urlscan.io logo urlscan.io
SecurityTrails logo

login.idonate.com Open in urlscan Pro
104.16.170.253  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://lifeway-support.idonate.com/
Effective URL: https://login.idonate.com/u/login?state=hKFo2SBwZzZtTkdfZEdLeWQyZXB0OERZWmZZTmJqcHcwY05mUKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIG...
Submission: On October 09 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 3 countries across 10 domains to perform 29 HTTP transactions. The main IP is 104.16.170.253, located in and belongs to CLOUDFLARENET, US. The main domain is login.idonate.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 1st 2021. Valid for: a year.
This is the only time login.idonate.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 147.75.87.93 54825 (PACKET)
5 13.35.253.80 16509 (AMAZON-02)
2 142.250.185.138 15169 (GOOGLE)
1 104.18.11.207 13335 (CLOUDFLAR...)
4 13.32.29.47 16509 (AMAZON-02)
1 104.16.18.94 13335 (CLOUDFLAR...)
1 1 34.198.171.11 14618 (AMAZON-AES)
1 65.9.66.24 16509 (AMAZON-02)
1 13.32.29.83 16509 (AMAZON-02)
6 142.250.185.110 15169 (GOOGLE)
2 142.250.185.78 15169 (GOOGLE)
2 65.9.66.48 16509 (AMAZON-02)
2 142.250.186.42 15169 (GOOGLE)
1 2 104.16.170.253 13335 (CLOUDFLAR...)
1 143.204.208.119 16509 (AMAZON-02)
29 14
1    147.75.87.93 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
PTR: pkt-ams-k3-shared-ingress1
lifeway-support.idonate.com
5    13.35.253.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-80.fra6.r.cloudfront.net
lifeway.idonate.com
2    142.250.185.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f10.1e100.net
fonts.googleapis.com
1    104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
4    13.32.29.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-29-47.fra56.r.cloudfront.net
static.idonate.com
1    104.16.18.94 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    34.198.171.11 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-198-171-11.compute-1.amazonaws.com
events.natero.com
1    65.9.66.24 (United States)

ASN16509 (AMAZON-02, US)
developer.freshsuccess.com
1    13.32.29.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-29-83.fra56.r.cloudfront.net
static.hotjar.com
6    142.250.185.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f14.1e100.net
apis.google.com
2    142.250.185.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f14.1e100.net
www.google-analytics.com
2    65.9.66.48 (United States)

ASN16509 (AMAZON-02, US)
embed.idonate.com
2    142.250.186.42 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f10.1e100.net
content.googleapis.com
2    104.16.170.253 (None, )

ASN13335 (CLOUDFLARENET, US)
login.idonate.com
1    143.204.208.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-208-119.fra53.r.cloudfront.net
cdn.auth0.com
Domain Requested by
6 apis.google.com lifeway.idonate.com
apis.google.com
content.googleapis.com
5 lifeway.idonate.com lifeway.idonate.com
4 static.idonate.com lifeway.idonate.com
static.idonate.com
login.idonate.com
2 login.idonate.com 1 redirects lifeway.idonate.com
2 content.googleapis.com apis.google.com
2 embed.idonate.com lifeway.idonate.com
embed.idonate.com
2 www.google-analytics.com lifeway.idonate.com
2 fonts.googleapis.com lifeway.idonate.com
1 cdn.auth0.com login.idonate.com
1 static.hotjar.com lifeway.idonate.com
1 developer.freshsuccess.com lifeway.idonate.com
1 events.natero.com 1 redirects
1 cdnjs.cloudflare.com lifeway.idonate.com
1 maxcdn.bootstrapcdn.com lifeway.idonate.com
1 lifeway-support.idonate.com 1 redirects
29 15

This site contains no links.

Subject Issuer Validity Valid
*.idonate.com
Amazon		 2020-12-21 -
2022-01-19		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-03-01 -
2022-02-28		 a year crt.sh
*.natero.com
Amazon		 2020-11-10 -
2021-12-09		 a year crt.sh
*.hotjar.com
Amazon		 2020-12-25 -
2022-01-23		 a year crt.sh
*.apis.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
login.idonate.com
Cloudflare Inc ECC CA-3		 2021-06-01 -
2022-05-31		 a year crt.sh
*.auth0.com
Amazon		 2021-04-25 -
2022-05-24		 a year crt.sh

This page contains 2 frames:

Primary Page: https://login.idonate.com/u/login?state=hKFo2SBwZzZtTkdfZEdLeWQyZXB0OERZWmZZTmJqcHcwY05mUKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIGZVSm1SVnhmdS04MGhpSVk0OWtFSTByS1c0Q0Q4TVNOo2NpZNkgekFXVHpoa2JqQTFNS3ZLWU1MUXJ4VjVaMGRwMkxtT1c
Frame ID: C80051719649C666A8CF540592C17222
Requests: 26 HTTP requests in this frame

Frame: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__
Frame ID: E920C244949C4500DB0BB036FD2AFBA0
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Log in to Generosity by LifeWay

Page URL History Show full URLs

  1. https://lifeway-support.idonate.com/ HTTP 302
    https://lifeway.idonate.com/ Page URL
  2. https://login.idonate.com/authorize?audience=https%3A%2F%2Fapi.idonate.com&client_id=zAWTzhkbjA1MKvKYM... HTTP 302
    https://login.idonate.com/u/login?state=hKFo2SBwZzZtTkdfZEdLeWQyZXB0OERZWmZZTmJqcHcwY05mUKFur3VuaXZlcn... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/platform\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

29
Requests

100 %
HTTPS

0 %
IPv6

10
Domains

15
Subdomains

14
IPs

3
Countries

15088 kB
Transfer

15932 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://lifeway-support.idonate.com/ HTTP 302
    https://lifeway.idonate.com/ Page URL
  2. https://login.idonate.com/authorize?audience=https%3A%2F%2Fapi.idonate.com&client_id=zAWTzhkbjA1MKvKYMLQrxV5Z0dp2LmOW&redirect_uri=https%3A%2F%2Flifeway.idonate.com&scope=openid%20profile%20email&response_type=code&response_mode=query&state=MVY2dVprNnJsMUpjeXpxZ0pkY0R2TnNQMFJCNzAyLnJ3TEdkcUR6SWx3OA%3D%3D&nonce=MzJqcHFnSlQxb2pHR0pvVExSNlF2c3NHSktxQWRyc21TQ3NuaUNpOG56Vg%3D%3D&code_challenge=SbXWCTtWcAguxrAxC_EDPvd1rTBPJS0-j3879J9AdN8&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMTUuMCJ9 HTTP 302
    https://login.idonate.com/u/login?state=hKFo2SBwZzZtTkdfZEdLeWQyZXB0OERZWmZZTmJqcHcwY05mUKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIGZVSm1SVnhmdS04MGhpSVk0OWtFSTByS1c0Q0Q4TVNOo2NpZNkgekFXVHpoa2JqQTFNS3ZLWU1MUXJ4VjVaMGRwMkxtT1c Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://lifeway-support.idonate.com/ HTTP 302
  • https://lifeway.idonate.com/
Request Chain 8
  • https://events.natero.com/scripts/natero_analytics.min.js HTTP 301
  • https://developer.freshsuccess.com/scripts/natero_analytics.min.js

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
lifeway.idonate.com/
Redirect Chain
  • https://lifeway-support.idonate.com/
  • https://lifeway.idonate.com/
5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lifeway.idonate.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-80.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f193d00043279d55cb1fa1db9fd6f7f493eba5c813af9211c750d0d7eff850ba
Security Headers
Name Value
Strict-Transport-Security max-age= 63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Host
lifeway.idonate.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 06 Oct 2021 23:37:56 GMT
Last-Modified
Mon, 27 Sep 2021 21:22:21 GMT
ETag
W/"42cdbe8e139237d913da2d6a0d0c6ad7"
Cache-Control
max-age=0,s-maxage=604800
Server
AmazonS3
Strict-Transport-Security
max-age= 63072000; includeSubdomains; preload
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
X-Edge-Origin-Shield-Skipped
0
Content-Encoding
gzip
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Via
1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA6-C1
X-Amz-Cf-Id
seMwW9L8dTe8pr7Bb9rWzwLFjJbBJLjxjNGOLuWzd1yK-KqOYvLc5A==
Age
251026

Redirect headers

date
Sat, 09 Oct 2021 21:21:41 GMT
content-type
text/html; charset=utf-8
content-length
156
location
https://lifeway.idonate.com/#/screensteps-login?timestamp=1633814501&return_to_url=%2F
cache-control
no-cache
p3p
CP="CAO PSA OUR"
set-cookie
_screensteps_live_session=3d94dacbe74c98a5be3321778f372990; path=/; HttpOnly; Secure; SameSite=None
strict-transport-security
max-age=31556952; includeSubdomains; preload
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-protected-by
Sqreen
x-request-id
c9a7be62b05f2fcc2798d9fe06a1b917
x-runtime
0.020745
x-xss-protection
1; mode=block
x-varnish
99517996
age
0
via
1.1 varnish (Varnish/6.3)
section-io-cache
Miss
section-io-id
c9a7be62b05f2fcc2798d9fe06a1b917
env_vars.js
lifeway.idonate.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lifeway.idonate.com/env_vars.js
Requested by
Host: lifeway.idonate.com
URL: https://lifeway.idonate.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-80.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c16bdae2985831344f4d25dde45bdea27436800da1dab875f66b1fde0d3b3d35

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
lifeway.idonate.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://lifeway.idonate.com/
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://lifeway.idonate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 04 Oct 2021 19:50:52 GMT
Content-Encoding
br
Age
437450
Transfer-Encoding
chunked
X-Edge-Origin-Shield-Skipped
0
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Tue, 08 Jun 2021 14:02:32 GMT
Server
AmazonS3
ETag
W/"b614aea828936779c74042c0f9305751"
Vary
Accept-Encoding
x-amz-version-id
LABO8T1PHV88clcDiXAJ_I59DrMB9yse
Via
1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront)
Cache-Control
max-age=120,s-maxage=604800
X-Amz-Cf-Pop
FRA6-C1
Content-Type
application/javascript
X-Amz-Cf-Id
VuOqFGsJNtGz9PQlVIJufhqztIy4BFeVlVmCKZOxlpBfBABFAEwZ-w==
css
fonts.googleapis.com/ 		3 KB
505 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,700,900
Requested by
Host: lifeway.idonate.com
URL: https://lifeway.idonate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f10.1e100.net
Software
ESF /
Resource Hash
30c7c639fd48a0186026f900282a3b92893c32043019a5efb0ddf7e0805e296f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 09 Oct 2021 21:06:58 GMT
server
ESF
date
Sat, 09 Oct 2021 21:21:41 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Sat, 09 Oct 2021 21:21:41 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.6.2/css/ 		28 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.6.2/css/font-awesome.min.css
Requested by
Host: lifeway.idonate.com
URL: https://lifeway.idonate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5675b0d1ee88db374b1e60e301fda9f0c1d3585f47173468827115fc4e529c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 21:21:41 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
565, 617
age
14686301
cdn-cachedat
2021-03-10 20:27:51
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
a37a4359eb95033d979287ce1782c247
cf-ray
69baa8fc3f0221bd-DUS
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
styles.css
static.idonate.com/fonts/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.idonate.com/fonts/styles.css
Requested by
Host: lifeway.idonate.com
URL: https://lifeway.idonate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.29.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-29-47.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f3d1fdb924b5e7096f277661bd50b91911c2e59841f26aa6b5a4411b564426d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 21:21:43 GMT
content-encoding
gzip
last-modified
Thu, 17 Dec 2015 04:29:19 GMT
server
AmazonS3
x-edge-origin-shield-skipped
0
etag
W/"c259ff0a8b39b4001da4639d96e1a109"
vary
Accept-Encoding
x-cache
Miss from cloudfront
x-amz-version-id
null
via
1.1 6c7a5d26be7fb35284e54d321f16b6f7.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
content-type
text/css
x-amz-cf-id
Uqzv-r1B06EQGWleXiOP8nRnxLhG7rHXye4afBKXPsld9LmUrWtNbg==
styles.css
static.idonate.com/fonts/v2/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.idonate.com/fonts/v2/styles.css
Requested by
Host: lifeway.idonate.com
URL: https://lifeway.idonate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.29.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-29-47.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ed92da87801152d512b0cf1d4c57e2dc8bcdb3dc8a9e6b942ce4093e4973f69e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 03:53:23 GMT
content-encoding
gzip
last-modified
Wed, 02 May 2018 16:38:03 GMT
server
AmazonS3
age
62899
etag
W/"f7fa72e662b3db478594aa379779e8d1"
x-amz-meta-version-id
null
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
x-amz-version-id
null
via
1.1 6c7a5d26be7fb35284e54d321f16b6f7.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-C2
content-type
text/css
x-amz-cf-id
wS5LFuL0uVuKZ2xmeG-YpX9YEDS37MnCylUo-e5hFVzddkzRJuxiwA==
intlTelInput.css
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/14.0.6/css/ 		27 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/14.0.6/css/intlTelInput.css
Requested by
Host: lifeway.idonate.com
URL: https://lifeway.idonate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5531f129993bf253087f90f8c2375cb402354fd4f107f7a4b279ab45dd115961
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 21:21:41 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5711266
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2178
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:18 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ea6-6a63"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CHYceIlGICxeqqxP9qTJdoqDF7BzXXHk%2FMzWVtyZGfg8MK8Ftm2FTzgxP9ACqY6ZnVmU09FfDPBZp%2BuxsHT05AlboD0%2BkaQuRR6vaQP86J0nV5FIcV91OQwEt%2BLBiebORkwasxCO"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
69baa8fc3f0b219f-DUS
expires
Thu, 29 Sep 2022 21:21:41 GMT
css
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat
Requested by
Host: lifeway.idonate.com
URL: https://lifeway.idonate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f10.1e100.net
Software
ESF /
Resource Hash
8cd48a23b5cf3b3659e12bf6eee322a1781a624117ffe71bed68503224829031
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 09 Oct 2021 21:02:05 GMT
server
ESF
date
Sat, 09 Oct 2021 21:21:41 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Sat, 09 Oct 2021 21:21:41 GMT
natero_analytics.min.js
developer.freshsuccess.com/scripts/
Redirect Chain
  • https://events.natero.com/scripts/natero_analytics.min.js
  • https://developer.freshsuccess.com/scripts/natero_analytics.min.js
14 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://developer.freshsuccess.com/scripts/natero_analytics.min.js
Requested by
Host: lifeway.idonate.com
URL: https://lifeway.idonate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
adead5cca44281834a91643586166053a92855bc43a079b960caa9167980e363

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 21:21:42 GMT
via
1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
last-modified
Thu, 10 Dec 2020 19:55:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
"5fabd79452f1ab0890f4b9c966b7bbe5"
x-cache
Hit from cloudfront
content-type
application/javascript
content-length
14275
x-amz-cf-id
l7ZWs39_cdseZaHPVNLOw2eVLYGQW81NYfXFFzTp1ZAuic44yN6PrQ==

Redirect headers

location
https://developer.freshsuccess.com:443/scripts/natero_analytics.min.js
date
Sat, 09 Oct 2021 21:21:42 GMT
server
awselb/2.0
content-length
134
content-type
text/html
index.js
lifeway.idonate.com/ 		14 MB
14 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://lifeway.idonate.com/index.js
Requested by
Host: lifeway.idonate.com
URL: https://lifeway.idonate.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-80.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0dfe6d868b21aae473b846807daa2636c377426ed87c495a4f31aed892d65061
Security Headers
Name Value
Strict-Transport-Security max-age= 63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
lifeway.idonate.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://lifeway.idonate.com/
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://lifeway.idonate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security
max-age= 63072000; includeSubdomains; preload
Via
1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
X-Edge-Origin-Shield-Skipped
0
X-Cache
RefreshHit from cloudfront
Date
Sat, 09 Oct 2021 21:21:43 GMT
Connection
keep-alive
Content-Length
15018021
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Mon, 27 Sep 2021 21:22:19 GMT
Server
AmazonS3
ETag
"b4016deed5f7b48824bad9ec6aae6871-2"
X-Frame-Options
DENY
Content-Type
application/javascript
X-Amz-Cf-Pop
FRA6-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
6bAN2bjthw4oeVkP7s1aXZ06hN5XaEIk8QCyMJf2FXpwQYjGnm0XiQ==
summernote.js
lifeway.idonate.com/ 		68 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lifeway.idonate.com/summernote.js
Requested by
Host: lifeway.idonate.com
URL: https://lifeway.idonate.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-80.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f366228d00ecf180d1ad3d0fa609ab18899551bfa18313dd22d3947d807a3d41
Security Headers
Name Value
Strict-Transport-Security max-age= 63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
lifeway.idonate.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://lifeway.idonate.com/
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://lifeway.idonate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security
max-age= 63072000; includeSubdomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Edge-Origin-Shield-Skipped
0
Transfer-Encoding
chunked
X-Cache
RefreshHit from cloudfront
Date
Sat, 09 Oct 2021 21:21:43 GMT
Connection
keep-alive
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Mon, 27 Sep 2021 21:22:20 GMT
Server
AmazonS3
X-Frame-Options
DENY
ETag
W/"c3ba943d99ac5de04d5ee1bb7c1ea6e4"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 c05282a87474a55ae2a8dd2aa77d1233.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA6-C1
X-Amz-Cf-Id
L2Ym1RTQc24u9y3OMT0T7SHorhvUE28CdLSrOTM5C8wcdKExML3hvw==
hotjar-737760.js
static.hotjar.com/c/ 		0
370 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-737760.js?sv=6
Requested by
Host: lifeway.idonate.com
URL: https://lifeway.idonate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.29.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-29-83.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 21:21:42 GMT
via
1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-edge-origin-shield-skipped
0
etag
W/d41d8cd98f00b204e9800998ecf8427e
x-cache-hit
1
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-amz-cf-pop
FRA56-C2
content-length
0
x-amz-cf-id
krWmIhrP8XgTqNFvZUkL1GTQyBZQvikPvvSyM2Tr564dqQq-I5-W9A==
idonate-icons.woff
static.idonate.com/fonts/v2/fonts/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.idonate.com/fonts/v2/fonts/idonate-icons.woff
Requested by
Host: static.idonate.com
URL: https://static.idonate.com/fonts/v2/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.29.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-29-47.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1140432e09a4edf25272d63205f86afe867edf6ed5fe0ea1eba2b388150c5f26

Request headers

Referer
https://static.idonate.com/fonts/v2/styles.css
Origin
https://lifeway.idonate.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 21:21:43 GMT
via
1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-edge-origin-shield-skipped
0
x-cache
Miss from cloudfront
content-length
33040
last-modified
Wed, 02 May 2018 16:38:03 GMT
server
AmazonS3
etag
"b5cc53a8493020b7a19d7f19cbae17af"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
null
access-control-allow-origin
*
x-amz-meta-version-id
null
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-type
application/octet-stream
x-amz-cf-id
Hocg8vu55WGs_wwv3BHxMR7E9gd87GbNRhaS705iAoPAFvipLfmCvA==
platform.js
apis.google.com/js/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: lifeway.idonate.com
URL: https://lifeway.idonate.com/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f14.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-atwF22AmoSClHJvxP8UryA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 21:21:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
etag
"640a4d1ff2f547a81ed97fb67488ed83"
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"}]}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-atwF22AmoSClHJvxP8UryA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"
expires
Sat, 09 Oct 2021 21:21:43 GMT
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: lifeway.idonate.com
URL: https://lifeway.idonate.com/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
2086
date
Sat, 09 Oct 2021 20:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Sat, 09 Oct 2021 22:46:57 GMT
idonate.js
embed.idonate.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.idonate.com/idonate.js
Requested by
Host: lifeway.idonate.com
URL: https://lifeway.idonate.com/index.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
IaOL7VBFRSIjr.FaJfOdQELURzLGnM30
Content-Encoding
gzip
ETag
W/"0b39a783500eb0fa14562ef82eeaf0ee"
Age
40163
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Mon, 01 Mar 2021 19:21:04 GMT
Server
AmazonS3
Date
Sat, 09 Oct 2021 10:12:20 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
Cache-Control
max-age=120,s-maxage=604800
X-Amz-Cf-Pop
FRA56-C1
X-Amz-Cf-Id
m4-xpVZZOte97Grj_2H5rz_83bH908d3UQxKOvEWzh6g0OzEcxAT1g==
theme.json
lifeway.idonate.com/platforms/lifeway.idonate.com/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://lifeway.idonate.com/platforms/lifeway.idonate.com/theme.json
Requested by
Host: lifeway.idonate.com
URL: https://lifeway.idonate.com/index.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-80.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age= 63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
lifeway.idonate.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors
Accept
application/json, text/plain, */*
Cache-Control
no-cache
Sec-Fetch-Dest
empty
Referer
https://lifeway.idonate.com/screensteps-login?timestamp=1633814501&return_to_url=%2F
Connection
keep-alive
Accept
application/json, text/plain, */*
Referer
https://lifeway.idonate.com/screensteps-login?timestamp=1633814501&return_to_url=%2F
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 09 Oct 2021 21:21:43 GMT
Via
1.1 vegur, 1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront), 1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
x-amzn-Remapped-Content-Length
2036
x-amzn-Remapped-Date
Sat, 09 Oct 2021 21:21:43 GMT
X-Amz-Cf-Pop
FRA56-P2 FRA6-C1
x-amzn-Remapped-Connection
keep-alive
Transfer-Encoding
chunked
X-Edge-Origin-Shield-Skipped
0
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Encoding
gzip
x-amz-apigw-id
G9YsPGWrIAMF65A=
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Server
CloudFront
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, PATCH
X-Frame-Options
DENY
Strict-Transport-Security
max-age= 63072000; includeSubdomains; preload
Content-Type
application/json
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
x-amzn-Remapped-Server
gunicorn/19.6.0
x-amzn-RequestId
fb61db09-c003-4096-a962-e6c16fe49e28
X-Amz-Cf-Id
UnbCaLIiz_XKcu4ZhlPu3MLteZv3tEzBaGp12jFXQap68Q465oqqYA==
idonatelib.js
embed.idonate.com/idonatelib/ 		97 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.idonate.com/idonatelib/idonatelib.js
Requested by
Host: embed.idonate.com
URL: https://embed.idonate.com/idonate.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 07 Oct 2021 00:15:20 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Tue, 07 Sep 2021 13:46:10 GMT
Server
AmazonS3
Age
248784
ETag
W/"8260b2e51fd91aca573d43f2accf3da6"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
Cache-Control
max-age=604800,public
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA56-C1
X-Amz-Cf-Id
XuiywyLg9EfvV047MkruFI1EueLoJX-vfAq98J7ZAe0jIONRVS09Hg==
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=analytics/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/ 		429 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=analytics/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f14.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 05:52:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
314965
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
138593
x-xss-protection
0
last-modified
Fri, 10 Sep 2021 23:24:10 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="social-frontend-mpm-access"
expires
Thu, 06 Oct 2022 05:52:18 GMT
collect
www.google-analytics.com/j/ 		2 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=2126621480&t=pageview&_s=1&dl=https%3A%2F%2Flifeway.idonate.com%2Fscreensteps-login%3Ftimestamp%3D1633814501%26return_to_url%3D%252F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAAC~&jid=1188367246&gjid=2056159108&cid=460948362.1633814503&tid=UA-38269447-3&_gid=1897968002.1633814503&_r=1&_slc=1&z=34002008
Requested by
Host: lifeway.idonate.com
URL: https://lifeway.idonate.com/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 21:21:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://lifeway.idonate.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
cb=gapi.loaded_1
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=client/exm=analytics/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/ 		62 B
86 B 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=client/exm=analytics/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/cb=gapi.loaded_1
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f14.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 16:55:24 GMT
x-content-type-options
nosniff
age
275179
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62
x-xss-protection
0
last-modified
Fri, 10 Sep 2021 23:24:10 GMT
server
sffe
vary
Origin
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="social-frontend-mpm-access"
expires
Thu, 06 Oct 2022 16:55:24 GMT
cb=gapi.loaded_2
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=auth2/exm=analytics,client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/ 		62 B
86 B 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=auth2/exm=analytics,client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/cb=gapi.loaded_2
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f14.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 16:55:24 GMT
x-content-type-options
nosniff
age
275179
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62
x-xss-protection
0
last-modified
Fri, 10 Sep 2021 23:24:10 GMT
server
sffe
vary
Origin
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="social-frontend-mpm-access"
expires
Thu, 06 Oct 2022 16:55:24 GMT
proxy.html
content.googleapis.com/static/ Frame E920 		382 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=analytics/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/cb=gapi.loaded_0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f10.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-N_uo3ZyQnpk6C3GpMj4bMQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/apiserving; base-uri 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
content.googleapis.com
:scheme
https
:path
/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
content-security-policy
script-src 'nonce-N_uo3ZyQnpk6C3GpMj4bMQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/apiserving; base-uri 'none'
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="apiserving"
report-to
{"group":"apiserving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apiserving"}]}
content-length
274
date
Sat, 09 Oct 2021 21:21:43 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
last-modified
Fri, 17 Jul 2020 22:45:00 GMT
x-content-type-options
nosniff
cross-origin-embedder-policy
require-corp; report-to="apiserving"
content-encoding
gzip
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
googleapis.proxy.js
apis.google.com/js/ Frame E920 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/googleapis.proxy.js?onload=startup
Requested by
Host: content.googleapis.com
URL: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f14.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-rn7sTxwW93nhpWWRUK/1PA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://content.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 21:21:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
etag
"55825c32604cd4fffb82193554d40631"
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"}]}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-rn7sTxwW93nhpWWRUK/1PA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"
expires
Sat, 09 Oct 2021 21:21:43 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/ Frame E920 		62 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/googleapis.proxy.js?onload=startup
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f14.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://content.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 19:09:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
353538
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22198
x-xss-protection
0
last-modified
Fri, 10 Sep 2021 23:24:10 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="social-frontend-mpm-access"
expires
Wed, 05 Oct 2022 19:09:25 GMT
rest
content.googleapis.com/discovery/v1/apis/analytics/v3/ Frame E920 		84 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.googleapis.com/discovery/v1/apis/analytics/v3/rest?fields=kind%2Cname%2Cversion%2CrootUrl%2CservicePath%2Cresources%2Cparameters%2Cmethods%2CbatchPath%2Cid&pp=0
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/cb=gapi.loaded_0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f10.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Goog-Encode-Response-If-Executable
base64
X-Origin
https://lifeway.idonate.com
X-ClientDetails
appVersion=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F93.0.4577.63%20Safari%2F537.36&platform=Linux%20x86_64&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F93.0.4577.63%20Safari%2F537.36
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Referer
https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__
X-Requested-With
XMLHttpRequest
X-JavaScript-User-Agent
google-api-javascript-client/1.1.0
X-Referer
https://lifeway.idonate.com

Response headers

date
Sat, 09 Oct 2021 21:21:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
cache-control
private
vary
Origin, X-Origin, Referer
content-length
9001
x-xss-protection
0
Primary Request login
login.idonate.com/u/
Redirect Chain
  • https://login.idonate.com/authorize?audience=https%3A%2F%2Fapi.idonate.com&client_id=zAWTzhkbjA1MKvKYMLQrxV5Z0dp2LmOW&redirect_uri=https%3A%2F%2Flifeway.idonate.com&scope=openid%20profile%20email&r...
  • https://login.idonate.com/u/login?state=hKFo2SBwZzZtTkdfZEdLeWQyZXB0OERZWmZZTmJqcHcwY05mUKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIGZVSm1SVnhmdS04MGhpSVk0OWtFSTByS1c0Q0Q4TVNOo2NpZNkgekFXVHpoa2JqQTFNS3ZLWU1MU...
13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.idonate.com/u/login?state=hKFo2SBwZzZtTkdfZEdLeWQyZXB0OERZWmZZTmJqcHcwY05mUKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIGZVSm1SVnhmdS04MGhpSVk0OWtFSTByS1c0Q0Q4TVNOo2NpZNkgekFXVHpoa2JqQTFNS3ZLWU1MUXJ4VjVaMGRwMkxtT1c
Requested by
Host: lifeway.idonate.com
URL: https://lifeway.idonate.com/index.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.170.253 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7e4faa0a8f714e734b6b6e1f51d3be024890927e823ce42685189e734cd95ab
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
login.idonate.com
:scheme
https
:path
/u/login?state=hKFo2SBwZzZtTkdfZEdLeWQyZXB0OERZWmZZTmJqcHcwY05mUKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIGZVSm1SVnhmdS04MGhpSVk0OWtFSTByS1c0Q0Q4TVNOo2NpZNkgekFXVHpoa2JqQTFNS3ZLWU1MUXJ4VjVaMGRwMkxtT1c
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
did=s%3Av0%3Ae7162340-2946-11ec-9495-c75ffdf00896.gjEUCYfKXbL%2F%2BT933tMwwZ11eI6JFGdJKXD8i2Q%2FamA; auth0=s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQFDVLhK6ncrFY0aeHoFCTNLA-y08DRE-aTX7aUH4QrrW03cOOJB5xnTV8Vv683ueW2MfzV--XZR91p7b04CxIGOmY29va2llg6dleHBpcmVz1_9TNUUAYWX8aK5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.dHnTN%2BQQ1F4RJAo0FIECHGun6zAfwMmeodpXzHKfQfA; did_compat=s%3Av0%3Ae7162340-2946-11ec-9495-c75ffdf00896.gjEUCYfKXbL%2F%2BT933tMwwZ11eI6JFGdJKXD8i2Q%2FamA; auth0_compat=s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQFDVLhK6ncrFY0aeHoFCTNLA-y08DRE-aTX7aUH4QrrW03cOOJB5xnTV8Vv683ueW2MfzV--XZR91p7b04CxIGOmY29va2llg6dleHBpcmVz1_9TNUUAYWX8aK5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.dHnTN%2BQQ1F4RJAo0FIECHGun6zAfwMmeodpXzHKfQfA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://lifeway.idonate.com/screensteps-login?timestamp=1633814501&return_to_url=%2F

Response headers

date
Sat, 09 Oct 2021 21:21:44 GMT
content-type
text/html; charset=utf-8
cf-ray
69baa90cbd5521b7-DUS
cache-control
no-store, max-age=0, no-transform
content-encoding
gzip
content-language
en
etag
W/"34c0-1CKNxVax6Imm7j95WEX8CBOBMB4"
expires
Sat, 09 Oct 2021 21:21:44 GMT
strict-transport-security
max-age=31536000
vary
Accept-Encoding
cf-cache-status
DYNAMIC
content-security-policy
frame-ancestors 'none'
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ot-baggage-auth0-request-id
69baa90cbd5521b7
ot-tracer-sampled
true
ot-tracer-spanid
102c2d320012c8c0
ot-tracer-traceid
07cae3347048d2da
pragma
no-cache
referrer-policy
same-origin
x-auth0-requestid
15425b51c916237914cd
x-content-type-options
nosniff
x-frame-options
deny
x-ratelimit-limit
20
x-ratelimit-remaining
19
x-ratelimit-reset
1633814511
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block
server
cloudflare
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Sat, 09 Oct 2021 21:21:44 GMT
content-type
text/html; charset=utf-8
content-length
424
location
/u/login?state=hKFo2SBwZzZtTkdfZEdLeWQyZXB0OERZWmZZTmJqcHcwY05mUKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIGZVSm1SVnhmdS04MGhpSVk0OWtFSTByS1c0Q0Q4TVNOo2NpZNkgekFXVHpoa2JqQTFNS3ZLWU1MUXJ4VjVaMGRwMkxtT1c
cf-ray
69baa90a9f69fad8-DUS
cache-control
no-store, max-age=0, no-transform
set-cookie
did=s%3Av0%3Ae7162340-2946-11ec-9495-c75ffdf00896.gjEUCYfKXbL%2F%2BT933tMwwZ11eI6JFGdJKXD8i2Q%2FamA; Max-Age=31557600; Path=/; Expires=Mon, 10 Oct 2022 03:21:44 GMT; HttpOnly; Secure; SameSite=None auth0=s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQFDVLhK6ncrFY0aeHoFCTNLA-y08DRE-aTX7aUH4QrrW03cOOJB5xnTV8Vv683ueW2MfzV--XZR91p7b04CxIGOmY29va2llg6dleHBpcmVz1_9TNUUAYWX8aK5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.dHnTN%2BQQ1F4RJAo0FIECHGun6zAfwMmeodpXzHKfQfA; Path=/; Expires=Tue, 12 Oct 2021 21:21:44 GMT; HttpOnly; Secure; SameSite=None did_compat=s%3Av0%3Ae7162340-2946-11ec-9495-c75ffdf00896.gjEUCYfKXbL%2F%2BT933tMwwZ11eI6JFGdJKXD8i2Q%2FamA; Max-Age=31557600; Path=/; Expires=Mon, 10 Oct 2022 03:21:44 GMT; HttpOnly; Secure auth0_compat=s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQFDVLhK6ncrFY0aeHoFCTNLA-y08DRE-aTX7aUH4QrrW03cOOJB5xnTV8Vv683ueW2MfzV--XZR91p7b04CxIGOmY29va2llg6dleHBpcmVz1_9TNUUAYWX8aK5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.dHnTN%2BQQ1F4RJAo0FIECHGun6zAfwMmeodpXzHKfQfA; Path=/; Expires=Tue, 12 Oct 2021 21:21:44 GMT; HttpOnly; Secure
strict-transport-security
max-age=31536000
vary
Accept, Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ot-baggage-auth0-request-id
69baa90a9f69fad8
ot-tracer-sampled
true
ot-tracer-spanid
19910a0320a702c4
ot-tracer-traceid
4325a0685b2f1d5b
pragma
no-cache
x-auth0-requestid
722091e3407958ad6c9c
x-content-type-options
nosniff
x-ratelimit-limit
1000
x-ratelimit-remaining
999
x-ratelimit-reset
1633814505
server
cloudflare
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
main.cdn.min.css
cdn.auth0.com/ulp/react-components/1.56.28/css/ 		227 KB
53 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.auth0.com/ulp/react-components/1.56.28/css/main.cdn.min.css
Requested by
Host: login.idonate.com
URL: https://login.idonate.com/u/login?state=hKFo2SBwZzZtTkdfZEdLeWQyZXB0OERZWmZZTmJqcHcwY05mUKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIGZVSm1SVnhmdS04MGhpSVk0OWtFSTByS1c0Q0Q4TVNOo2NpZNkgekFXVHpoa2JqQTFNS3ZLWU1MUXJ4VjVaMGRwMkxtT1c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.208.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-208-119.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
719d580bf3d1a20daf0ef556e8074072669d1dc32b6ac48939b36099cb3268bf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
zb1PHS4p6Blg9gllvgUt3kJcvAU4rNyl
content-encoding
gzip
last-modified
Tue, 24 Aug 2021 21:55:00 GMT
server
AmazonS3
age
1326
etag
W/"c1a14f9d0b3749900719aa6c2539251c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 48391c4ed2c51e95dcabcb70cf613127.cloudfront.net (CloudFront)
cache-control
max-age=2628000,public
date
Sat, 09 Oct 2021 20:59:39 GMT
x-amz-replication-status
FAILED
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
-i6mc5q8MFnTMemH6jtZK1IE186g0kdZF_ZdNp2forlqhyo5qHppxA==
iDonateLogo.png
static.idonate.com/idonateEmail/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.idonate.com/idonateEmail/iDonateLogo.png
Requested by
Host: login.idonate.com
URL: https://login.idonate.com/u/login?state=hKFo2SBwZzZtTkdfZEdLeWQyZXB0OERZWmZZTmJqcHcwY05mUKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIGZVSm1SVnhmdS04MGhpSVk0OWtFSTByS1c0Q0Q4TVNOo2NpZNkgekFXVHpoa2JqQTFNS3ZLWU1MUXJ4VjVaMGRwMkxtT1c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.29.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-29-47.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c53ccbded4492244fa80983e6947c889474e8a95a87da20945f1f7fa158b24ac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 21:21:46 GMT
via
1.1 6c7a5d26be7fb35284e54d321f16b6f7.cloudfront.net (CloudFront)
last-modified
Tue, 07 Jun 2016 18:12:05 GMT
server
AmazonS3
x-edge-origin-shield-skipped
0
etag
"ebf80b8592888bbed0a5b2c64dfccf12"
x-cache
Miss from cloudfront
x-amz-version-id
null
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-type
image/png
content-length
43030
x-amz-cf-id
BWQtWO7jDLSSkEykk2GrmVf-ecIUcoYLBmxoTWV6BTCJdMAeYZHmyw==
truncated
/ 		650 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aaf1eac584819e98c7f78a20216bd2fb10ee29e10b290983bc0fa82d0f293bce

Request headers

Referer
Origin
https://login.idonate.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster

9 Cookies

Domain/Path Name / Value
lifeway-support.idonate.com/ Name: _screensteps_live_session
Value: 3d94dacbe74c98a5be3321778f372990
.google.com/ Name: NID
Value: 511=cC0HcsyFhTVTRzpIr8RPQ0kDDLU6DVplJbfg-i9z7fLlkPRfJxTtHcLun_qzSQGc4uTwfGZoa1wRWhT4rCY25Rt-kzTwKxXAyY1TVRndLw-9dI57BkjhsVr5nG4ID4w9ROVcp-55YUlddAM0QjOjKaQhCm8AgtfnMR1rdpWbrSw
.lifeway.idonate.com/ Name: _ga
Value: GA1.3.460948362.1633814503
.lifeway.idonate.com/ Name: _gid
Value: GA1.3.1897968002.1633814503
.lifeway.idonate.com/ Name: _gat
Value: 1
login.idonate.com/ Name: did
Value: s%3Av0%3Ae7162340-2946-11ec-9495-c75ffdf00896.gjEUCYfKXbL%2F%2BT933tMwwZ11eI6JFGdJKXD8i2Q%2FamA
login.idonate.com/ Name: auth0
Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQFDVLhK6ncrFY0aeHoFCTNLA-y08DRE-aTX7aUH4QrrW03cOOJB5xnTV8Vv683ueW2MfzV--XZR91p7b04CxIGOmY29va2llg6dleHBpcmVz1_9TNUUAYWX8aK5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.dHnTN%2BQQ1F4RJAo0FIECHGun6zAfwMmeodpXzHKfQfA
login.idonate.com/ Name: did_compat
Value: s%3Av0%3Ae7162340-2946-11ec-9495-c75ffdf00896.gjEUCYfKXbL%2F%2BT933tMwwZ11eI6JFGdJKXD8i2Q%2FamA
login.idonate.com/ Name: auth0_compat
Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQFDVLhK6ncrFY0aeHoFCTNLA-y08DRE-aTX7aUH4QrrW03cOOJB5xnTV8Vv683ueW2MfzV--XZR91p7b04CxIGOmY29va2llg6dleHBpcmVz1_9TNUUAYWX8aK5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.dHnTN%2BQQ1F4RJAo0FIECHGun6zAfwMmeodpXzHKfQfA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age= 63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apis.google.com
cdn.auth0.com
cdnjs.cloudflare.com
content.googleapis.com
developer.freshsuccess.com
embed.idonate.com
events.natero.com
fonts.googleapis.com
lifeway-support.idonate.com
lifeway.idonate.com
login.idonate.com
maxcdn.bootstrapcdn.com
static.hotjar.com
static.idonate.com
www.google-analytics.com
104.16.170.253
104.16.18.94
104.18.11.207
13.32.29.47
13.32.29.83
13.35.253.80
142.250.185.110
142.250.185.138
142.250.185.78
142.250.186.42
143.204.208.119
147.75.87.93
34.198.171.11
65.9.66.24
65.9.66.48
0dfe6d868b21aae473b846807daa2636c377426ed87c495a4f31aed892d65061
1140432e09a4edf25272d63205f86afe867edf6ed5fe0ea1eba2b388150c5f26
30c7c639fd48a0186026f900282a3b92893c32043019a5efb0ddf7e0805e296f
5531f129993bf253087f90f8c2375cb402354fd4f107f7a4b279ab45dd115961
719d580bf3d1a20daf0ef556e8074072669d1dc32b6ac48939b36099cb3268bf
8cd48a23b5cf3b3659e12bf6eee322a1781a624117ffe71bed68503224829031
aaf1eac584819e98c7f78a20216bd2fb10ee29e10b290983bc0fa82d0f293bce
adead5cca44281834a91643586166053a92855bc43a079b960caa9167980e363
b5675b0d1ee88db374b1e60e301fda9f0c1d3585f47173468827115fc4e529c2
c16bdae2985831344f4d25dde45bdea27436800da1dab875f66b1fde0d3b3d35
c53ccbded4492244fa80983e6947c889474e8a95a87da20945f1f7fa158b24ac
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7e4faa0a8f714e734b6b6e1f51d3be024890927e823ce42685189e734cd95ab
ed92da87801152d512b0cf1d4c57e2dc8bcdb3dc8a9e6b942ce4093e4973f69e
f193d00043279d55cb1fa1db9fd6f7f493eba5c813af9211c750d0d7eff850ba
f366228d00ecf180d1ad3d0fa609ab18899551bfa18313dd22d3947d807a3d41
f3d1fdb924b5e7096f277661bd50b91911c2e59841f26aa6b5a4411b564426d9