www.givedirectly.org Open in urlscan Pro
141.193.213.21 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.givedirectly.org/
Effective URL:
https://www.givedirectly.org/
Submission: On December 14 via api (December 14th 2022, 3:43:21 am UTC) from US — Scanned from DE

Summary HTTP 112 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 34 IPs in 6 countries across 27 domains to perform 112 HTTP transactions. The main IP is 141.193.213.21, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is www.givedirectly.org.
TLS certificate: Issued by R3 on November 22nd 2022. Valid for: 3 months.

This is the only time www.givedirectly.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 21	141.193.213.21 141.193.213.21	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
4	2a02:26f0:480... 2a02:26f0:480:f::213:7ee1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
9	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:b749	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:d6cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:480... 2a02:26f0:480:f::213:7edb	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
9	34.96.102.137 34.96.102.137	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6810:5705	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.222.236.73 52.222.236.73	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:600... 2a04:4e42:600::396	54113 (FASTLY) (FASTLY)
3	2a03:2880:f08... 2a03:2880:f080:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	35.244.142.80 35.244.142.80	15169 (GOOGLE) (GOOGLE)
3	34.204.139.61 34.204.139.61	14618 (AMAZON-AES) (AMAZON-AES)
6	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::ac40:9a55	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:46b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.129.140 151.101.129.140	54113 (FASTLY) (FASTLY)
8	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c1b::9b	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	13.32.121.100 13.32.121.100	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:36::36	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	18.66.147.113 18.66.147.113	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	52.215.128.208 52.215.128.208	16509 (AMAZON-02) (AMAZON-02)
1	52.30.211.73 52.30.211.73	16509 (AMAZON-02) (AMAZON-02)
2	104.16.53.111 104.16.53.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.54.96.194 52.54.96.194	14618 (AMAZON-AES) (AMAZON-AES)
3	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
112	34

21 141.193.213.21 (United States) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

www.givedirectly.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:480:f::213:7ee1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:b749 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d6cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:f::213:7edb (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)

ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5705 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-73.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f080:9:face:b00c:0:3 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.142.80 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 80.142.244.35.bc.googleusercontent.com

cdn.pdst.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.204.139.61 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-204-139-61.compute-1.amazonaws.com

app.posthog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9a55 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:46b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c1b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-100.fra60.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::36 (United States)

ASN15169 (GOOGLE, US)

us-central1-adaptive-growth.cloudfunctions.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-113.fra60.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.215.128.208 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-128-208.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.211.73 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-211-73.eu-west-1.compute.amazonaws.com

content.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.53.111 (None, )

ASN13335 (CLOUDFLARENET, US)

givedirectlyhelp.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.54.96.194 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-96-194.compute-1.amazonaws.com

pi.pardot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	givedirectly.org 1 redirects www.givedirectly.org	691 KB
11	gstatic.com www.gstatic.com fonts.gstatic.com	575 KB
11	google.com www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 6986	77 KB
10	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 1953 ekr.zdassets.com — Cisco Umbrella Rank: 2224	438 KB
9	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 4661	115 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 28	20 KB
5	typekit.net use.typekit.net — Cisco Umbrella Rank: 446 p.typekit.net — Cisco Umbrella Rank: 601	86 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 652 script.hotjar.com — Cisco Umbrella Rank: 797 vars.hotjar.com — Cisco Umbrella Rank: 929 in.hotjar.com — Cisco Umbrella Rank: 1744	73 KB
3	hubspot.com track.hubspot.com — Cisco Umbrella Rank: 2336	2 KB
3	google.de www.google.de — Cisco Umbrella Rank: 7952	627 B
3	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 81	572 B
3	posthog.com app.posthog.com — Cisco Umbrella Rank: 27845	28 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 152	132 KB
3	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 4171 forms-na1.hsforms.com — Cisco Umbrella Rank: 6604	3 KB
2	pardot.com pi.pardot.com — Cisco Umbrella Rank: 3672	3 KB
2	zendesk.com givedirectlyhelp.zendesk.com	2 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	203 B
2	cloudfunctions.net us-central1-adaptive-growth.cloudfunctions.net — Cisco Umbrella Rank: 2464
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 47	167 KB
1	hotjar.io content.hotjar.io — Cisco Umbrella Rank: 29427	161 B
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1548	157 B
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2208	20 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2218	63 KB
1	pdst.fm cdn.pdst.fm — Cisco Umbrella Rank: 2368	6 KB
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1416	8 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2261	838 B
1	hsforms.net js.hsforms.net — Cisco Umbrella Rank: 6314	157 KB
112	27

	Domain	Requested by
21	www.givedirectly.org	1 redirects www.givedirectly.org
9	dev.visualwebsiteoptimizer.com	www.givedirectly.org dev.visualwebsiteoptimizer.com
9	static.zdassets.com	www.givedirectly.org static.zdassets.com
8	www.gstatic.com	www.google.com www.gstatic.com
8	www.google.com	js.hsforms.net www.givedirectly.org www.gstatic.com www.google.com
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	use.typekit.net	www.givedirectly.org use.typekit.net
3	fonts.gstatic.com
3	track.hubspot.com
3	www.google.de	www.givedirectly.org
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
3	region1.analytics.google.com	www.googletagmanager.com
3	app.posthog.com	www.givedirectly.org app.posthog.com
3	connect.facebook.net	www.givedirectly.org connect.facebook.net
2	pi.pardot.com	www.givedirectly.org pi.pardot.com
2	givedirectlyhelp.zendesk.com	static.zdassets.com
2	www.facebook.com	www.givedirectly.org
2	us-central1-adaptive-growth.cloudfunctions.net	cdn.pdst.fm
2	forms.hsforms.com	js.hsforms.net www.givedirectly.org
2	www.googletagmanager.com	www.givedirectly.org www.googletagmanager.com
1	content.hotjar.io	script.hotjar.com
1	in.hotjar.com	script.hotjar.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	forms-na1.hsforms.com	www.givedirectly.org
1	alb.reddit.com	www.givedirectly.org
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	cdn.pdst.fm	www.givedirectly.org
1	www.redditstatic.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	ekr.zdassets.com	static.zdassets.com
1	p.typekit.net	use.typekit.net
1	js.hs-scripts.com	www.givedirectly.org
1	js.hsforms.net	www.givedirectly.org
112	35

This site contains links to these domains. Also see Links.

Domain
boards.greenhouse.io
community.givedirectly.org
live.givedirectly.org
donate.givedirectly.org
doublethedonation.com
www.facebook.com
twitter.com
www.instagram.com
www.linkedin.com
www.youtube.com

Subject Issuer	Validity	Valid
www.givedirectly.org R3	`2022-11-22` - `2023-02-20`	3 months	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
zdassets.com Cloudflare Inc ECC CA-3	`2022-11-10` - `2023-11-09`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-15` - `2023-06-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2022-07-04` - `2023-08-05`	a year	crt.sh
*.hotjar.com Amazon	`2022-10-25` - `2023-11-23`	a year	crt.sh
www.redditstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-05-15`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-09-22` - `2022-12-21`	3 months	crt.sh
cdn.pdst.fm GTS CA 1D4	`2022-12-01` - `2023-03-01`	3 months	crt.sh
app.posthog.com Amazon	`2022-10-04` - `2023-11-02`	a year	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-05-14`	6 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
misc.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.hotjar.io Amazon	`2022-11-28` - `2023-12-26`	a year	crt.sh
givedirectlyhelp.zendesk.com Cloudflare Inc ECC CA-3	`2022-05-01` - `2023-05-01`	a year	crt.sh
pi.pardot.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-13` - `2023-09-12`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2022-03-08` - `2023-03-07`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://www.givedirectly.org/
Frame ID: 46B63D585AC230D878A1DDA00936A102
Requests: 84 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
Frame ID: BF9FB5B93A7DE77A61C573FB17C1E057
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly93d3cuZ2l2ZWRpcmVjdGx5Lm9yZzo0NDM.&hl=en&v=pn3ro1xnhf4yB8qmnrhh9iD2&size=invisible&badge=inline&cb=73pig9wd4nuu
Frame ID: E5A7E039DC8B1537638191E9EFC16D80
Requests: 4 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/web-widget-framework-3a16b4e4334cbd2a5f4b.js
Frame ID: 876D311477EE5BD16F4AC3CDDE2CAEEC
Requests: 10 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=pn3ro1xnhf4yB8qmnrhh9iD2&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Frame ID: 186EF2F4C98552F220F189213D6CE726
Requests: 11 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 0FDE577C0D3501800579A6DEA8EE1E31
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

GiveDirectly: Send money to people living in povertyGiveDirectlyRight ArrowFacebookTwitterInstagramLinkedInYouTube

Page URL History Show full URLs

http://www.givedirectly.org/ HTTP 301
https://www.givedirectly.org/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

VWO (Analytics) Expand

Overall confidence: 100%
Detected patterns

dev\.visualwebsiteoptimizer\.com/?([\d.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

112
Requests

100 %
HTTPS

59 %
IPv6

27
Domains

35
Subdomains

34
IPs

6
Countries

2667 kB
Transfer

7291 kB
Size

33
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://boards.greenhouse.io/givedirectly
Title: Careers

Search URL Search Domain Scan URL

URL: https://community.givedirectly.org/campaigns/333120a242e385ae
Title: Yemen

Search URL Search Domain Scan URL

URL: https://live.givedirectly.org/
Title: Recipients

Search URL Search Domain Scan URL

URL: https://donate.givedirectly.org/
Title: Give now

Search URL Search Domain Scan URL

URL: https://donate.givedirectly.org/basic-income?amount=40&recurring=monthly
Title: Give monthly

Search URL Search Domain Scan URL

URL: https://doublethedonation.com/givedirectly
Title: Employer Match

Search URL Search Domain Scan URL

URL: https://donate.givedirectly.org/complete-donation?type=check
Title: Mail a Check

Search URL Search Domain Scan URL

URL: https://www.facebook.com/givedirectly
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/GiveDirectly
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/givedirectly/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/givedirectly/
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCi29RpkCdO43kVN_nr8FhRA
Title: YouTube

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.givedirectly.org/ HTTP 301
https://www.givedirectly.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

112 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.givedirectly.org/
Redirect Chain

http://www.givedirectly.org/
https://www.givedirectly.org/

87 KB
23 KB

190ms
169ms

Document
text/html

141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.givedirectly.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / WP Engine
Resource Hash: bb33312d53473ffa32e4fccb51df86fb48e628895a81058458675cf640e0f55f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=600, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7793ef23bb9292c9-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 14 Dec 2022 03:43:14 GMT
link: <https://www.givedirectly.org/wp-json/>; rel="https://api.w.org/" <https://www.givedirectly.org/wp-json/wp/v2/pages/6375>; rel="alternate"; type="application/json" <https://www.givedirectly.org/>; rel=shortlink
server: cloudflare
vary: Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: HIT: 15
x-cache-group: normal
x-cacheable: SHORT
x-powered-by: WP Engine

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7793ef22baec5ba4-FRA
Connection: keep-alive
Content-Type: text/html
Date: Wed, 14 Dec 2022 03:43:14 GMT
Location: https://www.givedirectly.org/
Server: cloudflare
Transfer-Encoding: chunked
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style.min.css
www.givedirectly.org/wp-includes/css/dist/block-library/ 93 KB
12 KB 26ms
21ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.givedirectly.org/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by: Host: www.givedirectly.org
URL: https://www.givedirectly.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givedirectly.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 03:43:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 11 Nov 2022 14:56:45 GMT
server: cloudflare
age: 110143
etag: W/"636e62ad-172a9"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7793ef255e2c92c9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 classic-themes.min.css
www.givedirectly.org/wp-includes/css/ 217 B
252 B 24ms
20ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.givedirectly.org/wp-includes/css/classic-themes.min.css?ver=1
Requested by: Host: www.givedirectly.org
URL: https://www.givedirectly.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givedirectly.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 03:43:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 25 Oct 2022 13:45:16 GMT
server: cloudflare
age: 344218
etag: W/"6357e86c-d9"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7793ef255e2f92c9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 nwb0fwu.css
use.typekit.net/ 3 KB
961 B 141ms
21ms Stylesheet
text/css 2a02:26f0:480:f::213:7ee1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/nwb0fwu.css

Requested by

Host: www.givedirectly.org
URL: https://www.givedirectly.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ee1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

81f274f413a25f371296a6dc05422dd6197e4476691e46baaf2adeac9147b408

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givedirectly.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Wed, 14 Dec 2022 03:43:14 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 729

GET
H2 200 styles.min.css
www.givedirectly.org/wp-content/themes/givedirectly/css/ 254 KB
39 KB 32ms
28ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.givedirectly.org/wp-content/themes/givedirectly/css/styles.min.css?v1.036
Requested by: Host: www.givedirectly.org
URL: https://www.givedirectly.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1bff93fd3ff3271a5ea6455b825e4414633d485d951f52d6c1af6aeffd8c1e90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givedirectly.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 03:43:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 09 Dec 2022 10:59:50 GMT
server: cloudflare
age: 344218
etag: W/"63931526-3f7ec"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7793ef255e3192c9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 tablepress-combined.min.css
www.givedirectly.org/wp-content/ 5 KB
2 KB 22ms
18ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.givedirectly.org/wp-content/tablepress-combined.min.css?ver=1
Requested by: Host: www.givedirectly.org
URL: https://www.givedirectly.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a35dfffe0834600e24057c9b975f0bd41865d379030aeca15d488707b78ffcf9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givedirectly.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 03:43:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Jun 2022 10:08:27 GMT
server: cloudflare
age: 344218
etag: W/"62b43b9b-14f0"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7793ef255e3292c9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 23 KB
7 KB 54ms
20ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=34466d84-fbfa-4ea0-8acb-9e3d8eaffb4b

Requested by

Host: www.givedirectly.org
URL: https://www.givedirectly.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c71a7bdc6e1f2f8875556b690007a65be9e5ae1fb285f76d85180c89a3fa52d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givedirectly.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 03:43:14 GMT
x-amz-version-id: TCAqq4sghBBBAAXd3MLZ8Fy8XIds..vO
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 5PTGQNAD4VXWH7DS
age: 22
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: q6qnZ956jgl6JFyMRnPlI2prghr+CQCdT0d0DqZGIKhvB0j7bhQAhY8/PVXvtV6Dbyigsuv7ppY=
last-modified: Thu, 28 Jul 2022 23:44:02 GMT
server: cloudflare
etag: W/"5cae6ce528dce0c327b2bcbaad459fdb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7RH6jF02O5rtjKw%2BeZHw4M%2B7FR4qyYV0ZdqZZwzQ3h0QpXaZ4AtGizBMo7hpwfhVUK5cXqu44%2B6%2BxCWTw8Mmg6HgaTy64S4MtaZHhfC4jMM3E85deykOqw5i0oYCL%2BkJXiDKGlE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
cf-ray: 7793ef258c015c6e-FRA

GET
H3 200 Adela-in-Rwanda-705x470.png
www.givedirectly.org/wp-content/uploads/2022/11/ 433 KB
434 KB 48ms
47ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.givedirectly.org/wp-content/uploads/2022/11/Adela-in-Rwanda-705x470.png
Requested by: Host: www.givedirectly.org
URL: https://www.givedirectly.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 799423b6ba53dcaa5b4d86c8dc88891d25662d80d9a0cf2b5f85280b82804927

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givedirectly.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 03:43:15 GMT
cf-cache-status: HIT
age: 365360
cf-polished: origFmt=png, origSize=616986
content-disposition: inline; filename="Adela-in-Rwanda-705x470.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 443680
cf-bgj: imgq:100,h2pri
last-modified: Mon, 28 Nov 2022 23:38:12 GMT
server: cloudflare
etag: "63854664-96a1a"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7793ef26ecee5c8c-FRA

GET
H2 200 v2.js Show response
js.hsforms.net/forms/ 503 KB
157 KB 167ms
143ms Script
application/javascript 2606:4700::6811:b749
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js?pre=1

Requested by

Host: www.givedirectly.org
URL: https://www.givedirectly.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b749 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9bb2c57900098b5cdafd4a068ba4bc2ccb9e9961ea7ae18cfdae016213963886

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givedirectly.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 03:43:14 GMT
x-amz-version-id: w0o20CbMP9.AbzHUwo1.m9kgPUwjOu4w
via: 1.1 a4f9ca051b97c1ac09e2af244690d376.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=forms-embed/static-1.2465/bundles/project-v2.js&cfRay=7793ef25dae19b86-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
content-encoding: br
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 08 Dec 2022 02:33:15 UTC
server: cloudflare
etag: W/"2c3e38d77ddd0a90948e06c44a0078f7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VlHrg3gNiLNFC4YX3eb9AYYfkfnvwMjI1%2Bxj6%2BvFCJkyrio%2F2dV0JOv5SeAmE2T0C1wgP06xfNPl45STC0e3vTIPkQD0D2eY4fLqCw69nuq5jMy9%2BJcy1lq%2BOChS5ZMjvQWLxMd5l5W%2Fx5fT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
cf-ray: 7793ef25dae19b86-FRA
x-amz-cf-id: Cl_XkhfeS2GxxUfxHfoiJjFRqQbeR4-41svgMpl0b5bomueRTHLBTQ==
x-hs-target-asset: forms-embed/static-1.2465/bundles/project-v2.js

GET
H3 200 email-decode.min.js Show response
www.givedirectly.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
871 B 11ms
10ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.givedirectly.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.givedirectly.org
URL: https://www.givedirectly.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givedirectly.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 03:43:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 07 Dec 2022 18:45:45 GMT
server: cloudflare
etag: W/"6390df59-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 7793ef263be55c8c-FRA
expires: Fri, 16 Dec 2022 03:43:14 GMT

GET
H3 200 jquery.js Show response
www.givedirectly.org/wp-includes/js/jquery/ 283 KB
85 KB 32ms
32ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.givedirectly.org/wp-includes/js/jquery/jquery.js
Requested by: Host: www.givedirectly.org
URL: https://www.givedirectly.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3e547dd68cdf81e0eee07f2cd672da320942336f3db781d19c134220125ab6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givedirectly.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 03:43:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Sep 2022 14:16:24 GMT
server: cloudflare
age: 365360
etag: W/"632879b8-46c28"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7793ef26ecd45c8c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 8542918.js Show response
js.hs-scripts.com/ 974 B
838 B 157ms
140ms Script
application/javascript 2606:4700::6811:d6cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/8542918.js?integration=WordPress
Requested by: Host: www.givedirectly.org
URL: https://www.givedirectly.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d6cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71f999ee66203f6df57017530c58b2cab1e716463e2b80e88321d48d86c4c3a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givedirectly.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 03:43:15 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 14 Dec 2022 03:01:07 GMT
server: cloudflare
x-hubspot-correlation-id: b015775e-371b-4816-8936-bd3d82232f06
x-trace: 2BF3F8DA51DE23F2BE1246DE0B49E0767841FE6044000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.givedirectly.org
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 7793ef270ee99b34-FRA
expires: Wed, 14 Dec 2022 03:44:15 GMT

GET
H3 200 footer-scripts.min.js Show response
www.givedirectly.org/wp-content/themes/givedirectly/js/ 59 KB
19 KB 24ms
24ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.givedirectly.org/wp-content/themes/givedirectly/js/footer-scripts.min.js?v1.028
Requested by: Host: www.givedirectly.org
URL: https://www.givedirectly.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3c5b3821ceb9856a21ade0b0cf66cc0ce3ab9fe51cd1e89e17f560a6d7f8f29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givedirectly.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 03:43:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Sep 2022 22:28:24 GMT
server: cloudflare
age: 365360
etag: W/"6328ed08-ed58"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7793ef26ecd75c8c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery.number.min.js Show response
www.givedirectly.org/wp-content/themes/givedirectly/js/ 5 KB
2 KB 46ms
45ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.givedirectly.org/wp-content/themes/givedirectly/js/jquery.number.min.js
Requested by: Host: www.givedirectly.org
URL: https://www.givedirectly.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2a5646676a9a4862aeb9fbd28d68966c23cd6ec9469aa62564e4dc762e51440

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givedirectly.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 03:43:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 12 Sep 2020 22:07:18 GMT
server: cloudflare
age: 243369
etag: W/"5f5d4696-14e4"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7793ef26ecea5c8c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 slick.js Show response
www.givedirectly.org/wp-content/themes/givedirectly/js/ 87 KB
16 KB 46ms
45ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.givedirectly.org/wp-content/themes/givedirectly/js/slick.js
Requested by: Host: www.givedirectly.org
URL: https://www.givedirectly.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9baa573e4378873b7ac81ccb1d954ce9bb2b1a933947ad3012263ddc604d8505

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givedirectly.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 03:43:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 12 Sep 2020 22:07:18 GMT
server: cloudflare
age: 109535
etag: W/"5f5d4696-15b7b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7793ef26ecec5c8c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 p.css
p.typekit.net/ 5 B
181 B 106ms
20ms Stylesheet
text/css 2a02:26f0:480:f::213:7edb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=nwb0fwu&ht=tk&f=14032.14033.14034.14038&a=35674917&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/nwb0fwu.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7edb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 03:43:15 GMT
last-modified: Sat, 16 Oct 2021 08:18:43 GMT
server: nginx
etag: "616a8ae3-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 282 KB
90 KB 69ms
28ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PJNMMGH

Requested by

Host: www.givedirectly.org
URL: https://www.givedirectly.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8a7f12167fdc475dde4c7b9dd0b42d668881e1e491b1571c421aaa7684f87c68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givedirectly.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 03:43:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91449
x-xss-protection: 0
last-modified: Wed, 14 Dec 2022 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 14 Dec 2022 03:43:15 GMT

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 10 KB
4 KB 36ms
12ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=319243&u=https%3A%2F%2Fwww.givedirectly.org%2F&f=1&r=0.8217603632626544
Requested by: Host: www.givedirectly.org
URL: https://www.givedirectly.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 34f3fd9e4422daeb2700c414e8431a0af2a6b40a74f5e35850effa54c976dfab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givedirectly.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 03:43:15 GMT
content-encoding: gzip
via: 1.1 google
server: gfra1
etag: W/"1670912417"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, no-cache, must-revalidate
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 menu-down.svg
www.givedirectly.org/wp-content/themes/givedirectly/img/icons/ 345 B
472 B 61ms
61ms Image
image/svg+xml 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.givedirectly.org/wp-content/themes/givedirectly/img/icons/menu-down.svg
Requested by: Host: www.givedirectly.org
URL: https://www.givedirectly.org/wp-content/themes/givedirectly/css/styles.min.css?v1.036
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2efec8e3220c7db3ae9e4dfa895329fc217b2828223617cff860bc494348b9f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givedirectly.org/wp-content/themes/givedirectly/css/styles.min.css?v1.036
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 03:43:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 12 Sep 2020 22:07:18 GMT
server: cloudflare
age: 365360
etag: W/"5f5d4696-159"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7793ef26fcf95c8c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 l
use.typekit.net/af/28158e/00000000000000003b9b4066/27/ 27 KB
27 KB 83ms
20ms Font
application/font-woff2 2a02:26f0:480:f::213:7ee1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/28158e/00000000000000003b9b4066/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/nwb0fwu.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ee1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 09d305a5a1c4756015b5b0c509dcc3f121a6e9a754a92ed5bacbb5a60899d411

Request headers

Referer: https://use.typekit.net/nwb0fwu.css
Origin: https://www.givedirectly.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 03:43:15 GMT
server: nginx
etag: "72f47cc4cd2aeefe0b7a3afe57823f9d1af1047c"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 27196

GET
H2 200 l
use.typekit.net/af/e604a2/00000000000000003b9b4069/27/ 29 KB
29 KB 85ms
23ms Font
application/font-woff2 2a02:26f0:480:f::213:7ee1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/e604a2/00000000000000003b9b4069/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/nwb0fwu.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ee1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: b944b9469a2b4f007755ac5c43b4101d568cbcd2bda8f20f725ebb90e64674ea

Request headers

Referer: https://use.typekit.net/nwb0fwu.css
Origin: https://www.givedirectly.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 03:43:15 GMT
server: nginx
etag: "d2aae8ad4fcc128b83ad3b0046449257b5817073"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 29744

GET
H2 200 34466d84-fbfa-4ea0-8acb-9e3d8eaffb4b Show response
ekr.zdassets.com/compose/ 336 B
1 KB 578ms
532ms XHR
application/json 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/34466d84-fbfa-4ea0-8acb-9e3d8eaffb4b

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=34466d84-fbfa-4ea0-8acb-9e3d8eaffb4b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c4f0f42e469e20ef0fa9f965f80ce27a1a4470c41aa080ecd87114344322f49

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givedirectly.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 03:43:15 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 778e8ba9a8509bbf-FRA, 778e8ba9a8509bbf-FRA
x-runtime: 0.004108
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"7c4f0f42e469e20ef0fa9f965f80ce27"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TfDhFmrwgUMnPqA8M3OowNLET87UuxfQDZ2WuLQH3Yjv5kiy8NwpNC0bNL1i8ev6vDhzeiB4006p6Oh3Zy%2B4le26HBqdr8imGvmo%2BRYutPkyBuc0CmhyQIFyR0R1AHHvXws%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
vary: Origin, Accept-Encoding
cf-ray: 7793ef274a4c9b5b-FRA

GET
H2 200 json Show response
forms.hsforms.com/embed/v3/form/8542918/63f7820b-81c5-4c70-a8d4-99ff848151a9/ 5 KB
2 KB 174ms
144ms XHR
application/json 2606:4700::6810:5705
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/8542918/63f7820b-81c5-4c70-a8d4-99ff848151a9/json?hs_static_app=forms-embed&hs_static_app_version=1.2465&X-HubSpot-Static-App-Info=forms-embed-1.2465

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js?pre=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5705 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea7839948b5e7d8d1ee9412117fd3d642324bebe057682fb14ff6f32d5c3feac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.givedirectly.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-origin-hublet: na1
date: Wed, 14 Dec 2022 03:43:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: 76544bb4-8c41-402e-a34f-42b56ac7e0ae
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-trace: 2B7FF88EFD4BE1056EAF407EBCD2FED9F183963D3A000000000000000000
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.givedirectly.org
access-control-expose-headers: X-Origin-Hublet
access-control-max-age: 180
access-control-allow-credentials: false
cache-control: max-age=0, no-cache, no-store
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 7793ef276ad6bbda-FRA

GET
H3 200 email-signup-border.svg
www.givedirectly.org/wp-content/themes/givedirectly/img/covid/ 934 B
751 B 21ms
21ms Image
image/svg+xml 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.givedirectly.org/wp-content/themes/givedirectly/img/covid/email-signup-border.svg
Requested by: Host: www.givedirectly.org
URL: https://www.givedirectly.org/wp-content/themes/givedirectly/css/styles.min.css?v1.036
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a3c8b07faff5438e1dcaca727d8adb16d529b1f23bfb576dcbe52501f6faa9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givedirectly.org/wp-content/themes/givedirectly/css/styles.min.css?v1.036
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 03:43:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 12 Sep 2020 22:07:18 GMT
server: cloudflare
age: 365360
etag: W/"5f5d4696-3a6"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7793ef273d6b5c8c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 l
use.typekit.net/af/62681e/00000000000000003b9b406a/27/ 29 KB
29 KB 55ms
39ms Font
application/font-woff2 2a02:26f0:480:f::213:7ee1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/62681e/00000000000000003b9b406a/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/nwb0fwu.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ee1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: d489b866f669f2f15392d5cdce4b6e23f9e66fd7e0f38155510282f5e68c8ec2

Request headers

Referer: https://use.typekit.net/nwb0fwu.css
Origin: https://www.givedirectly.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 03:43:15 GMT
server: nginx
etag: "159fcd6e6aa88378b15160b2c3ced3c0d32dbe0c"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 29384

GET
H3 200 USAID.svg
www.givedirectly.org/wp-content/uploads/2020/03/ 76 KB
21 KB 29ms
26ms Image
image/svg+xml 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.givedirectly.org/wp-content/uploads/2020/03/USAID.svg
Requested by: Host: www.givedirectly.org
URL: https://www.givedirectly.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 451f76d60c87068ac8493aa1be502d7cfa2cc02705f57553ad29278edee7a783

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givedirectly.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 03:43:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 20 Aug 2020 04:38:04 GMT
server: cloudflare
age: 365360
etag: W/"5f3dfe2c-1318e"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7793ef274d845c8c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 google.svg
www.givedirectly.org/wp-content/uploads/2020/03/ 3 KB
1 KB 21ms
18ms Image
image/svg+xml 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.givedirectly.org/wp-content/uploads/2020/03/google.svg
Requested by: Host: www.givedirectly.org
URL: https://www.givedirectly.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b61f957ed10a51a9df824199657a2ee3c1e6ab3f7c4b4444d25f39df543c37b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givedirectly.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 03:43:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 20 Aug 2020 04:38:05 GMT
server: cloudflare
age: 365360
etag: W/"5f3dfe2d-a3a"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7793ef274d875c8c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 the-life-you-can-save.svg
www.givedirectly.org/wp-content/uploads/2020/03/ 4 KB
2 KB 24ms
21ms Image
image/svg+xml 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.givedirectly.org/wp-content/uploads/2020/03/the-life-you-can-save.svg
Requested by: Host: www.givedirectly.org
URL: https://www.givedirectly.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: acd84834e68eebb74a5390dc88584940981469e89346ab7c85219f3e484e0b61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givedirectly.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 03:43:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 20 Aug 2020 04:38:05 GMT
server: cloudflare
age: 365360
etag: W/"5f3dfe2d-e1b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7793ef274d8a5c8c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 givewell.svg
www.givedirectly.org/wp-content/uploads/2020/03/ 2 KB
1 KB 24ms
21ms Image
image/svg+xml 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.givedirectly.org/wp-content/uploads/2020/03/givewell.svg
Requested by: Host: www.givedirectly.org
URL: https://www.givedirectly.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9991e342a476bcf84531891aea36f07b99fefa3aa899bb12925200e4bb396b57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givedirectly.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 03:43:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 20 Aug 2020 04:38:05 GMT
server: cloudflare
age: 365360
etag: W/"5f3dfe2d-87e"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7793ef274d8b5c8c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 global-innovation-fund.svg
www.givedirectly.org/wp-content/uploads/2020/03/ 3 KB
2 KB 33ms
30ms Image
image/svg+xml 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.givedirectly.org/wp-content/uploads/2020/03/global-innovation-fund.svg
Requested by: Host: www.givedirectly.org
URL: https://www.givedirectly.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1bb560fbfba4c0b26ba219b3eadd94862109b158683031a517b1867e2025c09a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givedirectly.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 03:43:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 20 Aug 2020 04:38:05 GMT
server: cloudflare
age: 366091
etag: W/"5f3dfe2d-caa"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7793ef274d8c5c8c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 Map-GD.svg
www.givedirectly.org/wp-content/uploads/2020/04/ 121 KB
29 KB 31ms
29ms Image
image/svg+xml 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.givedirectly.org/wp-content/uploads/2020/04/Map-GD.svg
Requested by: Host: www.givedirectly.org
URL: https://www.givedirectly.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02b9c6ccbf075c3b533eb41eca5f47b2e1b12615cea34d2a095a05456a781579

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givedirectly.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 03:43:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 20 Aug 2020 04:38:01 GMT
server: cloudflare
age: 365360
etag: W/"5f3dfe29-1e514"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7793ef274d8d5c8c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 va-1109323de58fbf93c34cede3640c090f.js Show response
dev.visualwebsiteoptimizer.com/7.0/ 228 KB
64 KB 20ms
9ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/7.0/va-1109323de58fbf93c34cede3640c090f.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=319243&u=https%3A%2F%2Fwww.givedirectly.org%2F&f=1&r=0.8217603632626544
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: bc97cdd00c9cc923def5d0ae0ace79b533eaf7d770bad8d85ea2190e3bacae7d

Request headers

Referer: https://www.givedirectly.org/
Origin: https://www.givedirectly.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 03:43:15 GMT
content-encoding: br
via: 1.1 google
last-modified: Tue, 13 Dec 2022 06:20:06 GMT
server: gfra1
etag: "63981996-10115"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65813

GET
H3 200 track-1109323de58fbf93c34cede3640c090f.js Show response
dev.visualwebsiteoptimizer.com/7.0/ 12 KB
4 KB 24ms
13ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/7.0/track-1109323de58fbf93c34cede3640c090f.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=319243&u=https%3A%2F%2Fwww.givedirectly.org%2F&f=1&r=0.8217603632626544
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 1e84ec08e834efe1e1c9df97bbe8ab9451a8df80fd6ecfe29fb44e3d3054a52d

Request headers

Referer: https://www.givedirectly.org/
Origin: https://www.givedirectly.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 03:43:14 GMT
content-encoding: br
via: 1.1 google
last-modified: Tue, 13 Dec 2022 06:20:06 GMT
server: gfra1
etag: "63981996-e80"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3712

GET
H3 200 opa-74021bde9081c83799a0980273db90d9.js Show response
dev.visualwebsiteoptimizer.com/analysis/4.0/ 110 KB
28 KB 24ms
14ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/4.0/opa-74021bde9081c83799a0980273db90d9.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=319243&u=https%3A%2F%2Fwww.givedirectly.org%2F&f=1&r=0.8217603632626544
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 24758dee06483ee86fb9d0a393ba368faa19154bdd8659c9de20794afa488f8a

Request headers

Referer: https://www.givedirectly.org/
Origin: https://www.givedirectly.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 03:43:15 GMT
content-encoding: br
via: 1.1 google
last-modified: Tue, 13 Dec 2022 06:19:56 GMT
server: gfra1
etag: "6398198c-6ff4"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28660

GET
H3 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
52 B 109ms
99ms Image
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=319243&d=givedirectly.org&u=D159A2877733C80480598BE4CE5E79B74&h=7ba43849e66c287d7887dd50bcaa11db&t=false&r=0.3027724969688581

Requested by

Host: www.givedirectly.org
URL: https://www.givedirectly.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv3c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givedirectly.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 03:43:14 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv3c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

POST
H3 200 l.gif
dev.visualwebsiteoptimizer.com/ 35 B
52 B 96ms
95ms Ping
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://dev.visualwebsiteoptimizer.com/l.gif?experiment_id=16&account_id=319243&cu=https%3A%2F%2Fwww.givedirectly.org%2F&combination=1&s=1&sId=1670989395&u=D159A2877733C80480598BE4CE5E79B74&ed=%7B%22tz%22%3A%22Etc%2FUnknown%22%2C%22tO%22%3A%220%22%2C%22lt%22%3A%221670989395175%22%2C%22r%22%3A%22%22%2C%22ul%22%3A%22en-us%22%2C%22de%22%3A%22UTF-8%22%2C%22sc%22%3A%2224%22%2C%22sr%22%3A%221600x1200%22%7D&vn=7.0.257&vns=undefined&vno=undefined&eTime=1670989395189&random=0.6646395738105646

Requested by

Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/7.0/va-1109323de58fbf93c34cede3640c090f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv3c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givedirectly.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 03:43:14 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv3c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H2 200 hotjar-1422210.js Show response
static.hotjar.com/c/ 8 KB
4 KB 70ms
43ms Script
application/javascript 52.222.236.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1422210.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PJNMMGH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-73.fra56.r.cloudfront.net

Software

Resource Hash

04f2554657b0c696f52719b975b9ca4f88de8471207de69ac963deeec1b211c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givedirectly.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Wed, 14 Dec 2022 03:43:15 GMT
via: 1.1 f2c65205154aaf89a2c7bbc8fe8fdaba.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
etag: W/919993883341b720f0a255de9f86b888
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: v40B4JGqa9mj2PhkbGYsutoUAsEd-EXUdDzAxzSjnLxWrGvxTMmhKw==

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 25 KB
8 KB 43ms
9ms Script
application/javascript 2a04:4e42:600::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PJNMMGH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 4b4e80032e1c164685d3ff6eb4c606785ebaebaa648d3984478b0cc8d114190b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givedirectly.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 03:43:15 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Mon, 07 Nov 2022 16:45:46 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "3528fd00b652f61a266eb584d96f4fcc"
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 7722

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
28 KB 64ms
13ms Script
application/x-javascript 2a03:2880:f080:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.givedirectly.org
URL: https://www.givedirectly.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5d9d7e78e22202af03b2d09ad31952e031e3423006cba4a29fd506c5664c7761

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givedirectly.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 14 Dec 2022 03:43:15 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27320
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: WJlPpufeblut80Ftp/Qp7INM0WfjStlQcJRuF3x2YCb2yzYipGlGtYykIEuBPOMv63rIHluwxjPQekj9eOYdXg==
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ping.min.js Show response
cdn.pdst.fm/ 26 KB
6 KB 57ms
6ms Script
application/javascript 35.244.142.80
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pdst.fm/ping.min.js
Requested by: Host: www.givedirectly.org
URL: https://www.givedirectly.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.142.80 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 80.142.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givedirectly.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 03:26:06 GMT
content-encoding: gzip
age: 1029
x-guploader-uploadid: ADPycds1gQq06u5dJ-Lg9dpdEOxTEw6qilQrL1H6PQhDdp9i5b3ulMuyNKjsP2dXHbcKXYyVYjAvr6jh6b7joahbjVk49g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5774
last-modified: Fri, 28 May 2021 20:34:03 GMT
server: UploadServer
etag: "d001d1c9f5a942fa5524eeacb047e819"
vary: Accept-Encoding
x-goog-generation: 1622234043862937
x-goog-hash: crc32c=oKoi/w==, md5=0AHRyfWpQvpVJO6ssEfoGQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 5774
accept-ranges: bytes
content-type: application/javascript;
expires: Wed, 14 Dec 2022 04:26:06 GMT

GET
H2 200 array.js Show response
app.posthog.com/static/ 85 KB
27 KB 441ms
207ms Script
text/javascript 34.204.139.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.posthog.com/static/array.js

Requested by

Host: www.givedirectly.org
URL: https://www.givedirectly.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.204.139.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-204-139-61.compute-1.amazonaws.com

Software

Resource Hash

9dcdca7dd78c2ca89d83ce593429f1c0bd59e730f429988b6868b1b253f513b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givedirectly.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 03:43:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: same-origin
last-modified: Tue, 13 Dec 2022 23:13:26 GMT
etag: "63990716-15323"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/javascript; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=60, public
content-length: 27373

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 231 KB
77 KB 42ms
26ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GV8XF9FJ16&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PJNMMGH

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8e2e8acb168f511716d529fcc0ce152a444350b73cbe91745684f3c8a755b595

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givedirectly.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 03:43:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79055
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 14 Dec 2022 03:43:15 GMT

GET
H3 200 worker-70faafffa0475802f5ee03ca5ff74179.js Show response
dev.visualwebsiteoptimizer.com/analysis/ 47 KB
13 KB 8ms
8ms XHR
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/worker-70faafffa0475802f5ee03ca5ff74179.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/analysis/4.0/opa-74021bde9081c83799a0980273db90d9.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givedirectly.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 03:43:15 GMT
content-encoding: br
via: 1.1 google
last-modified: Tue, 13 Dec 2022 06:19:56 GMT
server: gfra1
etag: "6398198c-351f"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13599

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 40ms
5ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PJNMMGH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givedirectly.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 14 Dec 2022 03:24:37 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 1118
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 14 Dec 2022 05:24:37 GMT

GET
H3 200 settings.js Show response
dev.visualwebsiteoptimizer.com/ 4 KB
1 KB 12ms
10ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/settings.js?a=319243&settings_type=1&vn=7.0&exc=6|7|16
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/7.0/va-1109323de58fbf93c34cede3640c090f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 0b21740f0c167a00287ec5ffe02a9f2ceed21623b9752870d1063225fe7f21af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givedirectly.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 03:43:15 GMT
content-encoding: gzip
via: 1.1 google
server: gfra1
etag: W/"1670912417"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 s.gif
dev.visualwebsiteoptimizer.com/ 35 B
52 B 96ms
95ms Image
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/s.gif?account_id=319243&u=D159A2877733C80480598BE4CE5E79B74&s=1670989395&p=1&tags={%22si%22:{%2216%22:%221%22}}&update=1&cq=0&vn=7.0.257&vns=undefined&vno=4.0.184&_cu=https%3A%2F%2Fwww.givedirectly.org%2F&eTime=1670989395226&random=0.3183838508423509

Requested by

Host: www.givedirectly.org
URL: https://www.givedirectly.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv3c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givedirectly.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 03:43:14 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv3c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/8542918/ 202 KB
63 KB 167ms
141ms Script
text/javascript 2606:4700:4400::ac40:9a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/8542918/banner.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8542918.js?integration=WordPress
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7227a90c1bc8dc90dd23d144c5dbf59583b63f469c04e44b0316ee354a5bad0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givedirectly.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 03:43:15 GMT
x-amz-version-id: owCi88zvkZ4z8vN3MKRmkLHy6T8ALzD2
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: VN0P1DHKA06K2HPQ
x-amz-server-side-encryption: AES256
x-amz-id-2: KqRkMylDoRk5qD3uT1ZCVYHjAJaJwaxW5NTV1J2RJDuWMMpQOvfaoEctAxkNKcjqfgV0Uq8zIXM=
last-modified: Thu, 08 Dec 2022 22:33:15 GMT
server: cloudflare
etag: W/"2ebea5d81f20754b2b0bf8ae2b2aafc8"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
vary: origin, Accept-Encoding
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 7793ef2858d59b34-FRA
expires: Wed, 14 Dec 2022 03:48:15 GMT

GET
H2 200 8542918.js Show response
js.hs-analytics.net/analytics/1670989200000/ 64 KB
20 KB 61ms
27ms Script
text/javascript 2606:4700::6811:46b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1670989200000/8542918.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8542918.js?integration=WordPress
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:46b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11e6808dc01f28b7e8558f0080ea27c5c25c9259dfdcd43da8006d7eab942963

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givedirectly.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 03:43:15 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 7818J10VTSKEEGXT
age: 19
x-amz-server-side-encryption: AES256
x-amz-id-2: hAmRhHyJGg4Oklbkp9+KgL2izARy4G/jU60pvdOOInJBoKxkuYRcbsFT9eO2PgvQ2f/ERP5JtAk=
last-modified: Thu, 01 Dec 2022 14:38:39 GMT
server: cloudflare
etag: W/"52035c85d1381cd51c68779fe5601596"
vary: origin, Accept-Encoding
content-type: text/javascript
cache-control: max-age=300, public
access-control-allow-credentials: false
cf-ray: 7793ef286c4cbc01-FRA
expires: Wed, 14 Dec 2022 03:47:56 GMT

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
157 B 132ms
109ms Image
image/gif 151.101.129.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1670989395252&id=t2_dzeorwnd&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=9904de15-c65a-4cf5-a704-8a9b07b68623&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_1967aea8
Requested by: Host: www.givedirectly.org
URL: https://www.givedirectly.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givedirectly.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 03:43:15 GMT
via: 1.1 varnish
server: Varnish
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
394 B 137ms
128ms Image
image/gif 2606:4700::6810:5705
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1

Requested by

Host: www.givedirectly.org
URL: https://www.givedirectly.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5705 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givedirectly.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 03:43:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: 2f765373-7ca7-4057-b573-5b509dcfa0bc
x-trace: 2BE4B5DD1B4FCF11F99E23D83926CDB50787F5DFFA000000000000000000
vary: origin
content-type: image/gif
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 7793ef287d729bdc-FRA
content-length: 35
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 enterprise.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 39ms
16ms Script
text/javascript 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?&onload=hsRecaptchaLoaded_d7d75e67_5a9f_49fa_b094_e23cf87bff08&render=explicit&hl=en

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js?pre=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5f76b21b53caa4fe4884fbc1abcb5e25b53b3e77c49beec4f9d0fb9c9c962bb9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givedirectly.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 03:43:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 636
x-xss-protection: 1; mode=block
expires: Wed, 14 Dec 2022 03:43:15 GMT

GET
H3 200 select-arrow.png
www.givedirectly.org/wp-content/themes/givedirectly/img/icons/ 248 B
518 B 21ms
20ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.givedirectly.org/wp-content/themes/givedirectly/img/icons/select-arrow.png
Requested by: Host: www.givedirectly.org
URL: https://www.givedirectly.org/wp-content/themes/givedirectly/css/styles.min.css?v1.036
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b48f8c536a3cf0327d671ee8e807f80ce2a74f299e0e5297f668aeb586633eb0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givedirectly.org/wp-content/themes/givedirectly/css/styles.min.css?v1.036
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 03:43:15 GMT
cf-cache-status: HIT
age: 108268
cf-polished: origFmt=png, origSize=4618
content-disposition: inline; filename="select-arrow.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 248
cf-bgj: imgq:100,h2pri
last-modified: Sat, 12 Sep 2020 22:07:18 GMT
server: cloudflare
etag: "5f5d4696-120a"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7793ef28cfe45c8c-FRA

GET
H2 200 counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
438 B 188ms
163ms Image
image/gif 2606:4700::6810:5705
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1

Requested by

Host: www.givedirectly.org
URL: https://www.givedirectly.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5705 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givedirectly.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 03:43:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: a7f34462-7eb6-43be-944c-7be91c04ccf2
x-trace: 2B3D638A5F40DB18685A37AAC14B2532ED818E43FD000000000000000000
vary: origin
content-type: image/gif
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 7793ef28f860916b-FRA
content-length: 35
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 204 collect
region1.analytics.google.com/g/ 0
351 B 67ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-GV8XF9FJ16&gtm=2oebu0&_p=359264404&_gaz=1&cid=1569213685.1670989395&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1670989395&sct=1&seg=0&dl=https%3A%2F%2Fwww.givedirectly.org%2F&dt=GiveDirectly%3A%20Send%20money%20to%20people%20living%20in%20poverty&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GV8XF9FJ16&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givedirectly.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 03:43:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.givedirectly.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
351 B 68ms
21ms Ping
text/plain 2a00:1450:400c:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-GV8XF9FJ16&cid=1569213685.1670989395&gtm=2oebu0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GV8XF9FJ16&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givedirectly.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 03:43:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.givedirectly.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 49ms
19ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-GV8XF9FJ16&cid=1569213685.1670989395&gtm=2oebu0&aip=1&z=1320742924

Requested by

Host: www.givedirectly.org
URL: https://www.givedirectly.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givedirectly.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 03:43:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 30ms
15ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=359264404&t=pageview&_s=1&dl=https%3A%2F%2Fwww.givedirectly.org%2F&ul=en-us&de=UTF-8&dt=GiveDirectly%3A%20Send%20money%20to%20people%20living%20in%20poverty&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACAAI~&jid=464833673&gjid=1232443049&cid=1569213685.1670989395&tid=UA-49238239-1&_gid=143416344.1670989395&_r=1&gtm=2wgbu0PJNMMGH&cg1=null&cd3=null&z=1653935253

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.givedirectly.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 03:43:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.givedirectly.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 19ms
14ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=359264404&t=pageview&_s=1&dl=https%3A%2F%2Fwww.givedirectly.org%2F&ul=en-us&de=UTF-8&dt=GiveDirectly%3A%20Send%20money%20to%20people%20living%20in%20poverty&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACAAI~&jid=849288582&gjid=649047707&cid=1569213685.1670989395&tid=UA-10056556-1&_gid=143416344.1670989395&_r=1&gtm=2wgbu0PJNMMGH&cg1=null&cd3=null&z=838642745

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.givedirectly.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 03:43:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.givedirectly.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.e446dd48ad4c173d0779.js Show response
script.hotjar.com/ 263 KB
68 KB 34ms
7ms Script
application/javascript 13.32.121.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.e446dd48ad4c173d0779.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1422210.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.100 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-100.fra60.r.cloudfront.net

Software

Resource Hash

28e7e652bdb6c55c2347e51f218cacfca5645711fa919dc879b25a5c88991aed

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givedirectly.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 14:30:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 1877c1d3c1c0435e896415d580d52c52.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
age: 47589
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 68690
last-modified: Tue, 13 Dec 2022 14:30:02 GMT
etag: "e594ec8e48bfdcd811b3aa8ce1ff2044"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 14isFx_6MiDKTB5aDgdefpGKlSeWQ5h2OJiF2Q-00tVlBqEORehqpQ==

OPTIONS
H2 200 pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ Frame 0
0 169ms
125ms Preflight
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.givedirectly.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 22
content-type: text/html; charset=utf-8
date: Wed, 14 Dec 2022 03:43:15 GMT
etag: W/"2-ROqGvmcGDXooyAXFZHZ+i4au1yQ"
function-execution-id: c4j7ojg0kw13
server: Google Frontend
x-cloud-trace-context: c38d169038b6c27aa7910cd495d7f64d
x-powered-by: Express

POST
H3 204 pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ 0
0 211ms
187ms Fetch
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Requested by: Host: cdn.pdst.fm
URL: https://cdn.pdst.fm/ping.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: application/json
Referer: https://www.givedirectly.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 14 Dec 2022 03:43:15 GMT
server: Google Frontend
x-powered-by: Express
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
access-control-allow-methods: GET, POST
content-type: text/html
access-control-allow-origin: *
x-cloud-trace-context: a51cf6779178089f1032091d0d881321
function-execution-id: ezghp4a0qhnq
access-control-allow-headers: Content-Type, Accept
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 32ms
14ms Script
application/x-javascript 2a03:2880:f080:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.89

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givedirectly.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 14 Dec 2022 03:43:15 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20722
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: +iKD0m89NSBMjjC4N2oKpcKeNFizO8J6J1HfkSW9IyFpUugTKMS2ZLelfJKX7Ycyd4oE622NWWf41Fia92tWXw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 1690367784603352 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 79ms
63ms Script
application/x-javascript 2a03:2880:f080:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1690367784603352?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

77e31b8b603adaddeeddc392e0e5362f134ef56b3128f07726ec20d7e6e381db

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givedirectly.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 14 Dec 2022 03:43:15 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: TnxmvH9ozpa/CNcjtQD856SNhAyL1v+5f7CSF4HkEWlO6nPvQvmZwpRNA8RYxow7qXFDFIuzhmIrwIkBFNx97w==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 21ms
21ms XHR
text/plain 2a00:1450:400c:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-10056556-1&cid=1569213685.1670989395&jid=849288582&gjid=649047707&_gid=143416344.1670989395&_u=YCDACEABBAAAACAAI~&z=1933094093

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.givedirectly.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 14 Dec 2022 03:43:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.givedirectly.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 21ms
21ms XHR
text/plain 2a00:1450:400c:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-49238239-1&cid=1569213685.1670989395&jid=464833673&gjid=1232443049&_gid=143416344.1670989395&_u=YCDACEAABAAAACAAI~&z=677789941

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.givedirectly.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 14 Dec 2022 03:43:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.givedirectly.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/ 401 KB
160 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?&onload=hsRecaptchaLoaded_d7d75e67_5a9f_49fa_b094_e23cf87bff08&render=explicit&hl=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb3225279aa937cb59eb4c7090bbd6c92967df4d8486a86d6f90fcdbee0ffc5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.givedirectly.org/
Origin: https://www.givedirectly.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 20:07:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27359
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 163396
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 01:21:32 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Dec 2023 20:07:16 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 35ms
18ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-10056556-1&cid=1569213685.1670989395&jid=849288582&_u=YCDACEABBAAAACAAI~&z=200520381

Requested by

Host: www.givedirectly.org
URL: https://www.givedirectly.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givedirectly.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 03:43:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 44ms
27ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-10056556-1&cid=1569213685.1670989395&jid=849288582&_u=YCDACEABBAAAACAAI~&z=200520381

Requested by

Host: www.givedirectly.org
URL: https://www.givedirectly.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givedirectly.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 03:43:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 43ms
27ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-49238239-1&cid=1569213685.1670989395&jid=464833673&_u=YCDACEAABAAAACAAI~&z=1505328241

Requested by

Host: www.givedirectly.org
URL: https://www.givedirectly.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givedirectly.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 03:43:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 37ms
20ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-49238239-1&cid=1569213685.1670989395&jid=464833673&_u=YCDACEAABAAAACAAI~&z=1505328241

Requested by

Host: www.givedirectly.org
URL: https://www.givedirectly.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givedirectly.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 03:43:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-5e66f98b4ee957db209dc6f63e3d59dd.html Show response
vars.hotjar.com/ Frame BF9F 2 KB
1 KB 40ms
6ms Document
text/html 18.66.147.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1422210.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-113.fra60.r.cloudfront.net

Software

Resource Hash

cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://www.givedirectly.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1780389
cache-control: max-age=31536000
content-encoding: br
content-length: 1035
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 13:10:06 GMT
etag: "e0652b84b7b3b650769c759fc520c3f8"
last-modified: Wed, 23 Nov 2022 13:09:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
via: 1.1 b1c64361268fcbad3c03abbe37eb5cfa.cloudfront.net (CloudFront)
x-amz-cf-id: 5BBvCVhyJwLl-X3gQjdacyI-RCw33UAzHaTHRdgCfqJAwSXGo1zyWA==
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H3 200 anchor Show response
www.google.com/recaptcha/enterprise/ Frame E5A7 43 KB
22 KB 29ms
27ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly93d3cuZ2l2ZWRpcmVjdGx5Lm9yZzo0NDM.&hl=en&v=pn3ro1xnhf4yB8qmnrhh9iD2&size=invisible&badge=inline&cb=73pig9wd4nuu

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

31ae5eca8aef332e2e9ce713bcb6c62fbd9262a28e652df3c724b8eb30910d24

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bUB9Vh-s5IiCFC1tYxG6LA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.givedirectly.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22994
content-security-policy: script-src 'report-sample' 'nonce-bUB9Vh-s5IiCFC1tYxG6LA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 03:43:15 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/ Frame E5A7 52 KB
24 KB 22ms
7ms Stylesheet
text/css 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly93d3cuZ2l2ZWRpcmVjdGx5Lm9yZzo0NDM.&hl=en&v=pn3ro1xnhf4yB8qmnrhh9iD2&size=invisible&badge=inline&cb=73pig9wd4nuu

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 17:35:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36464
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 01:21:32 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Dec 2023 17:35:31 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/ Frame E5A7 401 KB
160 KB 20ms
7ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb3225279aa937cb59eb4c7090bbd6c92967df4d8486a86d6f90fcdbee0ffc5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 20:07:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27359
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 163396
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 01:21:32 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Dec 2023 20:07:16 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 39ms
8ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1690367784603352&ev=PageView&dl=https%3A%2F%2Fwww.givedirectly.org%2F&rl=&if=false&ts=1670989395567&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670989395566.2038484028&it=1670989395412&coo=false&exp=a1&rqm=GET

Requested by

Host: www.givedirectly.org
URL: https://www.givedirectly.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givedirectly.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 14 Dec 2022 03:43:15 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/1422210/ 147 B
322 B 123ms
36ms XHR
application/json 52.215.128.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/1422210/visit-data?sv=7
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.e446dd48ad4c173d0779.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.128.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-128-208.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 281d704874a4f296b2e6ec2fcd9464321440a876204662f267df4b0347aff7ca

Request headers

Referer: https://www.givedirectly.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Wed, 14 Dec 2022 03:43:15 GMT
content-encoding: br
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 200 web-widget-framework-3a16b4e4334cbd2a5f4b.js Show response
static.zdassets.com/web_widget/latest/ Frame 876D 151 KB
49 KB 20ms
20ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-framework-3a16b4e4334cbd2a5f4b.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=34466d84-fbfa-4ea0-8acb-9e3d8eaffb4b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6393160a31d4531e0bab111ea31113b0012c52151a08bb3eb8f48cd008974c8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 03:43:15 GMT
x-amz-version-id: mAdpmZbYpyxtztBajj267uZ7zcp7XUPj
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: HE9WSE09XF894VZM
age: 99794
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: FuN6GUdKPTD3kVkeqKzn7HBBPvc76b802rphD+mpPmMq1GCk4I7746sxx6wKEClF9FiGQd0DJTU=
last-modified: Mon, 12 Dec 2022 03:53:48 GMT
server: cloudflare
etag: W/"0c4afe4fc1ec97a9ec0f5a2d287e53d3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lPhKMujiLwBxW%2FKPQDtEWCMtot1vhXYfTKZaXwxVJR3V2aNLcibN05HMNSxGF7cgqjIUCliX4KmCo4brS0tBB8ex6yLfHj1wScNCSjGaaPwPazWbMj7CFO17mTIcwZifdkkvqSI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7793ef2aec4a5c6e-FRA
expires: Tue, 12 Dec 2023 03:53:47 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/enterprise/ Frame E5A7 102 B
134 B 16ms
16ms Other
text/javascript 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=pn3ro1xnhf4yB8qmnrhh9iD2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

321467d63f603f7090d1a5d021689eb07328e5aee38d15cc6ef9ed15af81ad4c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly93d3cuZ2l2ZWRpcmVjdGx5Lm9yZzo0NDM.&hl=en&v=pn3ro1xnhf4yB8qmnrhh9iD2&size=invisible&badge=inline&cb=73pig9wd4nuu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 03:43:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Wed, 14 Dec 2022 03:43:15 GMT

POST
H2 200 / Show response
content.hotjar.io/ 56 B
161 B 207ms
58ms XHR
application/json 52.30.211.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.hotjar.io/
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.e446dd48ad4c173d0779.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.211.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-211-73.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: dfe2326b81778f414900b4781650c0a6d8ea82898230c62eb34b3d212c1a99f1

Request headers

Referer: https://www.givedirectly.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 14 Dec 2022 03:43:15 GMT
content-length: 56
vary: Origin
content-type: application/json

POST
H2 200 / Show response
app.posthog.com/e/ 13 B
301 B 128ms
127ms XHR
application/json 34.204.139.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.posthog.com/e/?ip=1&_=1670989395756&ver=1.37.0

Requested by

Host: app.posthog.com
URL: https://app.posthog.com/static/array.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.204.139.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-204-139-61.compute-1.amazonaws.com

Software

Resource Hash

7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.givedirectly.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 14 Dec 2022 03:43:15 GMT
x-content-type-options: nosniff
referrer-policy: same-origin
x-frame-options: DENY
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.givedirectly.org
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type
content-length: 13

POST
H2 200 / Show response
app.posthog.com/decide/ 210 B
476 B 116ms
116ms XHR
application/json 34.204.139.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.posthog.com/decide/?v=2&ip=1&_=1670989395757&ver=1.37.0

Requested by

Host: app.posthog.com
URL: https://app.posthog.com/static/array.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.204.139.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-204-139-61.compute-1.amazonaws.com

Software

Resource Hash

2269506750ae77b3fa263a3183e86ca38c2039cd9cdcc91aaef9b4d5072e0550

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.givedirectly.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 14 Dec 2022 03:43:15 GMT
x-content-type-options: nosniff
referrer-policy: same-origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.givedirectly.org
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type

GET
H3 200 bframe Show response
www.google.com/recaptcha/enterprise/ Frame 186E 7 KB
1 KB 18ms
18ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=pn3ro1xnhf4yB8qmnrhh9iD2&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3a40570f51d184af8eb2cd035f390258c0fe09db3689832ddface3631b1515b8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nI5bRsXyh__jwqhOv5cctw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.givedirectly.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1117
content-security-policy: script-src 'report-sample' 'nonce-nI5bRsXyh__jwqhOv5cctw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 03:43:15 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 config Show response
givedirectlyhelp.zendesk.com/embeddable/ Frame 876D 760 B
1 KB 552ms
521ms Fetch
application/json 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://givedirectlyhelp.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-3a16b4e4334cbd2a5f4b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 608a9fed233ddf21a4af1a2f5ee14dbb8b11cd8aeef3952afcd09f0d77260ce2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 03:43:16 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: embeddable-app-server-8677c5c45-tnd8d
x-cached: MISS
x-request-id: 7793ef2bd9705b7a-FRA
x-runtime: 0.001701
last-modified: Tue, 13 Dec 2022 20:40:05 GMT
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ICbs6YlKuLnQJzxmqj66QDbG6z57%2BssbjwxQtTsAD25RdV9HlbTA%2FxLPEQ8Fs6Xr%2FAczhPGoaF7kleM9DztGBw9onRmAY3dwX%2BQ3SegZ67tom28Ujq3FdlHXpl57nuIOoMJRHdtkwCwUgj5qWtw%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary: Origin, Accept-Encoding
cf-ray: 7793ef2bd9705b7a-FRA

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/ Frame 186E 52 KB
24 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=pn3ro1xnhf4yB8qmnrhh9iD2&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 17:35:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36464
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 01:21:32 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Dec 2023 17:35:31 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/ Frame 186E 401 KB
160 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=pn3ro1xnhf4yB8qmnrhh9iD2&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb3225279aa937cb59eb4c7090bbd6c92967df4d8486a86d6f90fcdbee0ffc5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 20:07:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27359
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 163396
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 01:21:32 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Dec 2023 20:07:16 GMT

GET
H/1.1 200
OK pd.js Show response
pi.pardot.com/ 5 KB
2 KB 338ms
103ms Script
application/javascript 52.54.96.194
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/pd.js
Requested by: Host: www.givedirectly.org
URL: https://www.givedirectly.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.54.96.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-96-194.compute-1.amazonaws.com
Software: PardotServer /
Resource Hash: 3b91e6a4b14493d67f9660e6d4a2e27c1eea54d97ccb7c30acf3b89998b3be99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givedirectly.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 03:43:16 GMT
content-encoding: gzip
X-Pardot-Route: 16b0ab393667a33fe86adedc3141e88c
last-modified: Tue, 13 Dec 2022 17:36:11 GMT
Server: PardotServer
etag: "1547-gzip"
vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
cache-control: max-age=63072000
Connection: keep-alive
accept-ranges: bytes
Content-Length: 1946
expires: Fri, 13 Dec 2024 03:43:16 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
560 B 163ms
145ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1375660896&v=1.1&a=8542918&ct=standard-page&rcu=https%3A%2F%2Fwww.givedirectly.org%2F&pu=https%3A%2F%2Fwww.givedirectly.org%2F&t=GiveDirectly%3A+Send+money+to+people+living+in+poverty&cts=1670989395883&vi=5c0d959a4a8a809945ce6c2ec02cfd2f&nc=true&u=187818743.5c0d959a4a8a809945ce6c2ec02cfd2f.1670989395880.1670989395880.1670989395880.1&b=187818743.1.1670989395881&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givedirectly.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 03:43:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 2ded7642-cdf6-4f90-89e4-9d722a72f596
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QM%2F3pqUIi7xpK%2FcZE8Lbm1EFBpHQ8pPxqSLR6LClVzj8tNYoXBHKms7w4dpRsBuzuvuwA4WjmscJnv%2BfTFLkyhdTFfB%2Be8%2F0QSA6tc2VZegq0T0hx6LSRJ7znl28DTI%2F00VnMwm8wKW2t88e5l0N"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7793ef2c6d6e5bf1-FRA
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
553 B 430ms
414ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=63f7820b-81c5-4c70-a8d4-99ff848151a9&fci=d7d75e67-5a9f-49fa-b094-e23cf87bff08&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1375660896&v=1.1&a=8542918&ct=standard-page&rcu=https%3A%2F%2Fwww.givedirectly.org%2F&pu=https%3A%2F%2Fwww.givedirectly.org%2F&t=GiveDirectly%3A+Send+money+to+people+living+in+poverty&cts=1670989395884&vi=5c0d959a4a8a809945ce6c2ec02cfd2f&nc=true&u=187818743.5c0d959a4a8a809945ce6c2ec02cfd2f.1670989395880.1670989395880.1670989395880.1&b=187818743.1.1670989395881&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givedirectly.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 03:43:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: c20745e8-26f9-48dc-96dc-b55ba630a172
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6kXVdiBCqum1jUPpVb9tpqWiBuAoOSpKboVsauOelTZNzWwSoNM1BNUxHZQz86qLbq8OZy6cyJjdyEg4c%2BR46mDFe366EcyRpTI6ebJ9mX9pk8XnAkCh0S72HGIb9%2FIPkFoh2nwBICBycHAKfBpd"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7793ef2c6d705bf1-FRA
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
900 B 143ms
128ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=17&fi=63f7820b-81c5-4c70-a8d4-99ff848151a9&fci=d7d75e67-5a9f-49fa-b094-e23cf87bff08&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1375660896&v=1.1&a=8542918&ct=standard-page&rcu=https%3A%2F%2Fwww.givedirectly.org%2F&pu=https%3A%2F%2Fwww.givedirectly.org%2F&t=GiveDirectly%3A+Send+money+to+people+living+in+poverty&cts=1670989395885&vi=5c0d959a4a8a809945ce6c2ec02cfd2f&nc=true&u=187818743.5c0d959a4a8a809945ce6c2ec02cfd2f.1670989395880.1670989395880.1670989395880.1&b=187818743.1.1670989395881&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givedirectly.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 03:43:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: a27d881e-66ed-4425-8932-20bcf862eebc
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EaKK%2FFCo6ZG3lmbC8JaMXMQz%2BSGw0GT04LzeYGg2nCl3748cQSLdJEp%2FnNvbDd646cMvheUrKrAGCF9XrH%2BcPdSq%2BGIR2P3FDVv8UGMEakomjkc%2FYU1ESgkwRU60GtFMD8mOA%2F8MfLszwhvN0Czk"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7793ef2c6d715bf1-FRA
x-robots-tag: none

POST
H3 200 reload Show response
www.google.com/recaptcha/enterprise/ Frame 186E 38 KB
23 KB 44ms
43ms XHR
application/json 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3907214c17ae2b9157e835b5ee21e29038b848d846e606b1d9f06dd98fba39d8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=pn3ro1xnhf4yB8qmnrhh9iD2&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Wed, 14 Dec 2022 03:43:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23577
x-xss-protection: 1; mode=block
expires: Wed, 14 Dec 2022 03:43:15 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=359264404&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.givedirectly.org%2F&ul=en-us&de=UTF-8&dt=GiveDirectly%3A%20Send%20money%20to%20people%20living%20in%20poverty&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=10&_u=aCDACEABBAAAACAAI~&jid=&gjid=&cid=1569213685.1670989395&tid=UA-49238239-1&_gid=143416344.1670989395&gtm=2wgbu0PJNMMGH&z=459800285

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givedirectly.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 23:42:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 14423
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=359264404&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.givedirectly.org%2F&ul=en-us&de=UTF-8&dt=GiveDirectly%3A%20Send%20money%20to%20people%20living%20in%20poverty&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=25&_u=aCDACEABBAAAACAAI~&jid=&gjid=&cid=1569213685.1670989395&tid=UA-49238239-1&_gid=143416344.1670989395&gtm=2wgbu0PJNMMGH&z=2066494579

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givedirectly.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 23:42:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 14423
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 186E 600 B
624 B 7ms
7ms Image
image/png 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 19:16:51 GMT
x-content-type-options: nosniff
age: 548784
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Wed, 14 Dec 2022 19:16:51 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 186E 530 B
554 B 8ms
7ms Image
image/png 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 17:23:32 GMT
x-content-type-options: nosniff
age: 382783
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 16 Dec 2022 17:23:32 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 186E 665 B
689 B 8ms
7ms Image
image/png 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:58:22 GMT
x-content-type-options: nosniff
age: 549893
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 14 Dec 2022 18:58:22 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 186E 15 KB
16 KB 30ms
7ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 11:55:05 GMT
x-content-type-options: nosniff
age: 402490
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 11:55:05 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 186E 15 KB
15 KB 36ms
13ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 17:18:16 GMT
x-content-type-options: nosniff
age: 383099
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 17:18:16 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 186E 15 KB
15 KB 31ms
8ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 22:21:19 GMT
x-content-type-options: nosniff
age: 105716
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Dec 2023 22:21:19 GMT

GET
H3 200 payload
www.google.com/recaptcha/enterprise/ Frame 186E 28 KB
28 KB 16ms
16ms Image
image/jpeg 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/enterprise/payload?p=06AD1IbLC6xdM3i-xY9IcNuRkUqLmIbzdM2PMe9oih9-RITZKH60ezeAtImSTCnNQWU6DjKLWevsW8EIxaWaqJX_xOtKWjZU4d8x_bqMIscmi4SffZmNj8lZQI-1OO85z8Io1goXUjYHIp2A9tm0-ZTeFe1VRk0le4z8mrTHb1dzn9Y5UX07qdUM4Z0h-rPko2SGMVx930KJBvQv9tXrks3olTz0QaTTbIvw&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8314a8eff5d6af0420b5f87284a6764fb1d8fd7c0df91eb09d0ec1bcaeca3a33

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=pn3ro1xnhf4yB8qmnrhh9iD2&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 03:43:15 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28968
x-xss-protection: 1; mode=block
expires: Wed, 14 Dec 2022 03:43:15 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 29ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-GV8XF9FJ16&gtm=2oebu0&_p=359264404&cid=1569213685.1670989395&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1670989395&sct=1&seg=0&dl=https%3A%2F%2Fwww.givedirectly.org%2F&dt=GiveDirectly%3A%20Send%20money%20to%20people%20living%20in%20poverty&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GV8XF9FJ16&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.givedirectly.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 03:43:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.givedirectly.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 29ms
15ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-GV8XF9FJ16&gtm=2oebu0&_p=359264404&cid=1569213685.1670989395&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=3&sid=1670989395&sct=1&seg=0&dl=https%3A%2F%2Fwww.givedirectly.org%2F&dt=GiveDirectly%3A%20Send%20money%20to%20people%20living%20in%20poverty&en=All%20form%20submissions&_c=1&ep.formClass=&ep.formID=&_et=157
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GV8XF9FJ16&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givedirectly.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 03:43:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.givedirectly.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=359264404&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.givedirectly.org%2F&ul=en-us&de=UTF-8&dt=GiveDirectly%3A%20Send%20money%20to%20people%20living%20in%20poverty&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Form%20subs&ea=track_event&el=&_u=aCDACEABBAAAACAAI~&jid=&gjid=&cid=1569213685.1670989395&tid=UA-49238239-1&_gid=143416344.1670989395&gtm=2wgbu0PJNMMGH&z=1094825083

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givedirectly.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 23:42:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 14424
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 0FDE 0
18 B 17ms
7ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.givedirectly.org
Referer: https://www.givedirectly.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.givedirectly.org
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 03:43:16 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H/1.1 200
OK analytics Show response
pi.pardot.com/ 72 B
510 B 129ms
129ms Script
text/html 52.54.96.194
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=1070&account_id=210742&title=GiveDirectly%3A%20Send%20money%20to%20people%20living%20in%20poverty&url=https%3A%2F%2Fwww.givedirectly.org%2F&referrer=
Requested by: Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.54.96.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-96-194.compute-1.amazonaws.com
Software: PardotServer /
Resource Hash: d5ed0d3bb98ae16ad90be29db3becf6153a1390b922506a19cccf2400bbdb1c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givedirectly.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 03:43:16 GMT
content-encoding: gzip
X-Pardot-Route: 9b06e8e2308c32c7bf9ba8adfb7be2e1
Server: PardotServer
vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
cache-control: max-age=63072000
Connection: keep-alive
Content-Length: 89
expires: Fri, 13 Dec 2024 03:43:16 GMT

GET
H2 200 web-widget-classic-94a352f.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame 876D 13 KB
4 KB 22ms
22ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-94a352f.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-3a16b4e4334cbd2a5f4b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1034fc3cbbd0dc0da3041ff81c4d7afaceeb90797dc7ee7a820115509af5ec6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 03:43:16 GMT
x-amz-version-id: WKSulJEqXAv_ju6oTFa_dnL3taTDP4Dt
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: NWCAMFP8V616T861
age: 99794
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: THCUgF3loEidUz8Ds029ANgIp/TIOQphtd87knk/x8aNLhyToogv3kTNflMZTVVJ6BDrFgXcm8g=
last-modified: Mon, 12 Dec 2022 03:56:30 GMT
server: cloudflare
etag: W/"01d8bfa51a238bd912133562c0a25a5e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F1mV3vAFIYtgQPFk8TNqckwC6FoB1jFsTRB%2B4oqizBYS0yrwsS7CMWUUtODVz5P9ane5d0HU7FitdR86lsxZXjcTC8tEhVtkOzv1yPePhDwss7k8IOxjf9Spz7y%2BPDPxdIMVy7E%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7793ef2f1a9c5c6e-FRA
expires: Tue, 12 Dec 2023 03:56:29 GMT

GET
H2 200 web-widget-8165-94a352f.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame 876D 663 KB
190 KB 40ms
40ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-8165-94a352f.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-94a352f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbee8bfe903d4ea9f71b1de60e45e2226d77fe1ff3101cb9f0362f20b44fd96a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 03:43:16 GMT
x-amz-version-id: fp99Zm_D4223iXBfjf0boSUdnKNTOxqu
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: NWC1J42BMHW55ZFK
age: 99794
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: 7ZYa83t8G1rV9OMmnQGsqxy2cYGx3qpQ4vIaE5f7NHOcs4GTAB7QsYRLunEJ/NTZyunDyn04HaM=
last-modified: Mon, 12 Dec 2022 03:56:30 GMT
server: cloudflare
etag: W/"d519ea27f763cb6ec80aeec5b45213a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XKstzsyQ0%2FBU5CdYZeIGx1EpDjWcr35Mgl2OfwqvvUBohRpBXo3Mf%2B6SBIkgwNvFPIlZcMUvaldrzMxl%2FIa6aaBKKXWN0fkGpWsNpf5TfaQoTBnorWlwWdP9ut3JA8ax%2Fru0Iiw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7793ef2f3af85c6e-FRA
expires: Tue, 12 Dec 2023 03:56:29 GMT

GET
H2 200 web-widget-5324-94a352f.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame 876D 492 KB
108 KB 31ms
31ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-5324-94a352f.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-94a352f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a1ca1171a7bf349f8037fa8f2f1b3b491ac5c081fc23f8c9f7d75b249e4a225

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 03:43:16 GMT
x-amz-version-id: cUupAnfVyVKVaOdHLgbjSv75rCFq4.x5
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: NWC1V1DPHD6F8P1F
age: 99794
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: 70ajRhp25IQGxYV+VEuNuuq1Dt0HbkF+KUiXT00WODXclXoiC62m/o344T2A6y75KIGLoWL0Flw=
last-modified: Mon, 12 Dec 2022 03:56:30 GMT
server: cloudflare
etag: W/"3af63eb3b3f7544b747fa56736c9a54e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qbp5wmQZrh13ZTWPU8vsKEVuSjlZORZ9ZL%2FqwNC3d980M65prIwZRs4j8xXAPbsmtgpEiBN5A7AXM5Svv9rlvNxVQxJ9VibdTqy1Ol3Ywo1CkIAftRz%2B0YBvKYOzzGgYpO3LR%2F0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7793ef2f3af95c6e-FRA
expires: Tue, 12 Dec 2023 03:56:29 GMT

GET
H2 200 embeddable_blip Show response
givedirectlyhelp.zendesk.com/ Frame 876D 0
340 B 180ms
180ms XHR
text/plain 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://givedirectlyhelp.zendesk.com/embeddable_blip?type=analytics&data=eyJhbmFseXRpY3MiOnsidmFsdWUiOnsicmF3Q2xpZW50TG9jYWxlIjoiZW4tVVMiLCJyYXdTZXJ2ZXJMb2NhbGUiOiJkZS1ERSIsImNsaWVudExvY2FsZSI6ImVuLXVzIiwic2VydmVyTG9jYWxlIjoiZGUtZGUiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA4LjAuNTM1OS45OCBTYWZhcmkvNTM3LjM2IiwiaXNNb2JpbGUiOmZhbHNlfSwiYWN0aW9uIjoibG9jYWxlTWlzbWF0Y2giLCJjYXRlZ29yeSI6ImxvY2FsZSJ9LCJidWlkIjoiN2YyNjRmZmJjMjcyNGQwYzk5MjEyNGM2Mzc0NWMwMTMiLCJzdWlkIjoiYmRiOTllMDU2NWFmNGY0OGJhODU3M2YyMTQ0M2YwMDkiLCJ2ZXJzaW9uIjoiOTRhMzUyZiIsInRpbWVzdGFtcCI6IjIwMjItMTItMTRUMDM6NDM6MTYuNDk1WiIsInVybCI6Imh0dHBzOi8vd3d3LmdpdmVkaXJlY3RseS5vcmcvIn0%3D
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-3a16b4e4334cbd2a5f4b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 03:43:16 GMT
cf-cache-status: MISS
last-modified: Wed, 14 Dec 2022 03:43:16 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-zendesk-zorg: yes
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2FQZIf2IGv5h%2FpusebsjsO8tmSPiI04bu0sTx2A18XIS%2BIaLA6V3lcBsNsBjVmhmceNWsLVWo%2FC%2FCHlxHUjQZJbV3pz%2BAFtn3lFVPOHsr3LGAWXgAqchLqzvf37vctI9uvWTWY2%2F8s%2BL9%2F11zro%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 7793ef301e305b7a-FRA
content-length: 0
x-request-id: 7793ef301e305b7a-SEA

GET
H2 200 de-de-json-94a352f.js Show response
static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/ Frame 876D 27 KB
7 KB 29ms
29ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/de-de-json-94a352f.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-94a352f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68044eaef1841a02213086348bf81a382b3bee100aa54c7369c947da239a0357

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 03:43:16 GMT
x-amz-version-id: X1A07GGKsLRTlUd2wDKhtshmTz7ylURy
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: NWC4JKGXF5FYV3R1
age: 99794
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: 71No9VdVsMjYZdjmK92Mf0MlnA3/iSCEi30hkJNFg7hHuBo6S98begYr7I+sqcpNrvXrm2WV4Hw=
last-modified: Mon, 12 Dec 2022 03:56:31 GMT
server: cloudflare
etag: W/"dee0c6a89a545cab72e7f62ab96b94c6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tXARb0eurSmLEONHos2fQmJ5THDLlFviAoxrzwV1zEjQyGerIrGxbgRwNN3fRVREmyCvigyK8PAu2gjauZG8Tf6EJ9fVYmIktvif3gwQOwpXotXthx%2B4OR34GGaf4b0F7E2JcTM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7793ef302c825c6e-FRA
expires: Tue, 12 Dec 2023 03:56:30 GMT

GET
H2 200 web-widget-chat-sdk-94a352f.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame 876D 202 KB
51 KB 25ms
25ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-chat-sdk-94a352f.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-94a352f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0dd9e6f31221b8432522601d43794879960167232e35bfd035187e12fbbdb89

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 03:43:16 GMT
x-amz-version-id: J6RQQMMyudfm_O5U7y2MyVS_G8ASS_pD
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: NWCAYC5VSTCEZS29
age: 99794
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: P8ZaMJyKEXnbLQAGkOPwuNcSEfty1etbTMgHjW0j+m4ze+SqPE7IM2zIDrWGB59hK7ptHmAepfs=
last-modified: Mon, 12 Dec 2022 03:56:30 GMT
server: cloudflare
etag: W/"d366c0776c2bacba354d40e564c3d3e6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EB%2BW8UHS%2BbmntjIvEIycYAvM%2FsIR43DaMz4CETJZskrw9nzaz%2FfVa%2Brdr23PTUWm9ioIKgrmsjJeYH8Qb3yH14Rg1OtLct6Px49RhdMr09NYNzujXYIcbAR%2FFi6vEmq5Qrtr%2Bxw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7793ef306cf95c6e-FRA
expires: Tue, 12 Dec 2023 03:56:29 GMT

GET
H2 200 web-widget-chat-incoming-message-notification-94a352f.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame 876D 208 B
639 B 17ms
16ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-chat-incoming-message-notification-94a352f.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-94a352f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53be1dac57456d1c758599183b9f5b14c95fe22ea6bc0ee70da5d989ef8a9407

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 03:43:16 GMT
x-amz-version-id: iJEwP_HLV3ltHLSebqqxktlSQ5_Vrhqf
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: CZNCRY8F7K84VB3K
age: 99793
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: S+7VwTZtydg3SUU+yl27ymQ1tlAS59EWpQfJPb+DxPMwPgER7ixa+yrL8OKuG/cTNIIMyh1oovY=
last-modified: Mon, 12 Dec 2022 03:56:30 GMT
server: cloudflare
etag: W/"659635f5ad1b6653645380f46aa42236"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VZms8fSid%2F7IC8Hg%2BlJ1gVUcoBHsR9KXZ03EKxx6QQ8aTSvaUIfpHNTkfslLBCcmv5wG1xLw9cSkN%2BNfgKj4%2BM5VSLb6QG2%2F0XF6bAUM080grwb9E%2BwwMz4N3oDn9g8KkUS5ups%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7793ef31eef85c6e-FRA
expires: Tue, 12 Dec 2023 03:56:29 GMT

GET
H2 206 fda6cd35495c75f83508d9d2e77ee33d.mp3
static.zdassets.com/web_widget/latest/classic/ Frame 876D 19 KB
20 KB 23ms
23ms Media
audio/mpeg 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/fda6cd35495c75f83508d9d2e77ee33d.mp3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 14 Dec 2022 03:43:16 GMT
x-amz-version-id: ngeCnQamEcRo6kgSgz9pTF5J7hCEPwJW
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: EPY8X9YDY570SGAA
age: 24109955
x-amz-server-side-encryption: AES256
Content-Range: bytes 0-19697/19698
x-amz-replication-status: COMPLETED
Content-Length: 19698
x-amz-id-2: WVW0sQpQKxtjsx0iINkCoae6bdpTd6ZKYq7y3xgTJmp8089rbECdSsKMuL0FO0ENh4HnR2ic4Ug=
last-modified: Wed, 09 Mar 2022 06:43:05 GMT
server: cloudflare
etag: "f11ce9e8f40a392830217253fe75d6de"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0lgkdEfGNAj2PhGLTfdRq5zh2HHNe6Sozfa2IqzoawPPPL8ekVAQLwz%2BfkTyfODbJgiVMVPFnds7o%2BJPwxaYjEXU6KWyYwOxugObzjzRhrunE73Ff1U%2B8eixIMyZIkBzdaJ%2BbfA%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7793ef321f2d5c6e-FRA
expires: Thu, 09 Mar 2023 06:43:04 GMT

Verdicts & Comments Add Verdict or Comment

156 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 12:29:01	Name: _GRECAPTCHA Value: 09ANps_rAkYuir7cBQmMD1i92lpGdPHN9flcCMHmPwp-n1XwXhHmAPaQ3x_06cR_Sz3eEwRy0GCftb4FnHwDm6IeY
.givedirectly.org/	1970-01-20 16:56:51	Name: _vwo_uuid_v2 Value: D159A2877733C80480598BE4CE5E79B74\|7ba43849e66c287d7887dd50bcaa11db
.givedirectly.org/	1970-01-20 17:45:49	Name: consented_date_gd_web Value: 1670989395113
.givedirectly.org/	1970-01-20 17:45:49	Name: consented_opt_out_gd_web Value: false
.givedirectly.org/	1970-01-20 10:33:49	Name: _vis_opt_s Value: 1%7C
.givedirectly.org/	1969-12-31 23:59:59	Name: _vis_opt_test_cookie Value: 1
.givedirectly.org/	1970-01-20 17:45:49	Name: _vwo_uuid Value: D159A2877733C80480598BE4CE5E79B74
.givedirectly.org/	1970-01-20 08:09:51	Name: _vwo_sn Value: 0%3A1%3A%3A%3A1
.givedirectly.org/	1970-01-20 10:19:25	Name: _gcl_au Value: 1.1.1433302348.1670989395
.givedirectly.org/	1970-01-20 10:33:49	Name: _vis_opt_exp_16_combi Value: 1
.givedirectly.org/	1970-01-20 10:19:25	Name: _rdt_uuid Value: 1670989395251.9904de15-c65a-4cf5-a704-8a9b07b68623
.givedirectly.org/	1970-01-20 08:53:01	Name: _vwo_ds Value: 3%3Aa_0%2Ct_0%3A0%241670989395%3A63.31125024%3A%3A%3A7_0%2C6_0%3A0
www.givedirectly.org/	1970-01-20 16:55:25	Name: __pdst Value: f91efdabc581481f919de44ebb0c1758
.givedirectly.org/	1970-01-20 17:45:49	Name: _ga Value: GA1.2.1569213685.1670989395
.givedirectly.org/	1970-01-20 08:11:15	Name: _gid Value: GA1.2.143416344.1670989395
.givedirectly.org/	1970-01-20 08:09:49	Name: _gat_UA-49238239-1 Value: 1
.givedirectly.org/	1970-01-20 08:09:49	Name: _gat_UA-10056556-1 Value: 1
.givedirectly.org/	1970-01-20 10:19:25	Name: _fbp Value: fb.1.1670989395566.2038484028
.givedirectly.org/	1970-01-20 16:55:25	Name: _hjSessionUser_1422210 Value: eyJpZCI6ImExYTkzZDYwLTU1NTgtNTllZi05ZmQyLTk5MDc2NzMxNDQzOCIsImNyZWF0ZWQiOjE2NzA5ODkzOTU0NjEsImV4aXN0aW5nIjpmYWxzZX0=
.givedirectly.org/	1970-01-20 08:09:51	Name: _hjFirstSeen Value: 1
www.givedirectly.org/	1970-01-20 08:09:49	Name: _hjIncludedInSessionSample Value: 1
.givedirectly.org/	1970-01-20 08:09:51	Name: _hjSession_1422210 Value: eyJpZCI6IjhlZGRkNjMxLTAyMTgtNGIzMC05ZTk2LTk2MGNjNjFlMzhhOSIsImNyZWF0ZWQiOjE2NzA5ODkzOTU1NzEsImluU2FtcGxlIjp0cnVlfQ==
www.givedirectly.org/	1970-01-20 08:09:49	Name: _hjIncludedInPageviewSample Value: 1
.givedirectly.org/	1970-01-20 08:09:51	Name: _hjAbsoluteSessionInProgress Value: 0
.givedirectly.org/	1970-01-20 12:29:01	Name: __hstc Value: 187818743.5c0d959a4a8a809945ce6c2ec02cfd2f.1670989395880.1670989395880.1670989395880.1
.givedirectly.org/	1970-01-20 12:29:01	Name: hubspotutk Value: 5c0d959a4a8a809945ce6c2ec02cfd2f
.givedirectly.org/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.givedirectly.org/	1970-01-20 08:09:51	Name: __hssc Value: 187818743.1.1670989395881
.givedirectly.org/	1970-01-20 16:55:25	Name: ph_phc_j1Fm3HqKiplMs7guXcEKIdcYC8CQCUOu31quq5YpXFj_posthog Value: %7B%22distinct_id%22%3A%221850ebab7231243-0b061cedf8e6a-1b3b3a75-1d4c00-1850ebab7241a9f%22%2C%22%24device_id%22%3A%221850ebab7231243-0b061cedf8e6a-1b3b3a75-1d4c00-1850ebab7241a9f%22%2C%22%24referrer%22%3A%22%24direct%22%2C%22%24referring_domain%22%3A%22%24direct%22%2C%22%24sesid%22%3A%5B1670989395751%2C%221850ebab7271350-09adc6bc373db7-1b3b3a75-1d4c00-1850ebab728136d%22%2C1670989395751%5D%2C%22%24session_recording_enabled_server_side%22%3Afalse%2C%22%24active_feature_flags%22%3A%5B%5D%2C%22%24enabled_feature_flags%22%3A%7B%7D%7D
.givedirectly.org/	1970-01-20 17:45:49	Name: _ga_GV8XF9FJ16 Value: GS1.1.1670989395.1.0.1670989396.59.0.0
.hubspot.com/	1970-01-20 08:09:51	Name: __cf_bm Value: axrVaebOzxVAcr9TS_i3BqLGaUvE_3zenueDSwuTX6U-1670989396-0-AWABf/zGDa+MxeFDrsRv/MdDWGjaCOqefrESp3n9UoB1QKlYAS2/CSWLNDBIdGMTonfo2FzlwzbB9xp1i1m1Ovg=
widget-mediator.zopim.com/	1970-01-20 08:19:54	Name: AWSALBCORS Value: wdBDp8BpKV9jsMiXKw2ZPaeD1wH6OXKtBD3xfGMZk41nHRNrgBvpuyC/GN3kHSCwg1/UsY9B4W2pHMXp4yxRc/BD9snHvW0MbtEszfILK7QgN6UFodYppqPw7fzP
.givedirectly.org/	1970-01-20 16:55:25	Name: __zlcmid Value: 1DQlRryLn5f6Hfk

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alb.reddit.com
app.posthog.com
cdn.pdst.fm
connect.facebook.net
content.hotjar.io
dev.visualwebsiteoptimizer.com
ekr.zdassets.com
fonts.gstatic.com
forms-na1.hsforms.com
forms.hsforms.com
givedirectlyhelp.zendesk.com
in.hotjar.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsforms.net
p.typekit.net
pi.pardot.com
region1.analytics.google.com
script.hotjar.com
static.hotjar.com
static.zdassets.com
stats.g.doubleclick.net
track.hubspot.com
us-central1-adaptive-growth.cloudfunctions.net
use.typekit.net
vars.hotjar.com
www.facebook.com
www.givedirectly.org
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.redditstatic.com
104.16.53.111
104.18.70.113
104.18.72.113
13.32.121.100
141.193.213.21
151.101.129.140
18.66.147.113
2001:4860:4802:32::36
2001:4860:4802:36::36
2606:4700:4400::ac40:9a55
2606:4700::6810:5705
2606:4700::6811:46b0
2606:4700::6811:b749
2606:4700::6811:d6cc
2606:4700::6813:9a53
2a00:1450:4001:808::2003
2a00:1450:4001:808::2004
2a00:1450:4001:808::2008
2a00:1450:4001:80e::200e
2a00:1450:4001:828::2003
2a00:1450:4001:829::2003
2a00:1450:400c:c1b::9b
2a02:26f0:480:f::213:7edb
2a02:26f0:480:f::213:7ee1
2a03:2880:f080:9:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:600::396
34.204.139.61
34.96.102.137
35.244.142.80
52.215.128.208
52.222.236.73
52.30.211.73
52.54.96.194
02b9c6ccbf075c3b533eb41eca5f47b2e1b12615cea34d2a095a05456a781579
04f2554657b0c696f52719b975b9ca4f88de8471207de69ac963deeec1b211c1
09d305a5a1c4756015b5b0c509dcc3f121a6e9a754a92ed5bacbb5a60899d411
0a3c8b07faff5438e1dcaca727d8adb16d529b1f23bfb576dcbe52501f6faa9d
0b21740f0c167a00287ec5ffe02a9f2ceed21623b9752870d1063225fe7f21af
1034fc3cbbd0dc0da3041ff81c4d7afaceeb90797dc7ee7a820115509af5ec6d
11e6808dc01f28b7e8558f0080ea27c5c25c9259dfdcd43da8006d7eab942963
1bb560fbfba4c0b26ba219b3eadd94862109b158683031a517b1867e2025c09a
1bff93fd3ff3271a5ea6455b825e4414633d485d951f52d6c1af6aeffd8c1e90
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1e84ec08e834efe1e1c9df97bbe8ab9451a8df80fd6ecfe29fb44e3d3054a52d
2269506750ae77b3fa263a3183e86ca38c2039cd9cdcc91aaef9b4d5072e0550
24758dee06483ee86fb9d0a393ba368faa19154bdd8659c9de20794afa488f8a
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
281d704874a4f296b2e6ec2fcd9464321440a876204662f267df4b0347aff7ca
28e7e652bdb6c55c2347e51f218cacfca5645711fa919dc879b25a5c88991aed
2efec8e3220c7db3ae9e4dfa895329fc217b2828223617cff860bc494348b9f1
31ae5eca8aef332e2e9ce713bcb6c62fbd9262a28e652df3c724b8eb30910d24
321467d63f603f7090d1a5d021689eb07328e5aee38d15cc6ef9ed15af81ad4c
34f3fd9e4422daeb2700c414e8431a0af2a6b40a74f5e35850effa54c976dfab
3907214c17ae2b9157e835b5ee21e29038b848d846e606b1d9f06dd98fba39d8
3a40570f51d184af8eb2cd035f390258c0fe09db3689832ddface3631b1515b8
3b91e6a4b14493d67f9660e6d4a2e27c1eea54d97ccb7c30acf3b89998b3be99
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
451f76d60c87068ac8493aa1be502d7cfa2cc02705f57553ad29278edee7a783
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
4b4e80032e1c164685d3ff6eb4c606785ebaebaa648d3984478b0cc8d114190b
53be1dac57456d1c758599183b9f5b14c95fe22ea6bc0ee70da5d989ef8a9407
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
5a1ca1171a7bf349f8037fa8f2f1b3b491ac5c081fc23f8c9f7d75b249e4a225
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5d9d7e78e22202af03b2d09ad31952e031e3423006cba4a29fd506c5664c7761
5f76b21b53caa4fe4884fbc1abcb5e25b53b3e77c49beec4f9d0fb9c9c962bb9
608a9fed233ddf21a4af1a2f5ee14dbb8b11cd8aeef3952afcd09f0d77260ce2
6393160a31d4531e0bab111ea31113b0012c52151a08bb3eb8f48cd008974c8b
68044eaef1841a02213086348bf81a382b3bee100aa54c7369c947da239a0357
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
71f999ee66203f6df57017530c58b2cab1e716463e2b80e88321d48d86c4c3a6
77e31b8b603adaddeeddc392e0e5362f134ef56b3128f07726ec20d7e6e381db
799423b6ba53dcaa5b4d86c8dc88891d25662d80d9a0cf2b5f85280b82804927
7c4f0f42e469e20ef0fa9f965f80ce27a1a4470c41aa080ecd87114344322f49
7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
81f274f413a25f371296a6dc05422dd6197e4476691e46baaf2adeac9147b408
8314a8eff5d6af0420b5f87284a6764fb1d8fd7c0df91eb09d0ec1bcaeca3a33
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8a7f12167fdc475dde4c7b9dd0b42d668881e1e491b1571c421aaa7684f87c68
8e2e8acb168f511716d529fcc0ce152a444350b73cbe91745684f3c8a755b595
97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46
9991e342a476bcf84531891aea36f07b99fefa3aa899bb12925200e4bb396b57
9baa573e4378873b7ac81ccb1d954ce9bb2b1a933947ad3012263ddc604d8505
9bb2c57900098b5cdafd4a068ba4bc2ccb9e9961ea7ae18cfdae016213963886
9dcdca7dd78c2ca89d83ce593429f1c0bd59e730f429988b6868b1b253f513b7
a35dfffe0834600e24057c9b975f0bd41865d379030aeca15d488707b78ffcf9
acd84834e68eebb74a5390dc88584940981469e89346ab7c85219f3e484e0b61
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b48f8c536a3cf0327d671ee8e807f80ce2a74f299e0e5297f668aeb586633eb0
b61f957ed10a51a9df824199657a2ee3c1e6ab3f7c4b4444d25f39df543c37b3
b7227a90c1bc8dc90dd23d144c5dbf59583b63f469c04e44b0316ee354a5bad0
b944b9469a2b4f007755ac5c43b4101d568cbcd2bda8f20f725ebb90e64674ea
bb33312d53473ffa32e4fccb51df86fb48e628895a81058458675cf640e0f55f
bc97cdd00c9cc923def5d0ae0ace79b533eaf7d770bad8d85ea2190e3bacae7d
c0dd9e6f31221b8432522601d43794879960167232e35bfd035187e12fbbdb89
c2a5646676a9a4862aeb9fbd28d68966c23cd6ec9469aa62564e4dc762e51440
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c3c5b3821ceb9856a21ade0b0cf66cc0ce3ab9fe51cd1e89e17f560a6d7f8f29
c71a7bdc6e1f2f8875556b690007a65be9e5ae1fb285f76d85180c89a3fa52d2
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
cb3225279aa937cb59eb4c7090bbd6c92967df4d8486a86d6f90fcdbee0ffc5f
cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342
cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc
d489b866f669f2f15392d5cdce4b6e23f9e66fd7e0f38155510282f5e68c8ec2
d5ed0d3bb98ae16ad90be29db3becf6153a1390b922506a19cccf2400bbdb1c1
dbee8bfe903d4ea9f71b1de60e45e2226d77fe1ff3101cb9f0362f20b44fd96a
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfe2326b81778f414900b4781650c0a6d8ea82898230c62eb34b3d212c1a99f1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4
ea7839948b5e7d8d1ee9412117fd3d642324bebe057682fb14ff6f32d5c3feac
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3e547dd68cdf81e0eee07f2cd672da320942336f3db781d19c134220125ab6f

www.givedirectly.org Open in urlscan Pro 141.193.213.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

112 Requests

100 %HTTPS

59 %IPv6

27 Domains

35 Subdomains

34 IPs

6 Countries

2667 kBTransfer

7291 kBSize

33 Cookies

12 Outgoing links

Page URL History

Redirected requests

112 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.givedirectly.org Open in urlscan Pro
141.193.213.21 Public Scan

Screenshot
Live screenshot

Full Image

112
Requests

100 %
HTTPS

59 %
IPv6

27
Domains

35
Subdomains

34
IPs

6
Countries

2667 kB
Transfer

7291 kB
Size

33
Cookies

112 HTTP transactions
0 data transactions