urlscan.io logo urlscan.io
SecurityTrails logo

apps.prsa.org Open in urlscan Pro
69.63.141.58  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://prsa.informz.net/z/cjUucD9taT0yMzAzODUzJnA9MSZ1PTUyMTc5Nzc5MCZsaT0yMjI2MzIxMQ/index.html
Effective URL: https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
Submission: On June 25 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 2 countries across 20 domains to perform 65 HTTP transactions. The main IP is 69.63.141.58, located in United States and belongs to EDGE-HOSTING, US. The main domain is apps.prsa.org.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on October 30th 2020. Valid for: a year.
This is the only time apps.prsa.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 34.235.92.254 14618 (AMAZON-AES)
19 69.63.141.58 22903 (EDGE-HOSTING)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 104.84.56.126 16625 (AKAMAI-AS)
1 65.9.77.126 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
1 151.101.12.157 54113 (FASTLY)
3 2a03:2880:f01... 32934 (FACEBOOK)
2 52.217.97.172 16509 (AMAZON-02)
1 2.18.235.40 16625 (AKAMAI-AS)
1 104.244.42.5 13414 (TWITTER)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2 2620:119:50e4... 14413 (LINKEDIN)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
1 108.174.10.14 14413 (LINKEDIN)
4 2a03:2880:f11... 32934 (FACEBOOK)
7 34.192.154.31 14618 (AMAZON-AES)
1 13.225.87.58 16509 (AMAZON-02)
2 2 13.248.242.197 16509 (AMAZON-02)
1 74.112.69.8 19795 (ACOUSTIC-...)
1 104.244.42.131 13414 (TWITTER)
65 21
1    34.235.92.254 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-92-254.compute-1.amazonaws.com
prsa.informz.net
19    69.63.141.58 (United States)

ASN22903 (EDGE-HOSTING, US)
PTR: prsa.us
apps.prsa.org
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
6    104.84.56.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-84-56-126.deploy.static.akamaitechnologies.com
s7.addthis.com
v1.addthisedge.com
api-public.addthis.com
1    65.9.77.126 (United States)

ASN16509 (AMAZON-02, US)
www.sc.pages01.net
1    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
9    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
3    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    52.217.97.172 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
higherlogicdownload.s3.amazonaws.com
1    2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com
z.moatads.com
1    104.244.42.5 (United States)

ASN13414 (TWITTER, US)
t.co
1    2a02:26f0:6c00:296::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
2    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    2606:4700:3037::6815:52a3 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.feathr.co
2    2620:119:50e4:101::6cae:b55 (San Jose, United States)

ASN14413 (LINKEDIN, US)
px.ads.linkedin.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.linkedin.com
1    108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com
px4.ads.linkedin.com
4    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
7    34.192.154.31 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-154-31.compute-1.amazonaws.com
polo.feathr.co
polo-v1.feathr.co
1    13.225.87.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-58.fra2.r.cloudfront.net
marco.feathr.co
2    13.248.242.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
1    74.112.69.8 (United States)

ASN19795 (ACOUSTIC-ATL-01, US)
PTR: pages01.net
www.pages01.net
1    104.244.42.131 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
Domain Requested by
19 apps.prsa.org apps.prsa.org
9 www.google-analytics.com apps.prsa.org
www.google-analytics.com
6 polo.feathr.co cdn.feathr.co
apps.prsa.org
4 www.facebook.com apps.prsa.org
3 api-public.addthis.com s7.addthis.com
3 connect.facebook.net apps.prsa.org
connect.facebook.net
2 match.adsrvr.org 2 redirects
2 px.ads.linkedin.com 2 redirects
2 www.youtube.com apps.prsa.org
www.youtube.com
2 higherlogicdownload.s3.amazonaws.com apps.prsa.org
2 s7.addthis.com apps.prsa.org
s7.addthis.com
1 analytics.twitter.com static.ads-twitter.com
1 v1.addthisedge.com s7.addthis.com
1 www.pages01.net
1 polo-v1.feathr.co apps.prsa.org
1 marco.feathr.co apps.prsa.org
1 px4.ads.linkedin.com apps.prsa.org
1 www.linkedin.com 1 redirects
1 cdn.feathr.co apps.prsa.org
1 snap.licdn.com www.googletagmanager.com
1 t.co apps.prsa.org
1 z.moatads.com s7.addthis.com
1 static.ads-twitter.com apps.prsa.org
1 www.googletagmanager.com apps.prsa.org
1 www.sc.pages01.net apps.prsa.org
1 ajax.googleapis.com apps.prsa.org
1 fonts.googleapis.com apps.prsa.org
1 prsa.informz.net 1 redirects
65 28

This site contains links to these domains. Also see Links.

Domain
www.prsa.org
connect.prsa.org
prsay.prsa.org
Subject Issuer Validity Valid
*.prsa.org
DigiCert SHA2 Secure Server CA		 2020-10-30 -
2021-11-30		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-05-31 -
2021-08-23		 3 months crt.sh
odc-addthis-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-04-25 -
2022-04-27		 a year crt.sh
*.silverpop.com
DigiCert SHA2 Secure Server CA		 2020-07-02 -
2021-07-07		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-05-31 -
2021-08-23		 3 months crt.sh
ads-twitter.com
DigiCert SHA2 High Assurance Server CA		 2020-08-14 -
2021-08-19		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-05-26 -
2021-08-24		 3 months crt.sh
*.s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2021-01-11 -
2022-02-11		 a year crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-01-21 -
2022-01-25		 a year crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2021-04-30 -
2022-05-11		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-05-24 -
2021-08-16		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-18 -
2022-06-17		 a year crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2021-04-15 -
2021-10-15		 6 months crt.sh
polo.feathr.co
R3		 2021-06-23 -
2021-09-21		 3 months crt.sh
marco.feathr.co
Amazon		 2020-08-22 -
2021-09-22		 a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh

This page contains 1 frames:

Primary Page: https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
Frame ID: 8CE1912E0E0C01B9815B59E9D44820B8
Requests: 65 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://prsa.informz.net/z/cjUucD9taT0yMzAzODUzJnA9MSZ1PTUyMTc5Nzc5MCZsaT0yMjI2MzIxMQ/index.html HTTP 307
    https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
  • script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /addthis\.com\/js\//i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • html /<!-- (?:End )?Google Tag Manager -->/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

65
Requests

100 %
HTTPS

44 %
IPv6

20
Domains

28
Subdomains

21
IPs

2
Countries

721 kB
Transfer

2320 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://prsa.informz.net/z/cjUucD9taT0yMzAzODUzJnA9MSZ1PTUyMTc5Nzc5MCZsaT0yMjI2MzIxMQ/index.html HTTP 307
    https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2020506&time=1624626531802&url=https%3A%2F%2Fapps.prsa.org%2Femailprefs%3Femail%3Ddonna.mancuso%40rwjbh.org%26_zs%3DcHK6m%26_zl%3DR46w1 HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2020506%26time%3D1624626531802%26url%3Dhttps%253A%252F%252Fapps.prsa.org%252Femailprefs%253Femail%253Ddonna.mancuso%2540rwjbh.org%2526_zs%253DcHK6m%2526_zl%253DR46w1%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2020506&time=1624626531802&url=https%3A%2F%2Fapps.prsa.org%2Femailprefs%3Femail%3Ddonna.mancuso%40rwjbh.org%26_zs%3DcHK6m%26_zl%3DR46w1&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2020506&time=1624626531802&url=https%3A%2F%2Fapps.prsa.org%2Femailprefs%3Femail%3Ddonna.mancuso%40rwjbh.org%26_zs%3DcHK6m%26_zl%3DR46w1&liSync=true&e_ipv6=AQIp225oOnP4ygAAAXpDSY9j-ucwMN_N8SXITBFvtQckFlCeeaj9y8n1DFhAtJW6-SKUpRLr
Request Chain 49
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=6fgi4r1&ttd_tpi=1&ttd_puid=60d5d5644df6990007db3591&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=6fgi4r1&ttd_tpi=1&ttd_puid=60d5d5644df6990007db3591&gdpr=0 HTTP 302
  • https://polo-v1.feathr.co/v1/analytics/match?f_id=60d5d5644df6990007db3591&ttd_id=7dcd5948-361f-4ed4-b5be-f891838aca3d

65 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set emailprefs
apps.prsa.org/
Redirect Chain
  • http://prsa.informz.net/z/cjUucD9taT0yMzAzODUzJnA9MSZ1PTUyMTc5Nzc5MCZsaT0yMjI2MzIxMQ/index.html
  • https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
19 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.63.141.58 , United States, ASN22903 (EDGE-HOSTING, US),
Reverse DNS
prsa.us
Software
Microsoft-IIS/7.5 /
Resource Hash
bbd6d0885f3e53adfdf2144db93372d010798258d360bf57173feb100572c579

Request headers

Host
apps.prsa.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/7.5
Set-Cookie
CFID=144562791;expires=Sun, 18-Jun-2051 13:08:53 GMT;path=/ CFTOKEN=f26fbb91f1eb298c-A0C94738-D4AE-529C-AC1CD7262163006F;expires=Sun, 18-Jun-2051 13:08:53 GMT;path=/ JSESSIONID=6430495287054599ac126738401743684581;path=/
Date
Fri, 25 Jun 2021 13:08:53 GMT

Redirect headers

Date
Fri, 25 Jun 2021 13:08:47 GMT
Content-Type
text/html
Content-Length
0
Connection
keep-alive
Set-Cookie
AWSALBTG=qBxPfBJ2+or6quCL3Dq16C+DRkIuEEn2GXbWPITz0sSQqj/aF6eHFOvQoHf0lWai4NLyznFK2349WS7S3mbnRFjcJTm5i3AzjW8sFe2Ls5HYhHpHkoO6zvCdCZ75FMSOKiRiB3qJp1xsY/kF1nYMZSs2fsZbMKIf2cSrAgsAfSeEGak+TwY=; Expires=Fri, 02 Jul 2021 13:08:47 GMT; Path=/ AWSALBTGCORS=qBxPfBJ2+or6quCL3Dq16C+DRkIuEEn2GXbWPITz0sSQqj/aF6eHFOvQoHf0lWai4NLyznFK2349WS7S3mbnRFjcJTm5i3AzjW8sFe2Ls5HYhHpHkoO6zvCdCZ75FMSOKiRiB3qJp1xsY/kF1nYMZSs2fsZbMKIf2cSrAgsAfSeEGak+TwY=; Expires=Fri, 02 Jul 2021 13:08:47 GMT; Path=/; SameSite=None
Cache-Control
private
Location
https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
Server
Microsoft-IIS/10.0
Strict-Transport-Security
max-age=86400
6024CB34050BEBE44BD2E94826045673.css
apps.prsa.org/se/styles/out/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://apps.prsa.org/se/styles/out/6024CB34050BEBE44BD2E94826045673.css
Requested by
Host: apps.prsa.org
URL: https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.63.141.58 , United States, ASN22903 (EDGE-HOSTING, US),
Reverse DNS
prsa.us
Software
Microsoft-IIS/7.5 /
Resource Hash
2bcfc75a5ef1a65c2e66f747a20a815bbed9dcadac32c4d1abcb89e338db5155

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
apps.prsa.org
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
Cookie
CFID=144562791; CFTOKEN=f26fbb91f1eb298c-A0C94738-D4AE-529C-AC1CD7262163006F; JSESSIONID=6430495287054599ac126738401743684581
Connection
keep-alive
Referer
https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 25 Jun 2021 13:08:53 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Feb 2019 22:09:32 GMT
Server
Microsoft-IIS/7.5
ETag
"03658cd31bfd41:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
955
setracker.cfm
apps.prsa.org/se/util/ 		0
368 B 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.prsa.org/se/util/setracker.cfm
Requested by
Host: apps.prsa.org
URL: https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.63.141.58 , United States, ASN22903 (EDGE-HOSTING, US),
Reverse DNS
prsa.us
Software
Microsoft-IIS/7.5 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
apps.prsa.org
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
Cookie
CFID=144562791; CFTOKEN=f26fbb91f1eb298c-A0C94738-D4AE-529C-AC1CD7262163006F; JSESSIONID=6430495287054599ac126738401743684581
Connection
keep-alive
Referer
https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 25 Jun 2021 13:08:53 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Expires
Fri, 25 Jun 2021 13:08:53 GMT
Server
Microsoft-IIS/7.5
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
css
fonts.googleapis.com/ 		1 KB
504 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=News+Cycle:400,700
Requested by
Host: apps.prsa.org
URL: https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8d4a663d2c10e527e673ea3bbb7d98bb11a6bc1beacdeb23bffb27760c0ef67f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://apps.prsa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 25 Jun 2021 12:09:05 GMT
server
ESF
date
Fri, 25 Jun 2021 13:08:50 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 25 Jun 2021 13:08:50 GMT
bootstrap.min.css
apps.prsa.org/bin/l/n/ 		99 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://apps.prsa.org/bin/l/n/bootstrap.min.css?rev=20170428
Requested by
Host: apps.prsa.org
URL: https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.63.141.58 , United States, ASN22903 (EDGE-HOSTING, US),
Reverse DNS
prsa.us
Software
Microsoft-IIS/7.5 /
Resource Hash
6cfefb5ef85ce70f755732378d66b175fa5142fd49c794cea501423b5bf3fe0c

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
apps.prsa.org
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
Cookie
CFID=144562791; CFTOKEN=f26fbb91f1eb298c-A0C94738-D4AE-529C-AC1CD7262163006F; JSESSIONID=6430495287054599ac126738401743684581
Connection
keep-alive
Referer
https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 25 Jun 2021 13:08:53 GMT
Content-Encoding
gzip
Last-Modified
Wed, 16 May 2018 18:43:35 GMT
Server
Microsoft-IIS/7.5
ETag
"8065b4cb45edd31:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
16300
Desktop_bundle.min.css
apps.prsa.org/bin/h/e/ 		212 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://apps.prsa.org/bin/h/e/Desktop_bundle.min.css?rev=20170428
Requested by
Host: apps.prsa.org
URL: https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.63.141.58 , United States, ASN22903 (EDGE-HOSTING, US),
Reverse DNS
prsa.us
Software
Microsoft-IIS/7.5 /
Resource Hash
0018ed0988aacba661baf20fa6bf4a8d72c142425d5c0f11487b26367597d4d4

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
apps.prsa.org
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
Cookie
CFID=144562791; CFTOKEN=f26fbb91f1eb298c-A0C94738-D4AE-529C-AC1CD7262163006F; JSESSIONID=6430495287054599ac126738401743684581
Connection
keep-alive
Referer
https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 25 Jun 2021 13:08:53 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Mar 2017 22:01:17 GMT
Server
Microsoft-IIS/7.5
ETag
"8074af7fc5a1d21:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
40821
starter-template.css
apps.prsa.org/bin/h/x/ 		52 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://apps.prsa.org/bin/h/x/starter-template.css?rev=20190207
Requested by
Host: apps.prsa.org
URL: https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.63.141.58 , United States, ASN22903 (EDGE-HOSTING, US),
Reverse DNS
prsa.us
Software
Microsoft-IIS/7.5 /
Resource Hash
8ed57274de20ad4df2be30d63d229447ee9ea37a23a7b35173abf67b2bd7cfe8

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
apps.prsa.org
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
Cookie
CFID=144562791; CFTOKEN=f26fbb91f1eb298c-A0C94738-D4AE-529C-AC1CD7262163006F; JSESSIONID=6430495287054599ac126738401743684581
Connection
keep-alive
Referer
https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 25 Jun 2021 13:08:53 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Feb 2019 22:12:42 GMT
Server
Microsoft-IIS/7.5
ETag
"0e9973e32bfd41:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
10071
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Requested by
Host: apps.prsa.org
URL: https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://apps.prsa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 11:02:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7596
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33507
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Jun 2022 11:02:14 GMT
scripts.js
apps.prsa.org/bin/b/b/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.prsa.org/bin/b/b/scripts.js
Requested by
Host: apps.prsa.org
URL: https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.63.141.58 , United States, ASN22903 (EDGE-HOSTING, US),
Reverse DNS
prsa.us
Software
Microsoft-IIS/7.5 /
Resource Hash
4723beaf55ee715e5b553abd325723d4b0e1a1f752ad630c4070994bbf85f75b

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
apps.prsa.org
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
Cookie
CFID=144562791; CFTOKEN=f26fbb91f1eb298c-A0C94738-D4AE-529C-AC1CD7262163006F; JSESSIONID=6430495287054599ac126738401743684581
Connection
keep-alive
Referer
https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 25 Jun 2021 13:08:53 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Jan 2014 15:25:48 GMT
Server
Microsoft-IIS/7.5
ETag
"1fc86993f3acf1:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
1061
jquery.tipTip.minified.js
apps.prsa.org/custom/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.prsa.org/custom/js/jquery.tipTip.minified.js
Requested by
Host: apps.prsa.org
URL: https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.63.141.58 , United States, ASN22903 (EDGE-HOSTING, US),
Reverse DNS
prsa.us
Software
Microsoft-IIS/7.5 /
Resource Hash
1b8204b85fd6b9ea88a98dadb3bef2c9a7169e7f14584ca1a5e8044034d92086

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
apps.prsa.org
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
Cookie
CFID=144562791; CFTOKEN=f26fbb91f1eb298c-A0C94738-D4AE-529C-AC1CD7262163006F; JSESSIONID=6430495287054599ac126738401743684581
Connection
keep-alive
Referer
https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 25 Jun 2021 13:08:53 GMT
Content-Encoding
gzip
Last-Modified
Mon, 29 Nov 2010 23:19:25 GMT
Server
Microsoft-IIS/7.5
ETag
"803c9ddc1b90cb1:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
1709
bootstrap.min.js
apps.prsa.org/bin/h/d/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.prsa.org/bin/h/d/bootstrap.min.js
Requested by
Host: apps.prsa.org
URL: https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.63.141.58 , United States, ASN22903 (EDGE-HOSTING, US),
Reverse DNS
prsa.us
Software
Microsoft-IIS/7.5 /
Resource Hash
c68dfce4b0efe6e13442dafd54cd36e26f6a5b2e8025cac6078d32464cacf360

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
apps.prsa.org
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
Cookie
CFID=144562791; CFTOKEN=f26fbb91f1eb298c-A0C94738-D4AE-529C-AC1CD7262163006F; JSESSIONID=6430495287054599ac126738401743684581
Connection
keep-alive
Referer
https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 25 Jun 2021 13:08:53 GMT
Content-Encoding
gzip
Last-Modified
Sun, 12 Jul 2015 21:55:41 GMT
Server
Microsoft-IIS/7.5
ETag
"802c8a7eedbcd01:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
9604
emailPrefs.css
apps.prsa.org/custom/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://apps.prsa.org/custom/css/emailPrefs.css
Requested by
Host: apps.prsa.org
URL: https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.63.141.58 , United States, ASN22903 (EDGE-HOSTING, US),
Reverse DNS
prsa.us
Software
Microsoft-IIS/7.5 /
Resource Hash
cff1d25da28e595332e3cea8468dd12e490201ee630729b8022476e440f4bf2c

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
apps.prsa.org
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
Cookie
CFID=144562791; CFTOKEN=f26fbb91f1eb298c-A0C94738-D4AE-529C-AC1CD7262163006F; JSESSIONID=6430495287054599ac126738401743684581
Connection
keep-alive
Referer
https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 25 Jun 2021 13:08:53 GMT
Content-Encoding
gzip
Last-Modified
Sat, 29 Apr 2017 17:44:41 GMT
Server
Microsoft-IIS/7.5
ETag
"804a7a4710c1d21:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
952
emailPrefs.js
apps.prsa.org/custom/myprsa/js/ 		6 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.prsa.org/custom/myprsa/js/emailPrefs.js
Requested by
Host: apps.prsa.org
URL: https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.63.141.58 , United States, ASN22903 (EDGE-HOSTING, US),
Reverse DNS
prsa.us
Software
Microsoft-IIS/7.5 /
Resource Hash
a9b5d56e1956bce863c422a0effd79fac23f88a1d6e9c6764e6459ca4e52d183

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
apps.prsa.org
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
Cookie
CFID=144562791; CFTOKEN=f26fbb91f1eb298c-A0C94738-D4AE-529C-AC1CD7262163006F; JSESSIONID=6430495287054599ac126738401743684581
Connection
keep-alive
Referer
https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 25 Jun 2021 13:08:53 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Jan 2018 22:03:10 GMT
Server
Microsoft-IIS/7.5
ETag
"0e39d20a890d31:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
1183
colorbox.css
apps.prsa.org/custom/myprsa/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://apps.prsa.org/custom/myprsa/css/colorbox.css
Requested by
Host: apps.prsa.org
URL: https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.63.141.58 , United States, ASN22903 (EDGE-HOSTING, US),
Reverse DNS
prsa.us
Software
Microsoft-IIS/7.5 /
Resource Hash
cffff69fa3b3adc33fc6032629a3e54cece2c8528ba136c0d858e2455bfb10a3

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
apps.prsa.org
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
Cookie
CFID=144562791; CFTOKEN=f26fbb91f1eb298c-A0C94738-D4AE-529C-AC1CD7262163006F; JSESSIONID=6430495287054599ac126738401743684581
Connection
keep-alive
Referer
https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 25 Jun 2021 13:08:53 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Dec 2013 10:07:07 GMT
Server
Microsoft-IIS/7.5
ETag
"80574ee5465cf1:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
1422
jquery.colorbox.js
apps.prsa.org/custom/myprsa/js/ 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.prsa.org/custom/myprsa/js/jquery.colorbox.js
Requested by
Host: apps.prsa.org
URL: https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.63.141.58 , United States, ASN22903 (EDGE-HOSTING, US),
Reverse DNS
prsa.us
Software
Microsoft-IIS/7.5 /
Resource Hash
c5a310590b84ddb8c45b12b32267c95961a7fc4f7bbd13828113d00abfdd24b4

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
apps.prsa.org
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
Cookie
CFID=144562791; CFTOKEN=f26fbb91f1eb298c-A0C94738-D4AE-529C-AC1CD7262163006F; JSESSIONID=6430495287054599ac126738401743684581
Connection
keep-alive
Referer
https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 25 Jun 2021 13:08:53 GMT
Content-Encoding
gzip
Last-Modified
Fri, 30 Mar 2018 18:04:42 GMT
Server
Microsoft-IIS/7.5
ETag
"099b69351c8d31:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
8848
controlPanelColorbox.js
apps.prsa.org/custom/myprsa/js/ 		4 KB
807 B 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.prsa.org/custom/myprsa/js/controlPanelColorbox.js
Requested by
Host: apps.prsa.org
URL: https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.63.141.58 , United States, ASN22903 (EDGE-HOSTING, US),
Reverse DNS
prsa.us
Software
Microsoft-IIS/7.5 /
Resource Hash
5bc9e2edceb277f5713a54bba3944255721dbe29940e9aa5bf51385506078d35

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
apps.prsa.org
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
Cookie
CFID=144562791; CFTOKEN=f26fbb91f1eb298c-A0C94738-D4AE-529C-AC1CD7262163006F; JSESSIONID=6430495287054599ac126738401743684581
Connection
keep-alive
Referer
https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 25 Jun 2021 13:08:53 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Dec 2013 10:07:11 GMT
Server
Microsoft-IIS/7.5
ETag
"80b1b0e7465cf1:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
522
addthis_widget.js
s7.addthis.com/js/300/ 		353 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: apps.prsa.org
URL: https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.84.56.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-84-56-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://apps.prsa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
"5f971164-5834c"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
cache-control
public, max-age=600
date
Fri, 25 Jun 2021 13:08:51 GMT
x-host
s7.addthis.com
content-length
116325
iMAWebCookie.js
www.sc.pages01.net/lp/static/js/ 		14 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sc.pages01.net/lp/static/js/iMAWebCookie.js?2936da90-135109721d1-ce240116a00f91fcaa71fbe5df141a8a&h=www.pages01.net
Requested by
Host: apps.prsa.org
URL: https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
27a1e80167055f562f0ddda38620ec1f5a354c5ab795c75da16874f4095520f3

Request headers

Referer
https://apps.prsa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 13:08:51 GMT
via
1.1 bf5caee39117de5337c47c748b716e80.cloudfront.net (CloudFront)
last-modified
Thu, 24 Jun 2021 14:44:06 GMT
server
Apache
x-amz-cf-pop
AMS1-C1
etag
"3772-5c5840e1f6f88"
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
14194
x-amz-cf-id
tsbc6x6AqPltutGVtXkv3VqDu5K1CPVoI5vN0lWKdsrcAlWTYRxvOg==
myPRSA-account-rev.png
apps.prsa.org/bin/h/k/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apps.prsa.org/bin/h/k/myPRSA-account-rev.png
Requested by
Host: apps.prsa.org
URL: https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.63.141.58 , United States, ASN22903 (EDGE-HOSTING, US),
Reverse DNS
prsa.us
Software
Microsoft-IIS/7.5 /
Resource Hash
5fa1a1f46ecb4d02eb5c6a7acf80142ca3df9d541394d4f7398aa483690c3553

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
apps.prsa.org
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
Cookie
CFID=144562791; CFTOKEN=f26fbb91f1eb298c-A0C94738-D4AE-529C-AC1CD7262163006F; JSESSIONID=6430495287054599ac126738401743684581
Connection
keep-alive
Referer
https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 25 Jun 2021 13:08:53 GMT
Last-Modified
Wed, 26 Jul 2017 17:13:07 GMT
Server
Microsoft-IIS/7.5
Accept-Ranges
bytes
ETag
"10815c73326d31:0"
Content-Length
17409
Content-Type
image/png
gtm.js
www.googletagmanager.com/ 		153 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P84TQBK
Requested by
Host: apps.prsa.org
URL: https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
76cc8cf9b82b6ea14e3252e59b5d216884bd43bf929c04dff5184f60f3fd82be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://apps.prsa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 13:08:51 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54227
x-xss-protection
0
last-modified
Fri, 25 Jun 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 25 Jun 2021 13:08:51 GMT
expand_arrow_up_blue.png
apps.prsa.org/custom/events/icons/ 		344 B
567 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apps.prsa.org/custom/events/icons/expand_arrow_up_blue.png
Requested by
Host: apps.prsa.org
URL: https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.63.141.58 , United States, ASN22903 (EDGE-HOSTING, US),
Reverse DNS
prsa.us
Software
Microsoft-IIS/7.5 /
Resource Hash
f4b49a600ae0dbb4bd6c4b8ef41b9e11135500ada3a8c6e0c79726efc2fe926a

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
apps.prsa.org
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
Cookie
CFID=144562791; CFTOKEN=f26fbb91f1eb298c-A0C94738-D4AE-529C-AC1CD7262163006F; JSESSIONID=6430495287054599ac126738401743684581
Connection
keep-alive
Referer
https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 25 Jun 2021 13:08:54 GMT
Last-Modified
Mon, 30 Dec 2013 10:06:38 GMT
Server
Microsoft-IIS/7.5
Accept-Ranges
bytes
ETag
"84ee55d4465cf1:0"
Content-Length
344
Content-Type
image/png
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: apps.prsa.org
URL: https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://apps.prsa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Jun 2021 17:36:57 GMT
server
Golfe2
age
5826
date
Fri, 25 Jun 2021 11:31:45 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19661
expires
Fri, 25 Jun 2021 13:31:45 GMT
uwt.js
static.ads-twitter.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: apps.prsa.org
URL: https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ce8edccdc98a1f67c6d81ce452ac32192a9fc0c7a2828ea2dc6747c291cb5919

Request headers

Referer
https://apps.prsa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 13:08:51 GMT
via
1.1 varnish
last-modified
Mon, 21 Jun 2021 21:05:34 GMT
age
47350
etag
"cf581d46c3059bf617cb7f732c21a59e+gzip"
vary
Accept-Encoding,Host
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding
gzip
cache-control
no-cache
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
1958
x-timer
S1624626532.690266,VS0,VE0
x-served-by
cache-fra19126-FRA
fbevents.js
connect.facebook.net/en_US/ 		94 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: apps.prsa.org
URL: https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
79fcef7a0549ef72c11fc65e27b2e6bb1194eab7d9717980091bc577cfb9b73f
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://apps.prsa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
24631
x-xss-protection
0
pragma
public
x-fb-debug
edWSMTVkUJdGz3Q77bzNC8U230QXtzG2jNZR0OMgOrMZUAgRf/6F/Rh/OjoYOPVwarPWr89aS9zzjL+N6szIXw==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Fri, 25 Jun 2021 13:08:51 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
PRSA_bar_new_2016.png
higherlogicdownload.s3.amazonaws.com/PRSA/d6566057-3626-4b7b-8a44-815944386ec7/UploadedImages/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://higherlogicdownload.s3.amazonaws.com/PRSA/d6566057-3626-4b7b-8a44-815944386ec7/UploadedImages/PRSA_bar_new_2016.png
Requested by
Host: apps.prsa.org
URL: https://apps.prsa.org/bin/h/x/starter-template.css?rev=20190207
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.97.172 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
2a23abfd83672eb1f5a8399bfdb0af7c5c5bab911aa426596c59fe2fdb1e82b3

Request headers

Referer
https://apps.prsa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 25 Jun 2021 13:08:52 GMT
Last-Modified
Mon, 07 Mar 2016 21:41:11 GMT
Server
AmazonS3
x-amz-request-id
NEFXNK6EBPBYH4FX
ETag
"da52c39b79641b8aaada771a267fe552"
Content-Type
image/png
x-amz-version-id
null
Accept-Ranges
bytes
Content-Length
16869
x-amz-id-2
/Cc/s52XjiiR689czURLr8zpxMrkBQs4VIT9yV1abr8q6kYw+jeiafHhtCVjMQ/2PqTqA1xeOCE=
bar_connect.png
higherlogicdownload.s3.amazonaws.com/PRSA/d6566057-3626-4b7b-8a44-815944386ec7/UploadedImages/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://higherlogicdownload.s3.amazonaws.com/PRSA/d6566057-3626-4b7b-8a44-815944386ec7/UploadedImages/bar_connect.png
Requested by
Host: apps.prsa.org
URL: https://apps.prsa.org/bin/h/x/starter-template.css?rev=20190207
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.97.172 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
66fd947bb50242f1eef10983445f1b5a2a8ea044ed6fc8bd0c956aa3affb910b

Request headers

Referer
https://apps.prsa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 25 Jun 2021 13:08:52 GMT
Last-Modified
Mon, 07 Mar 2016 21:50:38 GMT
Server
AmazonS3
x-amz-request-id
NEFY2ZJNA02Y287Z
ETag
"3ca5abcd1eaf11670173dea35fbc2478"
Content-Type
image/png
x-amz-version-id
null
Accept-Ranges
bytes
Content-Length
1179
x-amz-id-2
9OyciFiIdLlxk+5wAepVkKPFVDtFon2hQZSmEu8WlM2kdPEpl3EHLRQsPKtdK3vclaW0OwqhyYA=
check-on_sm.png
apps.prsa.org/custom/images/myprsa/emailPrefs/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apps.prsa.org/custom/images/myprsa/emailPrefs/check-on_sm.png
Requested by
Host: apps.prsa.org
URL: https://apps.prsa.org/custom/css/emailPrefs.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.63.141.58 , United States, ASN22903 (EDGE-HOSTING, US),
Reverse DNS
prsa.us
Software
Microsoft-IIS/7.5 /
Resource Hash
d680693b801550950dbdde72fd9e45a883ad7ac718e298e7ddd4a96415632ead

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
apps.prsa.org
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://apps.prsa.org/custom/css/emailPrefs.css
Cookie
CFID=144562791; CFTOKEN=f26fbb91f1eb298c-A0C94738-D4AE-529C-AC1CD7262163006F; JSESSIONID=6430495287054599ac126738401743684581
Connection
keep-alive
Referer
https://apps.prsa.org/custom/css/emailPrefs.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 25 Jun 2021 13:08:54 GMT
Last-Modified
Mon, 30 Dec 2013 10:06:56 GMT
Server
Microsoft-IIS/7.5
Accept-Ranges
bytes
ETag
"25b839df465cf1:0"
Content-Length
3408
Content-Type
image/png
check-on.png
apps.prsa.org/custom/images/myprsa/emailPrefs/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apps.prsa.org/custom/images/myprsa/emailPrefs/check-on.png
Requested by
Host: apps.prsa.org
URL: https://apps.prsa.org/custom/css/emailPrefs.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.63.141.58 , United States, ASN22903 (EDGE-HOSTING, US),
Reverse DNS
prsa.us
Software
Microsoft-IIS/7.5 /
Resource Hash
8026f939e35bbcebb67e79393b303f3e2e5d80bfc4a459d7546000d159d3806b

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
apps.prsa.org
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://apps.prsa.org/custom/css/emailPrefs.css
Cookie
CFID=144562791; CFTOKEN=f26fbb91f1eb298c-A0C94738-D4AE-529C-AC1CD7262163006F; JSESSIONID=6430495287054599ac126738401743684581
Connection
keep-alive
Referer
https://apps.prsa.org/custom/css/emailPrefs.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 25 Jun 2021 13:08:54 GMT
Last-Modified
Mon, 30 Dec 2013 10:06:56 GMT
Server
Microsoft-IIS/7.5
Accept-Ranges
bytes
ETag
"92133ddf465cf1:0"
Content-Length
1119
Content-Type
image/png
check-off.png
apps.prsa.org/custom/images/myprsa/emailPrefs/ 		785 B
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apps.prsa.org/custom/images/myprsa/emailPrefs/check-off.png
Requested by
Host: apps.prsa.org
URL: https://apps.prsa.org/custom/css/emailPrefs.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.63.141.58 , United States, ASN22903 (EDGE-HOSTING, US),
Reverse DNS
prsa.us
Software
Microsoft-IIS/7.5 /
Resource Hash
7891e3765162936ceece7c6a919117e95a472eec9743d58696562f11c6e4c7e9

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
apps.prsa.org
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://apps.prsa.org/custom/css/emailPrefs.css
Cookie
CFID=144562791; CFTOKEN=f26fbb91f1eb298c-A0C94738-D4AE-529C-AC1CD7262163006F; JSESSIONID=6430495287054599ac126738401743684581
Connection
keep-alive
Referer
https://apps.prsa.org/custom/css/emailPrefs.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 25 Jun 2021 13:08:54 GMT
Last-Modified
Mon, 30 Dec 2013 10:06:56 GMT
Server
Microsoft-IIS/7.5
Accept-Ranges
bytes
ETag
"92133ddf465cf1:0"
Content-Length
785
Content-Type
image/png
moatframe.js
z.moatads.com/addthismoatframe568911941483/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer
https://apps.prsa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 13:08:51 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
D5503D14AA2F06AA
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=48497
accept-ranges
bytes
content-length
948
x-amz-id-2
JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
882 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://apps.prsa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 12:37:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
1908
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
expires
Fri, 25 Jun 2021 13:37:03 GMT
2319954318248384
connect.facebook.net/signals/config/ 		260 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2319954318248384?v=2.9.42&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ff0ca6d0858d00480e8fb747eb89abe96abd3b7852fe1e24e3f0910d27cf4235
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://apps.prsa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
mGYLYYkv1Z8vSJhOIoF1WiNqR2o8shdng15RHcHkt7sJUTCw88BLP9zhdZHh+JrAaema4ljVvAboYtHkDz41ug==
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 25 Jun 2021 13:08:51 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
adsct
t.co/i/ 		43 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=2.0.0&p_id=Twitter&p_user_id=0&txn_id=nysmt&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fapps.prsa.org%2Femailprefs%3Femail%3Ddonna%252Emancuso%2540rwjbh%252Eorg%26_zs%3DcHK6m%26_zl%3DR46w1
Requested by
Host: apps.prsa.org
URL: https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://apps.prsa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 13:08:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
pragma
no-cache
last-modified
Fri, 25 Jun 2021 13:08:51 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
92dfa84c78b146ab2d899932d850f32e195463c0e434e6dd893e0b934a212781
x-transaction
6157ac01fb4bb830
expires
Tue, 31 Mar 1981 05:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j91&a=800671745&t=pageview&_s=1&dl=https%3A%2F%2Fapps.prsa.org%2Femailprefs%3Femail%3Ddonna%252Emancuso%2540rwjbh%252Eorg%26_zs%3DcHK6m%26_zl%3DR46w1&ul=en-us&de=UTF-8&dt=PRSA%20Email%20Preferences&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEAjAAAAAC~&jid=980917669&gjid=698920859&cid=269445115.1624626532&tid=UA-11397202-1&_gid=1059509410.1624626532&_r=1&_slc=1&cd1=Not-Logged-In&z=1380456456
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://apps.prsa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 13:08:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://apps.prsa.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j91&a=800671745&t=pageview&_s=1&dl=https%3A%2F%2Fapps.prsa.org%2Femailprefs%3Femail%3Ddonna%252Emancuso%2540rwjbh%252Eorg%26_zs%3DcHK6m%26_zl%3DR46w1&ul=en-us&de=UTF-8&dt=PRSA%20Email%20Preferences&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEAjAAAAAC~&jid=2045603436&gjid=179600983&cid=269445115.1624626532&tid=UA-11397202-1&_gid=1059509410.1624626532&_r=1&gtm=2wg6n0P84TQBK&z=1733441578
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://apps.prsa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 13:08:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://apps.prsa.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P84TQBK
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:296::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6e6e6a03e72a528c28884b50bf296425667f38dd0aaf1dd17ce89199ffc85271

Request headers

Referer
https://apps.prsa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 25 Jun 2021 13:08:51 GMT
Content-Encoding
gzip
Last-Modified
Tue, 15 Jun 2021 01:25:13 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=36185
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2079
iframe_api
www.youtube.com/ 		980 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: apps.prsa.org
URL: https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c979e1a7ccd5dfb380d99b6190410a869f2341fd916d1cf78b72c48a227c34d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://apps.prsa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 13:08:51 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cache-control
private, max-age=0
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
content-type
text/javascript; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Fri, 25 Jun 2021 13:08:51 GMT
boomerang.min.js
cdn.feathr.co/js/ 		123 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.feathr.co/js/boomerang.min.js
Requested by
Host: apps.prsa.org
URL: https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:52a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
573e4b2c9d879317024389d456f1eb90a5002b241981e5c664da4ff017371ede

Request headers

Referer
https://apps.prsa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 13:08:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2848
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id
BD7C0V92T4Z6RSCR
x-amz-id-2
Qf0yi+sFakkjGgHvRWloxJSn4w3MSqiyKVHa1zRHS+jDBPW8QRPejAFu6cbjMjKU6NRXWqx/fzA=
last-modified
Mon, 07 Jun 2021 19:00:21 GMT
server
cloudflare
etag
W/"b1dfd34ec36f736444681c0699d3a393"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=G7HM%2BtnzXVfvLNe%2B5KBSeLWP4JnoGBN2Q7UE4I9LI5oyHSjpMF5%2FHwWcdV0V01mqza0xQ%2BOqeZ7vWDw6kCpWQue1BtMzOdj3SlU6Sbab%2B3plQSinlr%2F3yVlDiuBAYD3ZtOazog46fA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-request-id
0ae4e2a5e100004e97442d7000000001
cf-ray
664e6d4fcc774e97-FRA
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j91&a=800671745&t=event&ni=1&_s=1&dl=https%3A%2F%2Fapps.prsa.org%2Femailprefs%3Femail%3Ddonna%252Emancuso%2540rwjbh%252Eorg%26_zs%3DcHK6m%26_zl%3DR46w1&ul=en-us&de=UTF-8&dt=PRSA%20Email%20Preferences&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=121&el=10%25&_u=aGDAAEAjAAAAAC~&jid=&gjid=&cid=269445115.1624626532&tid=UA-11397202-1&_gid=1059509410.1624626532&gtm=2wg6n0P84TQBK&z=796896874
Requested by
Host: apps.prsa.org
URL: https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://apps.prsa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Jun 2021 21:16:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
57152
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j91&a=800671745&t=event&ni=1&_s=1&dl=https%3A%2F%2Fapps.prsa.org%2Femailprefs%3Femail%3Ddonna%252Emancuso%2540rwjbh%252Eorg%26_zs%3DcHK6m%26_zl%3DR46w1&ul=en-us&de=UTF-8&dt=PRSA%20Email%20Preferences&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=304&el=25%25&_u=aGDAAEAjAAAAAC~&jid=&gjid=&cid=269445115.1624626532&tid=UA-11397202-1&_gid=1059509410.1624626532&gtm=2wg6n0P84TQBK&z=1959452108
Requested by
Host: apps.prsa.org
URL: https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://apps.prsa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Jun 2021 21:16:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
57152
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j91&a=800671745&t=event&ni=1&_s=1&dl=https%3A%2F%2Fapps.prsa.org%2Femailprefs%3Femail%3Ddonna%252Emancuso%2540rwjbh%252Eorg%26_zs%3DcHK6m%26_zl%3DR46w1&ul=en-us&de=UTF-8&dt=PRSA%20Email%20Preferences&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=609&el=50%25&_u=aGDAAEAjAAAAAC~&jid=&gjid=&cid=269445115.1624626532&tid=UA-11397202-1&_gid=1059509410.1624626532&gtm=2wg6n0P84TQBK&z=723845113
Requested by
Host: apps.prsa.org
URL: https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://apps.prsa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Jun 2021 21:16:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
57152
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j91&a=800671745&t=event&ni=1&_s=1&dl=https%3A%2F%2Fapps.prsa.org%2Femailprefs%3Femail%3Ddonna%252Emancuso%2540rwjbh%252Eorg%26_zs%3DcHK6m%26_zl%3DR46w1&ul=en-us&de=UTF-8&dt=PRSA%20Email%20Preferences&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=913&el=75%25&_u=aGDAAEAjAAAAAC~&jid=&gjid=&cid=269445115.1624626532&tid=UA-11397202-1&_gid=1059509410.1624626532&gtm=2wg6n0P84TQBK&z=638185299
Requested by
Host: apps.prsa.org
URL: https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://apps.prsa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Jun 2021 21:16:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
57152
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j91&a=800671745&t=event&ni=1&_s=1&dl=https%3A%2F%2Fapps.prsa.org%2Femailprefs%3Femail%3Ddonna%252Emancuso%2540rwjbh%252Eorg%26_zs%3DcHK6m%26_zl%3DR46w1&ul=en-us&de=UTF-8&dt=PRSA%20Email%20Preferences&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=1096&el=90%25&_u=aGDAAEAjAAAAAC~&jid=&gjid=&cid=269445115.1624626532&tid=UA-11397202-1&_gid=1059509410.1624626532&gtm=2wg6n0P84TQBK&z=486010075
Requested by
Host: apps.prsa.org
URL: https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://apps.prsa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Jun 2021 21:16:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
57152
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2020506&time=1624626531802&url=https%3A%2F%2Fapps.prsa.org%2Femailprefs%3Femail%3Ddonna.mancuso%40rwjbh.org%26_zs%3DcHK6m%26_zl%3DR46w1
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2020506%26time%3D1624626531802%26url%3Dhttps%253A%252F%252Fapps.prsa.org%252Femai...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2020506&time=1624626531802&url=https%3A%2F%2Fapps.prsa.org%2Femailprefs%3Femail%3Ddonna.mancuso%40rwjbh.org%26_zs%3DcHK6m%26_zl%3DR46w1&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2020506&time=1624626531802&url=https%3A%2F%2Fapps.prsa.org%2Femailprefs%3Femail%3Ddonna.mancuso%40rwjbh.org%26_zs%3DcHK6m%26_zl%3DR46w1&liSync=tr...
0
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2020506&time=1624626531802&url=https%3A%2F%2Fapps.prsa.org%2Femailprefs%3Femail%3Ddonna.mancuso%40rwjbh.org%26_zs%3DcHK6m%26_zl%3DR46w1&liSync=true&e_ipv6=AQIp225oOnP4ygAAAXpDSY9j-ucwMN_N8SXITBFvtQckFlCeeaj9y8n1DFhAtJW6-SKUpRLr
Requested by
Host: apps.prsa.org
URL: https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
108-174-10-14.fwd.linkedin.com
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://apps.prsa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 13:08:52 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lva1
x-li-proto
http/2
x-li-pop
prod-edc2
content-type
application/javascript
content-length
0
x-li-uuid
3abiNTnVixbAUMXSSisAAA==

Redirect headers

date
Fri, 25 Jun 2021 13:08:52 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lva1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2020506&time=1624626531802&url=https%3A%2F%2Fapps.prsa.org%2Femailprefs%3Femail%3Ddonna.mancuso%40rwjbh.org%26_zs%3DcHK6m%26_zl%3DR46w1&liSync=true&e_ipv6=AQIp225oOnP4ygAAAXpDSY9j-ucwMN_N8SXITBFvtQckFlCeeaj9y8n1DFhAtJW6-SKUpRLr
x-li-proto
http/2
x-li-pop
prod-edc2
content-length
0
x-li-uuid
h8tHLznVixbQQ89OOSsAAA==
www-widgetapi.js
www.youtube.com/s/player/11aba956/www-widgetapi.vflset/ 		125 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/11aba956/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff4c7f78fabf46226b298888938c85635d5f07d8a81b71a2ee4facde2c7619fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://apps.prsa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 12:43:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
1509
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42588
x-xss-protection
0
last-modified
Thu, 24 Jun 2021 00:19:22 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 25 Jun 2022 12:43:42 GMT
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2319954318248384&ev=PageView&dl=https%3A%2F%2Fapps.prsa.org%2Femailprefs%3Femail%3Ddonna%252Emancuso%2540rwjbh%252Eorg%26_zs%3DcHK6m%26_zl%3DR46w1&rl=&if=false&ts=1624626531845&sw=1600&sh=1200&v=2.9.42&r=stable&ec=0&o=30&fbp=fb.1.1624626531843.326591252&it=1624626531745&coo=false&rqm=GET
Requested by
Host: apps.prsa.org
URL: https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://apps.prsa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 13:08:51 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Fri, 25 Jun 2021 13:08:51 GMT
integrations
polo.feathr.co/v1/accounts/5eb3256be4fe21a12949e03c/ 		42 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://polo.feathr.co/v1/accounts/5eb3256be4fe21a12949e03c/integrations
Requested by
Host: cdn.feathr.co
URL: https://cdn.feathr.co/js/boomerang.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.154.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-154-31.compute-1.amazonaws.com
Software
nginx/1.17.8 /
Resource Hash
faa1444cbae74aad09a3bae4849dd1b0fead937d10b8b79321da628b461f59bd
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://apps.prsa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 13:08:52 GMT
server
nginx/1.17.8
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length
42
refresh
marco.feathr.co/v1/ 		43 B
586 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marco.feathr.co/v1/refresh
Requested by
Host: apps.prsa.org
URL: https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-58.fra2.r.cloudfront.net
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://apps.prsa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 13:08:52 GMT
via
1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amzn-requestid
786ec131-503c-4365-b947-05ac8bbe8b44
access-control-allow-methods
*
content-type
image/gif
access-control-allow-origin
*
x-amzn-trace-id
Root=1-60d5d564-4bb02aca230d93674d5d529e;Sampled=0
x-cache
Miss from cloudfront
x-amz-apigw-id
Be5HqEv8IAMFZZg=
content-length
43
x-amz-cf-id
yS4LAnyil1jIpq4yrrYVfLIUNIzs7dzlYOyGseFRXyatHLWzCMIzUg==
access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key
script.js
polo.feathr.co/v1/analytics/match/ 		290 B
567 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polo.feathr.co/v1/analytics/match/script.js?pk=feathr&cb=1624626532227
Requested by
Host: cdn.feathr.co
URL: https://cdn.feathr.co/js/boomerang.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.154.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-154-31.compute-1.amazonaws.com
Software
nginx/1.17.8 /
Resource Hash
3183d7f4c0792de0a65f6af60c3ca0b24325e217952faa8a45798e6f1555496a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://apps.prsa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 13:08:52 GMT
content-encoding
gzip
server
nginx/1.17.8
etag
W/"60d5d5644df6990007db3591"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
no-cache, max-age=0
access-control-allow-credentials
true
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
pixel.js
polo.feathr.co/v1/accounts/5eb3256be4fe21a12949e03c/ 		32 B
398 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polo.feathr.co/v1/accounts/5eb3256be4fe21a12949e03c/pixel.js?pk=feathr
Requested by
Host: cdn.feathr.co
URL: https://cdn.feathr.co/js/boomerang.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.154.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-154-31.compute-1.amazonaws.com
Software
nginx/1.17.8 /
Resource Hash
eacfa4f711eaca1336ff82619c8a2d310dec11266d594fbc7e5a91259cebf848
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://apps.prsa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 13:08:52 GMT
server
nginx/1.17.8
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
must-revalidate, max-age=14400
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length
32
match
polo-v1.feathr.co/v1/analytics/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=6fgi4r1&ttd_tpi=1&ttd_puid=60d5d5644df6990007db3591&gdpr=0
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=6fgi4r1&ttd_tpi=1&ttd_puid=60d5d5644df6990007db3591&gdpr=0
  • https://polo-v1.feathr.co/v1/analytics/match?f_id=60d5d5644df6990007db3591&ttd_id=7dcd5948-361f-4ed4-b5be-f891838aca3d
43 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polo-v1.feathr.co/v1/analytics/match?f_id=60d5d5644df6990007db3591&ttd_id=7dcd5948-361f-4ed4-b5be-f891838aca3d
Requested by
Host: apps.prsa.org
URL: https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.154.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-154-31.compute-1.amazonaws.com
Software
nginx/1.17.8 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://apps.prsa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 13:08:52 GMT
server
nginx/1.17.8
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0,no-cache,no-store
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length
43

Redirect headers

pragma
no-cache
date
Fri, 25 Jun 2021 13:08:52 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://polo-v1.feathr.co/v1/analytics/match?f_id=60d5d5644df6990007db3591&ttd_id=7dcd5948-361f-4ed4-b5be-f891838aca3d
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
267
script.js
polo.feathr.co/v1/analytics/match/ 		207 B
591 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polo.feathr.co/v1/analytics/match/script.js?pk=feathr&cb=1624626532958
Requested by
Host: cdn.feathr.co
URL: https://cdn.feathr.co/js/boomerang.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.154.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-154-31.compute-1.amazonaws.com
Software
nginx/1.17.8 /
Resource Hash
b29dec8486d78d6aff60ce293e7e3eb6a05891078bcb3a2eb7e45d3230881d29
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://apps.prsa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 13:08:53 GMT
server
nginx/1.17.8
etag
"60d5d5644df6990007db3591"
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
no-cache, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length
207
crumb
polo.feathr.co/v1/analytics/ 		43 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polo.feathr.co/v1/analytics/crumb?cb=1624626533071&a_id=5eb3256be4fe21a12949e03c&f_id=60d5d5644df6990007db3591&ses_id=60d5d5639c639da44f45ff0f&ttd_id=7dcd5948-361f-4ed4-b5be-f891838aca3d&flvr=page_view&loc_url=https%3A%2F%2Fapps.prsa.org%2Femailprefs%3Femail%3Ddonna%252Emancuso%2540rwjbh%252Eorg%26_zs%3DcHK6m%26_zl%3DR46w1&s_w=1600&s_h=1200&b_w=1600&b_h=1200&cust_params=e30=
Requested by
Host: apps.prsa.org
URL: https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.154.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-154-31.compute-1.amazonaws.com
Software
nginx/1.17.8 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://apps.prsa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 13:08:53 GMT
server
nginx/1.17.8
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0,no-cache,no-store
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length
43
event.jpeg
www.pages01.net/WTS/ 		0
310 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pages01.net/WTS/event.jpeg?accesskey=2936da90-135109721d1-ce240116a00f91fcaa71fbe5df141a8a&v=1.31&isNewSession=1&type=pageview&isNewVisitor=1&sessionGUID=3e20be1c-c6ce-4602-1589-15c903b14232&webSyncID=ee06b8e0-1a7b-9479-2289-862879dc3683&url=https%3A%2F%2Fapps.prsa.org%2Femailprefs%3Femail%3Ddonna%252Emancuso%2540rwjbh%252Eorg%26_zs%3DcHK6m%26_zl%3DR46w1&newSiteVisit=1&hostname=apps.prsa.org&pathname=%2Femailprefs&newPageVisit=1&eventKey=b320c108-42c4-69eb-d78d-2287abd7d8a4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.112.69.8 , United States, ASN19795 (ACOUSTIC-ATL-01, US),
Reverse DNS
pages01.net
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://apps.prsa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 13:08:53 GMT
Server
Apache
p3p
CP="CAO PSA OUR"
Cache-Control
no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
Connection
close
Content-Type
image/jpeg
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
_ate.track.config_resp
v1.addthisedge.com/live/boost/prsaweb/ 		745 B
507 B 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.addthisedge.com/live/boost/prsaweb/_ate.track.config_resp
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.84.56.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-84-56-126.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5d95df562909f1af34e00c3bccc1ebd2d0c9c9cafd17c76a4fbf3be8c5871de2

Request headers

Referer
https://apps.prsa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 13:08:53 GMT
content-encoding
gzip
etag
869253558--gzip
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=57, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-length
331
adsct
analytics.twitter.com/i/ 		31 B
657 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.0&p_id=Twitter&p_user_id=0&txn_id=nysmt&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fapps.prsa.org%2Femailprefs%3Femail%3Ddonna%252Emancuso%2540rwjbh%252Eorg%26_zs%3DcHK6m%26_zl%3DR46w1
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://apps.prsa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 13:08:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
57
x-xss-protection
0
pragma
no-cache
last-modified
Fri, 25 Jun 2021 13:08:53 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
application/javascript;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
6c34bde5baefbeffc2b8f69fad08acb6f69716785aba3b227a5bc4a1f9a9e221
x-transaction
18153e0c5605a15b
expires
Tue, 31 Mar 1981 05:00:00 GMT
pixel.js
polo.feathr.co/v1/accounts/5eb3256be4fe21a12949e03c/integrations/facebook/ 		465 B
728 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polo.feathr.co/v1/accounts/5eb3256be4fe21a12949e03c/integrations/facebook/pixel.js?pk=feathr
Requested by
Host: cdn.feathr.co
URL: https://cdn.feathr.co/js/boomerang.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.154.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-154-31.compute-1.amazonaws.com
Software
nginx/1.17.8 /
Resource Hash
cf55aae827459eb2ad4b2d5439388967ffb67818346f2e6dfbebf861cdae197a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://apps.prsa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 13:08:53 GMT
content-encoding
gzip
server
nginx/1.17.8
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
must-revalidate, max-age=14400
access-control-allow-credentials
true
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
971828603571695
connect.facebook.net/signals/config/ 		260 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/971828603571695?v=2.9.42&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ff6b095dea683ee01851718c63fbf2a8ba01712539c18c02fb150a6282f0bb4d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://apps.prsa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
pZPO/Bdl4VjSSYg/HyN2z29PnLWBQF0/Mk4l+xE/g1wIkJk2znXS6nDSuRwif9KKIVqfAAeCCl5jB1Tk9hScIg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 25 Jun 2021 13:08:53 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=971828603571695&ev=ViewContent&dl=https%3A%2F%2Fapps.prsa.org%2Femailprefs%3Femail%3Ddonna%252Emancuso%2540rwjbh%252Eorg%26_zs%3DcHK6m%26_zl%3DR46w1&rl=&if=false&ts=1624626533420&cd[b_w]=1600&cd[b_h]=1200&cd[s_w]=1600&cd[s_h]=1200&cd[loc_url]=https%3A%2F%2Fapps.prsa.org%2Femailprefs%3Femail%3Ddonna%252Emancuso%2540rwjbh%252Eorg%26_zs%3DcHK6m%26_zl%3DR46w1&cd[ses_id]=60d5d5639c639da44f45ff0f&cd[flvr]=page_view&cd[a_id]=5eb3256be4fe21a12949e03c&cd[debug]=0&cd[bypass_hash]=0&cd[f_id]=60d5d5644df6990007db3591&cd[ttd_id]=7dcd5948-361f-4ed4-b5be-f891838aca3d&sw=1600&sh=1200&v=2.9.42&r=stable&ec=0&o=30&fbp=fb.1.1624626531843.326591252&it=1624626531745&coo=false&tm=1&rqm=GET
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://apps.prsa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 13:08:53 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Fri, 25 Jun 2021 13:08:53 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2319954318248384&ev=Microdata&dl=https%3A%2F%2Fapps.prsa.org%2Femailprefs%3Femail%3Ddonna%252Emancuso%2540rwjbh%252Eorg%26_zs%3DcHK6m%26_zl%3DR46w1&rl=&if=false&ts=1624626533421&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22PRSA%20Email%20Preferences%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.42&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1624626531843.326591252&it=1624626531745&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://apps.prsa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 13:08:53 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Fri, 25 Jun 2021 13:08:53 GMT
layers.fa6cd1947ce26e890d3d.js
s7.addthis.com/static/ 		263 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.84.56.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-84-56-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://apps.prsa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-41cf5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
date
Fri, 25 Jun 2021 13:08:53 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
77617
shares-post.json
api-public.addthis.com/url/serviceapi/ 		2 B
301 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fapps.prsa.org%2Femailprefs%3Femail%3Ddonna%252Emancuso%2540rwjbh%252Eorg%26_zs%3DcHK6m%26_zl%3DR46w1
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.84.56.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-84-56-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://apps.prsa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
surrogate-key
sFbt=https://apps.prsa.org/emailprefs?email=donna%2Emancuso%40rwjbh%2Eorg&_zs=cHK6m&_zl=R46w1
last-modified
Fri, 25 Jun 2021 13:00:00 GMT
server
nginx/1.15.8
date
Fri, 25 Jun 2021 13:08:53 GMT
content-type
application/json
access-control-allow-origin
https://apps.prsa.org
cache-control
no-transform, max-age=0, s-maxage=14400
access-control-allow-credentials
true
content-length
2
shares.json
api-public.addthis.com/url/ 		33 B
329 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fapps.prsa.org%2Femailprefs%3Femail%3Ddonna%252Emancuso%2540rwjbh%252Eorg%26_zs%3DcHK6m%26_zl%3DR46w1&callback=_ate.cbs.rcb_99qc0
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.84.56.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-84-56-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
826bfcbf01de8d9124c88e8de3ad9e82a5c46b68eaa9368e56899d67fe923ec7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://apps.prsa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
surrogate-key
apps.prsa.org/emailprefs?email=donna%2emancuso%40rwjbh%2eorg&_zs=chk6m&_zl=r46w1
last-modified
Fri, 25 Jun 2021 13:08:53 GMT
server
nginx/1.15.8
date
Fri, 25 Jun 2021 13:08:53 GMT
vary
Accept-Encoding
content-type
application/json
cache-control
no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length
53
shares.json
api-public.addthis.com/url/ 		32 B
328 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fapps.prsa.org%2Femailprefs%3Femail%3Ddonna%252Emancuso%2540rwjbh%252Eorg%26_zs%3DcHK6m%26_zl%3DR46w1&callback=_ate.cbs.rcb_bk40
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.84.56.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-84-56-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
a0a5c760a671a6612d5185f13838d9719cf404dba27aa0359c9b52a26f256d9c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://apps.prsa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
surrogate-key
apps.prsa.org/emailprefs?email=donna%2emancuso%40rwjbh%2eorg&_zs=chk6m&_zl=r46w1
last-modified
Fri, 25 Jun 2021 13:08:53 GMT
server
nginx/1.15.8
date
Fri, 25 Jun 2021 13:08:53 GMT
vary
Accept-Encoding
content-type
application/json
cache-control
no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length
52
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=971828603571695&ev=Microdata&dl=https%3A%2F%2Fapps.prsa.org%2Femailprefs%3Femail%3Ddonna%252Emancuso%2540rwjbh%252Eorg%26_zs%3DcHK6m%26_zl%3DR46w1&rl=&if=false&ts=1624626534922&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22PRSA%20Email%20Preferences%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.42&r=stable&ec=1&o=30&fbp=fb.1.1624626531843.326591252&it=1624626531745&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://apps.prsa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 13:08:54 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Fri, 25 Jun 2021 13:08:54 GMT

Verdicts & Comments Add Verdict or Comment

109 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| dataLayer function| $ function| jQuery number| timeout number| closetimer number| ddmenuitem function| ddmenu_open function| ddmenu_close function| ddmenu_timer function| viewProfile function| ddmenu_canceltimer function| fieldBlur function| fieldFocus object| jQuery111306666205184266962 function| checkBox function| setupLabel function| selectTab string| prsaMType function| openWindow2 string| currentAccordionHeaderId string| currentAccordionPanelId object| prefetchImage function| accordionToggle function| GetSelectedItem string| GoogleAnalyticsObject function| ga function| twq function| fbq function| _fbq object| ewt function| toggleHelp function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| twttr object| google_tag_manager string| _linkedin_data_partner_id function| onYouTubeIframeAPIReady function| feathr function| FeathrBoomerang function| lintrk boolean| _already_called_lintrk object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey boolean| __@@##MUH object| core undefined| feathr_account_id object| __feathrs function| __feathr boolean| initialized string| ewt_host string| ewt_page_key object| addthis_config object| addthis_share object| _atw string| addthis_exclude boolean| addthis_use_personalization string| addthis_options_default string| addthis_options_rank string| addthis_options object| __callbacks

14 Cookies

Domain/Path Name / Value
apps.prsa.org/ Name: __atuvs
Value: 60d5d563ff36c629000
apps.prsa.org/ Name: __atuvc
Value: 1%7C25
.prsa.org/ Name: com.silverpop.iMA.page_visit
Value: -1518007805:
.prsa.org/ Name: _gat_UA-11397202-1
Value: 1
.prsa.org/ Name: com.silverpop.iMAWebCookie
Value: ee06b8e0-1a7b-9479-2289-862879dc3683
.prsa.org/ Name: com.silverpop.iMA.session
Value: 3e20be1c-c6ce-4602-1589-15c903b14232
.apps.prsa.org/ Name: feathr_session_id
Value: 60d5d5639c639da44f45ff0f
.prsa.org/ Name: _fbp
Value: fb.1.1624626531843.326591252
apps.prsa.org/ Name: JSESSIONID
Value: 6430495287054599ac126738401743684581
.prsa.org/ Name: _gat
Value: 1
apps.prsa.org/ Name: CFTOKEN
Value: f26fbb91f1eb298c-A0C94738-D4AE-529C-AC1CD7262163006F
.prsa.org/ Name: _gid
Value: GA1.2.1059509410.1624626532
.prsa.org/ Name: _ga
Value: GA1.2.269445115.1624626532
apps.prsa.org/ Name: CFID
Value: 144562791

1 Console Messages

Source Level URL
Text
console-api warning URL: https://connect.facebook.net/en_US/fbevents.js(Line 24)
Message:
[Facebook Pixel] - Duplicate Pixel ID: 2319954318248384.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
analytics.twitter.com
api-public.addthis.com
apps.prsa.org
cdn.feathr.co
connect.facebook.net
fonts.googleapis.com
higherlogicdownload.s3.amazonaws.com
marco.feathr.co
match.adsrvr.org
polo-v1.feathr.co
polo.feathr.co
prsa.informz.net
px.ads.linkedin.com
px4.ads.linkedin.com
s7.addthis.com
snap.licdn.com
static.ads-twitter.com
t.co
v1.addthisedge.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.linkedin.com
www.pages01.net
www.sc.pages01.net
www.youtube.com
z.moatads.com
104.244.42.131
104.244.42.5
104.84.56.126
108.174.10.14
13.225.87.58
13.248.242.197
151.101.12.157
2.18.235.40
2606:4700:3037::6815:52a3
2620:119:50e4:101::6cae:b55
2620:1ec:21::14
2a00:1450:4001:809::200e
2a00:1450:4001:80f::200e
2a00:1450:4001:827::200a
2a00:1450:4001:828::2008
2a00:1450:4001:831::200a
2a02:26f0:6c00:296::25ea
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.192.154.31
34.235.92.254
52.217.97.172
65.9.77.126
69.63.141.58
74.112.69.8
0018ed0988aacba661baf20fa6bf4a8d72c142425d5c0f11487b26367597d4d4
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1b8204b85fd6b9ea88a98dadb3bef2c9a7169e7f14584ca1a5e8044034d92086
1c979e1a7ccd5dfb380d99b6190410a869f2341fd916d1cf78b72c48a227c34d
27a1e80167055f562f0ddda38620ec1f5a354c5ab795c75da16874f4095520f3
2a23abfd83672eb1f5a8399bfdb0af7c5c5bab911aa426596c59fe2fdb1e82b3
2bcfc75a5ef1a65c2e66f747a20a815bbed9dcadac32c4d1abcb89e338db5155
3183d7f4c0792de0a65f6af60c3ca0b24325e217952faa8a45798e6f1555496a
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4723beaf55ee715e5b553abd325723d4b0e1a1f752ad630c4070994bbf85f75b
573e4b2c9d879317024389d456f1eb90a5002b241981e5c664da4ff017371ede
5bc9e2edceb277f5713a54bba3944255721dbe29940e9aa5bf51385506078d35
5d95df562909f1af34e00c3bccc1ebd2d0c9c9cafd17c76a4fbf3be8c5871de2
5fa1a1f46ecb4d02eb5c6a7acf80142ca3df9d541394d4f7398aa483690c3553
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
66fd947bb50242f1eef10983445f1b5a2a8ea044ed6fc8bd0c956aa3affb910b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cfefb5ef85ce70f755732378d66b175fa5142fd49c794cea501423b5bf3fe0c
6e6e6a03e72a528c28884b50bf296425667f38dd0aaf1dd17ce89199ffc85271
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
76cc8cf9b82b6ea14e3252e59b5d216884bd43bf929c04dff5184f60f3fd82be
7891e3765162936ceece7c6a919117e95a472eec9743d58696562f11c6e4c7e9
79fcef7a0549ef72c11fc65e27b2e6bb1194eab7d9717980091bc577cfb9b73f
8026f939e35bbcebb67e79393b303f3e2e5d80bfc4a459d7546000d159d3806b
826bfcbf01de8d9124c88e8de3ad9e82a5c46b68eaa9368e56899d67fe923ec7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8d4a663d2c10e527e673ea3bbb7d98bb11a6bc1beacdeb23bffb27760c0ef67f
8ed57274de20ad4df2be30d63d229447ee9ea37a23a7b35173abf67b2bd7cfe8
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0a5c760a671a6612d5185f13838d9719cf404dba27aa0359c9b52a26f256d9c
a9b5d56e1956bce863c422a0effd79fac23f88a1d6e9c6764e6459ca4e52d183
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b29dec8486d78d6aff60ce293e7e3eb6a05891078bcb3a2eb7e45d3230881d29
bbd6d0885f3e53adfdf2144db93372d010798258d360bf57173feb100572c579
c5a310590b84ddb8c45b12b32267c95961a7fc4f7bbd13828113d00abfdd24b4
c68dfce4b0efe6e13442dafd54cd36e26f6a5b2e8025cac6078d32464cacf360
ce8edccdc98a1f67c6d81ce452ac32192a9fc0c7a2828ea2dc6747c291cb5919
cf55aae827459eb2ad4b2d5439388967ffb67818346f2e6dfbebf861cdae197a
cff1d25da28e595332e3cea8468dd12e490201ee630729b8022476e440f4bf2c
cffff69fa3b3adc33fc6032629a3e54cece2c8528ba136c0d858e2455bfb10a3
d680693b801550950dbdde72fd9e45a883ad7ac718e298e7ddd4a96415632ead
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eacfa4f711eaca1336ff82619c8a2d310dec11266d594fbc7e5a91259cebf848
f4b49a600ae0dbb4bd6c4b8ef41b9e11135500ada3a8c6e0c79726efc2fe926a
faa1444cbae74aad09a3bae4849dd1b0fead937d10b8b79321da628b461f59bd
ff0ca6d0858d00480e8fb747eb89abe96abd3b7852fe1e24e3f0910d27cf4235
ff4c7f78fabf46226b298888938c85635d5f07d8a81b71a2ee4facde2c7619fb
ff6b095dea683ee01851718c63fbf2a8ba01712539c18c02fb150a6282f0bb4d