us-confrim-customerconnect.online Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://url.datamart.co.kr/mk
Effective URL:
https://us-confrim-customerconnect.online/spectrumi
Submission: On November 08 via manual (November 8th 2023, 1:09:59 pm UTC) from US — Scanned from DE

Summary HTTP 52 Redirects Behaviour Indicators

Summary

This website contacted 23 IPs in 4 countries across 24 domains to perform 52 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is us-confrim-customerconnect.online.
TLS certificate: Issued by E1 on October 25th 2023. Valid for: 3 months.

This is the only time us-confrim-customerconnect.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.209.32.215 13.209.32.215	16509 (AMAZON-02) (AMAZON-02)
3	13.56.96.205 13.56.96.205	16509 (AMAZON-02) (AMAZON-02)
1 1	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
1	146.75.116.157 146.75.116.157	54113 (FASTLY) (FASTLY)
1	2606:4700:303... 2606:4700:3036::6815:1b98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.224.189.36 13.224.189.36	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
2	13.32.99.101 13.32.99.101	16509 (AMAZON-02) (AMAZON-02)
1	18.66.122.118 18.66.122.118	16509 (AMAZON-02) (AMAZON-02)
4	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	13.52.31.143 13.52.31.143	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:780... 2a02:26f0:780::210:a423	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	108.138.198.193 108.138.198.193	16509 (AMAZON-02) (AMAZON-02)
5	2.19.120.12 2.19.120.12	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	13.224.189.49 13.224.189.49	16509 (AMAZON-02) (AMAZON-02)
2	18.66.147.3 18.66.147.3	16509 (AMAZON-02) (AMAZON-02)
1 1	103.238.213.97 103.238.213.97	131428 (BIZMAC-VN...) (BIZMAC-VN-AS Rainbow E-Commerce Company Limited)
2 9	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
52	23

1 13.209.32.215 (Incheon, Korea, Republic Of) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-209-32-215.ap-northeast-2.compute.amazonaws.com

url.datamart.co.kr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.56.96.205 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-56-96-205.us-west-1.compute.amazonaws.com

helpgive.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fanlink.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States) 1 redirects

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::6815:1b98 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.189.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-36.fra2.r.cloudfront.net

st.toneden.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.99.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-101.fra60.r.cloudfront.net

sd.toneden.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-118.fra60.r.cloudfront.net

cdn.evbstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.52.31.143 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-52-31-143.us-west-1.compute.amazonaws.com

www.toneden.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:780::210:a423 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.198.193 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-198-193.mxp64.r.cloudfront.net

cdn.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.19.120.12 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-120-12.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-49.fra2.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.147.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-3.fra60.r.cloudfront.net

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.238.213.97 (Viet Nam) 1 redirects

ASN131428 (BIZMAC-VN-AS Rainbow E-Commerce Company Limited, VN)
PTR: 103-238-213-97.static.bizmac.com

zip.pe	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a06:98c1:3120::3 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

us-confrim-customerconnect.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	us-confrim-customerconnect.online 2 redirects us-confrim-customerconnect.online	31 KB
8	toneden.io st.toneden.io — Cisco Umbrella Rank: 265559 sd.toneden.io — Cisco Umbrella Rank: 312823 www.toneden.io — Cisco Umbrella Rank: 295649	3 MB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 742	146 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	177 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2462	21 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	278 KB
2	intercomcdn.com js.intercomcdn.com — Cisco Umbrella Rank: 2317	273 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6862	563 B
2	google.com www.google.com — Cisco Umbrella Rank: 2	563 B
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	3 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	216 B
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 778	7 KB
2	fanlink.to fanlink.to — Cisco Umbrella Rank: 368465	783 B
1	zip.pe 1 redirects zip.pe	258 B
1	intercom.io widget.intercom.io — Cisco Umbrella Rank: 1771	3 KB
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 377	748 B
1	amplitude.com cdn.amplitude.com — Cisco Umbrella Rank: 2690	21 KB
1	evbstatic.com cdn.evbstatic.com — Cisco Umbrella Rank: 20220	215 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145	19 KB
1	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1002	426 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 713	15 KB
1	twitter.com 1 redirects platform.twitter.com — Cisco Umbrella Rank: 1186	383 B
1	helpgive.to helpgive.to	4 KB
1	datamart.co.kr 1 redirects url.datamart.co.kr	215 B
52	24

	Domain	Requested by
9	us-confrim-customerconnect.online	2 redirects st.toneden.io helpgive.to us-confrim-customerconnect.online
5	analytics.tiktok.com	st.toneden.io analytics.tiktok.com
4	www.toneden.io	st.toneden.io
4	connect.facebook.net	helpgive.to st.toneden.io connect.facebook.net
3	www.googletagmanager.com	st.toneden.io www.googletagmanager.com www.google-analytics.com
2	js.intercomcdn.com	widget.intercom.io
2	www.google.de	helpgive.to
2	www.google.com	helpgive.to
2	googleads.g.doubleclick.net	www.googletagmanager.com
2	www.facebook.com	helpgive.to
2	www.google-analytics.com	st.toneden.io
2	snap.licdn.com	st.toneden.io snap.licdn.com
2	fanlink.to	st.toneden.io
2	sd.toneden.io	helpgive.to sd.toneden.io
2	st.toneden.io	helpgive.to
1	zip.pe	1 redirects
1	widget.intercom.io	st.toneden.io
1	region1.google-analytics.com	www.googletagmanager.com
1	px.ads.linkedin.com	helpgive.to
1	cdn.amplitude.com	st.toneden.io
1	cdn.evbstatic.com	helpgive.to
1	www.googleadservices.com	helpgive.to
1	use.fontawesome.com	helpgive.to
1	static.ads-twitter.com	helpgive.to
1	platform.twitter.com	1 redirects
1	helpgive.to
1	url.datamart.co.kr	1 redirects
52	27

This site contains no links.

Subject Issuer	Validity	Valid
*.helpgive.to R3	`2023-10-21` - `2024-01-19`	3 months	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
toneden.io Amazon RSA 2048 M01	`2023-03-09` - `2024-04-07`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
evbstatic.com Amazon RSA 2048 M02	`2023-01-31` - `2024-02-29`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-17` - `2023-11-15`	3 months	crt.sh
*.toneden.io R3	`2023-10-25` - `2024-01-23`	3 months	crt.sh
*.fanlink.to R3	`2023-10-25` - `2024-01-23`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
cdn.amplitude.com Amazon RSA 2048 M01	`2023-01-12` - `2024-02-11`	a year	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2023-11-03` - `2024-05-03`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.intercom.com Amazon RSA 2048 M02	`2023-02-14` - `2024-03-14`	a year	crt.sh
*.intercomcdn.com Amazon RSA 2048 M01	`2023-02-21` - `2024-01-29`	a year	crt.sh
us-confrim-customerconnect.online E1	`2023-10-25` - `2024-01-23`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://us-confrim-customerconnect.online/spectrumi
Frame ID: CF61703A5C4108FF47ACD4A045A10B6C
Requests: 43 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.04b87629.js
Frame ID: 1923E7FC116AEA23F0E0EC2D76FE84B7
Requests: 2 HTTP requests in this frame

Frame: https://us-confrim-customerconnect.online/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
Frame ID: A02691D9DE06B93E0FF57108241B1C3F
Requests: 2 HTTP requests in this frame

Frame: https://us-confrim-customerconnect.online/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
Frame ID: CA9E009482BA16B698BC8591E5276AC0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

403 Forbidden

Page URL History Show full URLs

https://url.datamart.co.kr/mk HTTP 301
https://helpgive.to/spctram?/id2132231313342342432212123324234 Page URL
https://zip.pe/mksd HTTP 302
https://us-confrim-customerconnect.online/spectrumi Page URL
https://us-confrim-customerconnect.online/spectrumi Page URL

Detected technologies

Amplitude (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.amplitude\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

52
Requests

94 %
HTTPS

50 %
IPv6

24
Domains

27
Subdomains

23
IPs

4
Countries

4542 kB
Transfer

16063 kB
Size

27
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://url.datamart.co.kr/mk HTTP 301
https://helpgive.to/spctram?/id2132231313342342432212123324234 Page URL
https://zip.pe/mksd HTTP 302
https://us-confrim-customerconnect.online/spectrumi Page URL
https://us-confrim-customerconnect.online/spectrumi Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://url.datamart.co.kr/mk HTTP 301
https://helpgive.to/spctram?/id2132231313342342432212123324234

Request Chain 1

https://platform.twitter.com/oct.js HTTP 301
https://static.ads-twitter.com/oct.js

Request Chain 45

https://zip.pe/mksd HTTP 302
https://us-confrim-customerconnect.online/spectrumi

Request Chain 47

https://us-confrim-customerconnect.online/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://us-confrim-customerconnect.online/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

Request Chain 49

https://us-confrim-customerconnect.online/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://us-confrim-customerconnect.online/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

52 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

spctram Show response
helpgive.to/
Redirect Chain

https://url.datamart.co.kr/mk
https://helpgive.to/spctram?/id2132231313342342432212123324234

7 KB
4 KB

519ms
178ms

Document
text/html

13.56.96.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://helpgive.to/spctram?/id2132231313342342432212123324234

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

13.56.96.205 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-56-96-205.us-west-1.compute.amazonaws.com

Software

/ Express

Resource Hash

e2479ca92d4f3519714b9ec6af9fa0358c4fe02f465a15941a3f4bed2b0787f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Wed, 08 Nov 2023 13:09:48 GMT
Keep-Alive: timeout=5
Strict-Transport-Security: max-age=31536000000; includeSubDomains
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Nerd-Alert: Like React.js? Flux? Node? We want you! eventbritecareers.com
X-Powered-By: Express

Redirect headers

content-length: 0
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
date: Wed, 08 Nov 2023 13:09:47 GMT
location: https://helpgive.to/spctram?/id2132231313342342432212123324234
referrer-policy: same-origin
server: gunicorn
x-content-type-options: nosniff
x-frame-options: DENY

GET
H2

200

oct.js Show response
static.ads-twitter.com/
Redirect Chain

https://platform.twitter.com/oct.js
https://static.ads-twitter.com/oct.js

56 KB
15 KB

56ms
13ms

Script
application/javascript

146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/oct.js
Requested by: Host: helpgive.to
URL: https://helpgive.to/spctram?/id2132231313342342432212123324234
Protocol: H2
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helpgive.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 13:09:48 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100093-IAD, cache-fra-eddf8230109-FRA

Redirect headers

Date: Wed, 08 Nov 2023 13:09:48 GMT
Server: ECS (frb/674B)
x-tw-cdn: VZ
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Location: https://static.ads-twitter.com/oct.js
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= ,x-tw-cdn;desc=VZ
Content-Length: 0

GET
H2 200 all.js Show response
use.fontawesome.com/releases/v5.15.4/js/ 1 MB
426 KB 205ms
45ms Script
application/javascript 2606:4700:3036::6815:1b98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.4/js/all.js
Requested by: Host: helpgive.to
URL: https://helpgive.to/spctram?/id2132231313342342432212123324234
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 812ab0e46f86b2ce98ab2425ab2224b90d0845952a1ac0d5abd734b6217e98bf

Request headers

Referer: https://helpgive.to/
Origin: https://helpgive.to
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 13:09:48 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: TFQ4NB8B4KA9JCWK
age: 156908
alt-svc: h3=":443"; ma=86400
x-amz-id-2: LwnNW8At6cDCfKl++68bJz3B9ueDCfKfKxggHSC0T5mMtOoet18KF56wesp2OsjTDOsP/L/qvnA=
last-modified: Wed, 04 Aug 2021 20:43:22 GMT
server: cloudflare
etag: W/"5e29440867fdb02a48dffded02338c31"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8hQjoG4RPatGwwfsFoBnmbUgwm3h6TCSd5e%2FFEP%2BoxOVZR%2Br%2FlC%2BaV2JCnalSSXqEpzyVksP8PBwXCS4eAxjk5YMBD9i%2Fp6AqcweVn3BJFvyi5zdSuix1PBoKYID3V44gUKWoHy3RopYj7iduRu8Ktzi"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31556926
cf-ray: 822e0d74bc2965cc-FRA

GET
H2 200 fan-link.css
st.toneden.io/production/stylesheets/ 403 KB
69 KB 170ms
9ms Stylesheet
text/css 13.224.189.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://st.toneden.io/production/stylesheets/fan-link.css?v=12b7153bce
Requested by: Host: helpgive.to
URL: https://helpgive.to/spctram?/id2132231313342342432212123324234
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-36.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0d6873d6c25a63ba3dfc58721372035d852f5ae37edb24151e9614b6a059a0de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helpgive.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: CJiuYSG8tY4bGBET50QA.dGMYJSIkby6
content-encoding: gzip
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
date: Wed, 08 Nov 2023 07:05:27 GMT
x-amz-cf-pop: FRA2-C1
age: 21862
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 70367
last-modified: Wed, 01 Nov 2023 17:19:32 GMT
server: AmazonS3
etag: "31a80b765f33e7625b738778cb8bff67"
vary: Accept-Encoding, Origin
content-type: text/css; charset=utf-8
cache-control: no-store, max-age=0
accept-ranges: bytes
x-amz-cf-id: oylb4pwl9Uh6biJNZROlAZfrpMXP3yaz1wmAwd0L6_TsEHbeaQsZZg==

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 50 KB
19 KB 292ms
132ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: helpgive.to
URL: https://helpgive.to/spctram?/id2132231313342342432212123324234

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

aa241a28e702bde5c7ec5f632861e31c225de130e5e3fa71c18c3222b804c1ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helpgive.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 13:09:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18821
x-xss-protection: 0
server: cafe
etag: 11165855929506981105
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 08 Nov 2023 13:09:48 GMT

GET
H2 200 fan-link.js Show response
st.toneden.io/production/javascripts/ 10 MB
3 MB 170ms
9ms Script
application/javascript 13.224.189.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://st.toneden.io/production/javascripts/fan-link.js?v=12b7153bce
Requested by: Host: helpgive.to
URL: https://helpgive.to/spctram?/id2132231313342342432212123324234
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-36.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 84be2b664b875c7ec54bda29f605c8288425d24bd443cc35fe2a06211675fbae

Request headers

Referer: https://helpgive.to/
Origin: https://helpgive.to
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: clVP10f1dbc9lCS5c9hz7PRwtIs_4ck3
content-encoding: gzip
via: 1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
date: Wed, 08 Nov 2023 02:38:09 GMT
x-amz-cf-pop: FRA2-C1
age: 37901
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2747760
last-modified: Wed, 01 Nov 2023 17:19:31 GMT
server: AmazonS3
etag: "7c3d0394d9791e8e8ff03c95c0858eea"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, max-age=0
accept-ranges: bytes
x-amz-cf-id: 7vAzbAe2J445xPCa76Ft_lwuk8VgTPqq0ooHyxVWAoOArAbajIaFNQ==

GET
H2 200 toneden.loader.js Show response
sd.toneden.io/production/v2/ 1 KB
1 KB 276ms
13ms Script
application/javascript 13.32.99.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sd.toneden.io/production/v2/toneden.loader.js
Requested by: Host: helpgive.to
URL: https://helpgive.to/spctram?/id2132231313342342432212123324234
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-101.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dea8ea11a3aa9c899fc3ed1a48e81009586b3100f0b67bbe6b9e2bfc1cf3d1a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helpgive.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 12:45:39 GMT
content-encoding: gzip
via: 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
last-modified: Mon, 13 Feb 2017 00:32:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 1452
etag: "01cdccc32ce4455a13916531784c396a"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=691200
accept-ranges: bytes
content-length: 645
x-amz-cf-id: wi8F-eSKA9w04pVG-eT6Rwj142YM6lwxnafAMyKBQb0MWvnLSP5a8g==

GET
H2 200 neueplak.js Show response
cdn.evbstatic.com/s3-build/perm_001/bf1c05/django/js/src/eb/fonts/ 296 KB
215 KB 134ms
9ms Script
application/javascript 18.66.122.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.evbstatic.com/s3-build/perm_001/bf1c05/django/js/src/eb/fonts/neueplak.js
Requested by: Host: helpgive.to
URL: https://helpgive.to/spctram?/id2132231313342342432212123324234
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-118.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 929f6b6ca9a0c32b436454d91eb36d10a2a50b827c8b4e710b6829d1cc6f9e8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helpgive.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: br
via: 1.1 f49c99d2326b14738507e1c2ddcae1dc.cloudfront.net (CloudFront)
date: Wed, 08 Nov 2023 12:42:43 GMT
last-modified: Thu, 21 Mar 2019 00:58:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 1627
etag: W/"bf1c0572e601b9755fd9af7a63f0cac2"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: private, max-age=604800
x-amz-cf-id: 9tO7ZGPioRggUIVBiGFutX4n2AN78JTAHCXiPx-mj6fBTEHK_6zoKQ==
expires: Tue, 17 Sep 2019 00:54:54 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 134ms
10ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: helpgive.to
URL: https://helpgive.to/spctram?/id2132231313342342432212123324234

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helpgive.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 08 Nov 2023 13:09:49 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: z4ZsU3/sc9y+Q0eidwhIjPGQvj6iMal9nzRIs/bppbCc0UgbD8ztutBY4i2RD+iaSutwVRv84UbEgjrQ0t6xPg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

OPTIONS
H/1.1 200
OK events
www.toneden.io/api/v1/analytics/ Frame 0
0 702ms
358ms Preflight 13.52.31.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.toneden.io/api/v1/analytics/events

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

13.52.31.143 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-52-31-143.us-west-1.compute.amazonaws.com

Software

/ Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,csrf-token,ui-version
Access-Control-Request-Method: POST
Origin: https://helpgive.to
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: https://helpgive.to
Connection: keep-alive
Date: Wed, 08 Nov 2023 13:09:50 GMT
Keep-Alive: timeout=5
Strict-Transport-Security: max-age=31536000000; includeSubDomains
Transfer-Encoding: chunked
X-Nerd-Alert: Like React.js? Flux? Node? We want you! eventbritecareers.com
X-Powered-By: Express
access-control-allow-headers: content-type,csrf-token,ui-version

OPTIONS
H/1.1 200
OK record
fanlink.to/ Frame 0
0 699ms
353ms Preflight 13.56.96.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fanlink.to/record

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

13.56.96.205 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-56-96-205.us-west-1.compute.amazonaws.com

Software

/ Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,csrf-token
Access-Control-Request-Method: POST
Origin: https://helpgive.to
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: https://helpgive.to
Connection: keep-alive
Date: Wed, 08 Nov 2023 13:09:50 GMT
Keep-Alive: timeout=5
Strict-Transport-Security: max-age=31536000000; includeSubDomains
Transfer-Encoding: chunked
X-Nerd-Alert: Hacking us? Why not work for us instead? eventbritecareers.com
X-Powered-By: Express
access-control-allow-headers: content-type,csrf-token

OPTIONS
H/1.1 200
OK events
www.toneden.io/api/v1/analytics/ Frame 0
0 497ms
158ms Preflight 13.52.31.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.toneden.io/api/v1/analytics/events

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

13.52.31.143 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-52-31-143.us-west-1.compute.amazonaws.com

Software

/ Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,csrf-token,ui-version
Access-Control-Request-Method: POST
Origin: https://helpgive.to
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: https://helpgive.to
Connection: keep-alive
Date: Wed, 08 Nov 2023 13:09:50 GMT
Keep-Alive: timeout=5
Strict-Transport-Security: max-age=31536000000; includeSubDomains
Transfer-Encoding: chunked
X-Nerd-Alert: Hacking us? Why not work for us instead? eventbritecareers.com
X-Powered-By: Express
access-control-allow-headers: content-type,csrf-token,ui-version

GET
H2 200 gtm.js
www.googletagmanager.com/ 442 KB
126 KB 189ms
66ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5P8FXJ

Requested by

Host: st.toneden.io
URL: https://st.toneden.io/production/javascripts/fan-link.js?v=12b7153bce

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helpgive.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 13:09:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128946
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 08 Nov 2023 13:09:49 GMT

GET
H2 200 insight.min.js
snap.licdn.com/li.lms-analytics/ 12 KB
4 KB 56ms
7ms Script
application/javascript 2a02:26f0:780::210:a423
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: st.toneden.io
URL: https://st.toneden.io/production/javascripts/fan-link.js?v=12b7153bce

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::210:a423 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helpgive.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 641
date: Wed, 08 Nov 2023 13:09:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 07:18:39 GMT
x-cdn: AKAM
x-edgeconnect-midmile-rtt: 0
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=65309
accept-ranges: bytes
content-length: 3840

GET
H2 200 amplitude-8.1.0-min.gz.js
cdn.amplitude.com/libs/ 64 KB
21 KB 74ms
20ms Script
application/javascript 108.138.198.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amplitude.com/libs/amplitude-8.1.0-min.gz.js
Requested by: Host: st.toneden.io
URL: https://st.toneden.io/production/javascripts/fan-link.js?v=12b7153bce
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.198.193 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-198-193.mxp64.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://helpgive.to/
Origin: https://helpgive.to
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 11 May 2023 00:51:08 GMT
content-encoding: gzip
via: 1.1 d69f68bdb59268bebbaddc94da429b1a.cloudfront.net (CloudFront)
x-amz-version-id: Y3JfLSTGzoWjquuu6XiQpg1VwRbVcxA7
x-amz-cf-pop: MXP64-P2
age: 15682722
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 20794
last-modified: Fri, 19 Mar 2021 16:52:50 GMT
server: AmazonS3
etag: "52d13b3f149cd71cdc2ace1f983fb635"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: Exmn8vri3syKl-qmbEaRCfbgtCXeuRjBpXtnuadB2VfImheUVm48zw==

GET
H2 200 sdk.js
analytics.tiktok.com/i18n/pixel/ 5 KB
3 KB 150ms
109ms Script
application/javascript 2.19.120.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BSBHNA6GK86GA76EEDF0
Requested by: Host: st.toneden.io
URL: https://st.toneden.io/production/javascripts/fan-link.js?v=12b7153bce
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.120.12 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-120-12.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helpgive.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-akamai-request-id: 10d47650.3a5a8d9
date: Wed, 08 Nov 2023 13:09:49 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-19-119-12.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52182464) (-)
x-parent-response-time: 95,2.19.119.12
server-timing: cdn-cache; desc=MISS, edge; dur=91, origin; dur=6, inner; dur=3
pragma: no-cache
server: nginx
x-tt-logid: 20231108130949821E4ABB1D2B71B3F5EF
x-cache-remote: TCP_MISS from a23-220-105-76.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52182464) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 6,23.220.105.76
x-tt-trace-host: 01805103d436a3107b2ee6aa42f671e1e92b5f1a59737f8af85bcfc316ae7dabdf37c51cc5bbcfffe78eb46dd68bea48f1fa73366b856806489035d8a56a002a18c1118fa949b1f65931681c6a38b35f4fb04d06badf1a3e3c016f1fa5119a82f4449d154a26874b71cc82a87a820f3933
expires: Wed, 08 Nov 2023 13:09:49 GMT

GET
H2 200 analytics.js
www.google-analytics.com/ 52 KB
21 KB 162ms
51ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: st.toneden.io
URL: https://st.toneden.io/production/javascripts/fan-link.js?v=12b7153bce

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helpgive.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 Nov 2023 11:51:32 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4697
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 08 Nov 2023 13:51:32 GMT

GET
H2 200 sdk.js
connect.facebook.net/en_US/ 3 KB
2 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: st.toneden.io
URL: https://st.toneden.io/production/javascripts/fan-link.js?v=12b7153bce

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helpgive.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 Nov 2023 13:09:49 GMT
content-md5: dzdC55olwRRpHN28fhulOw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
reporting-endpoints
x-fb-debug: /mDkAFeTLCPu3PyyyBg2J7X8aO75MwCyP5ZD9Jsv/uVYIPtQ1V4hpccu3qaVeHS3t6WasuiDD0aE+72AwQA7sQ==
x-fb-content-md5: f07f030f9451885a01bba5c4fc33112c
cross-origin-opener-policy: same-origin-allow-popups
etag: "327dcf5daffb08c59c13e9c21fe4e07e"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Wed, 08 Nov 2023 13:16:51 GMT

POST
H/1.1 200
OK events
www.toneden.io/api/v1/analytics/ 16 B
573 B 685ms
361ms XHR
application/json 13.52.31.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.toneden.io/api/v1/analytics/events

Requested by

Host: st.toneden.io
URL: https://st.toneden.io/production/javascripts/fan-link.js?v=12b7153bce

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

13.52.31.143 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-52-31-143.us-west-1.compute.amazonaws.com

Software

/ Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000000; includeSubDomains

Request headers

Accept: application/json
csrf-token: kZA4w3gt-bCluLPSvE762rK4_QQ_M3emmHMg
Referer: https://helpgive.to/
ui-version: 1.183
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/json

Response headers

Strict-Transport-Security: max-age=31536000000; includeSubDomains
Date: Wed, 08 Nov 2023 13:09:51 GMT
X-Powered-By: Express
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://helpgive.to
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With
X-Nerd-Alert: Like React.js? Flux? Node? We want you! eventbritecareers.com
Content-Length: 16
Keep-Alive: timeout=5

POST
H/1.1 200
OK record
fanlink.to/ 16 B
783 B 674ms
355ms XHR
application/json 13.56.96.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fanlink.to/record

Requested by

Host: st.toneden.io
URL: https://st.toneden.io/production/javascripts/fan-link.js?v=12b7153bce

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

13.56.96.205 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-56-96-205.us-west-1.compute.amazonaws.com

Software

/ Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000000; includeSubDomains

Request headers

csrf-token: kZA4w3gt-bCluLPSvE762rK4_QQ_M3emmHMg
Referer: https://helpgive.to/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/json

Response headers

Strict-Transport-Security: max-age=31536000000; includeSubDomains
Date: Wed, 08 Nov 2023 13:09:51 GMT
X-Powered-By: Express
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://helpgive.to
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With
X-Nerd-Alert: Hacking us? Why not work for us instead? eventbritecareers.com
Content-Length: 16
Keep-Alive: timeout=5

POST
H/1.1 200
OK events
www.toneden.io/api/v1/analytics/ 16 B
573 B 680ms
359ms XHR
application/json 13.52.31.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.toneden.io/api/v1/analytics/events

Requested by

Host: st.toneden.io
URL: https://st.toneden.io/production/javascripts/fan-link.js?v=12b7153bce

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

13.52.31.143 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-52-31-143.us-west-1.compute.amazonaws.com

Software

/ Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000000; includeSubDomains

Request headers

Accept: application/json
csrf-token: kZA4w3gt-bCluLPSvE762rK4_QQ_M3emmHMg
Referer: https://helpgive.to/
ui-version: 1.183
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/json

Response headers

Strict-Transport-Security: max-age=31536000000; includeSubDomains
Date: Wed, 08 Nov 2023 13:09:51 GMT
X-Powered-By: Express
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://helpgive.to
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With
X-Nerd-Alert: Like React.js? Flux? Node? We want you! eventbritecareers.com
Content-Length: 16
Keep-Alive: timeout=5

GET
H3 200 1711912442390284
connect.facebook.net/signals/config/ 140 KB
36 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1711912442390284?v=2.9.138&r=stable&domain=helpgive.to

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helpgive.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 08 Nov 2023 13:09:50 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 37157
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: Pv7w/yQUDAv53rH7PumDkVfNcPLcCvPDxyyvzeUmuysst05IeKNZ8UmE0gnOdchaYcm4RZr7Q/7Q6qkd75xPQA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 toneden.js
sd.toneden.io/production/v2/ 422 KB
142 KB 26ms
9ms Script
application/javascript 13.32.99.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sd.toneden.io/production/v2/toneden.js
Requested by: Host: sd.toneden.io
URL: https://sd.toneden.io/production/v2/toneden.loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-101.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://helpgive.to/
Origin: https://helpgive.to
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 12:45:42 GMT
content-encoding: gzip
via: 1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 1450
x-cache: Hit from cloudfront
content-length: 144884
last-modified: Mon, 13 Feb 2017 00:32:38 GMT
server: AmazonS3
etag: "da4bf68ea0f8cffa6ea439d7608d52cf"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
x-amz-cf-id: SSGYtyDspweA6raoliCDSYNVMOdT-nmPC5ApP2QMPO4bHt7mQM6rNw==

GET
H2 200 js
www.googletagmanager.com/gtag/ 193 KB
71 KB 72ms
70ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-974636074&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5P8FXJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helpgive.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 13:09:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72097
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 08 Nov 2023 13:09:50 GMT

GET
H2 200 insight.old.min.js
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 7ms
7ms Script
application/x-javascript 2a02:26f0:780::210:a423
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::210:a423 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helpgive.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 13:09:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 15 Oct 2023 08:32:45 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=18832
accept-ranges: bytes
content-length: 3272

GET
H2 200 main.MTBkNWQ3YjBkMA.js
analytics.tiktok.com/i18n/pixel/static/ 397 KB
106 KB 13ms
13ms Script
application/javascript 2.19.120.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTBkNWQ3YjBkMA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BSBHNA6GK86GA76EEDF0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.120.12 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-120-12.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helpgive.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-akamai-request-id: 3a5b706
date: Wed, 08 Nov 2023 13:09:50 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2023110712594721B1CE1FB9FE745AE8AD
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a2-19-119-12.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52182464) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 011f9db7433f8c26ce9f7289804f5451df3dafded252f918acfc454556997749b91f077af7186fda01017bb34195162385934bb1330e6ad5ec22d7283c3d81d7952224b4311d510f5af609d93397414b39a76868e7d1325451aa407856233b298d
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=14
content-length: 108187

GET
H3 200 sdk.js
connect.facebook.net/en_US/ 297 KB
85 KB 26ms
17ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=7c9c541a3f0f576d401fbee9d40ec995

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://helpgive.to/
Origin: https://helpgive.to
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 Nov 2023 13:09:50 GMT
content-md5: abCYKfbL6DCLHziCYpeQkQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86881
reporting-endpoints
x-fb-debug: qiOCK9jrJpnwcYHGeICcqvMeD26rMwK/+YO74+yhMU9c49UmhJ1rI1PPYaEsRpk1mboaFByXXZs8Uw/BW8OBoA==
x-fb-content-md5: ef7249b597beeff1970be0f10dd383ed
cross-origin-opener-policy: same-origin-allow-popups
etag: "c9d24f9b0447db55bcd97927bd07abd2"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Thu, 07 Nov 2024 10:59:44 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 54ms
8ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1711912442390284&ev=PageView&dl=https%3A%2F%2Fhelpgive.to%2Fspctram%3F%2Fid2132231313342342432212123324234&rl=&if=false&ts=1699448990825&cd[link_id]=1540656&cd[owner]=67401980&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1699448990820.2090509309&cs_est=true&ler=empty&it=1699448990346&coo=false&rqm=GET

Requested by

Host: helpgive.to
URL: https://helpgive.to/spctram?/id2132231313342342432212123324234

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helpgive.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 08 Nov 2023 13:09:50 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 54ms
9ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1711912442390284&ev=ViewContent&dl=https%3A%2F%2Fhelpgive.to%2Fspctram%3F%2Fid2132231313342342432212123324234&rl=&if=false&ts=1699448990828&cd[content_type]=product&cd[link_id]=1540656&cd[owner]=67401980&cd[viewer]=&sw=1600&sh=1200&v=2.9.138&r=stable&ec=1&o=4126&fbp=fb.1.1699448990820.2090509309&ler=empty&it=1699448990346&coo=false&rqm=GET

Requested by

Host: helpgive.to
URL: https://helpgive.to/spctram?/id2132231313342342432212123324234

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helpgive.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 08 Nov 2023 13:09:50 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 collect
px.ads.linkedin.com/ 0
748 B 201ms
180ms Image
application/javascript 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=&time=1699448990853&url=https%3A%2F%2Fhelpgive.to%2Fspctram%3F%2Fid2132231313342342432212123324234
Requested by: Host: helpgive.to
URL: https://helpgive.to/spctram?/id2132231313342342432212123324234
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helpgive.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 13:09:50 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 5060AC7B0E56498A9F100F631CCA9CB7 Ref B: FRAEDGE1916 Ref C: 2023-11-08T13:09:50Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
content-type: application/javascript
x-li-fabric: prod-lor1
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYJo81rhs54wl4qKD7j5w==

POST
H2 200 collect
www.google-analytics.com/j/ 15 B
218 B 59ms
58ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1050030028&t=event&_s=1&dl=https%3A%2F%2Fhelpgive.to%2Fspctram%3F%2Fid2132231313342342432212123324234&ul=en-us&de=UTF-8&dt=asd&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=sdk&ea=loaded&el=https%3A%2F%2Fhelpgive.to%2Fspctram%3F%2Fid2132231313342342432212123324234&_u=qGhAAAABAAAAACAAI~&jid=36253074&gjid=1489672838&cid=916866312.1699448991&tid=UA-55279667-1&_gid=424277092.1699448991&_r=1&_slc=1&z=2042851045

Requested by

Host: st.toneden.io
URL: https://st.toneden.io/production/javascripts/fan-link.js?v=12b7153bce

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://helpgive.to/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 13:09:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://helpgive.to
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/viewthroughconversion/974636074/ 3 KB
2 KB 175ms
63ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/974636074/?random=1699448990930&cv=11&fst=1699448990930&bg=ffffff&guid=ON&async=1&gtm=45be3b60&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fhelpgive.to%2Fspctram%3F%2Fid2132231313342342432212123324234&hn=www.googleadservices.com&frm=0&tiba=asd&auid=1333413483.1699448991&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-974636074&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helpgive.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 13:09:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1258
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 identify_052e4.js
analytics.tiktok.com/i18n/pixel/static/ 134 KB
36 KB 13ms
13ms Script
application/javascript 2.19.120.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_052e4.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTBkNWQ3YjBkMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.120.12 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-120-12.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helpgive.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-akamai-request-id: 3a5b991
date: Wed, 08 Nov 2023 13:09:50 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2023110712594821B1CE1FB9FE745AE8F1
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a2-19-119-12.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52182464) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01fcc9bd18a83f0afe0d38b8db0ac305e9ed09a0bcde7b72169e95ed4fd1e5b16c59a92ff7d7d90ab117adcddf00dcc3b55f8678f9a462b5414f150fbea6f4e6bdbe65160c6c8e6c9b58d14a307498dafada34d4a33317ad7753eedcedeec817d2
server-timing: cdn-cache; desc=HIT, edge; dur=1, inner; dur=3
content-length: 35886

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
785 B 134ms
134ms Ping
text/plain 2.19.120.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTBkNWQ3YjBkMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.120.12 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-120-12.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash

Request headers

Referer: https://helpgive.to/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 5e1c006.3a5ba28
date: Wed, 08 Nov 2023 13:09:51 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-19-119-12.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52182464) (-)
x-parent-response-time: 117,2.19.119.12
server-timing: cdn-cache; desc=MISS, edge; dur=86, origin; dur=36, inner; dur=33
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231108130951802E79B3CCF4F795F718
x-cache-remote: TCP_MISS from a23-220-105-70.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52182464) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 36,23.220.105.70
x-tt-trace-host: 01805103d436a3107b2ee6aa42f671e1e92b5f1a59737f8af85bcfc316ae7dabdfedfc70489dbd82626cb53c72ef3c6ad0cd63ba618344380a33e602c4b55b53ee15e45e45a01f3d7babfa8cd07721d5cbd3bf82b2e2841644f00816b0678d7aedfc4e359d588a6ce7751bba6fa5e5af9c
access-control-allow-headers: Authorization,*
expires: Wed, 08 Nov 2023 13:09:51 GMT

GET
H3 200 js
www.googletagmanager.com/gtag/ 227 KB
81 KB 69ms
66ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3KM8DGF3ZN&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helpgive.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 13:09:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82685
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 08 Nov 2023 13:09:51 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/974636074/ 42 B
455 B 182ms
67ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/974636074/?random=1699448990930&cv=11&fst=1699448400000&bg=ffffff&guid=ON&async=1&gtm=45be3b60&u_w=1600&u_h=1200&url=https%3A%2F%2Fhelpgive.to%2Fspctram%3F%2Fid2132231313342342432212123324234&frm=0&tiba=asd&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNhpD-KV0X2wyoJxwWuFVhquq3Io6y7g&random=3225935932&rmt_tld=0&ipr=y

Requested by

Host: helpgive.to
URL: https://helpgive.to/spctram?/id2132231313342342432212123324234

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helpgive.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 13:09:51 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/974636074/ 42 B
455 B 187ms
67ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/974636074/?random=1699448990930&cv=11&fst=1699448400000&bg=ffffff&guid=ON&async=1&gtm=45be3b60&u_w=1600&u_h=1200&url=https%3A%2F%2Fhelpgive.to%2Fspctram%3F%2Fid2132231313342342432212123324234&frm=0&tiba=asd&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNhpD-KV0X2wyoJxwWuFVhquq3Io6y7g&random=3225935932&rmt_tld=1&ipr=y

Requested by

Host: helpgive.to
URL: https://helpgive.to/spctram?/id2132231313342342432212123324234

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helpgive.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 13:09:51 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
251 B 354ms
36ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3KM8DGF3ZN&gtm=45je3b60v9123967733&_p=1699448989573&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=916866312.1699448991&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Fhelpgive.to%2Fspctram%3F%2Fid2132231313342342432212123324234&dt=asd&sid=1699448991&sct=1&seg=0&en=loaded&_fv=1&_ss=1&_ee=1&ep.event_category=sdk&ep.event_label=https%3A%2F%2Fhelpgive.to%2Fspctram%3F%2Fid2132231313342342432212123324234&tfd=4437
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3KM8DGF3ZN&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helpgive.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 13:09:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://helpgive.to
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
786 B 179ms
179ms Ping
text/plain 2.19.120.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTBkNWQ3YjBkMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.120.12 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-120-12.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash

Request headers

Referer: https://helpgive.to/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 1e9403c0.3a5bd90
date: Wed, 08 Nov 2023 13:09:51 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-19-119-12.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52182464) (-)
x-parent-response-time: 110,2.19.119.12
server-timing: cdn-cache; desc=MISS, edge; dur=80, origin; dur=35, inner; dur=27
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202311081309519975C8EE533AD1A78889
x-cache-remote: TCP_MISS from a23-195-36-76.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52182464) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 35,23.195.36.76
x-tt-trace-host: 01805103d436a3107b2ee6aa42f671e1e92b5f1a59737f8af85bcfc316ae7dabdffc6f74b989ba9533e108f960ca65ce2f21901f14f4a4170f30c57417251213160da2fe5b3a74055dba4665ad631f5d63cc0780cc1ba32de94057422d4e5af588e0338c82e624498b664f41ef43868d43
access-control-allow-headers: Authorization,*
expires: Wed, 08 Nov 2023 13:09:51 GMT

GET
H2 200 xlku466w
widget.intercom.io/widget/ 7 KB
3 KB 58ms
15ms Script
application/javascript 13.224.189.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.intercom.io/widget/xlku466w
Requested by: Host: st.toneden.io
URL: https://st.toneden.io/production/javascripts/fan-link.js?v=12b7153bce
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-49.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helpgive.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: ETGnbZH9RY1OZv0oFiKqc9wiX_pmc2uw
content-encoding: gzip
via: 1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
date: Wed, 08 Nov 2023 12:57:22 GMT
x-amz-cf-pop: FRA2-C1
age: 802
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2705
last-modified: Tue, 07 Nov 2023 10:58:09 GMT
server: AmazonS3
etag: "a9fecd03515c39dac3b772d9dae3bafd"
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=900, s-maxage=900, public
accept-ranges: bytes
x-amz-cf-id: hsf84I-Bzu831h1czTqJRrShVqExS3kjINRphorP2pOSYPUgxsG5tg==

GET
H2 200 /
googleads.g.doubleclick.net/pagead/viewthroughconversion/1071787441/ 3 KB
2 KB 70ms
68ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1071787441/?random=1699448991335&cv=11&fst=1699448991335&bg=ffffff&guid=ON&async=1&gtm=45He3b60v71492822&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fhelpgive.to%2Fspctram%3F%2Fid2132231313342342432212123324234&hn=www.googleadservices.com&frm=0&tiba=asd&auid=1333413483.1699448991&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5P8FXJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helpgive.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 13:09:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1269
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 frame-modern.04b87629.js
js.intercomcdn.com/ Frame 1923 510 KB
141 KB 65ms
8ms Script
application/javascript 18.66.147.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/frame-modern.04b87629.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/xlku466w

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-3.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: QiVwBbX5i8EoSp90GQuEsNJ64ft3RXnP
content-encoding: gzip
via: 1.1 21369bf2bfeb79adaa5bef1cb96f8540.cloudfront.net (CloudFront)
date: Wed, 08 Nov 2023 12:58:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P4
age: 700
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 144009
last-modified: Tue, 07 Nov 2023 10:55:34 GMT
server: AmazonS3
etag: "ed548435ff40848851fa60cfa75fb8fe"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: HSXxvEHq8WSmYkcsqNf4PBVvHKM7R0yNuK4U94RnsPjUoPMlgtpWpA==

GET
H2 200 vendor-modern.39b0b15a.js
js.intercomcdn.com/ Frame 1923 426 KB
131 KB 82ms
25ms Script
application/javascript 18.66.147.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/vendor-modern.39b0b15a.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/xlku466w

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-3.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: F11HmjLDEMRNhheeDdXVnUW_Q29EFas2
content-encoding: gzip
via: 1.1 21369bf2bfeb79adaa5bef1cb96f8540.cloudfront.net (CloudFront)
date: Wed, 08 Nov 2023 12:07:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P4
age: 3725
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 133793
last-modified: Mon, 06 Nov 2023 10:03:47 GMT
server: AmazonS3
etag: "c3d7c800929ac60bd7338a4bf9c3f40b"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: oB-8mPpGwrJzaIDJAp-dKjsBN64nHqIR0Ax5zAYjsZiWMjCsbai7sQ==

GET
H2 200 /
www.google.com/pagead/1p-user-list/1071787441/ 42 B
108 B 121ms
118ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1071787441/?random=1699448991335&cv=11&fst=1699448400000&bg=ffffff&guid=ON&async=1&gtm=45He3b60v71492822&u_w=1600&u_h=1200&url=https%3A%2F%2Fhelpgive.to%2Fspctram%3F%2Fid2132231313342342432212123324234&frm=0&tiba=asd&fmt=3&is_vtc=1&cid=CAQSKQDICaaN4hvDz6nMIrfCxkk3lULGmFQQq0yRs8hn1NUmgPFmge9VZZsU&random=1053252891&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helpgive.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 13:09:51 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1071787441/ 42 B
108 B 68ms
67ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1071787441/?random=1699448991335&cv=11&fst=1699448400000&bg=ffffff&guid=ON&async=1&gtm=45He3b60v71492822&u_w=1600&u_h=1200&url=https%3A%2F%2Fhelpgive.to%2Fspctram%3F%2Fid2132231313342342432212123324234&frm=0&tiba=asd&fmt=3&is_vtc=1&cid=CAQSKQDICaaN4hvDz6nMIrfCxkk3lULGmFQQq0yRs8hn1NUmgPFmge9VZZsU&random=1053252891&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helpgive.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 13:09:51 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

503

spectrumi
us-confrim-customerconnect.online/
Redirect Chain

https://zip.pe/mksd
https://us-confrim-customerconnect.online/spectrumi

19 KB
20 KB

199ms
134ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://us-confrim-customerconnect.online/spectrumi

Requested by

Host: st.toneden.io
URL: https://st.toneden.io/production/javascripts/fan-link.js?v=12b7153bce

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Referer: https://helpgive.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 822e0d8988a0049f-FRA
content-type: text/html; charset=utf-8
date: Wed, 08 Nov 2023 13:09:52 GMT
expires: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rj2NvUGi8N%2FkNqc15pGqC95RMPAj9eLPRMila0v7WOEaYOfnQ%2BK%2FF3Zeij%2FTJ6KFRZG9R%2FClGGvQtaCCw6QQHkEfUJzzutvwg8b7eVI%2BKRtJ4HtXtJi2KmGeI5FTr6vDYYiOZbKeovd1s7%2FGsJuE3y319HJEhqk49r7uf2v1qtQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block 1; mode=block

Redirect headers

cache-control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 08 Nov 2023 13:09:52 GMT
location: https://us-confrim-customerconnect.online/spectrumi
pragma: no-cache
server: nginx/1.21.3
strict-transport-security: max-age=31536000
x-powered-by: PHP/8.0.8

POST
H2 204 spectrumi
us-confrim-customerconnect.online/ 0
750 B 67ms
66ms XHR
text/plain 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://us-confrim-customerconnect.online/spectrumi

Requested by

Host: helpgive.to
URL: https://helpgive.to/spctram?/id2132231313342342432212123324234

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Mm6BR4eQXw9ukuiaLQTRkn-96jg: 27343130
dVhV7iLwLDhk0rNwyaJKPsHzxkU: PGTQBfYgcxVB1KMvudGzYUpb4dI
X-Requested-TimeStamp-Expire
accept-language: de-DE,de;q=0.9
X-Requested-TimeStamp-Combination
X-Requested-Type-Combination: GET
Content-type: application/x-www-form-urlencoded
X-Requested-Type: GET
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Referer: https://us-confrim-customerconnect.online/spectrumi
X-Requested-with: XMLHttpRequest
X-Requested-TimeStamp

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 13:09:52 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff, nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GLnw0mvIxdSTo4YamtKyyL%2FP4Loug57IckH0M3AUp3HN%2BL%2BagwEWNa9ZNe5IQ2XWEcwz22xWyZj%2Bxd34QytATeOFIlzqKQjIiXlY%2FPqLJzqlZ6Q89p%2FNq%2FU0QZ5Bf5JMyA1PA0WhtzglQJZsnzqosVGT0JeFv7%2BqYph3lAWedD0%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 822e0d8aaa33049f-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block, 1; mode=block
expires: 0

GET
H2

200

main.js
us-confrim-customerconnect.online/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/ Frame A026
Redirect Chain

https://us-confrim-customerconnect.online/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://us-confrim-customerconnect.online/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

7 KB
4 KB

16ms
15ms

Script
application/javascript

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://us-confrim-customerconnect.online/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

Protocol

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 13:09:52 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BxjTW6k4qorpa5rvEADKMUZn4hjbFBdifjlWq%2B75fdRRg5sNklRxtP3aL85mCakv%2FBNAy6pBM%2F2p9W6rrniMkr8uSoKFOMtxaLKGUbDkxI4ndEWUmv3f90SHNIlebI2EN8Um%2B8%2BRLU7xx2UpIxHSf81Jrfa%2BQR1lO0hKX%2F%2FhQYE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 822e0d8ada98049f-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Wed, 08 Nov 2023 13:09:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=upUMjjtmx7mahv49rhcvegFvKS0YgBqzPBqmQvE%2BBKEVr07NlPnM1JYQ8IPpAnrLSNlRnhS1hlJyohxwf6tzeC%2FnLyW4KMtzpeSi1ZGTiYeEsuatZ4nsBhal5rZgg7gLlu3A%2FvnEmBe8sb6AL%2BDVqK1yUxGgIo3ef%2FC2rfIRgfA%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
cache-control: max-age=300, public
cf-ray: 822e0d8aba5e049f-FRA
alt-svc: h3=":443"; ma=86400

POST
H3 200 822e0d8988a0049f
us-confrim-customerconnect.online/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame A026 0
631 B 43ms
40ms XHR
text/plain 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us-confrim-customerconnect.online/cdn-cgi/challenge-platform/h/g/jsd/r/822e0d8988a0049f
Requested by: Host: us-confrim-customerconnect.online
URL: https://us-confrim-customerconnect.online/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 08 Nov 2023 13:09:52 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZIb3aK%2BKU%2F6xsM7rUIeEbkVtzd7mFie7G3Q3raM8J%2F2OfBmwekI%2FaFZG0yOLk71xTCRunX4V6xDrgogKf3tAJHLCmR1QnzMhq2HNRANyWP09lICaRngvLnWEfrNgveKRa9anOcu%2FOPy6sSvJt57%2BtV6tN5hYH%2Bc0Aj0ZtgnCp8Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 822e0d8cab684d8a-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 403 Primary Request spectrumi Show response
us-confrim-customerconnect.online/ 2 KB
1 KB 125ms
123ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://us-confrim-customerconnect.online/spectrumi

Requested by

Host: helpgive.to
URL: https://helpgive.to/spctram?/id2132231313342342432212123324234

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71523b71dbee15c272c4ed197ab3a11cc61f62901eee8ddd822157b79ab64ea8

Security Headers

Name	Value
X-Content-Type-Options	nosniff nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Referer: https://us-confrim-customerconnect.online/spectrumi
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 822e0d8cab6f4d8a-FRA
content-encoding: br
content-type: text/html
date: Wed, 08 Nov 2023 13:09:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=prugddso1qHa0DfKGEFt1U%2FMUHuKcBkzjfrHGNwKhwA5wf3JYRVMQ7o%2FRoFZWoEv1jXo5nmIoDlNfzciTiORvm9BNx9Hj7qvvOU0HhIkKltppJDwZQ8A7k6BDMeQKKyK%2B6ssvhvSl2JVm6OuW1x3RPKBTmqmbCuVmOTtrSqC8Is%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff nosniff
x-xss-protection: 1; mode=block 1; mode=block

GET
H3

200

main.js Show response
us-confrim-customerconnect.online/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/ Frame CA9E
Redirect Chain

https://us-confrim-customerconnect.online/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://us-confrim-customerconnect.online/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

7 KB
4 KB

22ms
22ms

Script
application/javascript

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://us-confrim-customerconnect.online/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

Protocol

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8bce0206808c554c8d7273f4fd103dee295d5d5124427db9262a34743425d62f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 13:09:52 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QG3sJ%2BcR%2B9JX79cqqAarcb4lu%2Bu71Vze%2BhKfGycRH1OzLGL9Lk3jJRoWcYkavkN61fPqjBWB5wCg3%2F7foAbIaekvNaNb6SkXwzaE2IREwQrv%2FaAQDQc2AIzsPLwdRUtHybPrgxXj831%2F%2Ft9hyLz8LVVuO4gAXqQzGvRPynj3cQc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 822e0d8dcd2a4d8a-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Wed, 08 Nov 2023 13:09:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rbCqac8s1I2PdD8E1QtXIi0n8dits9CaCrAc0KjWoZrrLZw0szMC0S5T96ttg7NohCfl16p3S6mh%2BSuhYClpt8omWU9ojw2zZVDRymhxWmfa58VUtKxbRGzaE91swsO7orR0BOoffLpm%2BlX2JJviFMlgrjtgkgoBAf4coRqB7ow%3D"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 822e0d8d9cf94d8a-FRA
alt-svc: h3=":443"; ma=86400

POST
H3 200 822e0d8cab6f4d8a Show response
us-confrim-customerconnect.online/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame CA9E 0
592 B 32ms
30ms XHR
text/plain 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us-confrim-customerconnect.online/cdn-cgi/challenge-platform/h/g/jsd/r/822e0d8cab6f4d8a
Requested by: Host: us-confrim-customerconnect.online
URL: https://us-confrim-customerconnect.online/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 08 Nov 2023 13:09:53 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TYVic81a5VV4R8tqRY9OWvr1DFRRV%2BrLNDLwRvL9pHV6tf4v2IoAgO0NGYyBL5qERBT0P%2BcYZSIoZ%2BybbJfXHYKBxUoAS8OLGDX%2FimA1RUyoMLcr4obF32zDOCoIIw3LIu5MdBOEwQNlisBk8szUDZe5ABQe9sfhnratZv3Kk2o%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 822e0d8f2f574d8a-FRA
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.helpgive.to/	1970-01-20 16:14:13	Name: connect.sid Value: s%3A%3AqL8NyEmkNgoL4tdfBtv7EAQwTL9mBQRY.linGE00Snn5mRTrsVRCKKrVGa7MYfo%2FCLcdj9OJorYs
.tiktok.com/	1970-01-21 01:25:44	Name: _ttp Value: 2XtWjJA4uv8fdz8QRyvcUxKNZuJ
.helpgive.to/	1970-01-21 00:49:44	Name: amp_cc1dfb Value: 4rru6lUFBj34VM7Vxjh-BB...1hengrb29.1hengrb29.0.0.0
.helpgive.to/	1970-01-21 00:49:44	Name: amp_cc1dfb_helpgive.to Value: 4rru6lUFBj34VM7Vxjh-BB...1hengrb29.1hengrb2c.0.0.0
.helpgive.to/	1970-01-20 18:13:44	Name: _fbp Value: fb.1.1699448990820.2090509309
helpgive.to/	1970-01-21 01:40:08	Name: _ga Value: GA1.1.916866312.1699448991
helpgive.to/	1970-01-20 16:05:35	Name: _gid Value: GA1.1.424277092.1699448991
helpgive.to/	1970-01-20 16:04:09	Name: _gat_ToneDenTracker Value: 1
.helpgive.to/	1970-01-20 18:13:44	Name: _gcl_au Value: 1.1.1333413483.1699448991
.helpgive.to/	1970-01-21 01:25:44	Name: _tt_enable_cookie Value: 1
.helpgive.to/	1970-01-21 01:25:44	Name: _ttp Value: Gdo-9ZhoRcKah5l-cnWXoAvX5Vc
.linkedin.com/	1970-01-21 00:49:44	Name: bcookie Value: "v=2&966b5c09-088f-4cb4-8e1f-2eb7e3b0180c"
.linkedin.com/	1970-01-20 16:05:35	Name: lidc Value: "b=OGST06:s=O:r=O:a=O:p=O:g=2781:u=1:x=1:i=1699448990:t=1699535390:v=2:sig=AQH2WXXtNz6_2PNQq79k-OAmR9PEN457"
helpgive.to/	1970-01-21 01:40:08	Name: _ga_3KM8DGF3ZN Value: GS1.1.1699448991.1.0.1699448991.0.0.0
.doubleclick.net/	1970-01-21 01:25:44	Name: IDE Value: AHWqTUlV_CxDnWsh7h2xn3yNb2k3AMmfEXzTBtQ04Pc6rqxorMuyRrmNDCxrkDOn
.fanlink.to/	1970-01-20 16:14:13	Name: connect.sid Value: s%3A%3AKSJqD2NFDhF1uQ0GlnvSLt3eesEctajh.yqctD4VMu0mt6oYcwEwwDH9lfrOKXilrQiPNOKtDQPw
us-confrim-customerconnect.online/	1970-01-20 16:05:35	Name: P6Q58DsLxoraj_WiCvKSNWcR1Xw Value: uyUVOE37w3Z4PxNVf7JhzIfOYTg
us-confrim-customerconnect.online/	1970-01-20 16:05:35	Name: cEoJ2AzyJY9RoKO3LyincBMJV8Y Value: 1699448988
us-confrim-customerconnect.online/	1970-01-20 16:05:35	Name: IVJ4WzUA_wQVN161xp4-lW6T1lA Value: 1699535388
us-confrim-customerconnect.online/	1970-01-20 16:05:35	Name: Gn2ZO4I0cP8DFoOFzebYxbh7oPE Value: RFAFl7glyFWP_5x29ml1ASR-VVA
us-confrim-customerconnect.online/	1970-01-20 16:05:35	Name: RRAWSqeE_LIYAyUI8rxGFDRHtV0 Value: HHjlnOCUbhhdlG_BSMHRG890Cak
us-confrim-customerconnect.online/	1970-01-20 16:05:35	Name: ReqsikpZDP9M-ha9WE3Y_7ufttc Value: GaJ5uEy5I1zyhWexHqN1fxbuyMk
us-confrim-customerconnect.online/	1970-01-20 16:05:35	Name: xjAAsGqkxFeRpKREE9Yw-6vUNyM Value: 1699448990
us-confrim-customerconnect.online/	1970-01-20 16:05:35	Name: ZN6jtAYEvNXnmsZBArVD12t5jj8 Value: 1699535390
us-confrim-customerconnect.online/	1970-01-20 16:05:35	Name: XAprd9Uou2vpkMm7-TapccaBXEk Value: -JUqLEM6u2cezjxzZDssyTo4Q64
us-confrim-customerconnect.online/	1970-01-20 16:05:35	Name: iaYbjVKFl5FplLRb2OtJxVJ2a0s Value: RbLnu2EPaL4OK4J81kgfvrnv7yw
.us-confrim-customerconnect.online/	1970-01-21 00:49:44	Name: cf_clearance Value: K4MMYT_AkQuOXnYXn4X8kr5i2dloItrkhjeKMChDuLU-1699448993-0-1-5a4b79ea.5b8b8f14.8b1f660b-0.2.1699448993

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://us-confrim-customerconnect.online/spectrumi Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://us-confrim-customerconnect.online/spectrumi Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
cdn.amplitude.com
cdn.evbstatic.com
connect.facebook.net
fanlink.to
googleads.g.doubleclick.net
helpgive.to
js.intercomcdn.com
platform.twitter.com
px.ads.linkedin.com
region1.google-analytics.com
sd.toneden.io
snap.licdn.com
st.toneden.io
static.ads-twitter.com
url.datamart.co.kr
us-confrim-customerconnect.online
use.fontawesome.com
widget.intercom.io
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.toneden.io
zip.pe
103.238.213.97
108.138.198.193
13.209.32.215
13.224.189.36
13.224.189.49
13.32.99.101
13.52.31.143
13.56.96.205
142.250.185.162
146.75.116.157
18.66.122.118
18.66.147.3
2.19.120.12
2001:4860:4802:34::36
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:3036::6815:1b98
2620:1ec:21::14
2a00:1450:4001:806::2002
2a00:1450:4001:806::2004
2a00:1450:4001:806::200e
2a00:1450:4001:811::2003
2a00:1450:4001:827::2008
2a02:26f0:780::210:a423
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a06:98c1:3120::3
0d6873d6c25a63ba3dfc58721372035d852f5ae37edb24151e9614b6a059a0de
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
71523b71dbee15c272c4ed197ab3a11cc61f62901eee8ddd822157b79ab64ea8
812ab0e46f86b2ce98ab2425ab2224b90d0845952a1ac0d5abd734b6217e98bf
84be2b664b875c7ec54bda29f605c8288425d24bd443cc35fe2a06211675fbae
8bce0206808c554c8d7273f4fd103dee295d5d5124427db9262a34743425d62f
929f6b6ca9a0c32b436454d91eb36d10a2a50b827c8b4e710b6829d1cc6f9e8c
aa241a28e702bde5c7ec5f632861e31c225de130e5e3fa71c18c3222b804c1ae
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
dea8ea11a3aa9c899fc3ed1a48e81009586b3100f0b67bbe6b9e2bfc1cf3d1a9
e2479ca92d4f3519714b9ec6af9fa0358c4fe02f465a15941a3f4bed2b0787f4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

us-confrim-customerconnect.online Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

52 Requests

94 %HTTPS

50 %IPv6

24 Domains

27 Subdomains

23 IPs

4 Countries

4542 kBTransfer

16063 kBSize

27 Cookies

0 Outgoing links

Page URL History

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

us-confrim-customerconnect.online Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

94 %
HTTPS

50 %
IPv6

24
Domains

27
Subdomains

23
IPs

4
Countries

4542 kB
Transfer

16063 kB
Size

27
Cookies

52 HTTP transactions
0 data transactions