urlscan.io logo urlscan.io
SecurityTrails logo

ncose.salsalabs.org Open in urlscan Pro
54.235.95.169  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://default.salsalabs.org/Ta8a961a9-897c-46eb-8c59-783844f6a1c6/2d7e76ac-f270-4d92-a513-d2658e00bf4c
Effective URL: https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_giving...
Submission: On December 01 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 26 IPs in 6 countries across 16 domains to perform 58 HTTP transactions. The main IP is 54.235.95.169, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is ncose.salsalabs.org.
TLS certificate: Issued by RapidSSL RSA CA 2018 on June 10th 2020. Valid for: 2 years.
This is the only time ncose.salsalabs.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 21 54.235.95.169 14618 (AMAZON-AES)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 13.225.80.58 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
6 40.76.202.94 8075 (MICROSOFT...)
1 34.96.67.224 15169 (GOOGLE)
2 23.96.109.67 8075 (MICROSOFT...)
1 130.211.164.108 15169 (GOOGLE)
1 13.224.194.56 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 13.224.194.18 16509 (AMAZON-02)
1 52.51.24.70 16509 (AMAZON-02)
3 2a03:2880:f01... 32934 (FACEBOOK)
2 3 185.167.164.39 198622 (ADFORM)
1 37.157.5.73 198622 (ADFORM)
1 35.209.93.168 15169 (GOOGLE)
6 2a03:2880:f11... 32934 (FACEBOOK)
2 37.157.4.41 198622 (ADFORM)
1 52.202.112.198 14618 (AMAZON-AES)
1 34.102.232.42 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
58 26
21    54.235.95.169 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-235-95-169.compute-1.amazonaws.com
default.salsalabs.org
ncose.salsalabs.org
1    2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
1    2a00:1450:4001:817::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    13.225.80.58 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-80-58.fra2.r.cloudfront.net
static.hotjar.com
1    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:816::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
6    40.76.202.94 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
epiphany.masterworks.com
1    34.96.67.224 (United States)

ASN15169 (GOOGLE, US)
PTR: 224.67.96.34.bc.googleusercontent.com
cdn.siftscience.com
2    23.96.109.67 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
doublethedonation.com
1    130.211.164.108 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 108.164.211.130.bc.googleusercontent.com
static.wepay.com
1    13.224.194.56 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-56.fra2.r.cloudfront.net
script.hotjar.com
1    2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    13.224.194.18 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-18.fra2.r.cloudfront.net
vars.hotjar.com
1    52.51.24.70 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-24-70.eu-west-1.compute.amazonaws.com
in.hotjar.com
3    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    185.167.164.39 (Denmark)

ASN198622 (ADFORM, DK)
a2.adform.net
1    37.157.5.73 (Denmark)

ASN198622 (ADFORM, DK)
s2.adform.net
1    35.209.93.168 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 168.93.209.35.bc.googleusercontent.com
p1.zemanta.com
6    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    37.157.4.41 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
track.adform.net
1    52.202.112.198 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-112-198.compute-1.amazonaws.com
donate.salsalabs.org
1    34.102.232.42 (United States)

ASN15169 (GOOGLE, US)
PTR: 42.232.102.34.bc.googleusercontent.com
hexagon-analytics.com
2    2a00:1450:4001:814::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
Domain Requested by
11 default.salsalabs.org 1 redirects ncose.salsalabs.org
default.salsalabs.org
10 ncose.salsalabs.org 2 redirects ncose.salsalabs.org
6 www.facebook.com ncose.salsalabs.org
6 epiphany.masterworks.com ncose.salsalabs.org
3 a2.adform.net 2 redirects ncose.salsalabs.org
3 connect.facebook.net ncose.salsalabs.org
connect.facebook.net
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 fonts.googleapis.com ncose.salsalabs.org
default.salsalabs.org
2 doublethedonation.com ncose.salsalabs.org
1 hexagon-analytics.com
1 donate.salsalabs.org default.salsalabs.org
1 track.adform.net ncose.salsalabs.org
1 c1.adform.net a2.adform.net
1 p1.zemanta.com ncose.salsalabs.org
1 s2.adform.net ncose.salsalabs.org
1 in.hotjar.com script.hotjar.com
1 vars.hotjar.com static.hotjar.com
1 stats.g.doubleclick.net www.google-analytics.com
1 script.hotjar.com static.hotjar.com
1 static.wepay.com ncose.salsalabs.org
1 cdn.siftscience.com ncose.salsalabs.org
1 ajax.googleapis.com ncose.salsalabs.org
1 static.hotjar.com www.googletagmanager.com
1 www.googletagmanager.com ncose.salsalabs.org
1 code.jquery.com ncose.salsalabs.org
58 25
Subject Issuer Validity Valid
*.salsalabs.org
RapidSSL RSA CA 2018		 2020-06-10 -
2022-07-10		 2 years crt.sh
jquery.org
Sectigo RSA Domain Validation Secure Server CA		 2020-10-06 -
2021-10-16		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
*.hotjar.com
Amazon		 2020-01-22 -
2021-02-22		 a year crt.sh
*.masterworks.com
Go Daddy Secure Certificate Authority - G2		 2019-09-28 -
2021-11-27		 2 years crt.sh
*.siftscience.com
DigiCert SHA2 Secure Server CA		 2019-01-03 -
2021-03-26		 2 years crt.sh
doublethedonation.com
Sectigo ECC Domain Validation Secure Server CA		 2020-04-09 -
2022-07-12		 2 years crt.sh
*.wepayapi.com
DigiCert SHA2 High Assurance Server CA		 2019-05-16 -
2021-06-03		 2 years crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-11-02 -
2021-01-30		 3 months crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.zemanta.com
DigiCert SHA2 Secure Server CA		 2020-08-23 -
2021-09-01		 a year crt.sh
*.hexagon-analytics.com
DigiCert SHA2 Secure Server CA		 2019-08-01 -
2021-11-03		 2 years crt.sh

This page contains 3 frames:

Primary Page: https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
Frame ID: 19C6E312E7B3D256235E75CF3D78D07C
Requests: 58 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 10AE6E286C4314A80483BD53ED141DAE
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?uid=6556125445894063722&agencyId=5212&advertiserId=2079548&src=tp&rnd=309291
Frame ID: 68B8405E4134119FD7235FA262B46105
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://default.salsalabs.org/Ta8a961a9-897c-46eb-8c59-783844f6a1c6/2d7e76ac-f270-4d92-a513-d2658e00bf4c HTTP 302
    https://ncose.salsalabs.org/givingtuesday?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-423... HTTP 302
    https://ncose.salsalabs.org/givingtuesday/?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42... HTTP 302
    https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NC... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

58
Requests

100 %
HTTPS

40 %
IPv6

16
Domains

25
Subdomains

26
IPs

6
Countries

1214 kB
Transfer

3835 kB
Size

26
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://default.salsalabs.org/Ta8a961a9-897c-46eb-8c59-783844f6a1c6/2d7e76ac-f270-4d92-a513-d2658e00bf4c HTTP 302
    https://ncose.salsalabs.org/givingtuesday?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b HTTP 302
    https://ncose.salsalabs.org/givingtuesday/?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b HTTP 302
    https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25
  • https://a2.adform.net/serving/scripts/trackpoint/async/ HTTP 301
  • https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Request Chain 35
  • https://a2.adform.net/Serving/TrackPoint/?pm=2181911&ADFdivider=%7C&ord=813206542015&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzdjEiOjAsInN2OCI6MCwic3Y5NyI6MH0&loc=https%3A%2F%2Fncose.salsalabs.org%2Fgivingtuesday%2Findex.html%3Futm_source%3Demma%26utm_medium%3Demail%26utm_campaign%3DMW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122%26utm_content%3Dempower_end-sex-trafficking_nil_nil%26s_src%3DEAPMW20122%26mwsc%3DNCOSE-206-EAPMW20122%26eType%3DEmailBlastContent%26eId%3Db4e98d18-83d0-4800-bc23-e2adcbc1a04b HTTP 302
  • https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2181911&ADFdivider=%7C&ord=813206542015&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzdjEiOjAsInN2OCI6MCwic3Y5NyI6MH0&loc=https%3A%2F%2Fncose.salsalabs.org%2Fgivingtuesday%2Findex.html%3Futm_source%3Demma%26utm_medium%3Demail%26utm_campaign%3DMW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122%26utm_content%3Dempower_end-sex-trafficking_nil_nil%26s_src%3DEAPMW20122%26mwsc%3DNCOSE-206-EAPMW20122%26eType%3DEmailBlastContent%26eId%3Db4e98d18-83d0-4800-bc23-e2adcbc1a04b

58 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.html
ncose.salsalabs.org/givingtuesday/
Redirect Chain
  • https://default.salsalabs.org/Ta8a961a9-897c-46eb-8c59-783844f6a1c6/2d7e76ac-f270-4d92-a513-d2658e00bf4c
  • https://ncose.salsalabs.org/givingtuesday?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=...
  • https://ncose.salsalabs.org/givingtuesday/?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src...
  • https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil...
63 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.235.95.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-95-169.compute-1.amazonaws.com
Software
/
Resource Hash
97ef3c943b73babf25028b9bd47c60d3babb0d940e19a469f562fb2f01f39157
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; font-src https: data:; connect-src https:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

:method
GET
:authority
ncose.salsalabs.org
:scheme
https
:path
/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ignite_tr=0985de8b-a07a-4096-9d9d-9e729aeb11ba; ignite_tr_url=2d7e76ac-f270-4d92-a513-d2658e00bf4c; ignite_uiid=6fbed6ed-1448-4707-876e-0e03cbbf9494
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 19:09:21 GMT
content-type
text/html;charset=utf-8
set-cookie
ignite_tr=0985de8b-a07a-4096-9d9d-9e729aeb11ba;Path=/;Domain=salsalabs.org;Expires=Wed, 01-Dec-2021 19:09:21 GMT;Max-Age=31536000;Secure;SameSite=NONE
x-xss-protection
1
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; font-src https: data:; connect-src https:
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 24 Nov 2020 15:47:38 GMT
etag
W/"CmeEdCF+5ukCmeFANuOQOg--gzip"
accept-ranges
bytes
cache-control
max-age=3600,public
vary
Accept-Encoding, User-Agent
content-encoding
gzip

Redirect headers

date
Tue, 01 Dec 2020 19:09:21 GMT
content-length
0
location
https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
set-cookie
ignite_tr=0985de8b-a07a-4096-9d9d-9e729aeb11ba;Path=/;Domain=salsalabs.org;Expires=Wed, 01-Dec-2021 19:09:20 GMT;Max-Age=31536000;Secure;SameSite=NONE
x-xss-protection
1
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; font-src https: data:; connect-src https:
strict-transport-security
max-age=31536000; includeSubDomains
sli-forms-styles_v02.css
ncose.salsalabs.org/public/styles/ 		135 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ncose.salsalabs.org/public/styles/sli-forms-styles_v02.css
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.235.95.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-95-169.compute-1.amazonaws.com
Software
/
Resource Hash
c5cdb515536b077e08611884f36fdb72997b69423624393f93aace6bd3a56878
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; font-src https: data:; connect-src https:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 19:09:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 06 Sep 2020 19:43:52 GMT
etag
W/"SUiv9BO5u/kSUiugHdJ54k--gzip"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/css
cache-control
max-age=3600,public
content-security-policy
block-all-mixed-content; default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; font-src https: data:; connect-src https:
accept-ranges
bytes
vary
Accept-Encoding, User-Agent
x-xss-protection
1
jquery-ui.css
code.jquery.com/ui/1.11.2/themes/smoothness/ 		34 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/ui/1.11.2/themes/smoothness/jquery-ui.css
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
95d5b67a78f81f3c071b01f888c9a468c13c8288597b64c99ff829e35b51a012

Request headers

Referer
https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 19:09:21 GMT
content-encoding
gzip
last-modified
Fri, 24 Oct 2014 00:16:08 GMT
server
nginx
etag
W/"54499a48-898c"
vary
Accept-Encoding
x-hw
1606849761.dop210.fr8.t,1606849761.cds204.fr8.hc,1606849761.cds217.fr8.c
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
8056
PT16280c2b-f0c9-441b-9c54-267b041e570e
ncose.salsalabs.org/ 		342 B
526 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ncose.salsalabs.org/PT16280c2b-f0c9-441b-9c54-267b041e570e
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.235.95.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-95-169.compute-1.amazonaws.com
Software
/
Resource Hash
deb773e606605d32bdde08987d595a6c2d6a5db01b946215c5bd86e6998bf03e

Request headers

Referer
https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 19:09:21 GMT
content-encoding
gzip
vary
Accept-Encoding, User-Agent
content-type
application/javascript
image-placeholder.png
ncose.salsalabs.org/public/images/ 		68 B
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ncose.salsalabs.org/public/images/image-placeholder.png
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.235.95.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-95-169.compute-1.amazonaws.com
Software
/
Resource Hash
0464f45b495a5aac8d0e6edd4cc000fef4d3f90187ba1a7b7faf39cf4087085f
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; font-src https: data:; connect-src https:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 19:09:21 GMT
x-content-type-options
nosniff
last-modified
Mon, 17 Aug 2020 08:22:12 GMT
etag
W/"/kX+kCbVZcQ/kX/4N1XnqA"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=3600,public
content-security-policy
block-all-mixed-content; default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; font-src https: data:; connect-src https:
accept-ranges
bytes
content-length
68
x-xss-protection
1
8eb01da1-7b02-4148-9a5f-986a5f5cee37
ncose.salsalabs.org/api/widget/fundraising/ 		144 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ncose.salsalabs.org/api/widget/fundraising/8eb01da1-7b02-4148-9a5f-986a5f5cee37?tId=id_8eb01da17b0241489a5f986a5f5cee37&eId=689ebed1-08d0-4be3-990a-3d951e4a4c8a&eType=Page&lsi=sli-forms-styles_v02&bo=true
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.235.95.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-95-169.compute-1.amazonaws.com
Software
/
Resource Hash
c74c30dd26c296159e395fe78795e75a9997a0ae9f8c8a9df5bddf344209acfd

Request headers

Referer
https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 19:09:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
vary
Accept-Encoding, User-Agent
content-type
application/javascript;charset=utf-8
gtm.js
www.googletagmanager.com/ 		131 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PFFJPG3
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/PT16280c2b-f0c9-441b-9c54-267b041e570e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cc82b8ff3d6a66a4dae9cb35ad11aa20d4ba925888e88c199f464e19fb7338d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 19:09:21 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46616
x-xss-protection
0
last-modified
Tue, 01 Dec 2020 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 01 Dec 2020 19:09:21 GMT
css
fonts.googleapis.com/ 		38 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Vollkorn:400,400italic,700,700italic|Roboto:400,400italic,700,700italic|Cardo:400,400italic,700|Open+Sans:400,400italic,700,700italic|Droid+Sans:400,700|Josefin+Sans:400,400italic,700,700italic|Josefin+Slab:400,400italic,700,700italic|Oleo+Script:400,700|Cabin+Sketch:400,700|Lobster|Poiret+One&subset=latin,cyrillic
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/public/styles/sli-forms-styles_v02.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
494f7d31dc8df0493ada04a2d9ee0e1b437b8277c475b53e41b0e7a7a9091fe7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ncose.salsalabs.org/public/styles/sli-forms-styles_v02.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 01 Dec 2020 19:09:21 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
date
Tue, 01 Dec 2020 19:09:21 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Tue, 01 Dec 2020 19:09:21 GMT
1e7bfb91-bb03-41e1-8214-21c20a20582d.jpg
ncose.salsalabs.org/689ebed1-08d0-4be3-990a-3d951e4a4c8a/ 		150 KB
151 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ncose.salsalabs.org/689ebed1-08d0-4be3-990a-3d951e4a4c8a/1e7bfb91-bb03-41e1-8214-21c20a20582d.jpg
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.235.95.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-95-169.compute-1.amazonaws.com
Software
/
Resource Hash
04ed29949f5e9fb58f7374fb7dab4b666fbcc17f661bc17711cc2d54456c49f9
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; font-src https: data:; connect-src https:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 19:09:21 GMT
x-content-type-options
nosniff
last-modified
Tue, 24 Nov 2020 15:47:38 GMT
etag
W/"AA9I2LSDg4MAA9JrE5xhiI"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=3600,public
content-security-policy
block-all-mixed-content; default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; font-src https: data:; connect-src https:
accept-ranges
bytes
content-length
153649
x-xss-protection
1
hotjar-2031736.js
static.hotjar.com/c/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2031736.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PFFJPG3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.80.58 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-80-58.fra2.r.cloudfront.net
Software
/
Resource Hash
f8bdcd91efb7159a5a3b8cd6a71c15f2bb8a1fbb11f224314ec3b86ffa1522c2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 19:09:21 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
FRA2-C2
etag
W/0e0af99972c7766e3a19116e7f778c6b
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-origin
*
x-cache-hit
1
content-length
1565
via
1.1 216b2e0a8a27f8fca1b540a1c4ea6922.cloudfront.net (CloudFront)
x-amz-cf-id
g5mZ_3CbkFU1Zo09mvnZCaxtQn6Js_bDq7B37Pd5XBQa7c2HHz_nqA==
analytics.js
www.google-analytics.com/ 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PFFJPG3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
4800
date
Tue, 01 Dec 2020 17:49:21 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Tue, 01 Dec 2020 19:49:21 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 13:58:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18631
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30306
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Dec 2021 13:58:50 GMT
collect
www.google-analytics.com/j/ 		2 B
27 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=285266787&t=pageview&_s=1&dl=https%3A%2F%2Fncose.salsalabs.org%2Fgivingtuesday%2Findex.html%3Futm_source%3Demma%26utm_medium%3Demail%26utm_campaign%3DMW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122%26utm_content%3Dempower_end-sex-trafficking_nil_nil%26s_src%3DEAPMW20122%26mwsc%3DNCOSE-206-EAPMW20122%26eType%3DEmailBlastContent%26eId%3Db4e98d18-83d0-4800-bc23-e2adcbc1a04b&ul=en-us&de=UTF-8&dt=Giving%20Tuesday%202020%20-%20National%20Center%20on%20Sexual%20Exploitation&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1813175234&gjid=1197413236&cid=815295327.1606849761&tid=UA-37619964-8&_gid=272209436.1606849761&_r=1&gtm=2wgb41PFFJPG3&z=1939322194
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 01 Dec 2020 19:09:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ncose.salsalabs.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=285266787&t=pageview&_s=1&dl=https%3A%2F%2Fncose.salsalabs.org%2Fgivingtuesday%2Findex.html%3Futm_source%3Demma%26utm_medium%3Demail%26utm_campaign%3DMW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122%26utm_content%3Dempower_end-sex-trafficking_nil_nil%26s_src%3DEAPMW20122%26mwsc%3DNCOSE-206-EAPMW20122%26eType%3DEmailBlastContent%26eId%3Db4e98d18-83d0-4800-bc23-e2adcbc1a04b&ul=en-us&de=UTF-8&dt=Giving%20Tuesday%202020%20-%20National%20Center%20on%20Sexual%20Exploitation&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAAC~&jid=1959263020&gjid=1464832266&cid=815295327.1606849761&tid=UA-37619964-10&_gid=272209436.1606849761&_r=1&gtm=2wgb41PFFJPG3&z=221247909
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 01 Dec 2020 19:09:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ncose.salsalabs.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
dd7318c3-5d0a-474e-9dea-4448632927a1.js
epiphany.masterworks.com/containers/ 		234 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://epiphany.masterworks.com/containers/dd7318c3-5d0a-474e-9dea-4448632927a1.js
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.76.202.94 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
646ea74785c4c3db2c8f06c4b73fe17d5e306f55f68fe85c6d6e3d56ecf196be

Request headers

Referer
https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 19:09:21 GMT
content-encoding
gzip
vary
Accept-Encoding, Accept-Encoding, Cookie
cache-control
public, must-revalidate, max-age=360
x-robots-tag
none
transfer-encoding
chunked
content-type
application/javascript; charset=utf-8
s.js
cdn.siftscience.com/ 		61 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.siftscience.com/s.js
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/api/widget/fundraising/8eb01da1-7b02-4148-9a5f-986a5f5cee37?tId=id_8eb01da17b0241489a5f986a5f5cee37&eId=689ebed1-08d0-4be3-990a-3d951e4a4c8a&eType=Page&lsi=sli-forms-styles_v02&bo=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.67.224 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.67.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
7921df86278b7fa9be0cbd78d9990071763ec4e9e88aaff2c3d466723090b8ae

Request headers

Referer
https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 17:04:33 GMT
content-encoding
gzip
age
7488
x-guploader-uploadid
ABg5-Uy2pawPp5xcrC1kZhKov-XIvIjMpkBobSbYF22PrALTxHo48FZa2lf9f0je_GUL_PFvmhE3lNV0DdX7bYW0cImdNf7F7w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
20452
last-modified
Thu, 09 Apr 2020 21:59:13 GMT
server
UploadServer
etag
"07cb8203158abb26b3c18318350e7b36"
vary
Accept-Encoding
x-goog-hash
crc32c=fIrBTA==, md5=B8uCAxWKuyazwYMYNQ57Ng==
x-goog-generation
1586469553682331
cache-control
public, max-age=86400
x-goog-stored-content-length
20452
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 02 Dec 2020 17:04:33 GMT
ddplugin.js
doublethedonation.com/api/js/ 		308 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://doublethedonation.com/api/js/ddplugin.js
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/api/widget/fundraising/8eb01da1-7b02-4148-9a5f-986a5f5cee37?tId=id_8eb01da17b0241489a5f986a5f5cee37&eId=689ebed1-08d0-4be3-990a-3d951e4a4c8a&eType=Page&lsi=sli-forms-styles_v02&bo=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.96.109.67 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
ee00893d8172532efcc253ef2ece426bd849b425e32905abeb9dc9c560e916b0

Request headers

Referer
https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 19:09:21 GMT
content-encoding
br
last-modified
Mon, 30 Nov 2020 20:30:31 GMT
server
nginx
x-cache-status
BYPASS
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
x-proxy-cache
BYPASS
ddplugin.css
doublethedonation.com/api/css/ 		141 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://doublethedonation.com/api/css/ddplugin.css
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/api/widget/fundraising/8eb01da1-7b02-4148-9a5f-986a5f5cee37?tId=id_8eb01da17b0241489a5f986a5f5cee37&eId=689ebed1-08d0-4be3-990a-3d951e4a4c8a&eType=Page&lsi=sli-forms-styles_v02&bo=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.96.109.67 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
bf3312c41e1d4096bdbd390333fdc6ab72d4a3d6d7636b239ed2dea7b6f39f14

Request headers

Referer
https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 19:09:21 GMT
content-encoding
br
last-modified
Mon, 30 Nov 2020 20:30:33 GMT
server
nginx
x-cache-status
BYPASS
vary
Accept-Encoding
content-type
text/css; charset=utf-8
x-proxy-cache
BYPASS
tokenization.v2.js
static.wepay.com/js/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.wepay.com/js/tokenization.v2.js
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/api/widget/fundraising/8eb01da1-7b02-4148-9a5f-986a5f5cee37?tId=id_8eb01da17b0241489a5f986a5f5cee37&eId=689ebed1-08d0-4be3-990a-3d951e4a4c8a&eType=Page&lsi=sli-forms-styles_v02&bo=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
130.211.164.108 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
108.164.211.130.bc.googleusercontent.com
Software
nginx /
Resource Hash
a5dabe8694defff7761877d38bfd931a20ff6f62ca06de76c56d94f10eb048a5

Request headers

Referer
https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 01 Dec 2020 19:09:22 GMT
Content-Encoding
gzip
Last-Modified
Thu, 19 Nov 2020 22:47:45 GMT
Server
nginx
ETag
W/"5fb6f611-4aac"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=21600, public
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Wed, 02 Dec 2020 01:09:22 GMT
script.min.js
default.salsalabs.org/public/scripts/ 		574 KB
162 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://default.salsalabs.org/public/scripts/script.min.js
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/api/widget/fundraising/8eb01da1-7b02-4148-9a5f-986a5f5cee37?tId=id_8eb01da17b0241489a5f986a5f5cee37&eId=689ebed1-08d0-4be3-990a-3d951e4a4c8a&eType=Page&lsi=sli-forms-styles_v02&bo=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.235.95.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-95-169.compute-1.amazonaws.com
Software
/
Resource Hash
713325fc37db97d0be0c672eacaa1ccbbe0e1543287b542ec3b2242f0a369f96
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; font-src https: data:; connect-src https:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 19:09:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 09 Nov 2020 08:18:44 GMT
etag
W/"/PI2HKWF2iI/PI3aAmY0oY--gzip"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=3600,public
content-security-policy
block-all-mixed-content; default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; font-src https: data:; connect-src https:
accept-ranges
bytes
vary
Accept-Encoding, User-Agent
x-xss-protection
1
modules.a6cfc71c5ac4549d913e.js
script.hotjar.com/ 		220 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.a6cfc71c5ac4549d913e.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2031736.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.194.56 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-56.fra2.r.cloudfront.net
Software
/
Resource Hash
8d0b6ddd322b5b941b117a7a522068fc75265166d0e266d1d5ca6e26c20d631d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 16:39:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
8987
x-cache
Hit from cloudfront
content-length
59018
access-control-allow-origin
*
last-modified
Tue, 01 Dec 2020 16:35:53 GMT
etag
"3ecff6a9d681388be75eb395d9a8f566"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
PzuhX2STge5kNXuTk4zpsrx73ZYT3h-b_xvrvUP6XNmCNARLHP95Vg==
collect
stats.g.doubleclick.net/j/ 		1 B
87 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-37619964-8&cid=815295327.1606849761&jid=1813175234&gjid=1197413236&_gid=272209436.1606849761&_u=YEBAAEAAAAAAAC~&z=1145689821
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 01 Dec 2020 19:09:21 GMT
content-type
text/plain
access-control-allow-origin
https://ncose.salsalabs.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 10AE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2031736.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.194.18 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-18.fra2.r.cloudfront.net
Software
/
Resource Hash

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b

Response headers

content-type
text/html
content-length
851
date
Mon, 23 Nov 2020 17:01:03 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"d594f1d4c3e5dbd6b556c60d34e0daea"
last-modified
Mon, 23 Nov 2020 15:41:01 GMT
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
8J9rKTpRVh6gTVYMMWZN3eqa5khiNGdfWZ3l46Jrt73IdLW16SR74g==
age
698898
visit-data
in.hotjar.com/api/v2/client/sites/2031736/ 		178 B
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/2031736/visit-data?sv=7
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.a6cfc71c5ac4549d913e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.24.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-24-70.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd

Request headers

Referer
https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 01 Dec 2020 19:09:21 GMT
content-encoding
br
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/json
ppms.js
epiphany.masterworks.com/ 		69 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://epiphany.masterworks.com/ppms.js
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.76.202.94 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3f4563efbc52fb808a3c641fedd030821b6eab2aea84276b4da8e52e183cf5ef

Request headers

Referer
https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 19:09:22 GMT
content-encoding
gzip
last-modified
Fri, 13 Nov 2020 15:01:11 GMT
etag
W/"5fae9fb7-1153f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
transfer-encoding
chunked
expires
Thu, 31 Dec 2020 19:09:22 GMT
fbevents.js
connect.facebook.net/en_US/ 		89 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0e49c2b4e86d3fda1dda93eb1210a47712f7b091181b4e7c6da2b3e6f8e86396
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23320
x-xss-protection
0
pragma
public
x-fb-debug
6xrbo+pBRnqV3LVo8PdFfmU6/T0dgjbquC3JyvmwFIEt10n0FeeMYFZlkNobFEG/CNxpTsv/x+bAQZWanFsjQA==
x-fb-trip-id
2050670934
x-frame-options
DENY
date
Tue, 01 Dec 2020 19:09:22 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
trackpoint-async.js
s2.adform.net/banners/scripts/st/
Redirect Chain
  • https://a2.adform.net/serving/scripts/trackpoint/async/
  • https://s2.adform.net/banners/scripts/st/trackpoint-async.js
80 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
1eb116eebdec1a3282c8d2b2e1e9da65fd55bbaea67e88af0b61059e6a0a1a68

Request headers

Referer
https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 19:09:22 GMT
content-encoding
gzip
last-modified
Thu, 08 Oct 2020 10:57:49 GMT
server
nginx
etag
W/"5f7ef0ad-140fb"
x-cache-status
HIT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript

Redirect headers

location
https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date
Tue, 01 Dec 2020 19:09:22 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/html
audience-manager.api.min.js
epiphany.masterworks.com/audiences/static/widget/ 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://epiphany.masterworks.com/audiences/static/widget/audience-manager.api.min.js
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.76.202.94 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c8da6a11dbebdd2d4bbddf7c1545babd59ad8a60791afcfe460022d081d4fe2b

Request headers

Referer
https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 19:09:22 GMT
content-encoding
gzip
last-modified
Wed, 08 Jul 2020 13:00:59 GMT
etag
W/"5f05c38b-6611"
transfer-encoding
chunked
content-type
application/javascript
/
p1.zemanta.com/p/8045/8519/ 		26 B
184 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.zemanta.com/p/8045/8519/
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.209.93.168 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
168.93.209.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 19:09:22 GMT
via
1.1 google
server
Google Frontend
content-type
image/gif
x-cloud-trace-context
fec110026eb43a66c90ccf0d62dc97f4
x-robots-tag
none
alt-svc
clear
content-length
26
774787549759242
connect.facebook.net/signals/config/ 		238 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/774787549759242?v=2.9.29&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
df6cd98885d6e6798fc6aaf32cbf25df0e6e2328dcb5eb8705c68a641aceac21
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
uBhE+pEjDS+c1U3DPHbXLWG+UYRWoDbEGDTdowz382iZnLBW3NXy0BmqErh5qasru+Id4IDxGhM5wsnF0w2GAw==
x-fb-trip-id
2050670934
x-frame-options
DENY
date
Tue, 01 Dec 2020 19:09:22 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-content-id
221813782
expires
Sat, 01 Jan 2000 00:00:00 GMT
ppms.php
epiphany.masterworks.com/ 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epiphany.masterworks.com/ppms.php?action_name=Giving%20Tuesday%202020%20-%20National%20Center%20on%20Sexual%20Exploitation&idsite=dd7318c3-5d0a-474e-9dea-4448632927a1&rec=1&r=930432&h=20&m=9&s=22&url=https%3A%2F%2Fncose.salsalabs.org%2Fgivingtuesday%2Findex.html%3Futm_source%3Demma%26utm_medium%3Demail%26utm_campaign%3DMW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122%26utm_content%3Dempower_end-sex-trafficking_nil_nil%26s_src%3DEAPMW20122%26mwsc%3DNCOSE-206-EAPMW20122%26eType%3DEmailBlastContent%26eId%3Db4e98d18-83d0-4800-bc23-e2adcbc1a04b&_id=8225e2cfcbe3141d&_idts=1606849762&_idvc=1&_idn=0&_viewts=1606849762&send_image=1&cookie=1&res=1600x1200&gt_ms=145&pv_id=8FHT2T
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.76.202.94 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 19:09:22 GMT
transfer-encoding
chunked
content-type
image/gif
734814240055581
connect.facebook.net/signals/config/ 		239 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/734814240055581?v=2.9.29&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
785da77d5701e4d1f1150d2986ebcafdd62335035759d343b1926b786be5c7f4
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
70413
x-xss-protection
0
pragma
public
x-fb-debug
bzIiP61co4OT8Bmmq8Kudgw8q49uzLld2VHk2CLi9DJrxQJf8F/GgXiPfYk3wtd5FCtKcsOU9y2wHefUrcjGbw==
x-fb-trip-id
2050670934
x-frame-options
DENY
date
Tue, 01 Dec 2020 19:09:22 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-content-id
1658638324
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=774787549759242&ev=PageView&dl=https%3A%2F%2Fncose.salsalabs.org%2Fgivingtuesday%2Findex.html%3Futm_source%3Demma%26utm_medium%3Demail%26utm_campaign%3DMW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122%26utm_content%3Dempower_end-sex-trafficking_nil_nil%26s_src%3DEAPMW20122%26mwsc%3DNCOSE-206-EAPMW20122%26eType%3DEmailBlastContent%26eId%3Db4e98d18-83d0-4800-bc23-e2adcbc1a04b&rl=&if=false&ts=1606849762468&sw=1600&sh=1200&v=2.9.29&r=stable&ec=0&o=30&fbp=fb.1.1606849762467.1240576954&it=1606849762283&coo=false&rqm=GET
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 19:09:22 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Tue, 01 Dec 2020 19:09:22 GMT
/
www.facebook.com/tr/ 		44 B
212 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=734814240055581&ev=PageView&dl=https%3A%2F%2Fncose.salsalabs.org%2Fgivingtuesday%2Findex.html%3Futm_source%3Demma%26utm_medium%3Demail%26utm_campaign%3DMW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122%26utm_content%3Dempower_end-sex-trafficking_nil_nil%26s_src%3DEAPMW20122%26mwsc%3DNCOSE-206-EAPMW20122%26eType%3DEmailBlastContent%26eId%3Db4e98d18-83d0-4800-bc23-e2adcbc1a04b&rl=&if=false&ts=1606849762470&sw=1600&sh=1200&v=2.9.29&r=stable&ec=0&o=30&fbp=fb.1.1606849762467.1240576954&it=1606849762283&coo=false&rqm=GET
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 19:09:22 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Tue, 01 Dec 2020 19:09:22 GMT
/
www.facebook.com/tr/ 		44 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=774787549759242&ev=ViewContent&dl=https%3A%2F%2Fncose.salsalabs.org%2Fgivingtuesday%2Findex.html%3Futm_source%3Demma%26utm_medium%3Demail%26utm_campaign%3DMW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122%26utm_content%3Dempower_end-sex-trafficking_nil_nil%26s_src%3DEAPMW20122%26mwsc%3DNCOSE-206-EAPMW20122%26eType%3DEmailBlastContent%26eId%3Db4e98d18-83d0-4800-bc23-e2adcbc1a04b&rl=&if=false&ts=1606849762471&sw=1600&sh=1200&v=2.9.29&r=stable&ec=1&o=30&fbp=fb.1.1606849762467.1240576954&it=1606849762283&coo=false&rqm=GET
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 19:09:22 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Tue, 01 Dec 2020 19:09:22 GMT
/
www.facebook.com/tr/ 		44 B
211 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=734814240055581&ev=ViewContent&dl=https%3A%2F%2Fncose.salsalabs.org%2Fgivingtuesday%2Findex.html%3Futm_source%3Demma%26utm_medium%3Demail%26utm_campaign%3DMW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122%26utm_content%3Dempower_end-sex-trafficking_nil_nil%26s_src%3DEAPMW20122%26mwsc%3DNCOSE-206-EAPMW20122%26eType%3DEmailBlastContent%26eId%3Db4e98d18-83d0-4800-bc23-e2adcbc1a04b&rl=&if=false&ts=1606849762471&sw=1600&sh=1200&v=2.9.29&r=stable&ec=1&o=30&fbp=fb.1.1606849762467.1240576954&it=1606849762283&coo=false&rqm=GET
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 19:09:22 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Tue, 01 Dec 2020 19:09:22 GMT
/
a2.adform.net/Serving/TrackPoint/
Redirect Chain
  • https://a2.adform.net/Serving/TrackPoint/?pm=2181911&ADFdivider=%7C&ord=813206542015&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzdjEiOjAsInN2OCI6MCwic3Y5NyI6MH0&loc=https%3A%2F%2Fncose....
  • https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2181911&ADFdivider=%7C&ord=813206542015&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzdjEiOjAsInN2OCI6MCwic3Y5NyI6MH0&loc=https%3A%2F%2Fn...
747 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2181911&ADFdivider=%7C&ord=813206542015&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzdjEiOjAsInN2OCI6MCwic3Y5NyI6MH0&loc=https%3A%2F%2Fncose.salsalabs.org%2Fgivingtuesday%2Findex.html%3Futm_source%3Demma%26utm_medium%3Demail%26utm_campaign%3DMW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122%26utm_content%3Dempower_end-sex-trafficking_nil_nil%26s_src%3DEAPMW20122%26mwsc%3DNCOSE-206-EAPMW20122%26eType%3DEmailBlastContent%26eId%3Db4e98d18-83d0-4800-bc23-e2adcbc1a04b
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8da3fd9cbc356911e17bbeca13a4253fa71a897cbc29cf09cb5cd6acb7e8af2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Dec 2020 19:09:23 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
624
expires
-1

Redirect headers

pragma
no-cache
date
Tue, 01 Dec 2020 19:09:22 GMT
server
nginx
location
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2181911&ADFdivider=%7C&ord=813206542015&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzdjEiOjAsInN2OCI6MCwic3Y5NyI6MH0&loc=https%3A%2F%2Fncose.salsalabs.org%2Fgivingtuesday%2Findex.html%3Futm_source%3Demma%26utm_medium%3Demail%26utm_campaign%3DMW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122%26utm_content%3Dempower_end-sex-trafficking_nil_nil%26s_src%3DEAPMW20122%26mwsc%3DNCOSE-206-EAPMW20122%26eType%3DEmailBlastContent%26eId%3Db4e98d18-83d0-4800-bc23-e2adcbc1a04b
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
text/html; charset=utf-8
expires
-1
/
www.facebook.com/tr/ 		44 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=774787549759242&ev=Microdata&dl=https%3A%2F%2Fncose.salsalabs.org%2Fgivingtuesday%2Findex.html%3Futm_source%3Demma%26utm_medium%3Demail%26utm_campaign%3DMW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122%26utm_content%3Dempower_end-sex-trafficking_nil_nil%26s_src%3DEAPMW20122%26mwsc%3DNCOSE-206-EAPMW20122%26eType%3DEmailBlastContent%26eId%3Db4e98d18-83d0-4800-bc23-e2adcbc1a04b&rl=&if=false&ts=1606849762971&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Giving%20Tuesday%202020%20-%20National%20Center%20on%20Sexual%20Exploitation%22%2C%22meta%3Akeywords%22%3A%22donate%20to%20end%20traffickingend%20sexual%20exploitationcharity%20to%20end%20trafficking%22%2C%22meta%3Adescription%22%3A%22Stand%20with%20us%20today.%20Help%20end%20sexual%20exploitation%20as%20it%20exists%20covertly%20and%20overtly%20in%20communities%20as%20close%20as%20our%20own%20backyards.%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22National%20Center%20on%20Sexual%20Exploitation%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fncose.salsalabs.org%2Fgivingtuesday%2Findex.html%22%2C%22twitter%3Acard%22%3A%22summary%22%2C%22twitter%3Asite_name%22%3A%22National%20Center%20on%20Sexual%20Exploitation%22%2C%22twitter%3Aurl%22%3A%22https%3A%2F%2Fncose.salsalabs.org%2Fgivingtuesday%2Findex.html%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.29&r=stable&ec=2&o=30&fbp=fb.1.1606849762467.1240576954&it=1606849762283&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 19:09:22 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Tue, 01 Dec 2020 19:09:22 GMT
/
www.facebook.com/tr/ 		44 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=734814240055581&ev=Microdata&dl=https%3A%2F%2Fncose.salsalabs.org%2Fgivingtuesday%2Findex.html%3Futm_source%3Demma%26utm_medium%3Demail%26utm_campaign%3DMW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122%26utm_content%3Dempower_end-sex-trafficking_nil_nil%26s_src%3DEAPMW20122%26mwsc%3DNCOSE-206-EAPMW20122%26eType%3DEmailBlastContent%26eId%3Db4e98d18-83d0-4800-bc23-e2adcbc1a04b&rl=&if=false&ts=1606849762972&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Giving%20Tuesday%202020%20-%20National%20Center%20on%20Sexual%20Exploitation%22%2C%22meta%3Akeywords%22%3A%22donate%20to%20end%20traffickingend%20sexual%20exploitationcharity%20to%20end%20trafficking%22%2C%22meta%3Adescription%22%3A%22Stand%20with%20us%20today.%20Help%20end%20sexual%20exploitation%20as%20it%20exists%20covertly%20and%20overtly%20in%20communities%20as%20close%20as%20our%20own%20backyards.%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22National%20Center%20on%20Sexual%20Exploitation%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fncose.salsalabs.org%2Fgivingtuesday%2Findex.html%22%2C%22twitter%3Acard%22%3A%22summary%22%2C%22twitter%3Asite_name%22%3A%22National%20Center%20on%20Sexual%20Exploitation%22%2C%22twitter%3Aurl%22%3A%22https%3A%2F%2Fncose.salsalabs.org%2Fgivingtuesday%2Findex.html%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.29&r=stable&ec=2&o=30&fbp=fb.1.1606849762467.1240576954&it=1606849762283&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 19:09:22 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Tue, 01 Dec 2020 19:09:22 GMT
pixels
c1.adform.net/imatch/ Frame 68B8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/imatch/pixels?uid=6556125445894063722&agencyId=5212&advertiserId=2079548&src=tp&rnd=309291
Requested by
Host: a2.adform.net
URL: https://a2.adform.net/Serving/TrackPoint/?pm=2181911&ADFdivider=%7C&ord=813206542015&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzdjEiOjAsInN2OCI6MCwic3Y5NyI6MH0&loc=https%3A%2F%2Fncose.salsalabs.org%2Fgivingtuesday%2Findex.html%3Futm_source%3Demma%26utm_medium%3Demail%26utm_campaign%3DMW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122%26utm_content%3Dempower_end-sex-trafficking_nil_nil%26s_src%3DEAPMW20122%26mwsc%3DNCOSE-206-EAPMW20122%26eType%3DEmailBlastContent%26eId%3Db4e98d18-83d0-4800-bc23-e2adcbc1a04b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/imatch/pixels?uid=6556125445894063722&agencyId=5212&advertiserId=2079548&src=tp&rnd=309291
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
C=1; uid=6556125445894063722; CM=1|0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b

Response headers

server
nginx
date
Tue, 01 Dec 2020 19:09:23 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
CM14=1606936163_1606849763_1_Hu7u7u4e4e7u7u4REREeEREREREeERA; expires=Tue, 15 Dec 2020 19:09:23 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
ppms.php
epiphany.masterworks.com/ 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epiphany.masterworks.com/ppms.php?ping=1&idsite=dd7318c3-5d0a-474e-9dea-4448632927a1&rec=1&r=607789&h=20&m=9&s=22&url=https%3A%2F%2Fncose.salsalabs.org%2Fgivingtuesday%2Findex.html%3Futm_source%3Demma%26utm_medium%3Demail%26utm_campaign%3DMW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122%26utm_content%3Dempower_end-sex-trafficking_nil_nil%26s_src%3DEAPMW20122%26mwsc%3DNCOSE-206-EAPMW20122%26eType%3DEmailBlastContent%26eId%3Db4e98d18-83d0-4800-bc23-e2adcbc1a04b&_id=8225e2cfcbe3141d&_idts=1606849762&_idvc=1&_idn=0&_viewts=1606849762&send_image=1&cookie=1&res=1600x1200&dimension1=NCOSE-206-EAPMW20122&gt_ms=145&pv_id=8FHT2T
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.76.202.94 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 19:09:23 GMT
transfer-encoding
chunked
content-type
image/gif
/
track.adform.net/Serving/Cookie/ 		92 B
515 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/Cookie/?adfaction=getjs;adfcookname=uid
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
9abff422505a07f3967136e396799175d7c6221e9d19cdc024a91c27c81ec1a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Dec 2020 19:09:25 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
201
expires
-1
formValidation.min.css
default.salsalabs.org/public/styles/ 		95 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://default.salsalabs.org/public/styles/formValidation.min.css
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/api/widget/fundraising/8eb01da1-7b02-4148-9a5f-986a5f5cee37?tId=id_8eb01da17b0241489a5f986a5f5cee37&eId=689ebed1-08d0-4be3-990a-3d951e4a4c8a&eType=Page&lsi=sli-forms-styles_v02&bo=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.235.95.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-95-169.compute-1.amazonaws.com
Software
/
Resource Hash
1046664e470aa1ded3db426070d3dbc498a191153ffc52621638bf1e3bbafdcf
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; font-src https: data:; connect-src https:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 19:09:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 09 Nov 2020 08:19:12 GMT
etag
W/"EKoHgLv6bwQEKoG9BftfqM--gzip"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/css
cache-control
max-age=3600,public
content-security-policy
block-all-mixed-content; default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; font-src https: data:; connect-src https:
accept-ranges
bytes
vary
Accept-Encoding, User-Agent
x-xss-protection
1
truncated
/ 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3712c17c27414c5a3981a0c1946d831001f5ad4e45b62577c08928c37f6ec8d4

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
7049254c-06e6-4a0e-99d4-e37dd5e1bf07
donate.salsalabs.org/api/transactions/gateway/ 		539 B
630 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://donate.salsalabs.org/api/transactions/gateway/7049254c-06e6-4a0e-99d4-e37dd5e1bf07
Requested by
Host: default.salsalabs.org
URL: https://default.salsalabs.org/public/scripts/script.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.112.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-112-198.compute-1.amazonaws.com
Software
/
Resource Hash
fee1271b24a80c47e019934493eb1c84d1472b21f2cbea697080fd330292b2ca

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 19:09:26 GMT
content-encoding
gzip
vary
Accept-Encoding, User-Agent
content-type
application/json
access-control-allow-origin
https://ncose.salsalabs.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
409
sli-forms-styles_v02.css
default.salsalabs.org/public/styles/ 		135 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://default.salsalabs.org/public/styles/sli-forms-styles_v02.css
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/api/widget/fundraising/8eb01da1-7b02-4148-9a5f-986a5f5cee37?tId=id_8eb01da17b0241489a5f986a5f5cee37&eId=689ebed1-08d0-4be3-990a-3d951e4a4c8a&eType=Page&lsi=sli-forms-styles_v02&bo=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.235.95.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-95-169.compute-1.amazonaws.com
Software
/
Resource Hash
c5cdb515536b077e08611884f36fdb72997b69423624393f93aace6bd3a56878
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; font-src https: data:; connect-src https:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 19:09:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 06 Sep 2020 19:43:52 GMT
etag
W/"SUiv9BO5u/kSUiugHdJ54k--gzip"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/css
cache-control
max-age=3600,public
content-security-policy
block-all-mixed-content; default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; font-src https: data:; connect-src https:
accept-ranges
bytes
vary
Accept-Encoding, User-Agent
x-xss-protection
1
SFC2c0fcfea-4537-46c5-a787-304d234f349b
default.salsalabs.org/public/ 		324 B
523 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://default.salsalabs.org/public/SFC2c0fcfea-4537-46c5-a787-304d234f349b?_=1606849761800
Requested by
Host: default.salsalabs.org
URL: https://default.salsalabs.org/public/scripts/script.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.235.95.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-95-169.compute-1.amazonaws.com
Software
/
Resource Hash
37f7fcec1eb4bf65ca0ebf48da456919cf2e078eba4a0de6e76c4cd87d0238ac

Request headers

Accept
*/*
Referer
https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
https://ncose.salsalabs.org
date
Tue, 01 Dec 2020 19:09:26 GMT
content-encoding
gzip
access-control-allow-credentials
true
vary
Accept-Encoding, User-Agent
content-type
application/json
b24c86d5-9708-4f50-a752-4614232128cc.png
ncose.salsalabs.org/689ebed1-08d0-4be3-990a-3d951e4a4c8a/ 		103 KB
103 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ncose.salsalabs.org/689ebed1-08d0-4be3-990a-3d951e4a4c8a/b24c86d5-9708-4f50-a752-4614232128cc.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.235.95.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-95-169.compute-1.amazonaws.com
Software
/
Resource Hash
0a2c8bf9d6c17f7e51fad7ba9a9d3fb569884902bef13a20988d36131d90dbac
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; font-src https: data:; connect-src https:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 19:09:26 GMT
x-content-type-options
nosniff
last-modified
Tue, 24 Nov 2020 15:47:38 GMT
etag
W/"5YLi+OwQyKo5YLjjBbhD5M"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=3600,public
content-security-policy
block-all-mixed-content; default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; font-src https: data:; connect-src https:
accept-ranges
bytes
content-length
105129
x-xss-protection
1
ff220f86-2fb8-452a-85cd-0bcb45342bd4.png
ncose.salsalabs.org/689ebed1-08d0-4be3-990a-3d951e4a4c8a/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ncose.salsalabs.org/689ebed1-08d0-4be3-990a-3d951e4a4c8a/ff220f86-2fb8-452a-85cd-0bcb45342bd4.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.235.95.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-95-169.compute-1.amazonaws.com
Software
/
Resource Hash
8af6c2b86bbe113345150fe7b25435e2e33f778bf4ac5be4b9fa0fe1103f9dcc
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; font-src https: data:; connect-src https:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 19:09:26 GMT
x-content-type-options
nosniff
last-modified
Tue, 24 Nov 2020 15:47:38 GMT
etag
W/"SdzBtAw5MMwSdzAwPbJ8/s"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=3600,public
content-security-policy
block-all-mixed-content; default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; font-src https: data:; connect-src https:
accept-ranges
bytes
content-length
40615
x-xss-protection
1
876572.gif
hexagon-analytics.com/images/ 		43 B
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hexagon-analytics.com/images/876572.gif?bk=64d426901e&tm=4683&r=839911753&v=105&cs=UTF-8&h=ncose.salsalabs.org&l=en-US&S=a3d2abd2f022c6f97110d0bada990c42&uu=73cc65df6decf531255cab95873b8f6&t=Giving%20Tuesday%202020%20-%20National%20Center%20on%20Sexual%20Exploitation&u=https%3A%2F%2Fncose.salsalabs.org%2Fgivingtuesday%2Findex.html%3Futm_source%3Demma%26utm_medium%3Demail%26utm_campaign%3DMW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122%26&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&nm=0&mh=d41d8cd98f00b204e9800998ecf8427e&np=0&ph=d41d8cd98f00b204e9800998ecf8427e&sh=1200&sw=1600&cd=24&p=Linux%20x86_64&to=-60&d=60&ce=true&tp=0&ol=true&pr=Gecko&ps=20030107&vd=Google%20Inc.&vs=&hc=16&je=false&ss=true&ls=true&in=true&db=false&tl=false&tr=false&ts=true&tb=false&ab=false&cf=d070d7f80ecae06d18d89fb70ca3f89e&z=z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.232.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
42.232.102.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Dec 2020 19:09:26 GMT
via
1.1 google
x-content-type-options
nosniff
server
nginx
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
clear
expires
Thu, 01 Jan 1970 00:00:00 GMT
formValidation.min.css
default.salsalabs.org/public/styles/ 		95 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://default.salsalabs.org/public/styles/formValidation.min.css
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.235.95.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-95-169.compute-1.amazonaws.com
Software
/
Resource Hash
1046664e470aa1ded3db426070d3dbc498a191153ffc52621638bf1e3bbafdcf
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; font-src https: data:; connect-src https:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 19:09:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 09 Nov 2020 08:19:12 GMT
etag
W/"EKoHgLv6bwQEKoG9BftfqM--gzip"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/css
cache-control
max-age=3600,public
content-security-policy
block-all-mixed-content; default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; font-src https: data:; connect-src https:
accept-ranges
bytes
vary
Accept-Encoding, User-Agent
x-xss-protection
1
css
fonts.googleapis.com/ 		38 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Vollkorn:400,400italic,700,700italic|Roboto:400,400italic,700,700italic|Cardo:400,400italic,700|Open+Sans:400,400italic,700,700italic|Droid+Sans:400,700|Josefin+Sans:400,400italic,700,700italic|Josefin+Slab:400,400italic,700,700italic|Oleo+Script:400,700|Cabin+Sketch:400,700|Lobster|Poiret+One&subset=latin,cyrillic
Requested by
Host: default.salsalabs.org
URL: https://default.salsalabs.org/public/styles/sli-forms-styles_v02.css
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
494f7d31dc8df0493ada04a2d9ee0e1b437b8277c475b53e41b0e7a7a9091fe7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://default.salsalabs.org/public/styles/sli-forms-styles_v02.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 01 Dec 2020 19:09:26 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
date
Tue, 01 Dec 2020 19:09:26 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Tue, 01 Dec 2020 19:09:26 GMT
sli-forms-styles_v02.css
default.salsalabs.org/public/styles/ 		135 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://default.salsalabs.org/public/styles/sli-forms-styles_v02.css
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.235.95.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-95-169.compute-1.amazonaws.com
Software
/
Resource Hash
c5cdb515536b077e08611884f36fdb72997b69423624393f93aace6bd3a56878
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; font-src https: data:; connect-src https:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 19:09:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 06 Sep 2020 19:43:52 GMT
etag
W/"SUiv9BO5u/kSUiugHdJ54k--gzip"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/css
cache-control
max-age=3600,public
content-security-policy
block-all-mixed-content; default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; font-src https: data:; connect-src https:
accept-ranges
bytes
vary
Accept-Encoding, User-Agent
x-xss-protection
1
mastercard-curved-32px-off.png
default.salsalabs.org/public/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://default.salsalabs.org/public/images/mastercard-curved-32px-off.png
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.235.95.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-95-169.compute-1.amazonaws.com
Software
/
Resource Hash
a51459e19f7dbf82c30a0d3e7bc960a8fbb14b80675ec57c755593cf68f13e87
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; font-src https: data:; connect-src https:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 19:09:26 GMT
x-content-type-options
nosniff
last-modified
Mon, 17 Aug 2020 08:22:12 GMT
etag
W/"KJsb+LJ9tVkKJsaiEn/SXc"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=3600,public
content-security-policy
block-all-mixed-content; default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; font-src https: data:; connect-src https:
accept-ranges
bytes
content-length
1806
x-xss-protection
1
discover-curved-32px-off.png
default.salsalabs.org/public/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://default.salsalabs.org/public/images/discover-curved-32px-off.png
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.235.95.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-95-169.compute-1.amazonaws.com
Software
/
Resource Hash
df8add02d4ff6ae8f5a324cf55278947246dea7674c02c269004cd0258261531
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; font-src https: data:; connect-src https:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 19:09:26 GMT
x-content-type-options
nosniff
last-modified
Mon, 17 Aug 2020 08:22:12 GMT
etag
W/"j3PG4IcP7VAj3PHkHyNE8c"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=3600,public
content-security-policy
block-all-mixed-content; default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; font-src https: data:; connect-src https:
accept-ranges
bytes
content-length
1463
x-xss-protection
1
american-express-curved-32px-off.png
default.salsalabs.org/public/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://default.salsalabs.org/public/images/american-express-curved-32px-off.png
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.235.95.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-95-169.compute-1.amazonaws.com
Software
/
Resource Hash
0099dae4995b9d7adf537451ace27fd456aca2ddb04fc7d590e2d3f870ae8459
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; font-src https: data:; connect-src https:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 19:09:26 GMT
x-content-type-options
nosniff
last-modified
Mon, 17 Aug 2020 08:22:12 GMT
etag
W/"lIurTF9U92olIuqPKTWBmY"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=3600,public
content-security-policy
block-all-mixed-content; default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; font-src https: data:; connect-src https:
accept-ranges
bytes
content-length
2604
x-xss-protection
1
visa-curved-32px-off.png
default.salsalabs.org/public/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://default.salsalabs.org/public/images/visa-curved-32px-off.png
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.235.95.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-95-169.compute-1.amazonaws.com
Software
/
Resource Hash
cdbc5f393d6c73230117bc1f355de521cdcd9e5bde3b68e6cad9b39269b4c81d
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; font-src https: data:; connect-src https:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 19:09:26 GMT
x-content-type-options
nosniff
last-modified
Mon, 17 Aug 2020 08:22:12 GMT
etag
W/"EOIANENZkegEOIBRLjbbiY"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=3600,public
content-security-policy
block-all-mixed-content; default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; font-src https: data:; connect-src https:
accept-ranges
bytes
content-length
1262
x-xss-protection
1
truncated
/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dbdf14fa1d8f599d89c1b472fe8949c7a229ea42705c95b7a93f659e376b28f9

Request headers

Origin
https://ncose.salsalabs.org
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
application/x-font-ttf;charset=utf-8
css
fonts.googleapis.com/ 		38 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Vollkorn:400,400italic,700,700italic|Roboto:400,400italic,700,700italic|Cardo:400,400italic,700|Open+Sans:400,400italic,700,700italic|Droid+Sans:400,700|Josefin+Sans:400,400italic,700,700italic|Josefin+Slab:400,400italic,700,700italic|Oleo+Script:400,700|Cabin+Sketch:400,700|Lobster|Poiret+One&subset=latin,cyrillic
Requested by
Host: default.salsalabs.org
URL: https://default.salsalabs.org/public/styles/sli-forms-styles_v02.css
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
494f7d31dc8df0493ada04a2d9ee0e1b437b8277c475b53e41b0e7a7a9091fe7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://default.salsalabs.org/public/styles/sli-forms-styles_v02.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 01 Dec 2020 19:09:26 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
date
Tue, 01 Dec 2020 19:09:26 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Tue, 01 Dec 2020 19:09:26 GMT
ppms.php
epiphany.masterworks.com/ 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epiphany.masterworks.com/ppms.php?e_c=adform%20uid&e_a=adform%20uid&e_n=6556125445894063722&e_v=0&idsite=dd7318c3-5d0a-474e-9dea-4448632927a1&rec=1&r=591406&h=20&m=9&s=27&url=https%3A%2F%2Fncose.salsalabs.org%2Fgivingtuesday%2Findex.html%3Futm_source%3Demma%26utm_medium%3Demail%26utm_campaign%3DMW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122%26utm_content%3Dempower_end-sex-trafficking_nil_nil%26s_src%3DEAPMW20122%26mwsc%3DNCOSE-206-EAPMW20122%26eType%3DEmailBlastContent%26eId%3Db4e98d18-83d0-4800-bc23-e2adcbc1a04b&_id=8225e2cfcbe3141d&_idts=1606849762&_idvc=1&_idn=0&_viewts=1606849762&send_image=1&cookie=1&res=1600x1200&dimension4=6556125445894063722&dimension1=NCOSE-206-EAPMW20122&gt_ms=145&pv_id=8FHT2T
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.76.202.94 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ncose.salsalabs.org/givingtuesday/index.html?utm_source=emma&utm_medium=email&utm_campaign=MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122&utm_content=empower_end-sex-trafficking_nil_nil&s_src=EAPMW20122&mwsc=NCOSE-206-EAPMW20122&eType=EmailBlastContent&eId=b4e98d18-83d0-4800-bc23-e2adcbc1a04b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 19:09:27 GMT
transfer-encoding
chunked
content-type
image/gif

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| dataLayer object| google_tag_manager function| hj object| _hjSettings object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| $ function| jQuery object| ppms object| _igBsYIBwDqsl function| validateCCName function| applyDynamicAmounts function| updateAmountButtonAttributes function| copyStyles function| cloneAndAddAmountButton function| processToken string| src object| s object| widgetRefs object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| _sift function| __siftFlashCB undefined| Sift object| PluginDetect object| FormValidation object| Loadgo function| iFrameResize object| IGNITE object| jQuery111307332139937689832 object| WePay object| shadow$provide object| closure_lm_785442 object| doublethedonation string| SYNC_EVENT string| ONCE_PER_PAGE_VIEW_ACTION string| ONCE_PER_SESSION_ACTION string| VARIABLE_NAME string| COOKIE_PREFIX string| GLOBAL_CONFIG_NAME function| ppmsWebStorage object| sevenTag object| _paq function| fbq function| _fbq object| _adftrack object| Piwik object| AnalyticsTracker function| piwik_log object| Adform object| KJUR object| adf function| sliGoogInit object| params object| param

26 Cookies

Domain/Path Name / Value
.digitru.st/ Name: DigiTrust.v1.identity
Value: eyJpZCI6Im5xWTlGR1AydWVFPSIsInZlcnNpb24iOjIsInByb2R1Y2VyIjoiMUNyc2RVTkFvNiIsInByaXZhY3kiOnsib3B0b3V0IjpmYWxzZX19
.adform.net/ Name: CM14
Value: 1606936163_1606849763_1_Hu7u7u4e4e7u7u4REREeEREREREeERA
.adform.net/ Name: C
Value: 1
ncose.salsalabs.org/ Name: stg_utm_campaign
Value: MW_NCOSE_206-42309_givingtuesday_20201201_2_EAPMW20122
.adform.net/ Name: uid
Value: 6556125445894063722
.salsalabs.org/ Name: _gat_UA-37619964-8
Value: 1
ncose.salsalabs.org/ Name: _pk_id.dd7318c3-5d0a-474e-9dea-4448632927a1.583a
Value: 8225e2cfcbe3141d.1606849762.1.1606849763.1606849762.
ncose.salsalabs.org/ Name: stg_externalReferrer
Value:
.salsalabs.org/ Name: _fbp
Value: fb.1.1606849762467.1240576954
.salsalabs.org/ Name: _hjid
Value: 35093670-cd88-4b84-8ac6-970c6fe1ae1c
ncose.salsalabs.org/ Name: stg_traffic_source_priority
Value: 5
ncose.salsalabs.org/ Name: stg_last_interaction
Value: Tue%2C%2001%20Dec%202020%2019:09:22%20GMT
.salsalabs.org/ Name: _hjTLDTest
Value: 1
.salsalabs.org/ Name: _hjFirstSeen
Value: 1
.salsalabs.org/ Name: _gid
Value: GA1.2.272209436.1606849761
.salsalabs.org/ Name: _hjAbsoluteSessionInProgress
Value: 0
ncose.salsalabs.org/ Name: stg_returning_visitor
Value: Tue%2C%2001%20Dec%202020%2019:09:22%20GMT
.adform.net/ Name: DigiTrust.v1.identity
Value: eyJpZCI6Ilc1cFc5dTZ3OEVwSkhrVUJabStSS2xnNjJkcHIrZUFuQndnaWJuVWFORSsrd0hUNEpCMVM5QVJaNnZlYUdEYzRRb0hWVWlUekRabE5hZzNFWlN3Nmk5RWdRUU5Lb29Kb0Jqemx4ZGtGU0ZydmlxQTlUNUUwY1VibGQ1UU9pbmZtcXE5WlNuaW05cnNHTVZzb2NSYld6UGVuUjNwVlpyemcvQXZ3QjJqelJDdnpZVXFTTWNTYXNKNk9WeS9QUHNtZjdqN2NWcTlpMm0xNC9maTBmbUJSYWNlV0lDbjViZE93ZnpJNGkzTnh5YW95ZXNzN0ZwdHA1bFV1ZmFHQnZZWnJNK0pKR3psZGI3WVY4N0l0YkhjekFlRjk2anE2THpVVUhHYlpJNFJyQVFDUFQzTVNzblNHb1QwVlZITUswOHU5eFlTYURrSzVJbHlValRrcFBNaElsQT09IiwidmVyc2lvbiI6MiwicHJvZHVjZXIiOiIxQ3JzZFVOQW82IiwicHJpdmFjeSI6eyJvcHRvdXQiOmZhbHNlfSwia2V5diI6NH0%3D
.salsalabs.org/ Name: _gat_UA-37619964-10
Value: 1
.salsalabs.org/ Name: _ga
Value: GA1.2.815295327.1606849761
ncose.salsalabs.org/ Name: _hjIncludedInPageviewSample
Value: 1
.salsalabs.org/ Name: ignite_uiid
Value: 6fbed6ed-1448-4707-876e-0e03cbbf9494
.salsalabs.org/ Name: ignite_tr_url
Value: 2d7e76ac-f270-4d92-a513-d2658e00bf4c
.salsalabs.org/ Name: ignite_tr
Value: 0985de8b-a07a-4096-9d9d-9e729aeb11ba
.adform.net/ Name: CM
Value: 1|0
ncose.salsalabs.org/ Name: _pk_ses.dd7318c3-5d0a-474e-9dea-4448632927a1.583a
Value: *

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy block-all-mixed-content; default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; font-src https: data:; connect-src https:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a2.adform.net
ajax.googleapis.com
c1.adform.net
cdn.siftscience.com
code.jquery.com
connect.facebook.net
default.salsalabs.org
donate.salsalabs.org
doublethedonation.com
epiphany.masterworks.com
fonts.googleapis.com
hexagon-analytics.com
in.hotjar.com
ncose.salsalabs.org
p1.zemanta.com
s2.adform.net
script.hotjar.com
static.hotjar.com
static.wepay.com
stats.g.doubleclick.net
track.adform.net
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
13.224.194.18
13.224.194.56
13.225.80.58
130.211.164.108
185.167.164.39
2001:4de0:ac19::1:b:1b
23.96.109.67
2a00:1450:4001:803::200a
2a00:1450:4001:80b::200e
2a00:1450:4001:814::200a
2a00:1450:4001:816::200a
2a00:1450:4001:817::2008
2a00:1450:4001:824::200e
2a00:1450:400c:c0c::9a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.102.232.42
34.96.67.224
35.209.93.168
37.157.4.41
37.157.5.73
40.76.202.94
52.202.112.198
52.51.24.70
54.235.95.169
0099dae4995b9d7adf537451ace27fd456aca2ddb04fc7d590e2d3f870ae8459
0464f45b495a5aac8d0e6edd4cc000fef4d3f90187ba1a7b7faf39cf4087085f
04ed29949f5e9fb58f7374fb7dab4b666fbcc17f661bc17711cc2d54456c49f9
0a2c8bf9d6c17f7e51fad7ba9a9d3fb569884902bef13a20988d36131d90dbac
0e49c2b4e86d3fda1dda93eb1210a47712f7b091181b4e7c6da2b3e6f8e86396
1046664e470aa1ded3db426070d3dbc498a191153ffc52621638bf1e3bbafdcf
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1eb116eebdec1a3282c8d2b2e1e9da65fd55bbaea67e88af0b61059e6a0a1a68
3712c17c27414c5a3981a0c1946d831001f5ad4e45b62577c08928c37f6ec8d4
37f7fcec1eb4bf65ca0ebf48da456919cf2e078eba4a0de6e76c4cd87d0238ac
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3f4563efbc52fb808a3c641fedd030821b6eab2aea84276b4da8e52e183cf5ef
494f7d31dc8df0493ada04a2d9ee0e1b437b8277c475b53e41b0e7a7a9091fe7
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd
646ea74785c4c3db2c8f06c4b73fe17d5e306f55f68fe85c6d6e3d56ecf196be
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
713325fc37db97d0be0c672eacaa1ccbbe0e1543287b542ec3b2242f0a369f96
785da77d5701e4d1f1150d2986ebcafdd62335035759d343b1926b786be5c7f4
7921df86278b7fa9be0cbd78d9990071763ec4e9e88aaff2c3d466723090b8ae
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8af6c2b86bbe113345150fe7b25435e2e33f778bf4ac5be4b9fa0fe1103f9dcc
8d0b6ddd322b5b941b117a7a522068fc75265166d0e266d1d5ca6e26c20d631d
8da3fd9cbc356911e17bbeca13a4253fa71a897cbc29cf09cb5cd6acb7e8af2e
95d5b67a78f81f3c071b01f888c9a468c13c8288597b64c99ff829e35b51a012
97ef3c943b73babf25028b9bd47c60d3babb0d940e19a469f562fb2f01f39157
9abff422505a07f3967136e396799175d7c6221e9d19cdc024a91c27c81ec1a1
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a51459e19f7dbf82c30a0d3e7bc960a8fbb14b80675ec57c755593cf68f13e87
a5dabe8694defff7761877d38bfd931a20ff6f62ca06de76c56d94f10eb048a5
bf3312c41e1d4096bdbd390333fdc6ab72d4a3d6d7636b239ed2dea7b6f39f14
c5cdb515536b077e08611884f36fdb72997b69423624393f93aace6bd3a56878
c74c30dd26c296159e395fe78795e75a9997a0ae9f8c8a9df5bddf344209acfd
c8da6a11dbebdd2d4bbddf7c1545babd59ad8a60791afcfe460022d081d4fe2b
cc82b8ff3d6a66a4dae9cb35ad11aa20d4ba925888e88c199f464e19fb7338d0
cdbc5f393d6c73230117bc1f355de521cdcd9e5bde3b68e6cad9b39269b4c81d
dbdf14fa1d8f599d89c1b472fe8949c7a229ea42705c95b7a93f659e376b28f9
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
deb773e606605d32bdde08987d595a6c2d6a5db01b946215c5bd86e6998bf03e
df6cd98885d6e6798fc6aaf32cbf25df0e6e2328dcb5eb8705c68a641aceac21
df8add02d4ff6ae8f5a324cf55278947246dea7674c02c269004cd0258261531
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
ee00893d8172532efcc253ef2ece426bd849b425e32905abeb9dc9c560e916b0
f8bdcd91efb7159a5a3b8cd6a71c15f2bb8a1fbb11f224314ec3b86ffa1522c2
fee1271b24a80c47e019934493eb1c84d1472b21f2cbea697080fd330292b2ca