97bb796f8-ldwpm
x-cached
MISS
x-request-id
77de89d14dd39b5d-PHL
x-runtime
0.020406
server
cloudflare
etag
W/"4ecc097279b781d328b9cebb4c85f3ed"
access-control-max-age
7200
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BdLAIFULJGko7ekYRPFkeX7n%2FWYMmyLPdG3wyCYGL8o%2FduqMD0lxT%2BO2bXxJuRjV6N9XeGIbAZE8LZ2i2hBO8kNKHgIdFBBk8Y64CuYeD1EounDz6B%2BQt%2FxbepacH5J9sKge"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control
max-age=60, public, stale-while-revalidate=600, stale-if-error=3600
vary
Origin, Accept-Encoding
cf-ray
77de89d14dd39b5d-FRA
web-widget-classic-81a3de7.js
static.zdassets.com/web_widget/latest/classic/ Frame E81B 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-81a3de7.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-80d26f4cc026ac520e65.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cf9835ab8da9dfe9a2eeb14c12a3a1344f9e3bb0fb90bbb343e49454de8892f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 05:01:16 GMT
x-amz-version-id
BI7BH2_wYlhqABgV_1RpW5mVt_EhVp77
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
F6C3QZKS20E5G3RZ
age
611771
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
GEaW7GawHENVvI+zUR/LC3VshLHdINIDwQ0WTgsc5dpVvUt15v8Qm9Vu8WmNAxCbpSdh3LtdOvM=
last-modified
Wed, 14 Dec 2022 15:44:37 GMT
server
cloudflare
etag
W/"0b77084bbe255e38dfc0511ed512b1b9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jDI1OzporQpquUQIbw4iv%2BvZIevU8xsCcgD%2BINykCQun8VLGnX6kzh2bneiSA5%2FnqxpxbhCsHQP2Ra6gZxKNn59eiPxSXditTf%2B41Tq%2FMf1dVOOoLgTYGXGZoVsGg0bh2swqpdo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
77de89d25bad5bf9-FRA
expires
Thu, 14 Dec 2023 15:44:36 GMT
web-widget-8165-81a3de7.js
static.zdassets.com/web_widget/latest/classic/ Frame E81B 		663 KB
190 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/classic/web-widget-8165-81a3de7.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-81a3de7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbee8bfe903d4ea9f71b1de60e45e2226d77fe1ff3101cb9f0362f20b44fd96a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 05:01:16 GMT
x-amz-version-id
kU1YYFzxaCl55Jp2ZazHPuUZRF69EWpK
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
F6C1E25GP17HE70D
age
611771
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
4BWkM+eTNsUmLpYaX+D55lpmM3ZCB/AHIPqAS0VoAJulikUhrJvhXwp60V12lhhyyS9HsVziymg=
last-modified
Wed, 14 Dec 2022 15:44:37 GMT
server
cloudflare
etag
W/"d519ea27f763cb6ec80aeec5b45213a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tkg%2B%2Bg1gs4ehfCRbs9MtIonJtBqzNWeVvdOZIT0BcBs9HxTHJ4BDI4zfW%2Bopyy5Bl188BdiOfcjxTMIfXPqN5FpxcyvFRLGFXANmV2aOqnLzIwxWelnqjGi0WgH77BCq8np8nCU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
77de89d27bd55bf9-FRA
expires
Thu, 14 Dec 2023 15:44:36 GMT
web-widget-5324-81a3de7.js
static.zdassets.com/web_widget/latest/classic/ Frame E81B 		492 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/classic/web-widget-5324-81a3de7.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-81a3de7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
217a6c6c8470831abbd71e72221d471f4bdc16787537a206d2fb69fa43a60238
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 05:01:16 GMT
x-amz-version-id
CY5KQGuue_uwVKm8gYgHUkbI5bFfwkO_
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
F6CE4XT3RT0QNACN
age
611771
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
vBs1yl3iEwpFIot4tfnHOeVmrO8FKqZqcaRjAvbDkqfTNc9xrM0c1o68MJ4fNXSasi+89Onetc0=
last-modified
Wed, 14 Dec 2022 15:44:37 GMT
server
cloudflare
etag
W/"c296a94da281fc44d57ec8f4e4cfb0fa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nVfZ6zN1XhQIqPVKndjQevgemgE1czF54ITN3M1ChZzWFuS8ecCbUCM12mqVtndmg5buTI7zCEbNzSmbDGRchdJi%2BEy0lBOllzWV0VhsAR92VteQtPdDSr%2FU0JKY%2BtBkGU%2Fu8Eo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
77de89d27bd65bf9-FRA
expires
Thu, 14 Dec 2023 15:44:36 GMT
embeddable_blip
rally.zendesk.com/ Frame E81B 		0
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rally.zendesk.com/embeddable_blip?type=analytics&data=eyJhbmFseXRpY3MiOnsidmFsdWUiOnsicmF3Q2xpZW50TG9jYWxlIjoiZW4tVVMiLCJyYXdTZXJ2ZXJMb2NhbGUiOiJkZS1ERSIsImNsaWVudExvY2FsZSI6ImVuLXVzIiwic2VydmVyTG9jYWxlIjoiZGUtZGUiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA4LjAuNTM1OS4xMjQgU2FmYXJpLzUzNy4zNiIsImlzTW9iaWxlIjpmYWxzZX0sImFjdGlvbiI6ImxvY2FsZU1pc21hdGNoIiwiY2F0ZWdvcnkiOiJsb2NhbGUifSwiYnVpZCI6IjljYWQ1NDE4OWRkMzRjZjE4OTY0YWYzNGY1ZTcyNGYwIiwic3VpZCI6ImI5NmRhNzU4NzkzYjRlOTNhMjkwNWRjMmFkZWRhNDdkIiwidmVyc2lvbiI6IjgxYTNkZTciLCJ0aW1lc3RhbXAiOiIyMDIyLTEyLTIzVDA1OjAxOjE2LjcwOFoiLCJ1cmwiOiJodHRwczovL3JhbGx5Lm9yZy8ifQ%3D%3D
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-80d26f4cc026ac520e65.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 05:01:16 GMT
cf-cache-status
MISS
last-modified
Fri, 23 Dec 2022 05:01:16 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-zendesk-zorg
yes
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5TVa4As4KCsfSZ7VoOnoofjrPoYOs2%2BbCGwnxqVltbEyaVeUc3REkRP7VoAtF5ZKVkF3yRtIKuSMlWB3BnAvZbgXo6ZOQdCKogwT2bPvKX25SIJq51YYT228yHRkZnxReb5V"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
accept-ranges
bytes
cf-ray
77de89d3780e9b5d-FRA
content-length
0
x-request-id
77de89d3780e9b5d-PHL
de-de-json-81a3de7.js
static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/ Frame E81B 		27 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/de-de-json-81a3de7.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-81a3de7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68044eaef1841a02213086348bf81a382b3bee100aa54c7369c947da239a0357
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 05:01:16 GMT
x-amz-version-id
rfXPMgW70jxretitEtchzaFev0BITmey
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
MPREZ8R8V7FQM9VP
age
611769
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
B5DasQEZHdYUT014+LMVO21jUy0cP0b1bEMzdFQoHj+l/eHxyQ4APyasugGr8gQRSHQdYxd+mqU=
last-modified
Wed, 14 Dec 2022 15:44:37 GMT
server
cloudflare
etag
W/"dee0c6a89a545cab72e7f62ab96b94c6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KykgXkchw3sP0htkpxacsiROO7F32o1UNJVRgwZ86qTUZ%2BLhtjS9vVTqBL5Gy7FUFQCS%2FIcXkSp1Nj7cY6UZzGwxi7CtkYO3JxiXrmR4xjlwpIU2gNLch%2FytiWN2g3Q5%2BtAqa%2F0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
77de89d38cd15bf9-FRA
expires
Thu, 14 Dec 2023 15:44:36 GMT

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| oncontentvisibilityautostatechange function| null_fn object| mixpanel object| _fbq object| ClientSideValidations function| $ function| jQuery function| Spinner function| _ function| NestedFormEvents object| nestedFormEvents function| Globalize object| Routes object| rally function| zEmbed function| zE object| google_conversion_id object| google_conversion_label object| google_custom_params object| google_remarketing_only function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_tag_data object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_currency object| google_conversion_domain object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_gcl_cookie_path object| google_gcl_cookie_flags object| google_gcl_cookie_domain object| google_gcl_cookie_max_age_seconds object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_additional_params object| google_transport_url object| google_gtm_experiments boolean| zEACLoaded function| $zopim

2 Cookies

Domain/Path Name / Value
rally.org/ Name: _rally_session
Value: Zmg4elpySndvd1ByNVJFS1g3UGlpQXdkN3pFZ0JWRVVYdUtNRXl2QnIxaThpekVXcHliY3p6MDdpbmdTdjIySFFReVV1NE5UQWNHK3E3anVIZDZWd1BDVGNkNHQxdkV0MzRDVG9ZKzhMcS9nN3REVllrbXBsWC9nZXhBQ25WL2FJSks3VlFNQ3FuTDBBWThPTERWdlJqaEhNOWdvREx3dC9QVUI1d1RrWmVjdkZhNU5aWS9WSE5Gc2doOGs5eStUa2w0aXFDUHFzWFBpemcxUXRCNTZSTWxYWWF6VllXREZBT3JvM2dIbFg2aFZMY3h3cnZkQlpLdE12QkV3UlJGNU80QUtRZkoxb0plVkZxM0xxSjJEbEZ3ZkxnZnFwLzV6YnFySTA3N1Y3Z2JVQmFwOU95elNOUnVDeFMxZmlWVTRSUm9JQkhrTHN1UG5kR3pSRmxva1hrQk5CQ2VyK2xjT1NzNVF5cW5pN0twNU9yQ3VLWkVHdlNlNU5VRCs1US91K3Y0bENIRGdLN3lPNTRGdE9FRmMzcWhXWGFaN2lqWWNreSs0WlRKYzBBVHJMTnVrd1AzeTlPRTczdGNxbmlxL1FhTU1PV1pWSm1KNFNtTW1VWUpvbDRMamllVmlzVU8zQWhFeHhyakQrVCtXQlVTSG9CSldwOTF4bjdHMkZpeFE3aXMrTXIvclkra0tkVlNXeUJ6ZW5JZ3l1UXMyWXBIRUVkUnQ0Y1dYRHdhcWY2N3FRSEozaGVQUkxEU3RGVDhCZGtjWTM4ODA1Z0kxQWxrWHRpbUlkUT09LS14Uk5FZHNCUG9NUkliY1pXWXhPUzVnPT0%3D--e861d91b832dac658256981ad7a82fadf98fc342
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

1 Console Messages

Source Level URL
Text
network error URL: https://dnn506yrbagrg.cloudfront.net/pages/scripts/0020/7167.js?464381
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.zendesk.com
connect.facebook.net
d1l4fkgf9r656u.cloudfront.net
dnn506yrbagrg.cloudfront.net
dokfbyhu9891x.cloudfront.net
ekr.zdassets.com
googleads.g.doubleclick.net
rally.org
rally.zendesk.com
static.xx.fbcdn.net
static.zdassets.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
104.16.51.111
104.18.70.113
104.18.72.113
108.156.253.100
108.156.253.63
172.217.16.130
18.205.206.105
18.66.242.162
2a00:1450:4001:80e::2003
2a00:1450:4001:829::2002
2a00:1450:400d:80a::2004
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
0868adff4ad5d742dc8db9f3f969864397a8f57a64f038332684f44361d90ff3
188432b329d5ebd92fe2486ca55e91ef389a077d58572a1ee49ec5f409ef3694
217a6c6c8470831abbd71e72221d471f4bdc16787537a206d2fb69fa43a60238
316154b6413bafdccba8323931d157e24bb2071b2944662e73d605fe88e17853
437fbfbbbce1cd76ecb5794a32454e17429dbd1986b2a370d26b3e6b3e6f0fae
44a857700a9b0eb7a309f679236177b1008d9c25ae1099aa7e9ee07c191951a3
4ecc097279b781d328b9cebb4c85f3ed848b26989e1a08799e0b161d45d40272
51c56dfaae45f80c3f6e60b60db413304dd6103ae4a659390176a01e79b611f4
5906f2ff69bd4c24dfeeec4b54ccee201ad17ce80633a64662814159859351a7
68044eaef1841a02213086348bf81a382b3bee100aa54c7369c947da239a0357
7166268fede899de7365998e5398baf940c5d78988c2916c1346ac83d8b6f5e4
7f53a0627c26f6a3d45fd8e204e286fae766a46e3e7a841ad294b8f709b39b95
8cf9835ab8da9dfe9a2eeb14c12a3a1344f9e3bb0fb90bbb343e49454de8892f
8fae9fc740319880c3e4679da072da47e459f25538aa18a1ea2b6f5631b2c751
908d9c21bb74190d185e272d4620172b7b2e6f298391d3587c05abde80451f6f
9be2dc27dbd8b77394abadf062d067cbbab64d08c1244dd2ab56412af66c1e59
a18816f5cb95a3996cb6cc97280bd3f52f82f4b5496bea47127972c5280e09b2
c3e536bf0edd4f2b25ac173cf898f5c9dfa83814e0b7ed02003caea580bff646
c71a7bdc6e1f2f8875556b690007a65be9e5ae1fb285f76d85180c89a3fa52d2
c98a9b10d6353e35c04ea5d412602f3d06136107dae98be18366c75036194148
ce47de7de2c0be21f151ebe32206711a13e6519e428680e91357d63aba8e2860
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
d87f6fd0dca76477e0cfc02048a91e92fe5255abce3029a731624d5074b1d5d6
dbee8bfe903d4ea9f71b1de60e45e2226d77fe1ff3101cb9f0362f20b44fd96a
e10e0bc796486e3eb556f27262fd40ad9cd4b34541ba022b3a44ec8816d64210
e36143a396c47a6471445a88b7872226874cd885f3eaa00908668feeefffc94c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64bf936ccd9a698537ffbf7ab9ee51a5e967cbcd84ae24beec0eaf9728ac312
ebcd43274f956ef6d5c0f690695cc56c35a3a77180c9d1b80791febe4e27f601
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fb56e474bc7e7b3fffbe109bcda8c1ba80fb216ae7164e8628e9a74780724a1a