urlscan.io logo urlscan.io
SecurityTrails logo

ncose.salsalabs.org Open in urlscan Pro
52.21.143.55  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://default.salsalabs.org/Tcb10dbff-6f80-4c98-aa02-5b4e29dd4d03/2d7e76ac-f270-4d92-a513-d2658e00bf4c
Effective URL: https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
Submission: On December 11 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 26 IPs in 6 countries across 17 domains to perform 56 HTTP transactions. The main IP is 52.21.143.55, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is ncose.salsalabs.org.
TLS certificate: Issued by RapidSSL RSA CA 2018 on June 10th 2020. Valid for: 2 years.
This is the only time ncose.salsalabs.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 19 52.21.143.55 14618 (AMAZON-AES)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 65.9.73.87 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 40.76.202.94 8075 (MICROSOFT...)
1 34.96.67.224 15169 (GOOGLE)
2 23.96.109.67 8075 (MICROSOFT...)
1 130.211.164.108 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 13.227.234.129 16509 (AMAZON-02)
1 65.9.73.36 16509 (AMAZON-02)
3 2a03:2880:f01... 32934 (FACEBOOK)
2 3 185.167.164.39 198622 (ADFORM)
1 37.157.5.73 198622 (ADFORM)
1 35.209.93.168 15169 (GOOGLE)
6 2a03:2880:f11... 32934 (FACEBOOK)
1 52.18.163.167 16509 (AMAZON-02)
1 65.9.73.93 16509 (AMAZON-02)
1 37.157.2.235 198622 (ADFORM)
1 37.157.2.237 198622 (ADFORM)
1 34.102.232.42 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
56 26
19    52.21.143.55 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-143-55.compute-1.amazonaws.com
default.salsalabs.org
ncose.salsalabs.org
donate.salsalabs.org
1    2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
1    2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    65.9.73.87 (Seattle, United States)

ASN16509 (AMAZON-02, US)
static.hotjar.com
4    2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
5    40.76.202.94 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
epiphany.masterworks.com
1    34.96.67.224 (United States)

ASN15169 (GOOGLE, US)
PTR: 224.67.96.34.bc.googleusercontent.com
cdn.siftscience.com
2    23.96.109.67 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
doublethedonation.com
1    130.211.164.108 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 108.164.211.130.bc.googleusercontent.com
static.wepay.com
1    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    13.227.234.129 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-234-129.bom51.r.cloudfront.net
script.hotjar.com
1    65.9.73.36 (Seattle, United States)

ASN16509 (AMAZON-02, US)
vars.hotjar.com
3    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    185.167.164.39 (Denmark)

ASN198622 (ADFORM, DK)
a2.adform.net
1    37.157.5.73 (Denmark)

ASN198622 (ADFORM, DK)
s2.adform.net
1    35.209.93.168 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 168.93.209.35.bc.googleusercontent.com
p1.zemanta.com
6    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    52.18.163.167 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-163-167.eu-west-1.compute.amazonaws.com
in.hotjar.com
1    65.9.73.93 (Seattle, United States)

ASN16509 (AMAZON-02, US)
vc.hotjar.io
1    37.157.2.235 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    37.157.2.237 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
1    34.102.232.42 (United States)

ASN15169 (GOOGLE, US)
PTR: 42.232.102.34.bc.googleusercontent.com
hexagon-analytics.com
2    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
Domain Requested by
8 ncose.salsalabs.org 2 redirects ncose.salsalabs.org
8 default.salsalabs.org 1 redirects ncose.salsalabs.org
default.salsalabs.org
6 www.facebook.com ncose.salsalabs.org
5 epiphany.masterworks.com ncose.salsalabs.org
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 donate.salsalabs.org default.salsalabs.org
3 a2.adform.net 2 redirects ncose.salsalabs.org
3 connect.facebook.net ncose.salsalabs.org
connect.facebook.net
3 fonts.googleapis.com ncose.salsalabs.org
default.salsalabs.org
2 doublethedonation.com ncose.salsalabs.org
1 hexagon-analytics.com
1 track.adform.net ncose.salsalabs.org
1 c1.adform.net a2.adform.net
1 vc.hotjar.io script.hotjar.com
1 in.hotjar.com script.hotjar.com
1 p1.zemanta.com ncose.salsalabs.org
1 s2.adform.net ncose.salsalabs.org
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 stats.g.doubleclick.net www.google-analytics.com
1 static.wepay.com ncose.salsalabs.org
1 cdn.siftscience.com ncose.salsalabs.org
1 ajax.googleapis.com ncose.salsalabs.org
1 static.hotjar.com www.googletagmanager.com
1 www.googletagmanager.com ncose.salsalabs.org
1 code.jquery.com ncose.salsalabs.org
56 26
Subject Issuer Validity Valid
*.salsalabs.org
RapidSSL RSA CA 2018		 2020-06-10 -
2022-07-10		 2 years crt.sh
jquery.org
Sectigo RSA Domain Validation Secure Server CA		 2020-10-06 -
2021-10-16		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
*.hotjar.com
Amazon		 2020-01-22 -
2021-02-22		 a year crt.sh
*.masterworks.com
Go Daddy Secure Certificate Authority - G2		 2019-09-28 -
2021-11-27		 2 years crt.sh
*.siftscience.com
DigiCert SHA2 Secure Server CA		 2019-01-03 -
2021-03-26		 2 years crt.sh
doublethedonation.com
Sectigo ECC Domain Validation Secure Server CA		 2020-04-09 -
2022-07-12		 2 years crt.sh
*.wepayapi.com
DigiCert SHA2 High Assurance Server CA		 2019-05-16 -
2021-06-03		 2 years crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-11-02 -
2021-01-30		 3 months crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.zemanta.com
DigiCert SHA2 Secure Server CA		 2020-08-23 -
2021-09-01		 a year crt.sh
*.hotjar.io
Amazon		 2020-09-15 -
2021-10-15		 a year crt.sh
*.hexagon-analytics.com
DigiCert SHA2 Secure Server CA		 2019-08-01 -
2021-11-03		 2 years crt.sh

This page contains 3 frames:

Primary Page: https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
Frame ID: 25A8BAFF4D94E4FEC717C80AD688B1B7
Requests: 54 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 355F1A480978DA68918FBA00FA0B00F4
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?uid=1576381261378037562&agencyId=5212&advertiserId=2079548&src=tp&rnd=612071
Frame ID: 8C700B2C152B8820425A6664CB8D7AC4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://default.salsalabs.org/Tcb10dbff-6f80-4c98-aa02-5b4e29dd4d03/2d7e76ac-f270-4d92-a513-d2658e00bf4c HTTP 302
    https://ncose.salsalabs.org/yearend2020?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4 HTTP 302
    https://ncose.salsalabs.org/yearend2020/?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4 HTTP 302
    https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-2... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

56
Requests

100 %
HTTPS

36 %
IPv6

17
Domains

26
Subdomains

26
IPs

6
Countries

1125 kB
Transfer

3829 kB
Size

25
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://default.salsalabs.org/Tcb10dbff-6f80-4c98-aa02-5b4e29dd4d03/2d7e76ac-f270-4d92-a513-d2658e00bf4c HTTP 302
    https://ncose.salsalabs.org/yearend2020?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4 HTTP 302
    https://ncose.salsalabs.org/yearend2020/?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4 HTTP 302
    https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24
  • https://a2.adform.net/serving/scripts/trackpoint/async/ HTTP 301
  • https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Request Chain 36
  • https://a2.adform.net/Serving/TrackPoint/?pm=2181911&ADFdivider=%7C&ord=877123846161&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzdjEiOjAsInN2OCI6MCwic3Y5NyI6MH0&loc=https%3A%2F%2Fncose.salsalabs.org%2Fyearend2020%2Findex.html%3FeType%3DEmailBlastContent%26eId%3De6b212c7-1d61-4aab-9c2c-26c5b5808cd4 HTTP 302
  • https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2181911&ADFdivider=%7C&ord=877123846161&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzdjEiOjAsInN2OCI6MCwic3Y5NyI6MH0&loc=https%3A%2F%2Fncose.salsalabs.org%2Fyearend2020%2Findex.html%3FeType%3DEmailBlastContent%26eId%3De6b212c7-1d61-4aab-9c2c-26c5b5808cd4

56 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.html
ncose.salsalabs.org/yearend2020/
Redirect Chain
  • https://default.salsalabs.org/Tcb10dbff-6f80-4c98-aa02-5b4e29dd4d03/2d7e76ac-f270-4d92-a513-d2658e00bf4c
  • https://ncose.salsalabs.org/yearend2020?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
  • https://ncose.salsalabs.org/yearend2020/?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
  • https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
76 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.143.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-143-55.compute-1.amazonaws.com
Software
/
Resource Hash
6a593b7c943b5cfe137139c2dd71be330afef6e38803a8e358728b5fe5048685
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; font-src https: data:; connect-src https:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

:method
GET
:authority
ncose.salsalabs.org
:scheme
https
:path
/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ignite_tr=e09a3b7a-4da8-469c-91c3-d08984a58245; ignite_tr_url=2d7e76ac-f270-4d92-a513-d2658e00bf4c; ignite_uiid=6870cd8d-1dde-4596-b71b-1b364132d1b4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 11 Dec 2020 00:04:10 GMT
content-type
text/html;charset=utf-8
set-cookie
ignite_tr=e09a3b7a-4da8-469c-91c3-d08984a58245;Path=/;Domain=salsalabs.org;Expires=Sat, 11-Dec-2021 00:04:10 GMT;Max-Age=31536000;Secure;SameSite=NONE
x-xss-protection
1
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; font-src https: data:; connect-src https:
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 07 Dec 2020 21:43:12 GMT
etag
W/"dAEd9Oy6aQ0dAEcgNOT1wE--gzip"
accept-ranges
bytes
cache-control
max-age=3600,public
vary
Accept-Encoding, User-Agent
content-encoding
gzip

Redirect headers

date
Fri, 11 Dec 2020 00:04:10 GMT
content-length
0
location
https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
set-cookie
ignite_tr=e09a3b7a-4da8-469c-91c3-d08984a58245;Path=/;Domain=salsalabs.org;Expires=Sat, 11-Dec-2021 00:04:10 GMT;Max-Age=31536000;Secure;SameSite=NONE
x-xss-protection
1
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; font-src https: data:; connect-src https:
strict-transport-security
max-age=31536000; includeSubDomains
sli-forms-styles_v02.css
ncose.salsalabs.org/public/styles/ 		135 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ncose.salsalabs.org/public/styles/sli-forms-styles_v02.css
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.143.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-143-55.compute-1.amazonaws.com
Software
/
Resource Hash
c5cdb515536b077e08611884f36fdb72997b69423624393f93aace6bd3a56878
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; font-src https: data:; connect-src https:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 11 Dec 2020 00:04:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 06 Sep 2020 19:43:52 GMT
etag
W/"SUiv9BO5u/kSUiugHdJ54k--gzip"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/css
cache-control
max-age=3600,public
content-security-policy
block-all-mixed-content; default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; font-src https: data:; connect-src https:
accept-ranges
bytes
vary
Accept-Encoding, User-Agent
x-xss-protection
1
jquery-ui.css
code.jquery.com/ui/1.11.2/themes/smoothness/ 		34 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/ui/1.11.2/themes/smoothness/jquery-ui.css
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
95d5b67a78f81f3c071b01f888c9a468c13c8288597b64c99ff829e35b51a012

Request headers

Referer
https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 11 Dec 2020 00:04:10 GMT
content-encoding
gzip
last-modified
Fri, 24 Oct 2014 00:16:08 GMT
server
nginx
etag
W/"54499a48-898c"
vary
Accept-Encoding
x-hw
1607645050.dop108.fr8.t,1607645050.cds283.fr8.hn,1607645050.cds217.fr8.c
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
8056
PT16280c2b-f0c9-441b-9c54-267b041e570e
ncose.salsalabs.org/ 		342 B
526 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ncose.salsalabs.org/PT16280c2b-f0c9-441b-9c54-267b041e570e
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.143.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-143-55.compute-1.amazonaws.com
Software
/
Resource Hash
deb773e606605d32bdde08987d595a6c2d6a5db01b946215c5bd86e6998bf03e

Request headers

Referer
https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 11 Dec 2020 00:04:10 GMT
content-encoding
gzip
vary
Accept-Encoding, User-Agent
content-type
application/javascript
905e29ae-c76c-4e7e-a88a-dc0734b26a01
ncose.salsalabs.org/api/widget/fundraising/ 		153 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ncose.salsalabs.org/api/widget/fundraising/905e29ae-c76c-4e7e-a88a-dc0734b26a01?tId=id_905e29aec76c4e7ea88adc0734b26a01&eId=7fbac6f3-340e-491f-95af-f65d2d382244&eType=Page&lsi=sli-forms-styles_v02&bo=true
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.143.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-143-55.compute-1.amazonaws.com
Software
/
Resource Hash
a517ce165cec355f388de21681399c92c490da89836004ee99bf8af7e8811424

Request headers

Referer
https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 11 Dec 2020 00:04:10 GMT
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
vary
Accept-Encoding, User-Agent
content-type
application/javascript;charset=utf-8
image-placeholder.png
ncose.salsalabs.org/public/images/ 		68 B
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ncose.salsalabs.org/public/images/image-placeholder.png
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.143.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-143-55.compute-1.amazonaws.com
Software
/
Resource Hash
0464f45b495a5aac8d0e6edd4cc000fef4d3f90187ba1a7b7faf39cf4087085f
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; font-src https: data:; connect-src https:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 11 Dec 2020 00:04:10 GMT
x-content-type-options
nosniff
last-modified
Mon, 17 Aug 2020 08:22:12 GMT
etag
W/"/kX+kCbVZcQ/kX/4N1XnqA"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=3600,public
content-security-policy
block-all-mixed-content; default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; font-src https: data:; connect-src https:
accept-ranges
bytes
content-length
68
x-xss-protection
1
gtm.js
www.googletagmanager.com/ 		139 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PFFJPG3
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/PT16280c2b-f0c9-441b-9c54-267b041e570e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c7ef2d14e150b9ce75b593bc5e56406a13d9fdfa3226934638d4a0069db99f9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 11 Dec 2020 00:04:10 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48926
x-xss-protection
0
expires
Fri, 11 Dec 2020 00:04:10 GMT
css
fonts.googleapis.com/ 		38 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Vollkorn:400,400italic,700,700italic|Roboto:400,400italic,700,700italic|Cardo:400,400italic,700|Open+Sans:400,400italic,700,700italic|Droid+Sans:400,700|Josefin+Sans:400,400italic,700,700italic|Josefin+Slab:400,400italic,700,700italic|Oleo+Script:400,700|Cabin+Sketch:400,700|Lobster|Poiret+One&subset=latin,cyrillic
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/public/styles/sli-forms-styles_v02.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
494f7d31dc8df0493ada04a2d9ee0e1b437b8277c475b53e41b0e7a7a9091fe7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ncose.salsalabs.org/public/styles/sli-forms-styles_v02.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 11 Dec 2020 00:04:10 GMT
server
ESF
date
Fri, 11 Dec 2020 00:04:10 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 11 Dec 2020 00:04:10 GMT
hotjar-2031736.js
static.hotjar.com/c/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2031736.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PFFJPG3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.73.87 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
c32fc622d8c4729da29665b330c5b9de974c910f082c25aeba523124ed121675
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 11 Dec 2020 00:04:11 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
AMS1-C1
etag
W/089b1e832715ecfb7102fa4a7e586e83
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
x-cache-hit
1
content-length
1585
via
1.1 9385401cebb473e4ed1da6c81b927c52.cloudfront.net (CloudFront)
x-amz-cf-id
CwAYhf_y7P35aeium8zPqMucRsq15fBcghWxFgSPy1FS3rTfN0YbKA==
analytics.js
www.google-analytics.com/ 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PFFJPG3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
813
date
Thu, 10 Dec 2020 23:50:37 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Fri, 11 Dec 2020 01:50:37 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 10 Dec 2020 21:59:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7456
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30306
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 Dec 2021 21:59:54 GMT
collect
www.google-analytics.com/j/ 		2 B
27 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=678280320&t=pageview&_s=1&dl=https%3A%2F%2Fncose.salsalabs.org%2Fyearend2020%2Findex.html%3FeType%3DEmailBlastContent%26eId%3De6b212c7-1d61-4aab-9c2c-26c5b5808cd4&ul=en-us&de=UTF-8&dt=NCOSE%20-%20Year%20End%202020&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEADQAAAAC~&jid=2055987286&gjid=1360992519&cid=1657264048.1607645051&tid=UA-37619964-8&_gid=1968530293.1607645051&_r=1&gtm=2wgbu0PFFJPG3&z=1814387370
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 11 Dec 2020 00:04:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ncose.salsalabs.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=678280320&t=pageview&_s=1&dl=https%3A%2F%2Fncose.salsalabs.org%2Fyearend2020%2Findex.html%3FeType%3DEmailBlastContent%26eId%3De6b212c7-1d61-4aab-9c2c-26c5b5808cd4&ul=en-us&de=UTF-8&dt=NCOSE%20-%20Year%20End%202020&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEADQAAAAC~&jid=351366567&gjid=1884144434&cid=1657264048.1607645051&tid=UA-37619964-10&_gid=1968530293.1607645051&_r=1&gtm=2wgbu0PFFJPG3&z=440278728
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 11 Dec 2020 00:04:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ncose.salsalabs.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.google-analytics.com/gtm/ 		82 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=OPT-PLGFVKM&t=gtm4&cid=1657264048.1607645051
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
70398bd17871cee37879ce2ecdd712635159937d4e08c8d71ec3cc8a807e86ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 11 Dec 2020 00:04:10 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33356
x-xss-protection
0
expires
Fri, 11 Dec 2020 00:04:10 GMT
dd7318c3-5d0a-474e-9dea-4448632927a1.js
epiphany.masterworks.com/containers/ 		228 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://epiphany.masterworks.com/containers/dd7318c3-5d0a-474e-9dea-4448632927a1.js
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.76.202.94 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ab710759404ab10c6870a175ed9ddf60122c0d3470ffe4ba737f6a4025684dc6

Request headers

Referer
https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 11 Dec 2020 00:04:11 GMT
content-encoding
gzip
vary
Accept-Encoding, Accept-Encoding, Cookie
cache-control
public, must-revalidate, max-age=360
x-robots-tag
none
transfer-encoding
chunked
content-type
application/javascript; charset=utf-8
s.js
cdn.siftscience.com/ 		61 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.siftscience.com/s.js
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/api/widget/fundraising/905e29ae-c76c-4e7e-a88a-dc0734b26a01?tId=id_905e29aec76c4e7ea88adc0734b26a01&eId=7fbac6f3-340e-491f-95af-f65d2d382244&eType=Page&lsi=sli-forms-styles_v02&bo=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.67.224 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.67.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
7921df86278b7fa9be0cbd78d9990071763ec4e9e88aaff2c3d466723090b8ae

Request headers

Referer
https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 10 Dec 2020 18:16:37 GMT
content-encoding
gzip
age
20854
x-guploader-uploadid
ABg5-Ux7ghkqegDyadqLU3bDuM5hBGYsDF4BCJTJ--S0yVXoAhHQQaloaU7uecFdvHJAGF9YBYRRX5SKkdDYP9RTbxcaMdtX-A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
20452
last-modified
Thu, 09 Apr 2020 21:59:13 GMT
server
UploadServer
etag
"07cb8203158abb26b3c18318350e7b36"
vary
Accept-Encoding
x-goog-hash
crc32c=fIrBTA==, md5=B8uCAxWKuyazwYMYNQ57Ng==
x-goog-generation
1586469553682331
cache-control
public, max-age=86400
x-goog-stored-content-length
20452
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 11 Dec 2020 18:16:37 GMT
ddplugin.js
doublethedonation.com/api/js/ 		315 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://doublethedonation.com/api/js/ddplugin.js
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/api/widget/fundraising/905e29ae-c76c-4e7e-a88a-dc0734b26a01?tId=id_905e29aec76c4e7ea88adc0734b26a01&eId=7fbac6f3-340e-491f-95af-f65d2d382244&eType=Page&lsi=sli-forms-styles_v02&bo=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.96.109.67 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
0ace1be8407473b81d5f58867ca7327dc6ee831b440a5e0d7221d303e2b3079e

Request headers

Referer
https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 11 Dec 2020 00:04:11 GMT
content-encoding
br
last-modified
Wed, 09 Dec 2020 19:07:08 GMT
server
nginx
x-cache-status
BYPASS
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
x-proxy-cache
BYPASS
ddplugin.css
doublethedonation.com/api/css/ 		143 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://doublethedonation.com/api/css/ddplugin.css
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/api/widget/fundraising/905e29ae-c76c-4e7e-a88a-dc0734b26a01?tId=id_905e29aec76c4e7ea88adc0734b26a01&eId=7fbac6f3-340e-491f-95af-f65d2d382244&eType=Page&lsi=sli-forms-styles_v02&bo=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.96.109.67 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
42f62127a5c147e150989e019d4253e105a3a3024f336a0755430432b65e7f99

Request headers

Referer
https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 11 Dec 2020 00:04:11 GMT
content-encoding
br
last-modified
Wed, 09 Dec 2020 19:07:09 GMT
server
nginx
x-cache-status
BYPASS
vary
Accept-Encoding
content-type
text/css; charset=utf-8
x-proxy-cache
BYPASS
tokenization.v2.js
static.wepay.com/js/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.wepay.com/js/tokenization.v2.js
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/api/widget/fundraising/905e29ae-c76c-4e7e-a88a-dc0734b26a01?tId=id_905e29aec76c4e7ea88adc0734b26a01&eId=7fbac6f3-340e-491f-95af-f65d2d382244&eType=Page&lsi=sli-forms-styles_v02&bo=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
130.211.164.108 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
108.164.211.130.bc.googleusercontent.com
Software
nginx /
Resource Hash
a5dabe8694defff7761877d38bfd931a20ff6f62ca06de76c56d94f10eb048a5

Request headers

Referer
https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 11 Dec 2020 00:04:11 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Dec 2020 21:22:23 GMT
Server
nginx
ETag
W/"5fd2918f-4aac"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=21600, public
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 11 Dec 2020 06:04:11 GMT
script.min.js
default.salsalabs.org/public/scripts/ 		574 KB
161 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://default.salsalabs.org/public/scripts/script.min.js
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/api/widget/fundraising/905e29ae-c76c-4e7e-a88a-dc0734b26a01?tId=id_905e29aec76c4e7ea88adc0734b26a01&eId=7fbac6f3-340e-491f-95af-f65d2d382244&eType=Page&lsi=sli-forms-styles_v02&bo=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.143.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-143-55.compute-1.amazonaws.com
Software
/
Resource Hash
713325fc37db97d0be0c672eacaa1ccbbe0e1543287b542ec3b2242f0a369f96
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; font-src https: data:; connect-src https:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 11 Dec 2020 00:04:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 09 Nov 2020 08:18:44 GMT
etag
W/"/PI2HKWF2iI/PI3aAmY0oY--gzip"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=3600,public
content-security-policy
block-all-mixed-content; default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; font-src https: data:; connect-src https:
accept-ranges
bytes
vary
Accept-Encoding, User-Agent
x-xss-protection
1
collect
stats.g.doubleclick.net/j/ 		1 B
87 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-37619964-8&cid=1657264048.1607645051&jid=2055987286&gjid=1360992519&_gid=1968530293.1607645051&_u=YEBAAEACQAAAAC~&z=982172194
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 11 Dec 2020 00:04:10 GMT
content-type
text/plain
access-control-allow-origin
https://ncose.salsalabs.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
modules.42ad1fc945123a89c104.js
script.hotjar.com/ 		222 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.42ad1fc945123a89c104.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2031736.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.234.129 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-234-129.bom51.r.cloudfront.net
Software
/
Resource Hash
19b342601b5958e346ff2dd9d70b2918e442675987c08f0e749472efb5887620
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 10 Dec 2020 16:03:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
28830
x-cache
Hit from cloudfront
content-length
59642
access-control-allow-origin
*
last-modified
Thu, 10 Dec 2020 16:00:32 GMT
etag
"b9b4a1c3670dccf4486efc2ed56805b5"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 92e5440bd36d4afb236a3b0295e72ebb.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
BOM51-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
jpqjSu7q9FbpwBMvW39dfEnBSE7mVt5g_dQmL9S9dFycrSXmjx_j2A==
box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 355F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2031736.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.73.36 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4

Response headers

content-type
text/html
content-length
851
date
Wed, 04 Nov 2020 19:00:32 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"d594f1d4c3e5dbd6b556c60d34e0daea"
last-modified
Wed, 04 Nov 2020 16:31:53 GMT
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 bf5caee39117de5337c47c748b716e80.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
iJIzyfslhzHFdE3yzHJfueGEkfCPqWR8P0tgLc02-5KFAHAohIoxRQ==
age
3128619
ppms.js
epiphany.masterworks.com/ 		69 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://epiphany.masterworks.com/ppms.js
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.76.202.94 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3f4563efbc52fb808a3c641fedd030821b6eab2aea84276b4da8e52e183cf5ef

Request headers

Referer
https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 11 Dec 2020 00:04:11 GMT
content-encoding
gzip
last-modified
Fri, 13 Nov 2020 15:01:11 GMT
etag
W/"5fae9fb7-1153f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
transfer-encoding
chunked
expires
Sun, 10 Jan 2021 00:04:11 GMT
fbevents.js
connect.facebook.net/en_US/ 		90 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d4762bbdf73408777dc886ffe61d98654a39456cc19284fcec395a56c54518e1
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23366
x-xss-protection
0
pragma
public
x-fb-debug
Q+LkAPnhVd1XnBVFMQxw6AiKPPDKciLEvzBJ5q+u359TmclCsCu7+11XEhDMm4Z6D0R6zh9nJZ5yngD4Mk32tA==
x-fb-trip-id
603378373
x-frame-options
DENY
date
Fri, 11 Dec 2020 00:04:11 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
trackpoint-async.js
s2.adform.net/banners/scripts/st/
Redirect Chain
  • https://a2.adform.net/serving/scripts/trackpoint/async/
  • https://s2.adform.net/banners/scripts/st/trackpoint-async.js
80 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
1eb116eebdec1a3282c8d2b2e1e9da65fd55bbaea67e88af0b61059e6a0a1a68

Request headers

Referer
https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 11 Dec 2020 00:04:12 GMT
content-encoding
gzip
last-modified
Thu, 08 Oct 2020 10:58:06 GMT
server
nginx
etag
W/"5f7ef0be-140fb"
x-cache-status
HIT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript

Redirect headers

location
https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date
Fri, 11 Dec 2020 00:04:12 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/html
audience-manager.api.min.js
epiphany.masterworks.com/audiences/static/widget/ 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://epiphany.masterworks.com/audiences/static/widget/audience-manager.api.min.js
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.76.202.94 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c8da6a11dbebdd2d4bbddf7c1545babd59ad8a60791afcfe460022d081d4fe2b

Request headers

Referer
https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 11 Dec 2020 00:04:12 GMT
content-encoding
gzip
last-modified
Wed, 08 Jul 2020 13:00:59 GMT
etag
W/"5f05c38b-6611"
transfer-encoding
chunked
content-type
application/javascript
/
p1.zemanta.com/p/8045/8519/ 		26 B
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.zemanta.com/p/8045/8519/
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.209.93.168 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
168.93.209.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 11 Dec 2020 00:04:12 GMT
via
1.1 google
server
Google Frontend
content-type
image/gif
x-cloud-trace-context
a787e23b27a48323ec92e39429dd91c8
x-robots-tag
none
alt-svc
clear
content-length
26
774787549759242
connect.facebook.net/signals/config/ 		238 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/774787549759242?v=2.9.30&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
df6cd98885d6e6798fc6aaf32cbf25df0e6e2328dcb5eb8705c68a641aceac21
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
70152
x-xss-protection
0
pragma
public
x-fb-debug
ZTFLMSCYblJSOerIp+1wI2MGl6w7cGWSfxDfr5KdxdauiHEu06xLDCOUhr8zhHeo4blxPKDTMLDhoACJTP37Lw==
x-fb-trip-id
603378373
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Fri, 11 Dec 2020 00:04:11 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-content-id
221813782
expires
Sat, 01 Jan 2000 00:00:00 GMT
734814240055581
connect.facebook.net/signals/config/ 		239 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/734814240055581?v=2.9.30&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a287675e5011e003b2fefa58aa65af51828bb90d655698852887fe8395562984
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
70366
x-xss-protection
0
pragma
public
x-fb-debug
YdPxJsY3s0BP5dvVd6AcZqXxrng7tJbkoscTQQVfhgcGp5FcVIgJl8/C2E4GpDEw7BGmbEsSssFvPRoapKOoWQ==
x-fb-trip-id
603378373
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Fri, 11 Dec 2020 00:04:11 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-content-id
1658638324
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
212 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=774787549759242&ev=PageView&dl=https%3A%2F%2Fncose.salsalabs.org%2Fyearend2020%2Findex.html%3FeType%3DEmailBlastContent%26eId%3De6b212c7-1d61-4aab-9c2c-26c5b5808cd4&rl=&if=false&ts=1607645051891&sw=1600&sh=1200&v=2.9.30&r=stable&ec=0&o=30&fbp=fb.1.1607645051889.774618182&it=1607645051832&coo=false&rqm=GET
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 11 Dec 2020 00:04:11 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Fri, 11 Dec 2020 00:04:11 GMT
/
www.facebook.com/tr/ 		44 B
212 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=734814240055581&ev=PageView&dl=https%3A%2F%2Fncose.salsalabs.org%2Fyearend2020%2Findex.html%3FeType%3DEmailBlastContent%26eId%3De6b212c7-1d61-4aab-9c2c-26c5b5808cd4&rl=&if=false&ts=1607645051893&sw=1600&sh=1200&v=2.9.30&r=stable&ec=0&o=30&fbp=fb.1.1607645051889.774618182&it=1607645051832&coo=false&rqm=GET
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 11 Dec 2020 00:04:11 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Fri, 11 Dec 2020 00:04:11 GMT
/
www.facebook.com/tr/ 		44 B
211 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=774787549759242&ev=ViewContent&dl=https%3A%2F%2Fncose.salsalabs.org%2Fyearend2020%2Findex.html%3FeType%3DEmailBlastContent%26eId%3De6b212c7-1d61-4aab-9c2c-26c5b5808cd4&rl=&if=false&ts=1607645051894&sw=1600&sh=1200&v=2.9.30&r=stable&ec=1&o=30&fbp=fb.1.1607645051889.774618182&it=1607645051832&coo=false&rqm=GET
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 11 Dec 2020 00:04:11 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Fri, 11 Dec 2020 00:04:11 GMT
/
www.facebook.com/tr/ 		44 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=734814240055581&ev=ViewContent&dl=https%3A%2F%2Fncose.salsalabs.org%2Fyearend2020%2Findex.html%3FeType%3DEmailBlastContent%26eId%3De6b212c7-1d61-4aab-9c2c-26c5b5808cd4&rl=&if=false&ts=1607645051895&sw=1600&sh=1200&v=2.9.30&r=stable&ec=1&o=30&fbp=fb.1.1607645051889.774618182&it=1607645051832&coo=false&rqm=GET
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 11 Dec 2020 00:04:11 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Fri, 11 Dec 2020 00:04:11 GMT
visit-data
in.hotjar.com/api/v2/client/sites/2031736/ 		178 B
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/2031736/visit-data?sv=7
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.42ad1fc945123a89c104.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.163.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-163-167.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd

Request headers

Referer
https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 11 Dec 2020 00:04:12 GMT
content-encoding
br
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/json
2031736
vc.hotjar.io/sessions/ 		0
256 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vc.hotjar.io/sessions/2031736?s=0.25&r=0.1299001030138811
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.42ad1fc945123a89c104.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.73.93 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 11 Dec 2020 00:04:12 GMT
via
1.1 38785d3727bf0cfa7ca4399bb481ee5a.cloudfront.net (CloudFront)
server
Python/3.7 aiohttp/3.5.4
x-amz-cf-pop
AMS1-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store
x-amz-cf-id
zV7TQgzgLiYhRY3tuR0lhVdmVzS4xoEiqBwGK-8N1JgUOfbNdcsA-w==
ppms.php
epiphany.masterworks.com/ 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epiphany.masterworks.com/ppms.php?action_name=NCOSE%20-%20Year%20End%202020&idsite=dd7318c3-5d0a-474e-9dea-4448632927a1&rec=1&r=738463&h=1&m=4&s=11&url=https%3A%2F%2Fncose.salsalabs.org%2Fyearend2020%2Findex.html%3FeType%3DEmailBlastContent%26eId%3De6b212c7-1d61-4aab-9c2c-26c5b5808cd4&_id=8219a151c3d4c488&_idts=1607645052&_idvc=1&_idn=0&_viewts=1607645052&send_image=1&cookie=1&res=1600x1200&gt_ms=292&pv_id=Jonjp3
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.76.202.94 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 11 Dec 2020 00:04:12 GMT
transfer-encoding
chunked
content-type
image/gif
/
a2.adform.net/Serving/TrackPoint/
Redirect Chain
  • https://a2.adform.net/Serving/TrackPoint/?pm=2181911&ADFdivider=%7C&ord=877123846161&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzdjEiOjAsInN2OCI6MCwic3Y5NyI6MH0&loc=https%3A%2F%2Fncose....
  • https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2181911&ADFdivider=%7C&ord=877123846161&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzdjEiOjAsInN2OCI6MCwic3Y5NyI6MH0&loc=https%3A%2F%2Fn...
741 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2181911&ADFdivider=%7C&ord=877123846161&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzdjEiOjAsInN2OCI6MCwic3Y5NyI6MH0&loc=https%3A%2F%2Fncose.salsalabs.org%2Fyearend2020%2Findex.html%3FeType%3DEmailBlastContent%26eId%3De6b212c7-1d61-4aab-9c2c-26c5b5808cd4
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
4adfaecf045c3e051899aee28fe51754fa919d82779c442d229596fb8bfb5201
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Dec 2020 00:04:12 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
618
expires
-1

Redirect headers

pragma
no-cache
date
Fri, 11 Dec 2020 00:04:12 GMT
server
nginx
location
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2181911&ADFdivider=%7C&ord=877123846161&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzdjEiOjAsInN2OCI6MCwic3Y5NyI6MH0&loc=https%3A%2F%2Fncose.salsalabs.org%2Fyearend2020%2Findex.html%3FeType%3DEmailBlastContent%26eId%3De6b212c7-1d61-4aab-9c2c-26c5b5808cd4
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
text/html; charset=utf-8
expires
-1
/
www.facebook.com/tr/ 		44 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=774787549759242&ev=Microdata&dl=https%3A%2F%2Fncose.salsalabs.org%2Fyearend2020%2Findex.html%3FeType%3DEmailBlastContent%26eId%3De6b212c7-1d61-4aab-9c2c-26c5b5808cd4&rl=&if=false&ts=1607645052394&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22NCOSE%20-%20Year%20End%202020%22%2C%22meta%3Adescription%22%3A%22THANK%20YOU%20FOR%20BEING%20A%20PART%20OF%20THE%20MOVEMENT%20TO%20DEFEND%20HUMAN%20DIGNITY!%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22National%20Center%20on%20Sexual%20Exploitation%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fncose.salsalabs.org%2Fyearend2020%2Findex.html%22%2C%22twitter%3Acard%22%3A%22summary%22%2C%22twitter%3Asite_name%22%3A%22National%20Center%20on%20Sexual%20Exploitation%22%2C%22twitter%3Aurl%22%3A%22https%3A%2F%2Fncose.salsalabs.org%2Fyearend2020%2Findex.html%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.30&r=stable&ec=2&o=30&fbp=fb.1.1607645051889.774618182&it=1607645051832&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 11 Dec 2020 00:04:12 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Fri, 11 Dec 2020 00:04:12 GMT
/
www.facebook.com/tr/ 		44 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=734814240055581&ev=Microdata&dl=https%3A%2F%2Fncose.salsalabs.org%2Fyearend2020%2Findex.html%3FeType%3DEmailBlastContent%26eId%3De6b212c7-1d61-4aab-9c2c-26c5b5808cd4&rl=&if=false&ts=1607645052396&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22NCOSE%20-%20Year%20End%202020%22%2C%22meta%3Adescription%22%3A%22THANK%20YOU%20FOR%20BEING%20A%20PART%20OF%20THE%20MOVEMENT%20TO%20DEFEND%20HUMAN%20DIGNITY!%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22National%20Center%20on%20Sexual%20Exploitation%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fncose.salsalabs.org%2Fyearend2020%2Findex.html%22%2C%22twitter%3Acard%22%3A%22summary%22%2C%22twitter%3Asite_name%22%3A%22National%20Center%20on%20Sexual%20Exploitation%22%2C%22twitter%3Aurl%22%3A%22https%3A%2F%2Fncose.salsalabs.org%2Fyearend2020%2Findex.html%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.30&r=stable&ec=2&o=30&fbp=fb.1.1607645051889.774618182&it=1607645051832&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 11 Dec 2020 00:04:12 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Fri, 11 Dec 2020 00:04:12 GMT
pixels
c1.adform.net/imatch/ Frame 8C70 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/imatch/pixels?uid=1576381261378037562&agencyId=5212&advertiserId=2079548&src=tp&rnd=612071
Requested by
Host: a2.adform.net
URL: https://a2.adform.net/Serving/TrackPoint/?pm=2181911&ADFdivider=%7C&ord=877123846161&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzdjEiOjAsInN2OCI6MCwic3Y5NyI6MH0&loc=https%3A%2F%2Fncose.salsalabs.org%2Fyearend2020%2Findex.html%3FeType%3DEmailBlastContent%26eId%3De6b212c7-1d61-4aab-9c2c-26c5b5808cd4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/imatch/pixels?uid=1576381261378037562&agencyId=5212&advertiserId=2079548&src=tp&rnd=612071
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
C=1; uid=1576381261378037562; CM=1|0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4

Response headers

server
nginx
date
Fri, 11 Dec 2020 00:04:12 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
CM14=1607731452_1607645052_1_Hu7u7u4e4e7u7u4REREeEREREREeERA; expires=Fri, 25 Dec 2020 00:04:12 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
/
track.adform.net/Serving/Cookie/ 		92 B
516 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/Cookie/?adfaction=getjs;adfcookname=uid
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
d68bca85dc3876388956ac5aa3c9694299ae4aa2b9ebd37790ced88933db919a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Dec 2020 00:04:14 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
201
expires
-1
formValidation.min.css
default.salsalabs.org/public/styles/ 		95 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://default.salsalabs.org/public/styles/formValidation.min.css
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/api/widget/fundraising/905e29ae-c76c-4e7e-a88a-dc0734b26a01?tId=id_905e29aec76c4e7ea88adc0734b26a01&eId=7fbac6f3-340e-491f-95af-f65d2d382244&eType=Page&lsi=sli-forms-styles_v02&bo=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.143.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-143-55.compute-1.amazonaws.com
Software
/
Resource Hash
1046664e470aa1ded3db426070d3dbc498a191153ffc52621638bf1e3bbafdcf
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; font-src https: data:; connect-src https:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 11 Dec 2020 00:04:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 09 Nov 2020 08:19:12 GMT
etag
W/"EKoHgLv6bwQEKoG9BftfqM--gzip"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/css
cache-control
max-age=3600,public
content-security-policy
block-all-mixed-content; default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; font-src https: data:; connect-src https:
accept-ranges
bytes
vary
Accept-Encoding, User-Agent
x-xss-protection
1
1d6e5c7e-c880-4498-8288-ae46e4a609ac.jpg
ncose.salsalabs.org/7fbac6f3-340e-491f-95af-f65d2d382244/ 		91 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ncose.salsalabs.org/7fbac6f3-340e-491f-95af-f65d2d382244/1d6e5c7e-c880-4498-8288-ae46e4a609ac.jpg
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.143.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-143-55.compute-1.amazonaws.com
Software
/
Resource Hash
0769703529154d3689106081fd6254bacd9357ae8a0a3ad5da6f2e682255d553
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; font-src https: data:; connect-src https:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 11 Dec 2020 00:04:15 GMT
x-content-type-options
nosniff
last-modified
Mon, 07 Dec 2020 21:43:12 GMT
etag
W/"lGUaYGKiHiQlGUbFF2L5JQ"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=3600,public
content-security-policy
block-all-mixed-content; default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; font-src https: data:; connect-src https:
accept-ranges
bytes
content-length
92976
x-xss-protection
1
7049254c-06e6-4a0e-99d4-e37dd5e1bf07
donate.salsalabs.org/api/transactions/gateway/ 		539 B
630 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://donate.salsalabs.org/api/transactions/gateway/7049254c-06e6-4a0e-99d4-e37dd5e1bf07
Requested by
Host: default.salsalabs.org
URL: https://default.salsalabs.org/public/scripts/script.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.143.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-143-55.compute-1.amazonaws.com
Software
/
Resource Hash
4da7ef778488009d9536f839a90a713bf37565c2072e8cf51a0a053ecdaac1c3

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 11 Dec 2020 00:04:16 GMT
content-encoding
gzip
vary
Accept-Encoding, User-Agent
content-type
application/json
access-control-allow-origin
https://ncose.salsalabs.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
409
sli-forms-styles_v02.css
default.salsalabs.org/public/styles/ 		135 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://default.salsalabs.org/public/styles/sli-forms-styles_v02.css
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/api/widget/fundraising/905e29ae-c76c-4e7e-a88a-dc0734b26a01?tId=id_905e29aec76c4e7ea88adc0734b26a01&eId=7fbac6f3-340e-491f-95af-f65d2d382244&eType=Page&lsi=sli-forms-styles_v02&bo=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.143.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-143-55.compute-1.amazonaws.com
Software
/
Resource Hash
c5cdb515536b077e08611884f36fdb72997b69423624393f93aace6bd3a56878
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; font-src https: data:; connect-src https:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 11 Dec 2020 00:04:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 06 Sep 2020 19:43:52 GMT
etag
W/"SUiv9BO5u/kSUiugHdJ54k--gzip"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/css
cache-control
max-age=3600,public
content-security-policy
block-all-mixed-content; default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; font-src https: data:; connect-src https:
accept-ranges
bytes
vary
Accept-Encoding, User-Agent
x-xss-protection
1
US
default.salsalabs.org/api/widget/stateProvinces/ 		2 KB
967 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://default.salsalabs.org/api/widget/stateProvinces/US
Requested by
Host: default.salsalabs.org
URL: https://default.salsalabs.org/public/scripts/script.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.143.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-143-55.compute-1.amazonaws.com
Software
/
Resource Hash
222fb8a7d2550729db6b265a13d5469073661125743e1ed74c7ab06a0874de12

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 11 Dec 2020 00:04:16 GMT
content-encoding
gzip
vary
Accept-Encoding, User-Agent
content-type
application/json
access-control-allow-origin
https://ncose.salsalabs.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
626
logo
default.salsalabs.org/api/organization/2c0fcfea-4537-46c5-a787-304d234f349b/ 		82 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://default.salsalabs.org/api/organization/2c0fcfea-4537-46c5-a787-304d234f349b/logo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.143.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-143-55.compute-1.amazonaws.com
Software
/
Resource Hash
705df67d4b89f172a529289e927aab567939aad95a67fba66a1f9c86dca60654

Request headers

Referer
https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 11 Dec 2020 00:04:15 GMT
cache-control
no-cache, no-store, must-revalidate
last-modified
Fri, 11 Dec 2020 00:03:57 GMT
content-type
image/png
719261.gif
hexagon-analytics.com/images/ 		43 B
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hexagon-analytics.com/images/719261.gif?bk=64d426901e&tm=4730&r=712349110&v=105&cs=UTF-8&h=ncose.salsalabs.org&l=en-US&S=639c0708dbf6ab6934b94b6a3d003794&uu=05a8859addb3b2015418a300a5408ea&t=NCOSE%20-%20Year%20End%202020&u=https%3A%2F%2Fncose.salsalabs.org%2Fyearend2020%2Findex.html%3FeType%3DEmailBlastContent%26eId%3De6b212c7-1d61-4aab-9c2c-26c5b5808cd4&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&nm=0&mh=d41d8cd98f00b204e9800998ecf8427e&np=0&ph=d41d8cd98f00b204e9800998ecf8427e&sh=1200&sw=1600&cd=24&p=Linux%20x86_64&to=-60&d=60&ce=true&tp=0&ol=true&pr=Gecko&ps=20030107&vd=Google%20Inc.&vs=&hc=16&je=false&ss=true&ls=true&in=true&db=false&tl=false&tr=false&ts=true&tb=false&ab=false&cf=d070d7f80ecae06d18d89fb70ca3f89e&z=z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.232.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
42.232.102.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Dec 2020 00:04:16 GMT
via
1.1 google
x-content-type-options
nosniff
server
nginx
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
clear
expires
Thu, 01 Jan 1970 00:00:00 GMT
css
fonts.googleapis.com/ 		38 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Vollkorn:400,400italic,700,700italic|Roboto:400,400italic,700,700italic|Cardo:400,400italic,700|Open+Sans:400,400italic,700,700italic|Droid+Sans:400,700|Josefin+Sans:400,400italic,700,700italic|Josefin+Slab:400,400italic,700,700italic|Oleo+Script:400,700|Cabin+Sketch:400,700|Lobster|Poiret+One&subset=latin,cyrillic
Requested by
Host: default.salsalabs.org
URL: https://default.salsalabs.org/public/styles/sli-forms-styles_v02.css
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
494f7d31dc8df0493ada04a2d9ee0e1b437b8277c475b53e41b0e7a7a9091fe7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://default.salsalabs.org/public/styles/sli-forms-styles_v02.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 10 Dec 2020 23:32:36 GMT
server
ESF
date
Fri, 11 Dec 2020 00:04:15 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 11 Dec 2020 00:04:15 GMT
formValidation.min.css
default.salsalabs.org/public/styles/ 		95 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://default.salsalabs.org/public/styles/formValidation.min.css
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.143.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-143-55.compute-1.amazonaws.com
Software
/
Resource Hash
1046664e470aa1ded3db426070d3dbc498a191153ffc52621638bf1e3bbafdcf
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; font-src https: data:; connect-src https:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 11 Dec 2020 00:04:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 09 Nov 2020 08:19:12 GMT
etag
W/"EKoHgLv6bwQEKoG9BftfqM--gzip"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/css
cache-control
max-age=3600,public
content-security-policy
block-all-mixed-content; default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; font-src https: data:; connect-src https:
accept-ranges
bytes
vary
Accept-Encoding, User-Agent
x-xss-protection
1
sli-forms-styles_v02.css
default.salsalabs.org/public/styles/ 		135 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://default.salsalabs.org/public/styles/sli-forms-styles_v02.css
Requested by
Host: ncose.salsalabs.org
URL: https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.143.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-143-55.compute-1.amazonaws.com
Software
/
Resource Hash
c5cdb515536b077e08611884f36fdb72997b69423624393f93aace6bd3a56878
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; font-src https: data:; connect-src https:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 11 Dec 2020 00:04:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 06 Sep 2020 19:43:52 GMT
etag
W/"SUiv9BO5u/kSUiugHdJ54k--gzip"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/css
cache-control
max-age=3600,public
content-security-policy
block-all-mixed-content; default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; font-src https: data:; connect-src https:
accept-ranges
bytes
vary
Accept-Encoding, User-Agent
x-xss-protection
1
truncated
/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dbdf14fa1d8f599d89c1b472fe8949c7a229ea42705c95b7a93f659e376b28f9

Request headers

Origin
https://ncose.salsalabs.org
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
application/x-font-ttf;charset=utf-8
fees
donate.salsalabs.org/api/transactions/ 		57 B
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://donate.salsalabs.org/api/transactions/fees
Requested by
Host: default.salsalabs.org
URL: https://default.salsalabs.org/public/scripts/script.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.143.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-143-55.compute-1.amazonaws.com
Software
/
Resource Hash
dd34406453d4fae13056d779f44eefa8153e1e90e90217d5acdb0df475578b64

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://ncose.salsalabs.org
date
Fri, 11 Dec 2020 00:04:16 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
57
content-type
application/json
fees
donate.salsalabs.org/api/transactions/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://donate.salsalabs.org/api/transactions/fees
Protocol
H2
Server
52.21.143.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-143-55.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ncose.salsalabs.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 11 Dec 2020 00:04:16 GMT
content-type
text/plain;charset=utf-8
content-length
13
access-control-allow-origin
https://ncose.salsalabs.org
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
GET,POST,OPTIONS,DELETE
access-control-allow-headers
authToken,apiKey,X-Requested-With,Content-Type,Accept,Origin
allow
POST, OPTIONS
cache-control
no-cache, no-store, must-revalidate
css
fonts.googleapis.com/ 		38 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Vollkorn:400,400italic,700,700italic|Roboto:400,400italic,700,700italic|Cardo:400,400italic,700|Open+Sans:400,400italic,700,700italic|Droid+Sans:400,700|Josefin+Sans:400,400italic,700,700italic|Josefin+Slab:400,400italic,700,700italic|Oleo+Script:400,700|Cabin+Sketch:400,700|Lobster|Poiret+One&subset=latin,cyrillic
Requested by
Host: default.salsalabs.org
URL: https://default.salsalabs.org/public/styles/sli-forms-styles_v02.css
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
494f7d31dc8df0493ada04a2d9ee0e1b437b8277c475b53e41b0e7a7a9091fe7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://default.salsalabs.org/public/styles/sli-forms-styles_v02.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 10 Dec 2020 23:33:21 GMT
server
ESF
date
Fri, 11 Dec 2020 00:04:16 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 11 Dec 2020 00:04:16 GMT
ppms.php
epiphany.masterworks.com/ 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epiphany.masterworks.com/ppms.php?e_c=adform%20uid&e_a=adform%20uid&e_n=1576381261378037562&e_v=0&idsite=dd7318c3-5d0a-474e-9dea-4448632927a1&rec=1&r=857317&h=1&m=4&s=16&url=https%3A%2F%2Fncose.salsalabs.org%2Fyearend2020%2Findex.html%3FeType%3DEmailBlastContent%26eId%3De6b212c7-1d61-4aab-9c2c-26c5b5808cd4&_id=8219a151c3d4c488&_idts=1607645052&_idvc=1&_idn=0&_viewts=1607645052&send_image=1&cookie=1&res=1600x1200&dimension4=1576381261378037562&gt_ms=292&pv_id=Jonjp3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.76.202.94 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ncose.salsalabs.org/yearend2020/index.html?eType=EmailBlastContent&eId=e6b212c7-1d61-4aab-9c2c-26c5b5808cd4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 11 Dec 2020 00:04:16 GMT
transfer-encoding
chunked
content-type
image/gif

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| dataLayer object| google_tag_manager function| hj object| _hjSettings object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| $ function| jQuery object| ppms object| _igRXSJRyswFJ function| validateCCName function| applyDynamicAmounts function| updateAmountButtonAttributes function| copyStyles function| cloneAndAddAmountButton function| processToken string| src object| s object| widgetRefs object| google_optimize object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| _sift function| __siftFlashCB undefined| Sift object| PluginDetect object| FormValidation object| Loadgo function| iFrameResize object| IGNITE object| jQuery111307286918353725247 object| WePay object| shadow$provide object| closure_lm_319846 object| doublethedonation string| SYNC_EVENT string| ONCE_PER_PAGE_VIEW_ACTION string| ONCE_PER_SESSION_ACTION string| VARIABLE_NAME string| COOKIE_PREFIX string| GLOBAL_CONFIG_NAME function| ppmsWebStorage object| sevenTag object| _paq string| thisURL function| fbq function| _fbq object| _adftrack object| Piwik object| AnalyticsTracker function| piwik_log object| Adform object| KJUR object| adf function| sliGoogInit object| params object| param object| request

25 Cookies

Domain/Path Name / Value
.digitru.st/ Name: DigiTrust.v1.identity
Value: eyJpZCI6Ijg1YzE5ekJMaU00PSIsInZlcnNpb24iOjIsInByb2R1Y2VyIjoiMUNyc2RVTkFvNiIsInByaXZhY3kiOnsib3B0b3V0IjpmYWxzZX19
.adform.net/ Name: C
Value: 1
ncose.salsalabs.org/ Name: _hjIncludedInPageviewSample
Value: 1
.salsalabs.org/ Name: _hjFirstSeen
Value: 1
.adform.net/ Name: CM14
Value: 1607731452_1607645052_1_Hu7u7u4e4e7u7u4REREeEREREREeERA
.salsalabs.org/ Name: _hjid
Value: 15c30adc-6d22-419c-af4f-71d9942adf53
.salsalabs.org/ Name: _fbp
Value: fb.1.1607645051889.774618182
.adform.net/ Name: uid
Value: 1576381261378037562
.salsalabs.org/ Name: _gat_UA-37619964-8
Value: 1
ncose.salsalabs.org/ Name: _pk_id.dd7318c3-5d0a-474e-9dea-4448632927a1.583a
Value: 8219a151c3d4c488.1607645052.1.1607645052.1607645052.
ncose.salsalabs.org/ Name: stg_externalReferrer
Value:
.salsalabs.org/ Name: _gid
Value: GA1.2.1968530293.1607645051
.salsalabs.org/ Name: _hjAbsoluteSessionInProgress
Value: 1
ncose.salsalabs.org/ Name: stg_returning_visitor
Value: Fri%2C%2011%20Dec%202020%2000:04:11%20GMT
.adform.net/ Name: DigiTrust.v1.identity
Value: eyJpZCI6IkExT1gwSGVCMmQ2VUFIclVKUEVpV044bG0vL2tic21RbnBFRWRYblhlc1Jza1h3enA1L0RkZlUzWmhmSmhzOGxyVndEUEg2K0NmbU1aNFJLOWlnODJ5M2cvczF3dXJwRHJ1ZEluY0RBOU5MRzI4S20vcitvbkVTbnRQUzdtZjFEQjZxUmNYYnkvR3F5OWFiUVBaZzByMUJ5VHMwTTlJNlQwajRhS21Fc1JudzBhWThmSmhEY1g4ZkhrV3M5a2I3bHZQOUtFeWh4TGJmakEwQnBYTjhUV2llVVBueGpIaEV6Z0VUaTJESCs3Qkp1NW1YQWJrMnhEbEd0TjA3MjJJRmc5WFFqa3BuOWVja25kUTl5N2ZoSkY5Q3RXZzNZL01mTlZPRm1kNkNUYVZrRU13SXZ0SVJVVVBHSjRZMlVMbnd0UjA0UkRuc01scHNUNGVmTzFFYlhzUT09IiwidmVyc2lvbiI6MiwicHJvZHVjZXIiOiIxQ3JzZFVOQW82IiwicHJpdmFjeSI6eyJvcHRvdXQiOmZhbHNlfSwia2V5diI6NH0%3D
.salsalabs.org/ Name: _gat_UA-37619964-10
Value: 1
.salsalabs.org/ Name: ignite_tr_url
Value: 2d7e76ac-f270-4d92-a513-d2658e00bf4c
ncose.salsalabs.org/ Name: stg_last_interaction
Value: Fri%2C%2011%20Dec%202020%2000:04:11%20GMT
ncose.salsalabs.org/ Name: stg_traffic_source_priority
Value: 1
.salsalabs.org/ Name: _ga
Value: GA1.2.1657264048.1607645051
.salsalabs.org/ Name: ignite_uiid
Value: 6870cd8d-1dde-4596-b71b-1b364132d1b4
.salsalabs.org/ Name: _hjTLDTest
Value: 1
.salsalabs.org/ Name: ignite_tr
Value: e09a3b7a-4da8-469c-91c3-d08984a58245
.adform.net/ Name: CM
Value: 1|0
ncose.salsalabs.org/ Name: _pk_ses.dd7318c3-5d0a-474e-9dea-4448632927a1.583a
Value: *

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy block-all-mixed-content; default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; font-src https: data:; connect-src https:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a2.adform.net
ajax.googleapis.com
c1.adform.net
cdn.siftscience.com
code.jquery.com
connect.facebook.net
default.salsalabs.org
donate.salsalabs.org
doublethedonation.com
epiphany.masterworks.com
fonts.googleapis.com
hexagon-analytics.com
in.hotjar.com
ncose.salsalabs.org
p1.zemanta.com
s2.adform.net
script.hotjar.com
static.hotjar.com
static.wepay.com
stats.g.doubleclick.net
track.adform.net
vars.hotjar.com
vc.hotjar.io
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
13.227.234.129
130.211.164.108
185.167.164.39
2001:4de0:ac19::1:b:2b
23.96.109.67
2a00:1450:4001:801::200a
2a00:1450:4001:808::2008
2a00:1450:4001:808::200a
2a00:1450:4001:81d::200a
2a00:1450:4001:820::200e
2a00:1450:400c:c00::9c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.102.232.42
34.96.67.224
35.209.93.168
37.157.2.235
37.157.2.237
37.157.5.73
40.76.202.94
52.18.163.167
52.21.143.55
65.9.73.36
65.9.73.87
65.9.73.93
0464f45b495a5aac8d0e6edd4cc000fef4d3f90187ba1a7b7faf39cf4087085f
0769703529154d3689106081fd6254bacd9357ae8a0a3ad5da6f2e682255d553
0ace1be8407473b81d5f58867ca7327dc6ee831b440a5e0d7221d303e2b3079e
1046664e470aa1ded3db426070d3dbc498a191153ffc52621638bf1e3bbafdcf
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
19b342601b5958e346ff2dd9d70b2918e442675987c08f0e749472efb5887620
1eb116eebdec1a3282c8d2b2e1e9da65fd55bbaea67e88af0b61059e6a0a1a68
222fb8a7d2550729db6b265a13d5469073661125743e1ed74c7ab06a0874de12
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3f4563efbc52fb808a3c641fedd030821b6eab2aea84276b4da8e52e183cf5ef
42f62127a5c147e150989e019d4253e105a3a3024f336a0755430432b65e7f99
494f7d31dc8df0493ada04a2d9ee0e1b437b8277c475b53e41b0e7a7a9091fe7
4adfaecf045c3e051899aee28fe51754fa919d82779c442d229596fb8bfb5201
4da7ef778488009d9536f839a90a713bf37565c2072e8cf51a0a053ecdaac1c3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd
6a593b7c943b5cfe137139c2dd71be330afef6e38803a8e358728b5fe5048685
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70398bd17871cee37879ce2ecdd712635159937d4e08c8d71ec3cc8a807e86ca
705df67d4b89f172a529289e927aab567939aad95a67fba66a1f9c86dca60654
713325fc37db97d0be0c672eacaa1ccbbe0e1543287b542ec3b2242f0a369f96
7921df86278b7fa9be0cbd78d9990071763ec4e9e88aaff2c3d466723090b8ae
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
95d5b67a78f81f3c071b01f888c9a468c13c8288597b64c99ff829e35b51a012
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a287675e5011e003b2fefa58aa65af51828bb90d655698852887fe8395562984
a517ce165cec355f388de21681399c92c490da89836004ee99bf8af7e8811424
a5dabe8694defff7761877d38bfd931a20ff6f62ca06de76c56d94f10eb048a5
ab710759404ab10c6870a175ed9ddf60122c0d3470ffe4ba737f6a4025684dc6
c32fc622d8c4729da29665b330c5b9de974c910f082c25aeba523124ed121675
c5cdb515536b077e08611884f36fdb72997b69423624393f93aace6bd3a56878
c7ef2d14e150b9ce75b593bc5e56406a13d9fdfa3226934638d4a0069db99f9e
c8da6a11dbebdd2d4bbddf7c1545babd59ad8a60791afcfe460022d081d4fe2b
d4762bbdf73408777dc886ffe61d98654a39456cc19284fcec395a56c54518e1
d68bca85dc3876388956ac5aa3c9694299ae4aa2b9ebd37790ced88933db919a
dbdf14fa1d8f599d89c1b472fe8949c7a229ea42705c95b7a93f659e376b28f9
dd34406453d4fae13056d779f44eefa8153e1e90e90217d5acdb0df475578b64
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
deb773e606605d32bdde08987d595a6c2d6a5db01b946215c5bd86e6998bf03e
df6cd98885d6e6798fc6aaf32cbf25df0e6e2328dcb5eb8705c68a641aceac21
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b