pages.donately.com Open in urlscan Pro
151.101.65.91 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://newyearspolarplunge.com/
Effective URL:
https://pages.donately.com/thisismefoundation/campaign/11th-annual-new-year-s-polar-plunge
Submission Tags: phishingrod
Submission: On October 27 via api (October 27th 2024, 4:09:24 am UTC) from DE — Scanned from DE

Summary HTTP 89 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 40 IPs in 4 countries across 34 domains to perform 89 HTTP transactions. The main IP is 151.101.65.91, located in San Francisco, United States and belongs to FASTLY, US. The main domain is pages.donately.com.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on June 6th 2024. Valid for: a year.

This is the only time pages.donately.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	15.197.225.128 15.197.225.128	16509 (AMAZON-02) (AMAZON-02)
6	151.101.65.91 151.101.65.91	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
2	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	151.101.193.91 151.101.193.91	54113 (FASTLY) (FASTLY)
4	142.250.184.195 142.250.184.195	15169 (GOOGLE) (GOOGLE)
1	34.107.199.61 34.107.199.61	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	35.190.10.96 35.190.10.96	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:214... 2600:9000:214f:9c00:a:891a:6d40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:480... 2a02:26f0:480:15::213:7e4a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2620:1ec:33::10 2620:1ec:33::10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
2	2600:1901:0:b... 2600:1901:0:bc29::	15169 (GOOGLE) (GOOGLE)
1	199.232.188.157 199.232.188.157	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:8ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:10:... 2606:4700:10::6816:cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2400:52e0:1e0... 2400:52e0:1e00::1080:1	60068 (CDN77 _) (CDN77 _)
1	2a00:1450:400... 2a00:1450:400c:c0b::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1 2	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	172.66.0.227 172.66.0.227	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
1	2606:4700::68... 2606:4700::6811:80ac	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:a0a8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:440... 2606:4700:4400::6812:28f0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:8d11	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6810:7674	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:407c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:4d8e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2400:52e0:1e0... 2400:52e0:1e00::1082:1	60068 (CDN77 _) (CDN77 _)
1	2600:9000:223... 2600:9000:223c:3000:2:7dc7:8f00:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6810:7574	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.164.139.38 54.164.139.38	14618 (AMAZON-AES) (AMAZON-AES)
2	188.166.193.169 188.166.193.169	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
4	2400:52e0:1e0... 2400:52e0:1e00::1081:1	60068 (CDN77 _) (CDN77 _)
2	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
89	40

1 15.197.225.128 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: aec037177372cc6cd.awsglobalaccelerator.com

newyearspolarplunge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.65.91 (San Francisco, United States)

ASN54113 (FASTLY, US)

pages.donately.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.donately.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.193.91 (San Francisco, United States)

ASN54113 (FASTLY, US)

api.donately.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.199.61 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.199.107.34.bc.googleusercontent.com

stk.px-cloud.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.10.96 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 96.10.190.35.bc.googleusercontent.com

collector-px963uiwkr.px-cloud.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:9c00:a:891a:6d40:93a1 (United States)

ASN16509 (AMAZON-02, US)

uploads.donately.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:15::213:7e4a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:33::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:bc29:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

cdn.mxpnl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.188.157 (Munich, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:8ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:cc (United States)

ASN13335 (CLOUDFLARENET, US)

acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1e00::1080:1 (Germany)

ASN60068 (CDN77 _, GB)

onsite.optimonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.66.0.227 (United States)

ASN13335 (CLOUDFLARENET, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:80ac (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a0a8 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::6812:28f0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:8d11 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:7674 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cta-service-cms2.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:407c (United States)

ASN13335 (CLOUDFLARENET, US)

js.hubspotfeedback.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4d8e (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2400:52e0:1e00::1082:1 (Germany)

ASN60068 (CDN77 _, GB)

cdn-asset.optimonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:3000:2:7dc7:8f00:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.trendemon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7574 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.164.139.38 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-139-38.compute-1.amazonaws.com

trackingapi.trendemon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.166.193.169 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

front.optimonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2400:52e0:1e00::1081:1 (Germany)

ASN60068 (CDN77 _, GB)

gs-cdn.optimonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-account.optimonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-limit.optimonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	donately.com pages.donately.com api.donately.com uploads.donately.com cdn.donately.com — Cisco Umbrella Rank: 817582	690 KB
10	optimonk.com onsite.optimonk.com — Cisco Umbrella Rank: 30152 cdn-asset.optimonk.com — Cisco Umbrella Rank: 30541 front.optimonk.com — Cisco Umbrella Rank: 29441 gs-cdn.optimonk.com — Cisco Umbrella Rank: 34849 cdn-account.optimonk.com — Cisco Umbrella Rank: 30720 cdn-limit.optimonk.com — Cisco Umbrella Rank: 31292 jfapiprod.optimonk.com Failed	94 KB
5	hubspot.com js.hubspot.com — Cisco Umbrella Rank: 3554 cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 3687 app.hubspot.com — Cisco Umbrella Rank: 5859 track.hubspot.com — Cisco Umbrella Rank: 2324 api.hubspot.com — Cisco Umbrella Rank: 5132 Failed forms.hubspot.com Failed	27 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	411 KB
5	px-cloud.net stk.px-cloud.net — Cisco Umbrella Rank: 21462 collector-px963uiwkr.px-cloud.net	2 KB
4	gstatic.com fonts.gstatic.com	90 KB
3	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 321 px4.ads.linkedin.com — Cisco Umbrella Rank: 6828	2 KB
2	bing.net bat.bing.net — Cisco Umbrella Rank: 20475	462 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	3 KB
2	trendemon.com assets.trendemon.com — Cisco Umbrella Rank: 106503 trackingapi.trendemon.com — Cisco Umbrella Rank: 87399	61 KB
2	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2172	29 KB
2	acsbapp.com acsbapp.com — Cisco Umbrella Rank: 3740 cdn.acsbapp.com — Cisco Umbrella Rank: 3977	96 KB
2	mxpnl.com cdn.mxpnl.com — Cisco Umbrella Rank: 3511	22 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	74 KB
2	bing.com bat.bing.com — Cisco Umbrella Rank: 348	15 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 220	8 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 5048	26 KB
1	hubspotfeedback.com js.hubspotfeedback.com — Cisco Umbrella Rank: 15178	9 KB
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 5740	92 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2191	25 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3176	4 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 962	393 B
1	t.co t.co — Cisco Umbrella Rank: 859	627 B
1	google.de www.google.de — Cisco Umbrella Rank: 11271	408 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 136	556 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 4401
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2500	1 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 960	15 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 784	14 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3643
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	976 B
1	newyearspolarplunge.com 1 redirects newyearspolarplunge.com	378 B
0	hubapi.com Failed api.hubapi.com Failed
0	hsforms.com Failed perf-na1.hsforms.com Failed
89	34

	Domain	Requested by
8	api.donately.com	pages.donately.com
5	www.googletagmanager.com	pages.donately.com www.googletagmanager.com
5	pages.donately.com	pages.donately.com
4	collector-px963uiwkr.px-cloud.net	pages.donately.com
4	fonts.gstatic.com	fonts.googleapis.com
3	cdn-asset.optimonk.com	onsite.optimonk.com cdn-asset.optimonk.com pages.donately.com
2	bat.bing.net	bat.bing.com
2	cdn-account.optimonk.com	cdn-asset.optimonk.com
2	front.optimonk.com	cdn-asset.optimonk.com
2	www.facebook.com
2	js.hs-banner.com	js.hs-scripts.com js.hs-banner.com
2	px.ads.linkedin.com	1 redirects snap.licdn.com
2	cdn.mxpnl.com	www.googletagmanager.com cdn.mxpnl.com
2	connect.facebook.net	www.googletagmanager.com connect.facebook.net
2	bat.bing.com	www.googletagmanager.com bat.bing.com
2	cdnjs.cloudflare.com	pages.donately.com
1	cdn-limit.optimonk.com	cdn-asset.optimonk.com
1	gs-cdn.optimonk.com	cdn-asset.optimonk.com
1	trackingapi.trendemon.com	assets.trendemon.com
1	api.hubspot.com	js.usemessages.com
1	track.hubspot.com
1	app.hubspot.com	js.hubspotfeedback.com
1	cta-service-cms2.hubspot.com	js.hubspot.com
1	cdn.acsbapp.com	acsbapp.com
1	assets.trendemon.com	pages.donately.com assets.trendemon.com
1	js.usemessages.com	js.hs-scripts.com
1	js.hubspotfeedback.com	js.hs-scripts.com
1	js.hubspot.com	js.hs-scripts.com
1	js.hsleadflows.net	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	analytics.twitter.com
1	t.co
1	px4.ads.linkedin.com
1	www.google.de
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	onsite.optimonk.com	www.googletagmanager.com
1	acsbapp.com	pages.donately.com
1	cdn.donately.com	www.googletagmanager.com
1	js.hs-scripts.com	www.googletagmanager.com
1	static.ads-twitter.com	pages.donately.com
1	snap.licdn.com	www.googletagmanager.com
1	region1.google-analytics.com	www.googletagmanager.com
1	uploads.donately.com
1	stk.px-cloud.net	pages.donately.com
1	fonts.googleapis.com	pages.donately.com
1	newyearspolarplunge.com	1 redirects
0	jfapiprod.optimonk.com Failed	gs-cdn.optimonk.com
0	forms.hubspot.com Failed	js.hsleadflows.net
0	api.hubapi.com Failed	js.hsadspixel.net
0	perf-na1.hsforms.com Failed
89	52

This site contains links to these domains. Also see Links.

Domain
dashboard.donately.com
l.facebook.com
www.thisismefoundation.com

Subject Issuer	Validity	Valid
*.donately.com Sectigo RSA Organization Validation Secure Server CA	`2024-06-06` - `2025-06-15`	a year	crt.sh
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-09-28` - `2024-12-27`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.px-cloud.net Sectigo RSA Domain Validation Secure Server CA	`2024-08-16` - `2025-09-15`	a year	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 03	`2024-09-16` - `2025-03-15`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-05` - `2024-11-03`	3 months	crt.sh
*.mxpnl.com GeoTrust TLS RSA CA G1	`2024-07-15` - `2025-07-29`	a year	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-25` - `2025-06-24`	a year	crt.sh
hs-scripts.com WE1	`2024-09-26` - `2024-12-25`	3 months	crt.sh
acsbapp.com WE1	`2024-10-16` - `2025-01-14`	3 months	crt.sh
onsite.optimonk.com R10	`2024-10-16` - `2025-01-14`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
www.google.de WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-10-14` - `2025-04-14`	6 months	crt.sh
t.co E5	`2024-09-28` - `2024-12-27`	3 months	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-30` - `2025-09-29`	a year	crt.sh
hsadspixel.net WE1	`2024-10-10` - `2025-01-08`	3 months	crt.sh
hs-analytics.net WE1	`2024-10-07` - `2025-01-05`	3 months	crt.sh
hs-banner.com WE1	`2024-09-24` - `2024-12-23`	3 months	crt.sh
hsleadflows.net WE1	`2024-09-29` - `2024-12-28`	3 months	crt.sh
hubspot.com WE1	`2024-10-03` - `2025-01-01`	3 months	crt.sh
hubspotfeedback.com WE1	`2024-09-28` - `2024-12-27`	3 months	crt.sh
usemessages.com WE1	`2024-10-06` - `2025-01-04`	3 months	crt.sh
cdn-asset.optimonk.com R10	`2024-10-02` - `2024-12-31`	3 months	crt.sh
*.trendemon.com SSL.com RSA SSL subCA	`2024-06-18` - `2025-06-18`	a year	crt.sh
*.optimonk.com GlobalSign GCC R6 AlphaSSL CA 2023	`2024-06-24` - `2025-07-26`	a year	crt.sh
gs-cdn.optimonk.com R10	`2024-10-02` - `2024-12-31`	3 months	crt.sh
cdn-account.optimonk.com R11	`2024-10-16` - `2025-01-14`	3 months	crt.sh
cdn-limit.optimonk.com R11	`2024-09-14` - `2024-12-13`	3 months	crt.sh
bat.bing.net Microsoft Azure RSA TLS Issuing CA 03	`2024-07-30` - `2025-01-26`	6 months	crt.sh

This page contains 3 frames:

Primary Page: https://pages.donately.com/thisismefoundation/campaign/11th-annual-new-year-s-polar-plunge
Frame ID: AA698727594DEE75E49659E4EB607342
Requests: 81 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fpages.donately.com
Frame ID: 2E0AC899138CD3912E08A196E0FD2180
Requests: 1 HTTP requests in this frame

Frame: https://app.hubspot.com/feedback-web-fetcher
Frame ID: E1B8B81E26DFF4B35036B510A6BAAD09
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

11th Annual New Year's Polar Plunge! by This Is Me Foundation | Donately

Page URL History Show full URLs

https://newyearspolarplunge.com/ HTTP 301
https://pages.donately.com/thisismefoundation/campaign/11th-annual-new-year-s-polar-plunge Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

PerimeterX (Security) Expand

Overall confidence: 100%
Detected patterns

Page Statistics

89
Requests

88 %
HTTPS

65 %
IPv6

34
Domains

52
Subdomains

40
IPs

4
Countries

1814 kB
Transfer

5964 kB
Size

27
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://dashboard.donately.com/
Title: Sign In

Search URL Search Domain Scan URL

URL: https://l.facebook.com/l.php?u=http%3A%2F%2Fwww.thisismefoundation.com%2F%3Ffbclid%3DIwAR1xslRqxeZ5zgOiw1Z9NY7bgcBJYha_DXfVLa-6m4j7lORI8AjwViR_rIM&h=AT2PYm9p2tILufz74epdrIFfoAsZ2Zl3nCjgla8zUBO_XsCVJWbE4I5fCieuBDU2kiVK98GIn2rb_27zHpMq5i3VhQf8Syugqf_t8KsQxNeEgHsKBRpnM7jVlwuQBlrQnzTa9w&__tn__=q&c%5B0%5D=AT3DeUplWbcDO5tEwEmREhzJb0DobTQtrPTOiLDSy9vng7e2Xo0uw4Vl7oipgTf31rebe6vUvSnR9-9-PYgLhdc7xZc5_WWzFwCSZOJcQ9GISkr-LPpgm5ZGiv1B4Y2d4isvHYuGfEuQf7IYIN9fO0L8Dz-Q
Title: www.thisismefoundation.com

Search URL Search Domain Scan URL

URL: http://www.thisismefoundation.com/?fbclid=IwAR1XsSxJ3na7v_wH_KAWZBth4bnYbOY9_sKamYGCaxao4GJENRHwnY7HEKY
Title: www.thisismefoundation.com

Search URL Search Domain Scan URL

URL: http://www.thisismefoundation.com/?fbclid=IwAR0YFnd937CdWmfhYmtSzn1Ha2Ppa8evKIgwaMk9RTFvgJdNlnwX3LkHUX0
Title: http://www.thisismefoundation.com.

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://newyearspolarplunge.com/ HTTP 301
https://pages.donately.com/thisismefoundation/campaign/11th-annual-new-year-s-polar-plunge Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4794210&time=1730002162119&url=https%3A%2F%2Fpages.donately.com%2Fthisismefoundation%2Fcampaign%2F11th-annual-new-year-s-polar-plunge HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4794210&time=1730002162119&url=https%3A%2F%2Fpages.donately.com%2Fthisismefoundation%2Fcampaign%2F11th-annual-new-year-s-polar-plunge&e_ipv6=AQJDHQ279IeNlgAAAZLMKhMcQgwvSsdPUtkaonoDK_FiSy13xPp5uO4xF-Hal_-mS7fU-ISg

89 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 11th-annual-new-year-s-polar-plunge Show response
pages.donately.com/thisismefoundation/campaign/
Redirect Chain

https://newyearspolarplunge.com/
https://pages.donately.com/thisismefoundation/campaign/11th-annual-new-year-s-polar-plunge

3 KB
2 KB

110ms
39ms

Document
text/html

151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://pages.donately.com/thisismefoundation/campaign/11th-annual-new-year-s-polar-plunge

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

7418b8e76970c1bf67c7dc3246ac69630c92973f3ea1a45a0ebf7f322efc3be9

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
age: 0
content-encoding: gzip
content-length: 1253
content-type: text/html; charset=utf-8
date: Sun, 27 Oct 2024 04:09:19 GMT
etag: W/"d41-Epbv6aB4LS8oFuZ3hwzm3klm1ws"
fastly-restarts: 1
location: https://pages.donately.com/demo/\1
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1730002158&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=T5ulm%2FPo1Jb82FLMosOn8Yp%2Fg4I6Ng1es4p9Bm0orwI%3D"}]}
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1730002158&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=T5ulm%2FPo1Jb82FLMosOn8Yp%2Fg4I6Ng1es4p9Bm0orwI%3D
server: Cowboy
strict-transport-security: max-age=300
vary: Accept-Encoding
via: 1.1 vegur, 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-served-by: cache-fra-eddf8230043-FRA

Redirect headers

Connection: close
Content-Length: 125
Content-Type: text/html; charset=utf-8
Date: Sun, 27 Oct 2024 04:09:19 GMT
Location: https://pages.donately.com/thisismefoundation/campaign/11th-annual-new-year-s-polar-plunge
Server: ip-100-74-5-4.eu-west-2.compute.internal
Vary: Accept-Encoding
X-Request-Id: 69fed5a1-6b8a-45b3-81e3-e910d1ac9399

GET
H2 200 css
fonts.googleapis.com/ 5 KB
976 B 124ms
45ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,900

Requested by

Host: pages.donately.com
URL: https://pages.donately.com/thisismefoundation/campaign/11th-annual-new-year-s-polar-plunge

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

be5024cb177471b0255476f2bdec6f8864928a61e9095a6371feb2d862809d77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://pages.donately.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sun, 27 Oct 2024 04:09:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 27 Oct 2024 04:09:19 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sun, 27 Oct 2024 03:25:38 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 bootstrap-grid.min.css
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.0.0-beta/css/ 21 KB
2 KB 29ms
17ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.0.0-beta/css/bootstrap-grid.min.css

Requested by

Host: pages.donately.com
URL: https://pages.donately.com/thisismefoundation/campaign/11th-annual-new-year-s-polar-plunge

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b768ac472570ed0d0f0f3d0979aeb7f852d03c96f8e7b2dacb6f52f8d4e20590

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://pages.donately.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb04010-5514"
age: 5330636
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jU2%2FamNmAhcabMaUpfxw1QRK3WjHc4xsIHvrrcmplMHhHqrwmtsopU%2FbIUWIxs%2BXcq9BZEd4As46801Xw%2FCV%2FK6zDPBDsN%2FDUnjALcqVhFnY0uGzgADoWI5GoqA0Qce3YQyjwBYz"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Fri, 17 Oct 2025 04:09:19 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 27 Oct 2024 04:09:19 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 04 May 2020 16:17:20 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8d8fd479bc099bb3-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1436
server: cloudflare

GET
H3 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 28ms
16ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: pages.donately.com
URL: https://pages.donately.com/thisismefoundation/campaign/11th-annual-new-year-s-polar-plunge

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://pages.donately.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03e5f-7918"
age: 298862
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ihlrg4XV9AvAScv6wialRnYTRN2gpnGZ6LLJx%2FhVahxZndIhNyGLZ%2FlhaThI866qcoATek0AukZo2rRyRMbZgjCwXkTn7gMjFUtB4QMyTIIa%2BV2XdwMS9SbFklr3DK0H9YViL0k%2F"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Fri, 17 Oct 2025 04:09:19 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 27 Oct 2024 04:09:19 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 04 May 2020 16:10:07 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8d8fd479bc0a9bb3-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5631
server: cloudflare

GET
H2 200 main.c93362e9.css
pages.donately.com/static/css/ 20 KB
4 KB 386ms
385ms Stylesheet
text/css 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://pages.donately.com/static/css/main.c93362e9.css

Requested by

Host: pages.donately.com
URL: https://pages.donately.com/thisismefoundation/campaign/11th-annual-new-year-s-polar-plunge

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

550dbd6446f15647b16db7582374cf793e30098f6f597a3123f59e26cd2acdd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://pages.donately.com/thisismefoundation/campaign/11th-annual-new-year-s-polar-plunge

Response headers

content-encoding: gzip
etag: W/"4f05-19232ec4918"
age: 0
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1730002159&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=Jt7bQgcnyq3AHN4SoHF2aE4Wvl3ttaNW%2B4%2B66Tj6lwI%3D"}]}
x-cache: MISS
date: Sun, 27 Oct 2024 04:09:19 GMT
content-type: text/css; charset=UTF-8
last-modified: Fri, 27 Sep 2024 09:59:59 GMT
x-cache-hits: 0
x-served-by: cache-fra-eddf8230043-FRA
strict-transport-security: max-age=300
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1730002159&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=Jt7bQgcnyq3AHN4SoHF2aE4Wvl3ttaNW%2B4%2B66Tj6lwI%3D
cache-control: public, max-age=0
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
location: https://pages.donately.com/demo/\1
x-timer: S1730002160.620224,VS0,VE376
vary: Accept-Encoding
via: 1.1 vegur, 1.1 varnish
accept-ranges: bytes
content-length: 4435
server: Cowboy

GET
H2 200 main.19818a85.js Show response
pages.donately.com/static/js/ 2 MB
418 KB 206ms
205ms Script
application/javascript 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://pages.donately.com/static/js/main.19818a85.js

Requested by

Host: pages.donately.com
URL: https://pages.donately.com/thisismefoundation/campaign/11th-annual-new-year-s-polar-plunge

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

68927f6575fc24f008b7af2ef3a44757dc6a310f2cbf2095a0e33639d2e17edb

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://pages.donately.com/thisismefoundation/campaign/11th-annual-new-year-s-polar-plunge

Response headers

content-encoding: gzip
etag: W/"180928-19232ec4918"
age: 0
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1730002159&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=Jt7bQgcnyq3AHN4SoHF2aE4Wvl3ttaNW%2B4%2B66Tj6lwI%3D"}]}
x-cache: MISS
date: Sun, 27 Oct 2024 04:09:19 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 27 Sep 2024 09:59:59 GMT
x-cache-hits: 0
x-served-by: cache-fra-eddf8230043-FRA
strict-transport-security: max-age=300
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1730002159&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=Jt7bQgcnyq3AHN4SoHF2aE4Wvl3ttaNW%2B4%2B66Tj6lwI%3D
cache-control: public, max-age=0
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
location: https://pages.donately.com/demo/\1
x-timer: S1730002160.620310,VS0,VE199
vary: Accept-Encoding
via: 1.1 vegur, 1.1 varnish
accept-ranges: bytes
content-length: 426996
server: Cowboy

GET
H2 200 init.js Show response
pages.donately.com/963UiWkR/ 168 KB
77 KB 8ms
8ms Script
application/javascript 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://pages.donately.com/963UiWkR/init.js

Requested by

Host: pages.donately.com
URL: https://pages.donately.com/thisismefoundation/campaign/11th-annual-new-year-s-polar-plunge

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b777b61497b6a7d3f157c11ebfbc080c0e0b759f34849324669b7a0cb2d1e0bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://pages.donately.com/thisismefoundation/campaign/11th-annual-new-year-s-polar-plunge

Response headers

access-control-expose-headers: active-cdn,x-served-by,Akamai-Request-BC
content-encoding: gzip
etag: "2a0a7-EU8dahmBf4cF4/2aq48yKdEu/Qw"
age: 37
x-cache: HIT
date: Sun, 27 Oct 2024 04:09:20 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230043-FRA
x-cache-hits: 1
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=600
x-px-hash: MGY0YTIxZTQwNWM4ZWUwNjBiMzUxZDlhZmY2NDFhNjFmNmZmNTcwNGQ1OWM3NGUxMmE5NDVkMmEyNDc4ZjZmNA==
location: https://pages.donately.com/demo/\1
active-cdn: Akamai
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 78391

GET
H2 200 thisismefoundation Show response
api.donately.com/v2/accounts/ 3 KB
3 KB 422ms
422ms Fetch
application/json 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.donately.com/v2/accounts/thisismefoundation

Requested by

Host: pages.donately.com
URL: https://pages.donately.com/static/js/main.19818a85.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

c1c60fcabce703c4eb66d0b228f244afcd26170bd6a9c3f0b08567e6e898b607

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Donately-Version: 2019-03-15
X-Donately-Pages: true
Referer: https://pages.donately.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-max-age: 7200
x-request-id: 39c23054-d55a-4ec5-a123-88535550481e
access-control-expose-headers
etag: W/"c1c60fcabce703c4eb66d0b228f244af"
expect-ct: max-age=86400, report-uri="https://donately.report-uri.io/r/default/ct/reportOnly"
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1730002161&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=e1dj6XggjdX%2F23%2FEW1HtReraRU8ILOiz%2BxBPgoAZ0Us%3D"}]}
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
x-rack-cache: miss
x-cache: MISS
date: Sun, 27 Oct 2024 04:09:21 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-fra-eddf8230087-FRA
x-runtime: 0.014658
x-cache-hits: 0
vary: Accept, Origin
strict-transport-security: max-age=63072000; includeSubDomains
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1730002161&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=e1dj6XggjdX%2F23%2FEW1HtReraRU8ILOiz%2BxBPgoAZ0Us%3D
content-security-policy: default-src 'none'; script-src 'none'
cache-control: max-age=0, private, must-revalidate
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
referrer-policy: origin-when-cross-origin
via: 1.1 vegur, 1.1 varnish
x-download-options: noopen
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2615
fastly-restarts: 1
server: Cowboy

GET
H3 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 130ms
39ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,900

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://pages.donately.com
Referer: https://fonts.googleapis.com/

Response headers

age: 388315
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 16:17:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 16:17:25 GMT
last-modified: Tue, 02 May 2023 15:07:25 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23040
x-xss-protection: 0
server: sffe

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 130ms
40ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,900

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://pages.donately.com
Referer: https://fonts.googleapis.com/

Response headers

age: 388006
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 16:22:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 16:22:34 GMT
last-modified: Tue, 02 May 2023 15:17:22 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23580
x-xss-protection: 0
server: sffe

OPTIONS
H2 200 thisismefoundation
api.donately.com/v2/accounts/ Frame 0
0 639ms
417ms Preflight 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.donately.com/v2/accounts/thisismefoundation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'none'

Request headers

Accept: */*
Access-Control-Request-Headers: donately-version,x-donately-pages
Access-Control-Request-Method: GET
Origin: https://pages.donately.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: donately-version,x-donately-pages
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 7200
content-length: 0
content-security-policy: default-src 'none'; script-src 'none'
date: Sun, 27 Oct 2024 04:09:20 GMT
expect-ct: max-age=86400, report-uri="https://donately.report-uri.io/r/default/ct/reportOnly"
fastly-restarts: 1
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
referrer-policy: origin-when-cross-origin
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1730002160&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=iWG4ofVXbH3w%2BNk%2FP62owCuse%2F%2FiaWhUc8Z6dK7NfaA%3D"}]}
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1730002160&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=iWG4ofVXbH3w%2BNk%2FP62owCuse%2F%2FiaWhUc8Z6dK7NfaA%3D
server: Cowboy
via: 1.1 vegur, 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-download-options: noopen
x-served-by: cache-fra-eddf8230087-FRA

GET
H/1.1 200
OK ns Show response
stk.px-cloud.net/ 350 B
484 B 95ms
18ms XHR
text/html 34.107.199.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://stk.px-cloud.net/ns?c=3dacc200-9419-11ef-ac7b-375924d0498d
Requested by: Host: pages.donately.com
URL: https://pages.donately.com/963UiWkR/init.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.107.199.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.199.107.34.bc.googleusercontent.com
Software: /
Resource Hash: 13ace1515b601f898cb305078ecaefe14e9817dd5181f393941200c6605f7e94

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://pages.donately.com/

Response headers

Access-Control-Allow-Origin: *
Content-Length: 350
Date: Sun, 27 Oct 2024 04:09:19 GMT
Content-Type: text/html

POST
H2 200 collector Show response
collector-px963uiwkr.px-cloud.net/api/v2/ 540 B
786 B 236ms
157ms XHR
application/json 35.190.10.96
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-px963uiwkr.px-cloud.net/api/v2/collector
Requested by: Host: pages.donately.com
URL: https://pages.donately.com/963UiWkR/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 96.10.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 0dda7ba58ff6b57fde05728e51b127107975eaf183ed6a851373f6005e0ecb30

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://pages.donately.com/

Response headers

timing-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
via: 1.1 google
access-control-allow-origin: https://pages.donately.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 540
date: Sun, 27 Oct 2024 04:09:19 GMT
content-type: application/json; charset=utf-8

GET
H2 200 favicon.ico
pages.donately.com/ 15 KB
4 KB 9ms
8ms Other
image/x-icon 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://pages.donately.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

adf5aded57f8a3953663413dd8bef0aaaf821b0c878fccbd0679712422d14d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://pages.donately.com/thisismefoundation/campaign/11th-annual-new-year-s-polar-plunge

Response headers

content-encoding: gzip
etag: "3aee-c/EELIS+lftHCkFG1p4QywK6GB8"
age: 413388
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1727291875&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=el7UDYaJ9TuvB%2FxkELP2TE1bhfVztESWNnsPkHv9efc%3D"}]}
x-cache: HIT
date: Sun, 27 Oct 2024 04:09:20 GMT
content-type: image/x-icon
x-served-by: cache-fra-eddf8230043-FRA
x-cache-hits: 0
vary: Accept-Encoding
strict-transport-security: max-age=300
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1727291875&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=el7UDYaJ9TuvB%2FxkELP2TE1bhfVztESWNnsPkHv9efc%3D
cache-control: public, max-age=31536000
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
location: https://pages.donately.com/demo/\1
x-timer: S1730002160.329188,VS0,VE1
via: 1.1 vegur, 1.1 varnish
accept-ranges: bytes
content-length: 3595
server: Cowboy

POST
H2 200 collector Show response
collector-px963uiwkr.px-cloud.net/api/v2/ 388 B
444 B 190ms
184ms XHR
application/json 35.190.10.96
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-px963uiwkr.px-cloud.net/api/v2/collector
Requested by: Host: pages.donately.com
URL: https://pages.donately.com/963UiWkR/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 96.10.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 820dfffcb5206067244402e5df033b22c99dd88f26a16239e8aacc30f25d706a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://pages.donately.com/

Response headers

timing-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
via: 1.1 google
access-control-allow-origin: https://pages.donately.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 388
date: Sun, 27 Oct 2024 04:09:20 GMT
content-type: application/json; charset=utf-8

OPTIONS
H2 200 config.json
api.donately.com/v2/forms/frm_fe09d0aa2201/ Frame 0
0 426ms
416ms Preflight 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.donately.com/v2/forms/frm_fe09d0aa2201/config.json

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'none'

Request headers

Accept: */*
Access-Control-Request-Headers: donately-version,x-donately-pages
Access-Control-Request-Method: GET
Origin: https://pages.donately.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: donately-version,x-donately-pages
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 7200
content-length: 0
content-security-policy: default-src 'none'; script-src 'none'
date: Sun, 27 Oct 2024 04:09:21 GMT
expect-ct: max-age=86400, report-uri="https://donately.report-uri.io/r/default/ct/reportOnly"
fastly-restarts: 1
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
referrer-policy: origin-when-cross-origin
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1730002161&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=e1dj6XggjdX%2F23%2FEW1HtReraRU8ILOiz%2BxBPgoAZ0Us%3D"}]}
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1730002161&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=e1dj6XggjdX%2F23%2FEW1HtReraRU8ILOiz%2BxBPgoAZ0Us%3D
server: Cowboy
via: 1.1 vegur, 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-download-options: noopen
x-served-by: cache-fra-eddf8230087-FRA

OPTIONS
H2 200 11th-annual-new-year-s-polar-plunge.json
api.donately.com/v2/campaigns/ Frame 0
0 413ms
411ms Preflight 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.donately.com/v2/campaigns/11th-annual-new-year-s-polar-plunge.json?account_subdomain=thisismefoundation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'none'

Request headers

Accept: */*
Access-Control-Request-Headers: donately-version,x-donately-pages
Access-Control-Request-Method: GET
Origin: https://pages.donately.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: donately-version,x-donately-pages
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 7200
content-length: 0
content-security-policy: default-src 'none'; script-src 'none'
date: Sun, 27 Oct 2024 04:09:21 GMT
expect-ct: max-age=86400, report-uri="https://donately.report-uri.io/r/default/ct/reportOnly"
fastly-restarts: 1
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
referrer-policy: origin-when-cross-origin
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1730002161&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=e1dj6XggjdX%2F23%2FEW1HtReraRU8ILOiz%2BxBPgoAZ0Us%3D"}]}
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1730002161&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=e1dj6XggjdX%2F23%2FEW1HtReraRU8ILOiz%2BxBPgoAZ0Us%3D
server: Cowboy
via: 1.1 vegur, 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-download-options: noopen
x-served-by: cache-fra-eddf8230087-FRA

GET
H2 200 config.json Show response
api.donately.com/v2/forms/frm_fe09d0aa2201/ 1 KB
2 KB 463ms
455ms Fetch
application/json 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.donately.com/v2/forms/frm_fe09d0aa2201/config.json

Requested by

Host: pages.donately.com
URL: https://pages.donately.com/static/js/main.19818a85.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

ce18663267dec480268b45f9c28800a2a8d505c93266a2bfe685e2432662c422

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Donately-Version: 2019-03-15
X-Donately-Pages: true
Referer: https://pages.donately.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-max-age: 7200
x-request-id: a3ec07bb-6ef7-4b62-85e7-dd960a7bd824
access-control-expose-headers
etag: W/"ce18663267dec480268b45f9c28800a2"
age: 0
expect-ct: max-age=86400, report-uri="https://donately.report-uri.io/r/default/ct/reportOnly"
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1730002162&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=uSYGJEeHPoAc4vpA7jKAF4VORajaOv3%2FJeXZD7pjxSM%3D"}]}
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
x-rack-cache: stale, valid, store
x-cache: MISS
date: Sun, 27 Oct 2024 04:09:22 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-fra-eddf8230087-FRA
x-runtime: 0.016011
x-cache-hits: 0
vary: Origin
strict-transport-security: max-age=63072000; includeSubDomains
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1730002162&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=uSYGJEeHPoAc4vpA7jKAF4VORajaOv3%2FJeXZD7pjxSM%3D
content-security-policy: default-src 'none'; script-src 'none'
cache-control: public, no-cache
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
referrer-policy: origin-when-cross-origin
via: 1.1 vegur, 1.1 varnish
x-download-options: noopen
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1137
fastly-restarts: 1
server: Cowboy
x-content-digest: 355b435d4dde0eb26f0a25a91b4d99fbab735c5c

GET
H2 200 11th-annual-new-year-s-polar-plunge.json Show response
api.donately.com/v2/campaigns/ 7 KB
8 KB 479ms
468ms Fetch
application/json 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.donately.com/v2/campaigns/11th-annual-new-year-s-polar-plunge.json?account_subdomain=thisismefoundation

Requested by

Host: pages.donately.com
URL: https://pages.donately.com/static/js/main.19818a85.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

a41c8c83c4b647e29fa88d9e493a15a34ef1d2651147ef86302a388a77f21ce7

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Donately-Version: 2019-03-15
X-Donately-Pages: true
Referer: https://pages.donately.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-max-age: 7200
x-request-id: 9fe61df9-3136-47f4-8162-1d2d126d2bf6
access-control-expose-headers
etag: W/"a41c8c83c4b647e29fa88d9e493a15a3"
age: 0
expect-ct: max-age=86400, report-uri="https://donately.report-uri.io/r/default/ct/reportOnly"
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1730002161&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=e1dj6XggjdX%2F23%2FEW1HtReraRU8ILOiz%2BxBPgoAZ0Us%3D"}]}
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
x-rack-cache: stale, invalid, store
x-cache: MISS
date: Sun, 27 Oct 2024 04:09:22 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-fra-eddf8230087-FRA
x-runtime: 0.032788
x-cache-hits: 0
vary: Origin
strict-transport-security: max-age=63072000; includeSubDomains
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1730002161&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=e1dj6XggjdX%2F23%2FEW1HtReraRU8ILOiz%2BxBPgoAZ0Us%3D
content-security-policy: default-src 'none'; script-src 'none'
cache-control: public, no-cache
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
referrer-policy: origin-when-cross-origin
via: 1.1 vegur, 1.1 varnish
x-download-options: noopen
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7393
fastly-restarts: 1
server: Cowboy
x-content-digest: f4a13f039ccb7a3909e9f02de0c625327d34655a

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 272 KB
96 KB 145ms
51ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-37PDV783XE

Requested by

Host: pages.donately.com
URL: https://pages.donately.com/static/js/main.19818a85.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cf4291877343649d884c51c58065525e07181571a2b0d6fd2da0ed178da3a32b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://pages.donately.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sun, 27 Oct 2024 04:09:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 27 Oct 2024 04:09:21 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 97293
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 324 KB
108 KB 204ms
120ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-ND2HF9M&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Requested by

Host: pages.donately.com
URL: https://pages.donately.com/thisismefoundation/campaign/11th-annual-new-year-s-polar-plunge

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e96f908d16b38a0f3a9b15301749c980cd6440384d4b74b5c80c842505590654

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://pages.donately.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Sun, 27 Oct 2024 04:09:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 27 Oct 2024 04:09:21 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 27 Oct 2024 03:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 109814
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 large_This_Is_Me_Logo_copy.JPG
uploads.donately.com/production/account/logo/act_03a36c2da505/ 26 KB
26 KB 599ms
497ms Image
image/jpeg 2600:9000:214f:9c00:a:891a:6d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.donately.com/production/account/logo/act_03a36c2da505/large_This_Is_Me_Logo_copy.JPG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:9c00:a:891a:6d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b6ea1377e1c7ca843c76afbf9e74d08687739a026cf1add42ae5ef0b588660a4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://pages.donately.com/

Response headers

etag: "1755545fbea28380c401605e2144f8b5"
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Miss from cloudfront
content-length: 26546
x-amz-cf-id: L5DslFLISm-zareL3rJPVeAC0P40qZts6GgVv7iPVpDVu-lz3jxeBw==
date: Sun, 27 Oct 2024 04:09:22 GMT
content-type: image/jpeg
last-modified: Sun, 12 Nov 2023 16:19:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 65ms
21ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-37PDV783XE&gtm=45je4ao0v9126685265za200&_p=1730002161204&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533421~101823848&cid=1954851199.1730002162&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1730002161&sct=1&seg=0&dl=https%3A%2F%2Fpages.donately.com%2Fthisismefoundation%2Fcampaign%2F11th-annual-new-year-s-polar-plunge&dt=This%20Is%20Me%20Foundation%20%7C%20Donately&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2294
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-37PDV783XE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://pages.donately.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://pages.donately.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 27 Oct 2024 04:09:21 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 337 KB
111 KB 79ms
75ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-9BCP6ZNWKE&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ND2HF9M&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b6be6d26b2ee41a77d738407237ecf89f844e3d661f8645ac48a36481c398091

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://pages.donately.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sun, 27 Oct 2024 04:09:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 27 Oct 2024 04:09:21 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 113099
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 40 KB
14 KB 324ms
12ms Script
application/javascript 2a02:26f0:480:15::213:7e4a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ND2HF9M&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:15::213:7e4a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://pages.donately.com/

Response headers

cache-control: max-age=79662
content-encoding: gzip
x-cdn: AKAM
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 14628
date: Sun, 27 Oct 2024 04:09:22 GMT
last-modified: Thu, 22 Aug 2024 10:43:55 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H2 200 bat.js Show response
bat.bing.com/ 50 KB
15 KB 516ms
37ms Script
application/javascript 2620:1ec:33::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ND2HF9M&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://pages.donately.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: gzip
etag: "028e0691d20db1:0"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BE8DEE25B28449E18EAFC61355233D05 Ref B: FRAEDGE1215 Ref C: 2024-10-27T04:09:22Z
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 14570
date: Sun, 27 Oct 2024 04:09:21 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 22:47:44 GMT
vary: Accept-Encoding

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 229 KB
58 KB 296ms
8ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ND2HF9M&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

eab9cbb1928a9de3ed2b7164ea7215b1ee0c9d7584d04aac97fe5b6798140c48

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-2CzIe06T' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://pages.donately.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 27 Oct 2024 04:09:22 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-2CzIe06T' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=11, rtx=0, c=23, mss=1232, tbw=4712, tp=14, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: uZkKQtGm740nzRgN7HwxH1wyqaAZckqZ7R0iad+eIgkb+90WDU+F7TL6L/oJ0Ck1RiGr2B1ARbtjfXPcNYySZw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 59722
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 mixpanel-js-wrapper.js Show response
cdn.mxpnl.com/libs/ 8 KB
3 KB 324ms
16ms Script
text/javascript 2600:1901:0:bc29::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mxpnl.com/libs/mixpanel-js-wrapper.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ND2HF9M&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:bc29:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: b810a55c064062bb2e7c21978cde65aea63b035c95f1e3bc47abe054c513f28f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://pages.donately.com/

Response headers

x-goog-metageneration: 2
content-encoding: gzip
x-goog-hash: crc32c=x/scLg==, md5=EIeYZIQQF+LJXFV0lGNqWQ==
etag: "10879864841017e2c95c557494636a59"
age: 415
x-goog-stored-content-encoding: gzip
expires: Sun, 27 Oct 2024 04:12:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 2756
date: Sun, 27 Oct 2024 04:02:27 GMT
last-modified: Tue, 27 Aug 2024 18:10:35 GMT
content-type: text/javascript
vary: Accept-Encoding
x-guploader-uploadid: AHmUCY1SwDzLiGKYxrvMZhFZ4qypQE8jFQVmtLd--kfzBDYLJSfbKI2kMo40ugAtbxI4EX2qsxpczJexfQ
cache-control: public,max-age=600
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1724782235339024
content-length: 2756
server: UploadServer

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 316ms
13ms Script
application/javascript 199.232.188.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: pages.donately.com
URL: https://pages.donately.com/thisismefoundation/campaign/11th-annual-new-year-s-polar-plunge
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://pages.donately.com/

Response headers

vary: Accept-Encoding,Host
cache-control: no-cache
content-encoding: gzip
etag: "bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
accept-ranges: bytes
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length: 15412
date: Sun, 27 Oct 2024 04:09:22 GMT
x-tw-cdn: FT
last-modified: Fri, 22 Mar 2024 21:07:24 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-iad-kiad7000168-IAD, cache-muc13944-MUC
x-amz-server-side-encryption: AES256

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 283 KB
97 KB 68ms
67ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-939933942

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ND2HF9M&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

494c982de7c0b7c7af793dba22765becfefdc516fed774c8f3e9ed23f5c70524

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://pages.donately.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sun, 27 Oct 2024 04:09:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 27 Oct 2024 04:09:21 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 27 Oct 2024 03:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 99167
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 20073505.js Show response
js.hs-scripts.com/ 3 KB
1 KB 435ms
135ms Script
application/javascript 2606:4700::6810:8ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/20073505.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ND2HF9M&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:8ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6720c11b5be8c2d1265009fe4f35aee05df7f23cb60e0d83a6c9dba80a538b9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://pages.donately.com/

Response headers

access-control-max-age: 3600
content-encoding: gzip
cf-cache-status: EXPIRED
x-content-type-options: nosniff
expires: Sun, 27 Oct 2024 04:10:52 GMT
date: Sun, 27 Oct 2024 04:09:22 GMT
x-hubspot-correlation-id: 8b87e082-e9c3-430b-a462-b8f61d5bed53
content-type: application/javascript;charset=utf-8
vary: origin, Accept-Encoding
last-modified: Sun, 27 Oct 2024 04:09:22 GMT
cache-control: public, max-age=90
access-control-allow-credentials: true
cf-ray: 8d8fd488db07381c-FRA
accept-ranges: bytes
access-control-allow-origin: https://pages.donately.com
content-length: 749
server: cloudflare

GET
H2 200 donately-mktg.min.js Show response
cdn.donately.com/dntly-mktg/1.3/ 498 KB
146 KB 81ms
13ms Script
application/javascript 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.donately.com/dntly-mktg/1.3/donately-mktg.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ND2HF9M&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

dbff8c90c842c4524efbe3565b99889f7830070fe78072b1f1602029e39d756b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://pages.donately.com/

Response headers

content-encoding: gzip
etag: "7371413028ae8be90a5efef383d4e344"
x-amz-version-id: SGePNedEyRX2jBmNBWT.ZzV1oWCaji6_
age: 163
expect-ct: max-age=86400; report-uri='https://donately.report-uri.io/r/default/ct/reportOnly'
x-content-type-options: nosniff
x-cache: HIT
date: Sun, 27 Oct 2024 04:09:21 GMT
last-modified: Wed, 04 Oct 2023 16:23:41 GMT
x-served-by: cache-fra-eddf8230043-FRA
x-cache-hits: 0
content-type: application/javascript
x-amz-id-2: eIHwppIy6XhfRoAMt5tLs5Q1QEmlhBbqSyZ7W+Yeodw7BpeEr8f9pH/c9FT4Q+syLv83WIu4ejQ=
strict-transport-security: max-age=31557600; includeSubdomains
vary: Accept-Encoding
x-timer: S1730002162.822962,VS0,VE1
referrer-policy: origin-when-cross-origin
via: 1.1 varnish
x-amz-request-id: X0B1RR0YJWTJ32NC
x-download-options: noopen
accept-ranges: bytes
content-length: 148383
x-xss-protection: 1; mode=block
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 app.js Show response
acsbapp.com/apps/app/dist/js/ 315 KB
96 KB 433ms
147ms Script
application/javascript 2606:4700:10::6816:cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://acsbapp.com/apps/app/dist/js/app.js
Requested by: Host: pages.donately.com
URL: https://pages.donately.com/thisismefoundation/campaign/11th-annual-new-year-s-polar-plunge
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 095a419a7e9d826faf0efcb8176e529da5c9a2a56e3ff1295c5fd7efa6f448f0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://pages.donately.com/

Response headers

x-goog-metageneration: 3
access-control-expose-headers: *
x-goog-hash: crc32c=1OfI5w==, md5=J0aPpAwiN3HEjj+iDpQeiQ==
cf-cache-status: REVALIDATED
etag: W/"27468fa40c223771c48e3fa20e941e89"
content-encoding: br
x-goog-stored-content-encoding: identity
expires: Mon, 27 Oct 2025 04:09:22 GMT
x-goog-stored-content-length: 322112
date: Sun, 27 Oct 2024 04:09:22 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 14 Oct 2024 13:05:25 GMT
vary: Accept-Encoding
x-guploader-uploadid: AHmUCY3oyrLbwgt6rIHsat3jSbn4Im03-Aew8mHD1njs_uFF-5aZRpN7sFAhOTO4pUg2l_IVbqRXX4CWEQ
cache-control: public, max-age=300, must-revalidate
x-goog-storage-class: STANDARD
cf-ray: 8d8fd488cad92c53-FRA
access-control-allow-origin: *
x-goog-generation: 1728911125876754
server: cloudflare

GET
H2 200 script.js Show response
onsite.optimonk.com/ 4 KB
2 KB 387ms
8ms Script
application/javascript 2400:52e0:1e00::1080:1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL

https://onsite.optimonk.com/script.js?account=203840

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ND2HF9M&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

de59edb3c59c2bcf20219ebc4be57e058af1942cb40bff3ed0ff0905be64113e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://pages.donately.com/

Response headers

cdn-status: 200
content-encoding: br
etag: W/"fff-tA2lJGAUqxd6nHpOA+5CUYfR5Hg"
x-content-type-options: nosniff
date: Sun, 27 Oct 2024 04:09:22 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-cachedat: 10/24/2024 10:56:31
cdn-cache: HIT
x-frame-options: SAMEORIGIN
cdn-requestpullcode: 200
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=180
x-dns-prefetch-control: off
cdn-requestpullsuccess: True
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
cdn-requestid: cd4cb6be6da1d6483a021a3443321059
cdn-pullzone: 950289
x-download-options: noopen
cdn-proxyver: 1.04
cdn-requesttime: 0
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cdn-edgestorageid: 1082
server: BunnyCDN-DE1-1080
cdn-requestcountrycode: DE

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame 2E0A 0
0 163ms
36ms Document
text/html 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fpages.donately.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ND2HF9M&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 43427
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Sat, 26 Oct 2024 16:05:34 GMT
expires: Sun, 26 Oct 2025 16:05:34 GMT
last-modified: Mon, 21 Oct 2024 16:58:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 35ms
22ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-9BCP6ZNWKE&gtm=45je4ao0v892011104z878306026za200zb78306026&_p=1730002161204&_gaz=1&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533422~101823848&cid=1954851199.1730002162&ul=de-de&sr=1600x1200&_ng=1&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1730002162&sct=1&seg=0&dl=https%3A%2F%2Fpages.donately.com%2Fthisismefoundation%2Fcampaign%2F11th-annual-new-year-s-polar-plunge&dt=This%20Is%20Me%20Foundation%20%7C%20Donately&en=page_view&_fv=1&_ss=1&tfd=2649
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9BCP6ZNWKE&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://pages.donately.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://pages.donately.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 27 Oct 2024 04:09:22 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
556 B 259ms
26ms Ping
text/plain 2a00:1450:400c:c0b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&_ng=1&tid=G-9BCP6ZNWKE&cid=1954851199.1730002162&gtm=45je4ao0v892011104z878306026za200zb78306026&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=101533422~101823848
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9BCP6ZNWKE&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://pages.donately.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://pages.donately.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 27 Oct 2024 04:09:22 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 400ms
47ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ng=1&tid=G-9BCP6ZNWKE&cid=1954851199.1730002162&gtm=45je4ao0v892011104z878306026za200zb78306026&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=101533422~101823848&tag_exp=101533422~101823848&z=99824723

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://pages.donately.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sun, 27 Oct 2024 04:09:22 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H3 200 collector Show response
collector-px963uiwkr.px-cloud.net/api/v2/ 32 B
49 B 158ms
156ms XHR
application/json 35.190.10.96
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-px963uiwkr.px-cloud.net/api/v2/collector
Requested by: Host: pages.donately.com
URL: https://pages.donately.com/963UiWkR/init.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 96.10.190.35.bc.googleusercontent.com
Software: /
Resource Hash: da6268d3e4ffd8edd34230feca29fa5a83e1562bd9cf623c05737ec3eea36871

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://pages.donately.com/

Response headers

timing-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
via: 1.1 google
access-control-allow-origin: https://pages.donately.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32
date: Sun, 27 Oct 2024 04:09:21 GMT
content-type: application/json; charset=utf-8

GET
H3 200 535174410012356 Show response
connect.facebook.net/signals/config/ 75 KB
16 KB 128ms
128ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/535174410012356?v=2.9.174&r=stable&domain=pages.donately.com&hme=ead923021ccd3483ef3b9b04703d0a78b943fbdc01e8d7cec21c5059f1f4a5e9&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C194%2C193%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

45e1db757d54ab18ff25d7c319ceecf84c6ee655f85daeaf836c9471894267cf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-GeHYGLgP' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://pages.donately.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 27 Oct 2024 04:09:22 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-GeHYGLgP' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=67, mss=1232, tbw=68136, tp=68, tpl=0, uplat=116, ullat=1
pragma: public
x-fb-debug: cR3in/YSrQr9On3NTUpycZc/5MBZAJ23SSbua78GmO1vl1GEjzyZgY7YZSMCz5GVFUT6/jFU+FdrBktzXHLGrQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 mixpanel-2-latest.min.js Show response
cdn.mxpnl.com/libs/ 55 KB
19 KB 17ms
16ms Script
text/javascript 2600:1901:0:bc29::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by: Host: cdn.mxpnl.com
URL: https://cdn.mxpnl.com/libs/mixpanel-js-wrapper.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:bc29:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 5357d3283ddf27fc4156d8c48f95dadf544139b198c43db3162c8cf18b3de996

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://pages.donately.com/

Response headers

x-goog-metageneration: 2
content-encoding: gzip
x-goog-hash: crc32c=rciEWw==, md5=Ay7nz7moeiyGH/GIFXVIQg==
etag: "032ee7cfb9a87a2c861ff18815754842"
age: 349
x-goog-stored-content-encoding: gzip
expires: Sun, 27 Oct 2024 04:13:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 19057
date: Sun, 27 Oct 2024 04:03:33 GMT
last-modified: Tue, 27 Aug 2024 18:10:17 GMT
content-type: text/javascript
vary: Accept-Encoding
x-guploader-uploadid: AHmUCY1-1bIyow8aVb-O25_zG_A9ByHGPAgt49K38gNxklpga--rG2OSpqNBRs5zLbTCTRcfGl6R2_cDjA
cache-control: public,max-age=600
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1724782217794014
content-length: 19057
server: UploadServer

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
814 B 453ms
188ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=4794210&time=1730002162119&url=https%3A%2F%2Fpages.donately.com%2Fthisismefoundation%2Fcampaign%2F11th-annual-new-year-s-polar-plunge
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: *
Referer: https://pages.donately.com/

Response headers

x-li-pop: afd-prod-lor1-x
content-encoding: gzip
x-fs-uuid: 0006256d845acf2b5a79fe6c654e3f50
x-msedge-ref: Ref A: 95F0C850438444DEB1F1D619D262A3F2 Ref B: FRAEDGE1615 Ref C: 2024-10-27T04:09:22Z
x-li-fabric: prod-lor1
x-restli-protocol-version: 1.0.0
access-control-allow-methods: GET, OPTIONS
x-li-uuid: AAYlbYRazytaef5sZU4/UA==
x-li-proto: http/2
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Sun, 27 Oct 2024 04:09:22 GMT
content-type: application/json
access-control-allow-headers: *

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4794210&time=1730002162119&url=https%3A%2F%2Fpages.donately.com%2Fthisismefoundation%2Fcampaign%2F11th-annual-new-year-s-polar-plunge
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4794210&time=1730002162119&url=https%3A%2F%2Fpages.donately.com%2Fthisismefoundation%2Fcampaign%2F11th-annual-new-year-s-polar-plunge&e_ipv6=AQJD...

0
482 B

281ms
150ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4794210&time=1730002162119&url=https%3A%2F%2Fpages.donately.com%2Fthisismefoundation%2Fcampaign%2F11th-annual-new-year-s-polar-plunge&e_ipv6=AQJDHQ279IeNlgAAAZLMKhMcQgwvSsdPUtkaonoDK_FiSy13xPp5uO4xF-Hal_-mS7fU-ISg
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://pages.donately.com/

Response headers

linkedin-action: 1
x-li-pop: afd-prod-ltx1-x
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-msedge-ref: Ref A: E4DAAFAF8FA7448CB19CCF4B7EC954F1 Ref B: FRAEDGE2010 Ref C: 2024-10-27T04:09:23Z
x-li-fabric: prod-ltx1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-uuid: AAYlbYRqZFcXzT6igqnavA==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Sun, 27 Oct 2024 04:09:23 GMT
content-type: application/javascript

Redirect headers

linkedin-action: 1
x-li-pop: afd-prod-ltx1-x
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4794210&time=1730002162119&url=https%3A%2F%2Fpages.donately.com%2Fthisismefoundation%2Fcampaign%2F11th-annual-new-year-s-polar-plunge&e_ipv6=AQJDHQ279IeNlgAAAZLMKhMcQgwvSsdPUtkaonoDK_FiSy13xPp5uO4xF-Hal_-mS7fU-ISg
x-msedge-ref: Ref A: BE788C44032E4F7FB7782D062492692F Ref B: FRAEDGE2016 Ref C: 2024-10-27T04:09:22Z
x-li-fabric: prod-ltx1
x-li-uuid: AAYlbYRaj8E3UIINxknRJQ==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Sun, 27 Oct 2024 04:09:21 GMT

GET
H2 200 adsct
t.co/i/ 43 B
627 B 457ms
201ms Image
image/gif 172.66.0.227
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=e115a416-3096-4654-ba15-22c9a1fe9efb&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=41b86912-5e2f-4550-aeb1-16c6173d60d4&tw_document_href=https%3A%2F%2Fpages.donately.com%2Fthisismefoundation%2Fcampaign%2F11th-annual-new-year-s-polar-plunge&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3eo6&type=javascript&version=2.3.30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.227 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://pages.donately.com/

Response headers

strict-transport-security: max-age=0
x-transaction-id: 4c373aab2397dcde
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 55bc64b6d6e950261f41c433730812d9e584285feaf81dd8e45b57389abe5973
cf-cache-status: DYNAMIC
cf-ray: 8d8fd48aeee11e57-FRA
x-response-time: 174
content-length: 43
date: Sun, 27 Oct 2024 04:09:22 GMT
content-type: image/gif;charset=utf-8
perf: 7402827104
server: cloudflare tsa_o

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
393 B 376ms
120ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=e115a416-3096-4654-ba15-22c9a1fe9efb&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=41b86912-5e2f-4550-aeb1-16c6173d60d4&tw_document_href=https%3A%2F%2Fpages.donately.com%2Fthisismefoundation%2Fcampaign%2F11th-annual-new-year-s-polar-plunge&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3eo6&type=javascript&version=2.3.30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://pages.donately.com/

Response headers

strict-transport-security: max-age=631138519
x-transaction-id: 5ca5a4092fccef20
cache-control: no-cache, no-store, max-age=0
x-connection-hash: d8a7f682b8d4e28f305c0d5c7441c1bee8f7e3c7e26969ab8e38b472e39cf48a
x-response-time: 103
content-length: 43
date: Sun, 27 Oct 2024 04:09:21 GMT
perf: 7402827104
content-type: image/gif;charset=utf-8
server: tsa_o

GET
H2 200 config.json Show response
api.donately.com/v2/forms/frm_fe09d0aa2201/ 1 KB
156 B 10ms
8ms Fetch
application/json 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.donately.com/v2/forms/frm_fe09d0aa2201/config.json

Requested by

Host: pages.donately.com
URL: https://pages.donately.com/static/js/main.19818a85.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

ce18663267dec480268b45f9c28800a2a8d505c93266a2bfe685e2432662c422

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'none'

Request headers

Donately-Version: 2019-03-15
X-Donately-Pages: true
Referer: https://pages.donately.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
X-PX-Cookie: eyJ1IjoiM2RhY2MyMDAtOTQxOS0xMWVmLWFjN2ItMzc1OTI0ZDA0OThkIiwidiI6IjNkNTM3MGEzLTk0MTktMTFlZi1iMjY2LTJjZmEzZjkwOGY1ZiIsInQiOjE3MzAwMDI0NjEyNjksImgiOiJkZmM0ZTZmM2FjMmY5ZTMwNzdjMTg3Y2RhNGQ0ODAxODNjZTM0M2Q3NWRkYWRiZWJjNzIzOTZiMzJmYzg5OTY0In0=

Response headers

access-control-max-age: 7200
x-request-id: a3ec07bb-6ef7-4b62-85e7-dd960a7bd824
access-control-expose-headers
etag: W/"ce18663267dec480268b45f9c28800a2"
age: 0
expect-ct: max-age=86400, report-uri="https://donately.report-uri.io/r/default/ct/reportOnly"
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1730002162&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=uSYGJEeHPoAc4vpA7jKAF4VORajaOv3%2FJeXZD7pjxSM%3D"}]}
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
x-rack-cache: stale, valid, store
x-cache: HIT
date: Sun, 27 Oct 2024 04:09:22 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-fra-eddf8230087-FRA
x-cache-hits: 1
x-runtime: 0.016011
vary: Origin
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1730002162&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=uSYGJEeHPoAc4vpA7jKAF4VORajaOv3%2FJeXZD7pjxSM%3D
content-security-policy: default-src 'none'; script-src 'none'
cache-control: public, no-cache
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-timer: S1730002162.259759,VS0,VE1
referrer-policy: origin-when-cross-origin
via: 1.1 varnish
x-download-options: noopen
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1137
fastly-restarts: 1
server: Cowboy
x-content-digest: 355b435d4dde0eb26f0a25a91b4d99fbab735c5c

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
4 KB 228ms
18ms Script
application/javascript 2606:4700::6811:80ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsadspixel.net/fb.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/20073505.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:80ac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f42615ee0d75d5afd126f639e3f2aaed37b6aaf21ba13902db3d7d8c331e6a9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://pages.donately.com/

Response headers

x-evy-trace-virtual-host: all
x-request-id: 02c01a77-8c47-4033-af22-a468de30df8a
content-encoding: gzip
cf-cache-status: HIT
etag: W/"0df6051fb4e3e5c67b55de874a5fe993"
x-amz-version-id: KtgVA4GHJgyUOPf7T5TRgmfap.5FKp0l
age: 238
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-hs-cache-status: HIT
x-amz-cf-id: fGMTiXXYcM4rEspupde8eZd-zaFo_JlGZUPxPwV2Q6qjGu01PAWbcw==
date: Sun, 27 Oct 2024 04:09:22 GMT
x-hubspot-correlation-id: 02c01a77-8c47-4033-af22-a468de30df8a
content-type: application/javascript; charset=utf-8
last-modified: Mon, 21 Oct 2024 14:24:42 UTC
vary: accept-encoding
x-evy-trace-listener: listener_https
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-86c46c9777-p9n2k
x-envoy-upstream-service-time: 0
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.605/bundles/pixels-release.js&cfRay=8d8fceba0f60d36c-FRA
via: 1.1 16df6ade68382d048f8aad1f7e39da28.cloudfront.net (CloudFront)
cf-ray: 8d8fd48b1e70d2c6-FRA
x-evy-trace-route-configuration: listener_https/all
x-hs-target-asset: adsscriptloaderstatic/static-1.605/bundles/pixels-release.js
x-amz-cf-pop: IAD12-P3
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 20073505.js Show response
js.hs-analytics.net/analytics/1730001900000/ 69 KB
25 KB 346ms
137ms Script
text/javascript 2606:4700::6810:a0a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1730001900000/20073505.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/20073505.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:a0a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ff6c7ec84bc5aca2027a5c4a4588e4db9d9592fc4c8427fe4678a8555d00245

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://pages.donately.com/

Response headers

x-amz-server-side-encryption: AES256
x-request-id: b97148ce-97db-47c3-bf7d-34c05d356866
content-encoding: gzip
cf-cache-status: MISS
etag: W/"87b32745af57b39a76170fe61e50572a"
x-amz-version-id: null
expires: Sun, 27 Oct 2024 04:14:22 GMT
x-evy-trace-listener: listener_https
date: Sun, 27 Oct 2024 04:09:22 GMT
x-hubspot-correlation-id: b97148ce-97db-47c3-bf7d-34c05d356866
content-type: text/javascript
last-modified: Tue, 22 Oct 2024 20:59:40 GMT
vary: origin, Accept-Encoding
x-amz-id-2: OqwGdoMHZuMBC8zKNr6DeDqVpQQj2TquC9Hfe4SyCq/8UgfGrmTihBA/VO7q67pQhUSHWXtu7og=
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=300,public
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-58b4c4568d-4mt8v
x-envoy-upstream-service-time: 27
access-control-allow-credentials: false
x-amz-request-id: QW8X2Q1WNCMCTB65
cf-ray: 8d8fd48b1c3491f0-FRA
x-evy-trace-route-configuration: listener_https/all
server: cloudflare
x-evy-trace-virtual-host: all

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/20073505/ 80 KB
29 KB 498ms
290ms Script
text/javascript 2606:4700:4400::6812:28f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/20073505/banner.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/20073505.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f70635b371c0a5f30a8bbf808df690beb1b921eba01c44bb7f23615e6441a95

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://pages.donately.com/

Response headers

x-evy-trace-virtual-host: all
access-control-max-age: 604800
x-request-id: 148f3074-a3df-46ed-a54b-57b1d29addc4
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"95964ead544b0fe8da19b88ef422095c"
x-amz-version-id: NJuli0RNfK7lBMALrHITpCse9LQE2rp4
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
expires: Sun, 27 Oct 2024 04:14:22 GMT
x-evy-trace-listener: listener_https
date: Sun, 27 Oct 2024 04:09:22 GMT
x-hubspot-correlation-id: 148f3074-a3df-46ed-a54b-57b1d29addc4
content-type: text/javascript; charset=UTF-8
last-modified: Thu, 24 Oct 2024 21:55:44 GMT
vary: origin, Accept-Encoding
x-amz-id-2: oHF0ZuvNvWEMNZ2GRwY5AL9kqV3ZuWmuFYHUmKB/UFqwKL0hOc4+64CUpB/tSbqN5B5sHBVVplk=
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=300,public
timing-allow-origin: *
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-58b4c4568d-ftchg
x-envoy-upstream-service-time: 193
access-control-allow-credentials: true
x-amz-request-id: JTQPSC7TXW0EXKV8
cf-ray: 8d8fd48b1a728ed1-FRA
access-control-allow-origin: https://dash.donately.com
x-evy-trace-route-configuration: listener_https/all
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 550 KB
92 KB 228ms
21ms Script
application/javascript 2606:4700::6812:8d11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsleadflows.net/leadflows.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/20073505.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:8d11 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d44882ab82adeef2856a0d52fb54bb70e472be45d50aa3a16b4cb39223391a99

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://pages.donately.com
Referer: https://pages.donately.com/

Response headers

x-request-id: 9d0fbdef-bbb5-490e-9f05-4f5e71ff60af
content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: 1P48dmUoAxkQ57N6qBxgDzS3oBmZAXBF
etag: W/"ce26171eff05376a1b746efbb809f7f6"
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
age: 62947
x-content-type-options: nosniff
x-cache: Miss from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: ooFqmseT-qb0bm1hSGHucHXsUjuvReKHWeKlzYdBpxzp6MCH_ZjGXw==
x-hubspot-correlation-id: 9d0fbdef-bbb5-490e-9f05-4f5e71ff60af
content-type: application/javascript; charset=utf-8
last-modified: Wed, 09 Oct 2024 10:17:06 UTC
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: s-maxage=86400, max-age=0
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-86c46c9777-95l96
x-envoy-upstream-service-time: 40
x-hs-target-asset: lead-flows-js/static-1.1724/bundle/main/lead-flows-release.js
server: cloudflare
x-evy-trace-virtual-host: all
x-amz-server-side-encryption: AES256
access-control-max-age: 3000
access-control-allow-methods: GET
x-hs-cache-status: MISS
date: Sun, 27 Oct 2024 04:09:22 GMT
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.1724/bundle/main/lead-flows-release.js&cfRay=8d89d3bf1fa9d262-FRA
via: 1.1 73c5607bdb5db0d651e25c848846d554.cloudfront.net (CloudFront)
cf-ray: 8d8fd48b1b711e4d-FRA
access-control-allow-origin: *
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD12-P3

GET
H2 200 web-interactives-embed.js Show response
js.hubspot.com/ 83 KB
25 KB 191ms
33ms Script
application/javascript 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hubspot.com/web-interactives-embed.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/20073505.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb60114d01e18846fc0570ef5b0c637ff1cf5f96b3cea88dd7a7a56bc587d726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://pages.donately.com
Referer: https://pages.donately.com/

Response headers

x-request-id: a4dcf4a8-809c-46d7-b491-feff06077ac0
content-encoding: gzip
cf-cache-status: HIT
etag: W/"83516cb36bba59046b931d3496c56b0c"
x-amz-version-id: ZQMS1VbFbWDZoJKZTG5NvZHBA.3vkImQ
cache-tag: staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
age: 164
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1JL2bDn2tC29bToV9fptY4NBpjE6k6tB%2BT0MFRXmBMSefqfALk5mBCr1oRModTL8ZCR9Y2K6JgmAaTVfKxEfvBA%2FdPKGCkhlEocZgj7A8ebMEnQv7iFoKo8GZNucY3V5Z0%2FP39XewMXffWWB"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-cache: Miss from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: HN3i9evk9zuqCjiHEUyuWFWpi9xH0jT6OPuUzRuaTZWeWXBJkJWl5Q==
x-hubspot-correlation-id: a4dcf4a8-809c-46d7-b491-feff06077ac0
content-type: application/javascript; charset=utf-8
last-modified: Tue, 22 Oct 2024 19:28:29 UTC
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-7df4f6b649-dbgsd
x-envoy-upstream-service-time: 47
x-hs-target-asset: web-interactives-embed/static-2.1607/bundles/project.js
server: cloudflare
x-evy-trace-virtual-host: all
x-amz-server-side-encryption: AES256
access-control-max-age: 3000
access-control-allow-methods: GET
x-hs-cache-status: MISS
date: Sun, 27 Oct 2024 04:09:22 GMT
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.1607/bundles/project.js&cfRay=8d6bea8b4c31d296-HEL
via: 1.1 4715507645a6516d2df35cd342cb5be0.cloudfront.net (CloudFront)
cf-ray: 8d8fd48b2b4c2bbe-FRA
access-control-allow-origin: *
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD12-P3

GET
H2 200 feedbackweb-new.js Show response
js.hubspotfeedback.com/ 21 KB
9 KB 153ms
20ms Script
application/javascript 2606:4700::6812:407c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hubspotfeedback.com/feedbackweb-new.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/20073505.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:407c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43743eed52cc77ade648e11e0ce91e9a352e11a3bbdc5a344fcf5ae6ac9a4b5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://pages.donately.com
Referer: https://pages.donately.com/

Response headers

x-request-id: 97fa409b-1ada-4d84-b90f-5ad08316f192
content-encoding: gzip
cf-cache-status: HIT
etag: W/"b1343609cc38fb5c7f9f7efc02b23a59"
x-amz-version-id: SKXXAmaZw0opUavRkqageZhm2CgXEm6C
age: 164
cache-tag: staticjsapp-feedback-web-renderer-script-web-prod,staticjsapp-prod
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: foyUCpBo3GDh5ojwaCIDHfv0J34PgljsNp9yezYhZv1x-faRoKMBAA==
x-hubspot-correlation-id: 97fa409b-1ada-4d84-b90f-5ad08316f192
content-type: application/javascript; charset=utf-8
last-modified: Fri, 25 Oct 2024 13:26:44 UTC
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-86c46c9777-9qg57
x-envoy-upstream-service-time: 1
x-hs-target-asset: feedback-web-renderer-ui/static-1.22077/bundles/popupInjector.js
server: cloudflare
x-evy-trace-virtual-host: all
x-amz-server-side-encryption: AES256
x-hs-cache-status: HIT
date: Sun, 27 Oct 2024 04:09:22 GMT
vary: accept-encoding
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=feedback-web-renderer-ui/static-1.22077/bundles/popupInjector.js&cfRay=8d8fd08a8e4fd351-FRA
via: 1.1 3d4bfc42e9575ee1f9559241c9e3f464.cloudfront.net (CloudFront)
cf-ray: 8d8fd48b2bd9914c-FRA
access-control-allow-origin: *
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD12-P3

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 93 KB
26 KB 133ms
19ms Script
application/javascript 2606:4700::6810:4d8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.usemessages.com/conversations-embed.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/20073505.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:4d8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4621daf70705ca4ad2cdfa8c95058ddcf4966d0146230d6abe449f49f7c8d107

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://pages.donately.com/

Response headers

x-evy-trace-virtual-host: all
x-request-id: 74f15277-bdae-41c0-b08a-63deceabec5d
content-encoding: gzip
cf-cache-status: HIT
etag: W/"efed4c800767ce92e6061f17ccc5987d"
x-amz-version-id: r.mCsQD_WlXWwN3xiO22xDXPwu0BfTog
age: 165
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-hs-cache-status: HIT
x-amz-cf-id: 3779TmgjFcEygE3oTtyl1E_zOSypyfYNDrQg6DC5kqKIYhqiz0ZEhg==
date: Sun, 27 Oct 2024 04:09:22 GMT
x-hubspot-correlation-id: 74f15277-bdae-41c0-b08a-63deceabec5d
content-type: application/javascript; charset=utf-8
last-modified: Thu, 24 Oct 2024 17:50:37 UTC
vary: accept-encoding
x-evy-trace-listener: listener_https
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-86c46c9777-4gd8c
x-envoy-upstream-service-time: 0
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.18435/bundles/project.js&cfRay=8d8fd0815dd778a4-FRA
via: 1.1 16df6ade68382d048f8aad1f7e39da28.cloudfront.net (CloudFront)
cf-ray: 8d8fd48bf969d275-FRA
x-evy-trace-route-configuration: listener_https/all
x-hs-target-asset: conversations-embed/static-1.18435/bundles/project.js
x-amz-cf-pop: IAD12-P3
server: cloudflare
x-amz-server-side-encryption: AES256

OPTIONS
H2 200 config.json
api.donately.com/v2/forms/frm_fe09d0aa2201/ Frame 0
0 124ms
124ms Preflight 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.donately.com/v2/forms/frm_fe09d0aa2201/config.json

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'none'

Request headers

Accept: */*
Access-Control-Request-Headers: donately-version,x-donately-pages,x-px-cookie
Access-Control-Request-Method: GET
Origin: https://pages.donately.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: donately-version,x-donately-pages,x-px-cookie
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 7200
content-length: 0
content-security-policy: default-src 'none'; script-src 'none'
date: Sun, 27 Oct 2024 04:09:22 GMT
expect-ct: max-age=86400, report-uri="https://donately.report-uri.io/r/default/ct/reportOnly"
fastly-restarts: 1
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
referrer-policy: origin-when-cross-origin
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1730002162&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=uSYGJEeHPoAc4vpA7jKAF4VORajaOv3%2FJeXZD7pjxSM%3D"}]}
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1730002162&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=uSYGJEeHPoAc4vpA7jKAF4VORajaOv3%2FJeXZD7pjxSM%3D
server: Cowboy
via: 1.1 vegur, 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-download-options: noopen
x-served-by: cache-fra-eddf8230087-FRA

GET
H2 200 embedded.a4bd82eb.js Show response
cdn-asset.optimonk.com/script.esm/ 171 KB
51 KB 219ms
10ms Script
application/javascript 2400:52e0:1e00::1082:1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-asset.optimonk.com/script.esm/embedded.a4bd82eb.js

Requested by

Host: onsite.optimonk.com
URL: https://onsite.optimonk.com/script.js?account=203840

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1082:1 , Germany, ASN60068 (CDN77 _, GB),

Reverse DNS

Software

BunnyCDN-DE1-1082 /

Resource Hash

698896c96eaa20a5d1c0ad1f510e86d2f9ab02bce1028bd5dca61f13812b56b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://pages.donately.com
Referer: https://pages.donately.com/

Response headers

cdn-status: 200
content-encoding: br
etag: W/"2ab11-Td6I4RqeQ3YrLgYjCcf0b4iq8WU"
x-content-type-options: nosniff
date: Sun, 27 Oct 2024 04:09:22 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-cachedat: 10/18/2024 20:16:57
cdn-cache: HIT
x-frame-options: SAMEORIGIN
cdn-requestpullcode: 200
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=2592000
x-dns-prefetch-control: off
cdn-requestpullsuccess: True
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
cdn-requestid: 30b257e9ca68556ba98e433f9ccd1836
cdn-pullzone: 580384
x-download-options: noopen
cdn-proxyver: 1.04
cdn-requesttime: 0
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cdn-edgestorageid: 1079
server: BunnyCDN-DE1-1082
cdn-requestcountrycode: DE

GET
H2 200 trends.min.js Show response
assets.trendemon.com/tag/ 301 KB
60 KB 281ms
11ms Script
application/javascript 2600:9000:223c:3000:2:7dc7:8f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.trendemon.com/tag/trends.min.js
Requested by: Host: pages.donately.com
URL: https://pages.donately.com/thisismefoundation/campaign/11th-annual-new-year-s-polar-plunge
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:3000:2:7dc7:8f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2408c002d9aa33f835f3d468e5ace993a1c12f6a0c09b4023b633387d5d7fff3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://pages.donately.com/

Response headers

content-encoding: gzip
etag: "7226ef628fcaea5dad96b32f975afb3a"
age: 50878
via: 1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 61290
x-amz-cf-id: qubw4oClYMyk_lkedJMWLetWIBat-M0RQTuOlYi172rTvoK3rjkarA==
date: Sat, 26 Oct 2024 14:19:33 GMT
content-type: application/javascript
last-modified: Mon, 23 Sep 2024 13:58:42 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256

GET
H2 200 config.json Show response
cdn.acsbapp.com/config/pages.donately.com/ 163 B
700 B 286ms
151ms Fetch
application/json 2606:4700:10::6816:cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.acsbapp.com/config/pages.donately.com/config.json?page=%2Fthisismefoundation%2Fcampaign%2F11th-annual-new-year-s-polar-plunge
Requested by: Host: acsbapp.com
URL: https://acsbapp.com/apps/app/dist/js/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e31b7b6baa904b283e88d7ee5e7963d295861d168c04b68122ea73d2caf2f675

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://pages.donately.com/

Response headers

x-goog-metageneration: 2
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash: crc32c=ItZQcg==, md5=jSGeFZ8n+3DbJBGWNSg07g==
cf-cache-status: MISS
etag: W/"8d219e159f27fb70db241196352834ee"
content-encoding: br
x-goog-stored-content-encoding: identity
expires: Mon, 27 Oct 2025 04:09:23 GMT
x-goog-stored-content-length: 163
date: Sun, 27 Oct 2024 04:09:23 GMT
content-type: application/json
last-modified: Wed, 08 Feb 2023 13:49:03 GMT
vary: Accept-Encoding
x-guploader-uploadid: AHmUCY1p0Isj12ZpGGKRn28savGC75r6FUzCPrUvC1GGOV6HgtvnzoboFmn-QLYI-Qw0gwP24ejgHcvh0w
cache-control: public, max-age=300, must-revalidate
x-goog-storage-class: STANDARD
cf-ray: 8d8fd4916f722bcd-FRA
access-control-allow-origin: *
x-goog-generation: 1675864142957111
server: cloudflare

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 117ms
39ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=535174410012356&ev=PageView&dl=https%3A%2F%2Fpages.donately.com&rl=&if=false&ts=1730002163365&sw=1600&sh=1200&v=2.9.174&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12316&fbp=fb.1.1730002163349.318602975369366614&cs_est=true&pm=1&hrl=cf1566&ler=empty&cdl=API_unavailable&it=1730002162116&coo=false&tm=1&cs_cc=1&cas=1289722501122568%2C7797177490326170%2C2280140928755610%2C3164739136917719%2C2935756349873593%2C3112083878863116%2C2736582273082085%2C1526153127451533&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://pages.donately.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1368, tbw=2933, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sun, 27 Oct 2024 04:09:23 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 393ms
316ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=535174410012356&ev=PageView&dl=https%3A%2F%2Fpages.donately.com&rl=&if=false&ts=1730002163365&sw=1600&sh=1200&v=2.9.174&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12316&fbp=fb.1.1730002163349.318602975369366614&cs_est=true&pm=1&hrl=cf1566&ler=empty&cdl=API_unavailable&it=1730002162116&coo=false&tm=1&cs_cc=1&cas=1289722501122568%2C7797177490326170%2C2280140928755610%2C3164739136917719%2C2935756349873593%2C3112083878863116%2C2736582273082085%2C1526153127451533&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://pages.donately.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7430302712267812464"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 27 Oct 2024 04:09:23 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: 3HoThQWv6pTiaf2zRyJGU5xxVPcEcFIKlFb1inIJNMxmhRlEu9lUYrJhDp7m2DEhspgAZL1E7q40yVxYJRWFiQ==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7430302712267812464", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1368, tbw=3250, tp=-1, tpl=-1, uplat=292, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
cross-origin-opener-policy-report-only: restrict-properties;report-to="coop_report"
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 combinedConfigs Show response
cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/ 95 B
1 KB 148ms
133ms Fetch
application/json 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=20073505&currentUrl=https%3A%2F%2Fpages.donately.com%2Fthisismefoundation%2Fcampaign%2F11th-annual-new-year-s-polar-plunge

Requested by

Host: js.hubspot.com
URL: https://js.hubspot.com/web-interactives-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f212e942ac33fd93669f03a55e2c0192224cdb6870b376fac8d3c5255cd01225

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://pages.donately.com/

Response headers

x-robots-tag: noindex, follow
access-control-max-age: 180
x-request-id: 86e7c212-9a3b-4644-bea8-06df84669118
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eHmtow87yfFcnHpnNrUQH15RR%2FUb95TBDdAkyHzRTSzI56N5fbX77rbb1fExx%2BCbreiaIdrwkL5E9XReL1Q13rGMe60Gz48%2BWnsfr0YsZEOJU1oBYaC17HXkJE9%2FR9pk2utFeIWXuAq%2By7zjMF%2Bav%2FOQF7UMsn0n4KA%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
access-control-allow-methods: OPTIONS, GET
x-evy-trace-listener: listener_https
date: Sun, 27 Oct 2024 04:09:23 GMT
x-hubspot-correlation-id: 86e7c212-9a3b-4644-bea8-06df84669118
content-type: application/json;charset=utf-8
vary: origin
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=0, no-cache, no-store
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-6c6b56f4b-nnklw
x-envoy-upstream-service-time: 11
access-control-allow-credentials: true
cf-ray: 8d8fd4920e0d2bbe-FRA
access-control-allow-origin: https://pages.donately.com
x-evy-trace-route-configuration: listener_https/all
server: cloudflare
x-evy-trace-virtual-host: all

GET
H2 200 feedback-web-fetcher
app.hubspot.com/ Frame E1B8 0
0 175ms
95ms Document
text/html 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/feedback-web-fetcher

Requested by

Host: js.hubspotfeedback.com
URL: https://js.hubspotfeedback.com/feedbackweb-new.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	no-sniff

Request headers

Referer: https://pages.donately.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age: 53069
cache-control: max-age=0, no-cache, no-store
cf-cache-status: HIT
cf-ray: 8d8fd49329639b1c-FRA
content-encoding: br
content-security-policy-report-only: script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: *.fullstory.com fullstory.com apis.google.com; report-uri https://send.hsbrowserreports.com/csp/report?resource=feedback-web-renderer-ui/static-1.22077/html/fetcher.html&cfRay=8d8fd49329639b1c&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Ffeedback-web-fetcher&referrer=https%3A%2F%2Fpages.donately.com%2F&cfenv=prod&pdt=2024-10-27&csp=ro
content-type: text/html; charset=utf-8
date: Sun, 27 Oct 2024 04:09:23 GMT
etag: W/"c1e4212d091006dc91b8db5b1ff42c4e"
expires: Mon, 28 Oct 2024 04:09:23 GMT
last-modified: Fri, 25 Oct 2024 13:21:14 GMT
nel: {"report_to":"nel","max_age":86400}
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]} {"group":"nel","max_age":86400,"endpoints":[{"url":"https://nel.hsbrowserreports.com/browser/reporting/reports"}]}
reporting-endpoints: default="https://send.hsbrowserreports.com/csp/reports?cfRay=8d8fd49329639b1c&resource=feedback-web-renderer-ui/static-1.22077/html/fetcher.html"
server: cloudflare
server-timing: cfr;desc=8d8fd49329639b1c, d;desc="feedback-web-renderer-ui#5f45c30b-d236-4861-b4a3-4fc63f03510a"
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
x-amz-cf-id: nMV6-oRCGXxKhYiGGfxqoIX_amym3CdW_exe-8aCJkNKu4s2VbwKWw==
x-amz-cf-pop: FRA56-P2
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: Zzcx3e7KjlgG1FvAS7Js0qhZ7ZIA6Uzf
x-cache: Hit from cloudfront
x-content-type-options: no-sniff
x-hs-target-asset: feedback-web-renderer-ui/static-1.22077/html/fetcher.html
x-hs-worker-debug-mode: false

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 247ms
128ms Image
image/gif 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=3377520574&v=1.1&a=20073505&pu=https%3A%2F%2Fpages.donately.com%2Fthisismefoundation%2Fcampaign%2F11th-annual-new-year-s-polar-plunge&t=This+Is+Me+Foundation+%7C+Donately&cts=1730002163536&vi=160a5dcea55ca279480305eebc6121b6&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://pages.donately.com/

Response headers

x-robots-tag: none
x-request-id: 1ffdf123-ab63-48ae-9915-0863f9d2fb3a
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9G2vfVcs4DcmudTgdzzgn9ZmxDMRxeAxe6R1a4%2FmYGpy9g8dJIgA79S07bBaCxLYpQGGyj3Ag7olG6%2B68l7p3HoTGDzMPhawbyQIcrnlj88BnXWNhQSSRtIVDaBL471tGJVgb4j%2FgX6z0aDP7J2G"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-evy-trace-listener: listener_https
p3p: CP="NOI CUR ADM OUR NOR STA NID"
date: Sun, 27 Oct 2024 04:09:23 GMT
x-hubspot-correlation-id: 1ffdf123-ab63-48ae-9915-0863f9d2fb3a
content-type: image/gif
vary: origin, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: no-cache, no-store, no-transform
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-746d57b5c6-48wwf
x-envoy-upstream-service-time: 5
access-control-allow-credentials: false
cf-ray: 8d8fd492fe8c3614-FRA
x-evy-trace-route-configuration: listener_https/all
content-length: 45
server: cloudflare
x-evy-trace-virtual-host: all

GET public
api.hubspot.com/livechat-public/v1/message/ 0
0

GET
H2 200 cf-location Show response
js.hs-banner.com/v2/ 5 B
148 B 42ms
16ms Fetch
text/plain 2606:4700:4400::6812:28f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/cf-location
Requested by: Host: js.hs-banner.com
URL: https://js.hs-banner.com/v2/20073505/banner.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b28ae40ac9ef82a5f8426c454cf12d9186a8e6813f6244bb9dddbef59af95071

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://pages.donately.com/

Response headers

cache-control: private, max-age=1500
cf-ray: 8d8fd492892f2c4d-FRA
access-control-allow-origin: *
content-length: 5
date: Sun, 27 Oct 2024 04:09:23 GMT
content-type: text/plain;charset=UTF-8
vary: Accept-Encoding
server: cloudflare

GET
H2 200 2571 Show response
trackingapi.trendemon.com/api/settings/ 636 B
775 B 341ms
104ms Script
application/x-javascript 54.164.139.38
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trackingapi.trendemon.com/api/settings/2571?callback=jsonp323267&vid=
Requested by: Host: assets.trendemon.com
URL: https://assets.trendemon.com/tag/trends.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.164.139.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-164-139-38.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: 2e1f06dd187c847a889e6a5430174e4562acb6ce7a7d8ae2954f5fd69beb2c1f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://pages.donately.com/

Response headers

cache-control: no-store,no-cache
content-length: 636
date: Sun, 27 Oct 2024 04:09:23 GMT
pragma: no-cache
content-type: application/x-javascript; charset=UTF-8
server: Kestrel

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 149ms
138ms Preflight
text/plain 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=20073505&conversations-embed=static-1.18435&mobile=false&messagesUtk=f8db94d5a43c427c8899cf296f8d4357&traceId=f8db94d5a43c427c8899cf296f8d4357

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: https://pages.donately.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://pages.donately.com
allow: HEAD,GET,OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 8d8fd4926e272bbe-FRA
content-length: 18
content-type: text/plain; charset=utf-8
date: Sun, 27 Oct 2024 04:09:23 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p2dt9TrLuQLSIAkvp8beoVG087hMsbGHHZV9WFL%2FdWVxsXyFGdbAUL0klHdykoVDiSb7Ypa0DyJZL2hfUJcyyq2v1R%2B0xIcKFurScUT64q%2F51YT0Q4jdmk1vM2QvCfPlRdUprbj5fkeMDhxqAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
x-content-type-options: nosniff
x-hubspot-correlation-id: bba42451-1943-42e1-8232-62f620077d46

GET large_Fundraising-Graphic.jpeg
uploads.donately.com/production/campaign/cover_photo/cmp_56b83316a42c/ 0
0

GET
H3 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 22 KB
22 KB 44ms
43ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,900

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://pages.donately.com
Referer: https://fonts.googleapis.com/

Response headers

age: 387267
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 16:34:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 16:34:56 GMT
last-modified: Tue, 02 May 2023 15:12:45 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 22504
x-xss-protection: 0
server: sffe

GET
H3 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 54ms
54ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,900

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://pages.donately.com
Referer: https://fonts.googleapis.com/

Response headers

age: 386378
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 16:49:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 16:49:45 GMT
last-modified: Tue, 02 May 2023 15:08:26 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23236
x-xss-protection: 0
server: sffe

GET fundraisers
api.donately.com/v2/ 0
0

GET
H2 200 56351414.js Show response
bat.bing.com/p/action/ 369 B
424 B 35ms
35ms Script
application/javascript 2620:1ec:33::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/56351414.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1436939ed29c528098b948903ff835b1f1066a45afc277c43053a25964d1761c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://pages.donately.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: br
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8CA7D49EC2224C209E0636A0DFC76B4A Ref B: FRAEDGE1215 Ref C: 2024-10-27T04:09:23Z
x-cache: CONFIG_NOCACHE
date: Sun, 27 Oct 2024 04:09:22 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding

OPTIONS fundraisers
api.donately.com/v2/ Frame 0
0

GET
H2 200 203840 Show response
front.optimonk.com/analytics/siteinfo/ 42 B
416 B 65ms
12ms XHR
application/json 188.166.193.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://front.optimonk.com/analytics/siteinfo/203840

Requested by

Host: cdn-asset.optimonk.com
URL: https://cdn-asset.optimonk.com/script.esm/embedded.a4bd82eb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

188.166.193.169 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

df81a2c6d1639190dd029f1bf508796113acf7dd3d686a6dbba0d567cd575478

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://pages.donately.com/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=604800
x-dns-prefetch-control: off
content-encoding: gzip
etag: W/"2a-vUB08qf2tIhdu3jxvt2Wix9OJwU"
x-content-type-options: nosniff
x-download-options: noopen
access-control-allow-origin: *
date: Sun, 27 Oct 2024 04:09:23 GMT
x-xss-protection: 1; mode=block
content-type: application/json; charset=utf-8
vary: Accept-Encoding, Accept-Encoding
server: nginx
x-frame-options: SAMEORIGIN

GET
H2 200 jfclientsdk.min.js Show response
gs-cdn.optimonk.com/jfclientsdk/latest/ 89 KB
29 KB 92ms
19ms Script
application/javascript 2400:52e0:1e00::1081:1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://gs-cdn.optimonk.com/jfclientsdk/latest/jfclientsdk.min.js?ts=15
Requested by: Host: cdn-asset.optimonk.com
URL: https://cdn-asset.optimonk.com/script.esm/embedded.a4bd82eb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: 84174f4a74a46dda3cc45a7a3a313d9a17f470afa80a8446b67d2d888fc7278b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://pages.donately.com/

Response headers

x-goog-metageneration: 1
cdn-status: 200
content-encoding: br
x-goog-hash: crc32c=oe7ctg==, md5=ISW+doJNkYo2rXm0JAdoOQ==
etag: "2125be76824d918a36ad79b424076839"
age: 2156
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
x-goog-stored-content-length: 91352
date: Sun, 27 Oct 2024 04:09:23 GMT
last-modified: Tue, 02 Jul 2024 07:28:54 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-cache: HIT
x-guploader-uploadid: AD-8ljsgVGRfQTAfnqO2mwfi9sfYeUyhhIggIOeMYpJ_dIiEgsNX6mZ5I6-32hKEhisNr2yUQceyS4JSWw
cdn-requestpullcode: 200
cdn-cachedat: 09/24/2024 07:53:44
cache-control: public, max-age=2592000
cdn-requestpullsuccess: True
cdn-requesttime: 0
x-goog-storage-class: STANDARD
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
cdn-requestid: ae55c3bb1dad89ccc0984df48ce0c2b3
cdn-pullzone: 592317
cdn-proxyver: 1.04
x-goog-generation: 1719905334363125
cdn-edgestorageid: 755
content-language: en
server: BunnyCDN-DE1-1081
cdn-requestcountrycode: DE

GET
H2 200 accountInfo.json Show response
cdn-account.optimonk.com/203840/ 399 B
1 KB 82ms
13ms XHR
application/json 2400:52e0:1e00::1081:1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-account.optimonk.com/203840/accountInfo.json
Requested by: Host: cdn-asset.optimonk.com
URL: https://cdn-asset.optimonk.com/script.esm/embedded.a4bd82eb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: 04c2437072fc88bc76ac8d77c57092e88264e0b8126f5515be3b1aca979b1442

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://pages.donately.com/

Response headers

cdn-status: 200
access-control-expose-headers: X-BunnyCDN-CountryCode, X-BunnyCDN-Client-IP
content-encoding: br
x-goog-hash: crc32c=C/at7w==, md5=WuNQpSWZFMyzsaAZTtPWCw==
etag: "5ae350a5259914ccb3b1a0194ed3d60b"
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
last-modified: Sat, 26 Oct 2024 20:50:12 GMT
content-type: application/json
cdn-cachedat: 10/27/2024 02:09:13
cdn-cache: HIT
x-guploader-uploadid: AHmUCY2BAJlslfKEWXA-Lf2Qhfr4bKoug5FKUOaREwzuE6Jt6QLT0aJCTNG6FF_xw7A5VU626ZA
cache-control: public, max-age=0
cdn-requestpullsuccess: True
x-bunnycdn-client-ip: 2a03:1b20:6:f011::2e
cdn-pullzone: 951434
cdn-proxyver: 1.05
x-goog-generation: 1729975812078847
x-bunnycdn-countrycode: DE
cdn-edgestorageid: 1080
server: BunnyCDN-DE1-1081
cdn-requestcountrycode: DE
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 399
date: Sun, 27 Oct 2024 04:09:23 GMT
vary: Accept-Encoding
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
cdn-requesttime: 1
x-goog-storage-class: STANDARD
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
cdn-requestid: be202aae339c4827a4e3ee065612e8df
access-control-allow-origin: *

GET
H2 200 limit.json Show response
cdn-limit.optimonk.com/public/203840/ 18 B
648 B 129ms
25ms XHR
application/json 2400:52e0:1e00::1081:1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-limit.optimonk.com/public/203840/limit.json

Requested by

Host: cdn-asset.optimonk.com
URL: https://cdn-asset.optimonk.com/script.esm/embedded.a4bd82eb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN60068 (CDN77 _, GB),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

13f1c9070b3a17df4544f1dc1ed5f712293e734228521adb7aa81256e2cbecda

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://pages.donately.com/

Response headers

cdn-status: 200
content-encoding: br
etag: W/"12-+Uk2fo/m5WOOrtsTlQ1mSAIRmRA"
x-content-type-options: nosniff
date: Sun, 27 Oct 2024 04:09:23 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
cdn-cachedat: 10/27/2024 04:09:23
cdn-cache: EXPIRED
x-frame-options: SAMEORIGIN
cdn-requestpullcode: 200
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=0
x-dns-prefetch-control: off
cdn-requestpullsuccess: True
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
cdn-requestid: c52eceff03586c05c4e131ce90aa8f5c
cdn-pullzone: 2401767
x-download-options: noopen
cdn-proxyver: 1.05
cdn-requesttime: 0
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cdn-edgestorageid: 1080
server: BunnyCDN-DE1-1081
cdn-requestcountrycode: DE

GET
H2 200 campaigns.json Show response
cdn-account.optimonk.com/203840/ 2 KB
2 KB 82ms
14ms XHR
application/json 2400:52e0:1e00::1081:1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-account.optimonk.com/203840/campaigns.json
Requested by: Host: cdn-asset.optimonk.com
URL: https://cdn-asset.optimonk.com/script.esm/embedded.a4bd82eb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: 86dd429ef9e5777dd18a61b4a8128ee6e5a0e008ced7641307f288c45406b828

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://pages.donately.com/

Response headers

x-goog-metageneration: 1
cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding: br
x-goog-hash: crc32c=+RyA0w==, md5=aGg9pjkFUw/WqDh9/rPZxw==
etag: "68683da63905530fd6a8387dfeb3d9c7"
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
x-goog-stored-content-length: 2015
date: Sun, 27 Oct 2024 04:09:23 GMT
last-modified: Sat, 26 Oct 2024 20:50:12 GMT
content-type: application/json
vary: Accept-Encoding
cdn-cache: HIT
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-guploader-uploadid: AHmUCY2IWUVJxXq9J5E7gj39xhw0cyoCIbLzAoeWdAdUgp6-wmObDS0sXaxzBNf8sM8sI6WSmpU
cdn-requestpullcode: 200
cache-control: public, max-age=0
cdn-requestpullsuccess: True
cdn-requesttime: 0
x-goog-storage-class: STANDARD
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
cdn-requestid: 5a047d5ae707b581cb538f81bd3b5383
cdn-pullzone: 951434
cdn-proxyver: 1.05
cdn-cachedat: 10/26/2024 21:20:33
access-control-allow-origin: *
x-goog-generation: 1729975812053981
cdn-edgestorageid: 1081
server: BunnyCDN-DE1-1081
cdn-requestcountrycode: DE

POST /
px.ads.linkedin.com/wa/ 0
0

POST
H2 204 0
bat.bing.net/actionp/ 0
344 B 113ms
53ms Ping
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.net/actionp/0?ti=56351414&tm=gtm002&Ver=2&mid=f6429fb6-b7ec-4f75-b42f-408926adefe3&bo=1&evt=consent&src=enforced&cdb=AQAI&asc=D
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://pages.donately.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C4623B51703B40678AD00EBF77728B28 Ref B: FRAEDGE1608 Ref C: 2024-10-27T04:09:23Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Sun, 27 Oct 2024 04:09:23 GMT

GET
H2 204 0
bat.bing.net/action/ 0
118 B 106ms
54ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.net/action/0?ti=56351414&tm=gtm002&Ver=2&mid=f6429fb6-b7ec-4f75-b42f-408926adefe3&bo=2&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=11th%20Annual%20New%20Year%27s%20Polar%20Plunge!%20by%20This%20Is%20Me%20Foundation%20%7C%20Donately&p=https%3A%2F%2Fpages.donately.com%2Fthisismefoundation%2Fcampaign%2F11th-annual-new-year-s-polar-plunge&r=&lt=940&evt=pageLoad&sv=1&asc=D&cdb=AQAY&rn=962976
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://pages.donately.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 964BB0B2B4E64BA78A9C226F0A886173 Ref B: FRAEDGE1608 Ref C: 2024-10-27T04:09:23Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Sun, 27 Oct 2024 04:09:23 GMT

GET counters.gif
perf-na1.hsforms.com/embed/v3/ 0
0

GET json
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 0
0

GET json
forms.hubspot.com/lead-flows-config/v1/config/ 0
0

GET
H2 200 index-d1b38dfb.js Show response
cdn-asset.optimonk.com/script.esm/ 19 KB
6 KB 10ms
9ms Script
application/javascript 2400:52e0:1e00::1082:1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-asset.optimonk.com/script.esm/index-d1b38dfb.js

Requested by

Host: cdn-asset.optimonk.com
URL: https://cdn-asset.optimonk.com/script.esm/embedded.a4bd82eb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1082:1 , Germany, ASN60068 (CDN77 _, GB),

Reverse DNS

Software

BunnyCDN-DE1-1082 /

Resource Hash

16b3522c8ece7ae66090f355704e0621222332b78cbe77e497f4bce80d401397

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://pages.donately.com
Referer: https://cdn-asset.optimonk.com/script.esm/embedded.a4bd82eb.js

Response headers

cdn-status: 200
content-encoding: br
etag: W/"4b73-P92SnAfzljbB2IcJo7shk4IcymM"
x-content-type-options: nosniff
date: Sun, 27 Oct 2024 04:09:23 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-cachedat: 10/17/2024 07:48:01
cdn-cache: HIT
x-frame-options: SAMEORIGIN
cdn-requestpullcode: 200
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=2592000
x-dns-prefetch-control: off
cdn-requestpullsuccess: True
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
cdn-requestid: 8791b980b592bc03de01ffbd0105be93
cdn-pullzone: 580384
x-download-options: noopen
cdn-proxyver: 1.04
cdn-requesttime: 0
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cdn-edgestorageid: 1079
server: BunnyCDN-DE1-1082
cdn-requestcountrycode: DE

POST /
jfapiprod.optimonk.com/v2/ 0
0

GET
H2 200 IPBlockValidator-a90b7974.js Show response
cdn-asset.optimonk.com/script.esm/ 530 B
964 B 10ms
10ms Script
application/javascript 2400:52e0:1e00::1082:1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-asset.optimonk.com/script.esm/IPBlockValidator-a90b7974.js

Requested by

Host: pages.donately.com
URL: https://pages.donately.com/thisismefoundation/campaign/11th-annual-new-year-s-polar-plunge

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1082:1 , Germany, ASN60068 (CDN77 _, GB),

Reverse DNS

Software

BunnyCDN-DE1-1082 /

Resource Hash

d861c6a98edde68451262f9000f35962007ae92fac45181287130145b2ea8c71

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://pages.donately.com
Referer: https://cdn-asset.optimonk.com/script.esm/index-d1b38dfb.js

Response headers

cdn-status: 200
content-encoding: br
etag: W/"212-hkFw7iVRKkc79ngXDibGFnrx86I"
x-content-type-options: nosniff
date: Sun, 27 Oct 2024 04:09:23 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-cachedat: 10/23/2024 23:40:29
cdn-cache: HIT
x-frame-options: SAMEORIGIN
cdn-requestpullcode: 200
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=2592000
x-dns-prefetch-control: off
cdn-requestpullsuccess: True
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
cdn-requestid: 2611709a290274b5fc9341f568299a77
cdn-pullzone: 580384
x-download-options: noopen
cdn-proxyver: 1.04
cdn-requesttime: 0
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cdn-edgestorageid: 1079
server: BunnyCDN-DE1-1082
cdn-requestcountrycode: DE

POST
H2 200 after-pre-init Show response
front.optimonk.com/public/203840/embedded/ 152 B
507 B 12ms
11ms XHR
text/html 188.166.193.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://front.optimonk.com/public/203840/embedded/after-pre-init

Requested by

Host: cdn-asset.optimonk.com
URL: https://cdn-asset.optimonk.com/script.esm/embedded.a4bd82eb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

188.166.193.169 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

7647a4c48c5804e526f18b451327c1496cfbb04e6c01b806e7e8991cd60c3c42

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://pages.donately.com/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
cache-control: no-cache
x-dns-prefetch-control: off
content-encoding: gzip
etag: W/"98-lC3A9CNC58A3Xk5qtOzmLLQkxH0"
x-content-type-options: nosniff
x-download-options: noopen
access-control-allow-origin: *
date: Sun, 27 Oct 2024 04:09:23 GMT
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8
vary: Accept-Encoding, Accept-Encoding
server: nginx
x-frame-options: SAMEORIGIN

GET identity.min.js
assets.trendemon.com/global/ 0
0

POST
H3 200 collector Show response
collector-px963uiwkr.px-cloud.net/api/v2/ 32 B
49 B 157ms
155ms XHR
application/json 35.190.10.96
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-px963uiwkr.px-cloud.net/api/v2/collector
Requested by: Host: pages.donately.com
URL: https://pages.donately.com/963UiWkR/init.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 96.10.190.35.bc.googleusercontent.com
Software: /
Resource Hash: da6268d3e4ffd8edd34230feca29fa5a83e1562bd9cf623c05737ec3eea36871

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://pages.donately.com/

Response headers

timing-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
via: 1.1 google
access-control-allow-origin: https://pages.donately.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32
date: Sun, 27 Oct 2024 04:09:23 GMT
content-type: application/json; charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.hubspot.com
URL: https://api.hubspot.com/livechat-public/v1/message/public?portalId=20073505&conversations-embed=static-1.18435&mobile=false&messagesUtk=f8db94d5a43c427c8899cf296f8d4357&traceId=f8db94d5a43c427c8899cf296f8d4357

Domain: uploads.donately.com
URL: https://uploads.donately.com/production/campaign/cover_photo/cmp_56b83316a42c/large_Fundraising-Graphic.jpeg

Domain: api.donately.com
URL: https://api.donately.com/v2/fundraisers?account_id=act_03a36c2da505&order=desc&order_by=amount_raised_in_cents&limit=4&scope=&campaign_id=cmp_56b83316a42c&status=published&fundraiser_type=&team_parent=

Domain: api.donately.com
URL: https://api.donately.com/v2/fundraisers?account_id=act_03a36c2da505&order=desc&order_by=amount_raised_in_cents&limit=4&scope=&campaign_id=cmp_56b83316a42c&status=published&fundraiser_type=&team_parent=

Domain: px.ads.linkedin.com
URL: https://px.ads.linkedin.com/wa/

Domain: perf-na1.hsforms.com
URL: https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1

Domain: api.hubapi.com
URL: https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=20073505

Domain: forms.hubspot.com
URL: https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=20073505&utk=160a5dcea55ca279480305eebc6121b6&__hstc=172129334.160a5dcea55ca279480305eebc6121b6.1730002163534.1730002163534.1730002163534.1&__hssc=172129334.1.1730002163535&currentUrl=https%3A%2F%2Fpages.donately.com%2Fthisismefoundation%2Fcampaign%2F11th-annual-new-year-s-polar-plunge

Domain: jfapiprod.optimonk.com
URL: https://jfapiprod.optimonk.com/v2/

Domain: assets.trendemon.com
URL: https://assets.trendemon.com/global/identity.min.js

Verdicts & Comments Add Verdict or Comment

177 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pages.donately.com/	1970-01-21 09:18:58	Name: _pxhd Value: FiS/7w8ELCPPFnqc16ema41QZIuhMxPRd-H8Tuem2sXzfHNYdrHOC1AagxmL4b7lE97DLt5dCnqT0W6CLNDTxA==:9ZZoVTuVHEzRbCntSGU7lvxUyG-SZ6-BPMnJioQCFTQ4wunUvqF3c86dF/wtO2NGCe-dvbZNdzbh9hmh5XpkQIUjxRPMJl6qXLbT0k0y3KI=
.donately.com/	1969-12-31 23:59:59	Name: pxcts Value: 3dc83a9f-9419-11ef-9371-80b99a592200
.donately.com/	1970-01-21 09:18:58	Name: _pxvid Value: 3d5370a3-9419-11ef-b266-2cfa3f908f5f
.donately.com/	1970-01-21 00:33:22	Name: _px2 Value: eyJ1IjoiM2RhY2MyMDAtOTQxOS0xMWVmLWFjN2ItMzc1OTI0ZDA0OThkIiwidiI6IjNkNTM3MGEzLTk0MTktMTFlZi1iMjY2LTJjZmEzZjkwOGY1ZiIsInQiOjE3MzAwMDI0NjEyNjksImgiOiJkZmM0ZTZmM2FjMmY5ZTMwNzdjMTg3Y2RhNGQ0ODAxODNjZTM0M2Q3NWRkYWRiZWJjNzIzOTZiMzJmYzg5OTY0In0=
.donately.com/	1970-01-21 10:09:22	Name: _ga Value: GA1.1.1954851199.1730002162
.donately.com/	1970-01-21 10:09:22	Name: _ga_37PDV783XE Value: GS1.1.1730002161.1.1.1730002161.0.0.0
.donately.com/	1970-01-21 02:42:58	Name: _gcl_au Value: 1.1.1373817498.1730002162
.donately.com/	1970-01-21 10:09:22	Name: _ga_9BCP6ZNWKE Value: GS1.1.1730002162.1.0.1730002162.60.0.0
.donately.com/	1970-01-21 02:42:58	Name: dntly_origin Value: d664f30f71eee882c47c256b9a10e25a881fb6369d32eb2ef1ce76e96cfd75a6418c022f982a497a523123a93a457a7275095f9b4f16c7b06a3a6ee624ff4d7623528118bcc47b7c47644b374e3aa61c8d1f2bd96f61f89446a3e8dbf6181195491ba0fcdb46a9f5358842850330aec44cce2f2702b38a98154fff8f742c708fd1dbac06230a4ec8fa0c1322c943463846defc6dadd1d27e2079d1738df52d955816dbc38c00959cfacd36055628da3a58f7d32ad44a52c21c8d7f46d54949b348231323388d992b5e3d7d93bb78b270170952381df60d6e6dad41715f19b7f42d5a7f890913d33468cbc7ebfe211f71a18d408888b03b566c48c8eeede6daa367726e0ef725e14e14fcca3652b5e8d1
.twitter.com/	1970-01-21 10:09:22	Name: personalization_id Value: "v1_GhzJXTiYOowfK7o0M6vSdw=="
.linkedin.com/	1970-01-21 09:18:58	Name: bcookie Value: "v=2&82aa2500-c187-4c38-8aac-4d72b4ca23fe"
.linkedin.com/	1970-01-21 04:52:34	Name: li_gc Value: MTswOzE3MzAwMDIxNjI7MjswMjHWU8ibXt0w4bCcU2vwiub9/Gy8tBGdOagVw2jtygGIDQ==
.linkedin.com/	1970-01-21 00:34:48	Name: lidc Value: "b=TGST02:s=T:r=T:a=T:p=T:g=3397:u=1:x=1:i=1730002162:t=1730088562:v=2:sig=AQHuuVQQjRAe4MtpMhJbTYN2h20geyPd"
.t.co/	1970-01-21 10:09:22	Name: muc_ads Value: dffb27fa-e354-415a-a7c7-0f56f6bfda59
.t.co/	1970-01-21 00:33:23	Name: __cf_bm Value: kiXC7Kt.5bl9O4T61nJ244fJsCMpdQmSpsXfX5diXio-1730002162-1.0.1.1-JHYYOWf.R8h6s5TYd0RaaYbnS3.5Qqx61p1lpNta9GhgpKpHIsfbJ4rucSBLvqhcd_sRXQv38ZWwzN84mku94A
.donately.com/	1970-01-21 02:42:58	Name: _fbp Value: fb.1.1730002163349.318602975369366614
.donately.com/	1970-01-21 09:18:58	Name: mp_a177584841b7f4cd5a5ed8e84ec3767d_mixpanel Value: %7B%22distinct_id%22%3A%20%22%24device%3A192cc2a16e6fd5-0cc9b44e6817c9-17462c6e-1d4c00-192cc2a16e6fd5%22%2C%22%24device_id%22%3A%20%22192cc2a16e6fd5-0cc9b44e6817c9-17462c6e-1d4c00-192cc2a16e6fd5%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%2C%22__mps%22%3A%20%7B%7D%2C%22__mpso%22%3A%20%7B%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D%2C%22__mpus%22%3A%20%7B%7D%2C%22__mpa%22%3A%20%7B%7D%2C%22__mpu%22%3A%20%7B%7D%2C%22__mpr%22%3A%20%5B%5D%2C%22__mpap%22%3A%20%5B%5D%7D
pages.donately.com/	1970-01-21 09:18:58	Name: optiMonkClientId Value: fbc94d7a-77ae-7d8f-0a12-d8c54bc90ecf
pages.donately.com/	1970-01-21 09:18:58	Name: optiMonkClient Value: N4IgTADAzAHALBEAuUBjAhs4BfANCAMwDdkBGAdigmrFIDYp8AbEpCqm+qAOnNIFZ8AOwD2AB1als2IA
.hubspot.com/	1970-01-21 00:33:23	Name: __cf_bm Value: rJmUizpzGhACeX9MzOcIoOiGkByuIt7bAQHVEF3au80-1730002163-1.0.1.1-FkDVah5Htry6ut4.4H9nb5u7JtvjkePYlMZNu6o04jFBF2oaZuco2D9rfvEjlsne.Q7Fx5IiDu6Ddn1IbIWGJg
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: aZ8aCmAGh9gzSYjzxc27UGWSbrmXDzgIJ8_eeYTnTn0-1730002163795-0.0.1.1-604800000
pages.donately.com/	1970-01-21 04:52:34	Name: __hstc Value: 172129334.160a5dcea55ca279480305eebc6121b6.1730002163534.1730002163534.1730002163534.1
pages.donately.com/	1970-01-21 04:52:34	Name: hubspotutk Value: 160a5dcea55ca279480305eebc6121b6
pages.donately.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
pages.donately.com/	1970-01-21 00:33:23	Name: __hssc Value: 172129334.1.1730002163535
pages.donately.com/	1969-12-31 23:59:59	Name: optiMonkSession Value: 1730002163
.donately.com/	1970-01-21 09:18:58	Name: trd_cid Value: 17300021639229619

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=300

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acsbapp.com
analytics.twitter.com
api.donately.com
api.hubapi.com
api.hubspot.com
app.hubspot.com
assets.trendemon.com
bat.bing.com
bat.bing.net
cdn-account.optimonk.com
cdn-asset.optimonk.com
cdn-limit.optimonk.com
cdn.acsbapp.com
cdn.donately.com
cdn.mxpnl.com
cdnjs.cloudflare.com
collector-px963uiwkr.px-cloud.net
connect.facebook.net
cta-service-cms2.hubspot.com
fonts.googleapis.com
fonts.gstatic.com
forms.hubspot.com
front.optimonk.com
gs-cdn.optimonk.com
jfapiprod.optimonk.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hsleadflows.net
js.hubspot.com
js.hubspotfeedback.com
js.usemessages.com
newyearspolarplunge.com
onsite.optimonk.com
pages.donately.com
perf-na1.hsforms.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
region1.google-analytics.com
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
stk.px-cloud.net
t.co
track.hubspot.com
trackingapi.trendemon.com
uploads.donately.com
www.facebook.com
www.google.de
www.googletagmanager.com
api.donately.com
api.hubapi.com
api.hubspot.com
assets.trendemon.com
forms.hubspot.com
jfapiprod.optimonk.com
perf-na1.hsforms.com
px.ads.linkedin.com
uploads.donately.com
104.17.24.14
104.244.42.3
13.107.42.14
142.250.184.195
15.197.225.128
151.101.193.91
151.101.65.91
157.240.0.6
172.66.0.227
188.166.193.169
199.232.188.157
2001:4860:4802:34::36
2400:52e0:1e00::1080:1
2400:52e0:1e00::1081:1
2400:52e0:1e00::1082:1
2600:1901:0:bc29::
2600:9000:214f:9c00:a:891a:6d40:93a1
2600:9000:223c:3000:2:7dc7:8f00:93a1
2606:4700:10::6816:cc
2606:4700:4400::6812:28f0
2606:4700::6810:4d8e
2606:4700::6810:7574
2606:4700::6810:7674
2606:4700::6810:8ad1
2606:4700::6810:a0a8
2606:4700::6811:80ac
2606:4700::6812:407c
2606:4700::6812:8d11
2620:1ec:21::14
2620:1ec:33::10
2620:1ec:c11::237
2a00:1450:4001:800::2003
2a00:1450:4001:827::2008
2a00:1450:4001:828::200a
2a00:1450:400c:c0b::9c
2a02:26f0:480:15::213:7e4a
2a03:2880:f177:185:face:b00c:0:25de
34.107.199.61
35.190.10.96
54.164.139.38
04c2437072fc88bc76ac8d77c57092e88264e0b8126f5515be3b1aca979b1442
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
095a419a7e9d826faf0efcb8176e529da5c9a2a56e3ff1295c5fd7efa6f448f0
0dda7ba58ff6b57fde05728e51b127107975eaf183ed6a851373f6005e0ecb30
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
13ace1515b601f898cb305078ecaefe14e9817dd5181f393941200c6605f7e94
13f1c9070b3a17df4544f1dc1ed5f712293e734228521adb7aa81256e2cbecda
1436939ed29c528098b948903ff835b1f1066a45afc277c43053a25964d1761c
16b3522c8ece7ae66090f355704e0621222332b78cbe77e497f4bce80d401397
2408c002d9aa33f835f3d468e5ace993a1c12f6a0c09b4023b633387d5d7fff3
2e1f06dd187c847a889e6a5430174e4562acb6ce7a7d8ae2954f5fd69beb2c1f
43743eed52cc77ade648e11e0ce91e9a352e11a3bbdc5a344fcf5ae6ac9a4b5c
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45e1db757d54ab18ff25d7c319ceecf84c6ee655f85daeaf836c9471894267cf
4621daf70705ca4ad2cdfa8c95058ddcf4966d0146230d6abe449f49f7c8d107
494c982de7c0b7c7af793dba22765becfefdc516fed774c8f3e9ed23f5c70524
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
4f70635b371c0a5f30a8bbf808df690beb1b921eba01c44bb7f23615e6441a95
5357d3283ddf27fc4156d8c48f95dadf544139b198c43db3162c8cf18b3de996
550dbd6446f15647b16db7582374cf793e30098f6f597a3123f59e26cd2acdd3
5ff6c7ec84bc5aca2027a5c4a4588e4db9d9592fc4c8427fe4678a8555d00245
6720c11b5be8c2d1265009fe4f35aee05df7f23cb60e0d83a6c9dba80a538b9b
68927f6575fc24f008b7af2ef3a44757dc6a310f2cbf2095a0e33639d2e17edb
698896c96eaa20a5d1c0ad1f510e86d2f9ab02bce1028bd5dca61f13812b56b0
7418b8e76970c1bf67c7dc3246ac69630c92973f3ea1a45a0ebf7f322efc3be9
7647a4c48c5804e526f18b451327c1496cfbb04e6c01b806e7e8991cd60c3c42
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
820dfffcb5206067244402e5df033b22c99dd88f26a16239e8aacc30f25d706a
84174f4a74a46dda3cc45a7a3a313d9a17f470afa80a8446b67d2d888fc7278b
86dd429ef9e5777dd18a61b4a8128ee6e5a0e008ced7641307f288c45406b828
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
a41c8c83c4b647e29fa88d9e493a15a34ef1d2651147ef86302a388a77f21ce7
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
adf5aded57f8a3953663413dd8bef0aaaf821b0c878fccbd0679712422d14d36
b28ae40ac9ef82a5f8426c454cf12d9186a8e6813f6244bb9dddbef59af95071
b6be6d26b2ee41a77d738407237ecf89f844e3d661f8645ac48a36481c398091
b6ea1377e1c7ca843c76afbf9e74d08687739a026cf1add42ae5ef0b588660a4
b768ac472570ed0d0f0f3d0979aeb7f852d03c96f8e7b2dacb6f52f8d4e20590
b777b61497b6a7d3f157c11ebfbc080c0e0b759f34849324669b7a0cb2d1e0bd
b810a55c064062bb2e7c21978cde65aea63b035c95f1e3bc47abe054c513f28f
be5024cb177471b0255476f2bdec6f8864928a61e9095a6371feb2d862809d77
c1c60fcabce703c4eb66d0b228f244afcd26170bd6a9c3f0b08567e6e898b607
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
cb60114d01e18846fc0570ef5b0c637ff1cf5f96b3cea88dd7a7a56bc587d726
ce18663267dec480268b45f9c28800a2a8d505c93266a2bfe685e2432662c422
cf4291877343649d884c51c58065525e07181571a2b0d6fd2da0ed178da3a32b
d44882ab82adeef2856a0d52fb54bb70e472be45d50aa3a16b4cb39223391a99
d861c6a98edde68451262f9000f35962007ae92fac45181287130145b2ea8c71
da6268d3e4ffd8edd34230feca29fa5a83e1562bd9cf623c05737ec3eea36871
dbff8c90c842c4524efbe3565b99889f7830070fe78072b1f1602029e39d756b
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de59edb3c59c2bcf20219ebc4be57e058af1942cb40bff3ed0ff0905be64113e
df81a2c6d1639190dd029f1bf508796113acf7dd3d686a6dbba0d567cd575478
e31b7b6baa904b283e88d7ee5e7963d295861d168c04b68122ea73d2caf2f675
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e96f908d16b38a0f3a9b15301749c980cd6440384d4b74b5c80c842505590654
eab9cbb1928a9de3ed2b7164ea7215b1ee0c9d7584d04aac97fe5b6798140c48
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f212e942ac33fd93669f03a55e2c0192224cdb6870b376fac8d3c5255cd01225
f42615ee0d75d5afd126f639e3f2aaed37b6aaf21ba13902db3d7d8c331e6a9e

pages.donately.com Open in urlscan Pro 151.101.65.91 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

89 Requests

88 %HTTPS

65 %IPv6

34 Domains

52 Subdomains

40 IPs

4 Countries

1814 kBTransfer

5964 kBSize

27 Cookies

4 Outgoing links

Page URL History

Redirected requests

89 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

pages.donately.com Open in urlscan Pro
151.101.65.91 Public Scan

Screenshot
Live screenshot

Full Image

89
Requests

88 %
HTTPS

65 %
IPv6

34
Domains

52
Subdomains

40
IPs

4
Countries

1814 kB
Transfer

5964 kB
Size

27
Cookies

89 HTTP transactions
0 data transactions