Submitted URL: http://campaigns.freedomunited.org/q/VLjJH_40r6Eh0X79wMjH0TiIhuOM0ANeVnyZcOJZ2LVlcnQudmFuaGVlc0A0Z3Jvd3RoLmJlw4glLz1mmoucqEg-ICQ6GX...
Effective URL: https://endchildslavery.funraise.org/?trk_msg=SSO6JRAT3V24PFR2894JH905UO&trk_contact=7F2ONTPN5PQQUDL1OMAGKTRG1C&trk_sid=QMJL79GC1L5K7...
Submission: On May 29 via api from BE

Summary

This website contacted 13 IPs in 3 countries across 14 domains to perform 44 HTTP transactions. The main IP is 54.230.93.98, located in Seattle, United States and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is endchildslavery.funraise.org.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on June 29th 2017. Valid for: 3 years.
This is the only time endchildslavery.funraise.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 142.0.93.10 394396 (LISTRAK-AS1)
7 54.230.93.98 16509 (AMAZON-02)
10 2600:9000:200... 16509 (AMAZON-02)
8 2600:9000:200... 16509 (AMAZON-02)
3 151.101.2.182 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:200... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 6 2a00:1450:400... 15169 (GOOGLE)
2 52.216.230.43 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 209.197.3.15 20446 (HIGHWINDS3)
44 13
Domain Requested by
18 assets.funraise.io endchildslavery.funraise.org
assets.funraise.io
7 endchildslavery.funraise.org assets.funraise.io
6 www.google-analytics.com 1 redirects endchildslavery.funraise.org
3 core.spreedly.com assets.funraise.io
core.spreedly.com
2 fonts.gstatic.com endchildslavery.funraise.org
2 funraise-platform.s3.amazonaws.com endchildslavery.funraise.org
2 fonts.googleapis.com assets.funraise.io
2 deru1uwy27a9u.cloudfront.net assets.funraise.io
1 maxcdn.bootstrapcdn.com endchildslavery.funraise.org
1 www.google.de endchildslavery.funraise.org
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 www.youtube.com assets.funraise.io
1 campaigns.freedomunited.org 1 redirects
44 14

This site contains links to these domains. Also see Links.

Domain
www.freedomunited.org
www.facebook.com
twitter.com
funraise.io
Subject Issuer Validity Valid
*.funraise.org
Go Daddy Secure Certificate Authority - G2
2017-06-29 -
2020-09-23
3 years crt.sh
assets.funraise.io
Amazon
2018-12-06 -
2020-01-06
a year crt.sh
*.spreedly.com
COMODO RSA Domain Validation Secure Server CA
2016-10-20 -
2019-12-19
3 years crt.sh
*.google.com
Google Internet Authority G3
2019-05-07 -
2019-07-30
3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2
2018-10-08 -
2019-10-09
a year crt.sh
*.googleapis.com
Google Internet Authority G3
2019-05-07 -
2019-07-30
3 months crt.sh
*.google-analytics.com
Google Internet Authority G3
2019-05-07 -
2019-07-30
3 months crt.sh
*.s3.amazonaws.com
DigiCert Baltimore CA-2 G2
2018-11-07 -
2020-02-07
a year crt.sh
www.google.de
Google Internet Authority G3
2019-05-07 -
2019-07-30
3 months crt.sh
*.bootstrapcdn.com
COMODO RSA Domain Validation Secure Server CA
2018-10-03 -
2019-10-12
a year crt.sh

This page contains 4 frames:

Primary Page: https://endchildslavery.funraise.org/?trk_msg=SSO6JRAT3V24PFR2894JH905UO&trk_contact=7F2ONTPN5PQQUDL1OMAGKTRG1C&trk_sid=QMJL79GC1L5K78FI47VC8S9SH4&utm_source=Listrak&utm_medium=email&utm_term=While+this+is+progress%2c+our%26nbsp%3bfight+is+not+over&utm_campaign=Giving+Day+May+2019&utm_content=Email+4
Frame ID: 6505D7677D6359FCCEAEB478BC8D5296
Requests: 45 HTTP requests in this frame

Frame: https://www.youtube.com/embed/14GwbsBjadg
Frame ID: BBC6F650520248AA4E34FAF8FBB5C9BD
Requests: 1 HTTP requests in this frame

Frame: https://core.spreedly.com/v1/embedded/number-frame.html?v=1.21
Frame ID: 9EEAD6B1577DA6E4764F3049813594F7
Requests: 1 HTTP requests in this frame

Frame: https://core.spreedly.com/v1/embedded/cvv-frame.html?v=1.21
Frame ID: 52A1396089702ACF5ADE60752DED1C56
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://campaigns.freedomunited.org/q/VLjJH_40r6Eh0X79wMjH0TiIhuOM0ANeVnyZcOJZ2LVlcnQudmFuaGVlc0A0Z3Jvd3RoLmJlw4... HTTP 302
    https://endchildslavery.funraise.org/?trk_msg=SSO6JRAT3V24PFR2894JH905UO&trk_contact=7F2ONTPN5PQQUDL1OMAGKTRG1C&t... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /AmazonS3/i

Overall confidence: 100%
Detected patterns
  • env /^gaGlobal$/i

Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i

Page Statistics

44
Requests

100 %
HTTPS

67 %
IPv6

14
Domains

14
Subdomains

13
IPs

3
Countries

3120 kB
Transfer

7855 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://campaigns.freedomunited.org/q/VLjJH_40r6Eh0X79wMjH0TiIhuOM0ANeVnyZcOJZ2LVlcnQudmFuaGVlc0A0Z3Jvd3RoLmJlw4glLz1mmoucqEg-ICQ6GXJJ5a79w HTTP 302
    https://endchildslavery.funraise.org/?trk_msg=SSO6JRAT3V24PFR2894JH905UO&trk_contact=7F2ONTPN5PQQUDL1OMAGKTRG1C&trk_sid=QMJL79GC1L5K78FI47VC8S9SH4&utm_source=Listrak&utm_medium=email&utm_term=While+this+is+progress%2c+our%26nbsp%3bfight+is+not+over&utm_campaign=Giving+Day+May+2019&utm_content=Email+4 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26
  • https://www.google-analytics.com/r/collect?v=1&_v=j76&a=810811563&t=pageview&_s=1&dl=https%3A%2F%2Fendchildslavery.funraise.org%2F%3Ftrk_msg%3DSSO6JRAT3V24PFR2894JH905UO%26trk_contact%3D7F2ONTPN5PQQUDL1OMAGKTRG1C%26trk_sid%3DQMJL79GC1L5K78FI47VC8S9SH4%26utm_source%3DListrak%26utm_medium%3Demail%26utm_term%3DWhile%2Bthis%2Bis%2Bprogress%252c%2Bour%2526nbsp%253bfight%2Bis%2Bnot%2Bover%26utm_campaign%3DGiving%2BDay%2BMay%2B2019%26utm_content%3DEmail%2B4&ul=en-us&de=UTF-8&dt=End%20Child%20Slavery&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=790843750&gjid=1907611357&cid=1195312753.1559093104&tid=UA-81133946-1&_gid=571912228.1559093104&_r=1&z=1762171951 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-81133946-1&cid=1195312753.1559093104&jid=790843750&_gid=571912228.1559093104&gjid=1907611357&_v=j76&z=1762171951 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-81133946-1&cid=1195312753.1559093104&jid=790843750&_v=j76&z=1762171951 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-81133946-1&cid=1195312753.1559093104&jid=790843750&_v=j76&z=1762171951&slf_rd=1&random=355833916

44 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
endchildslavery.funraise.org/
Redirect Chain
  • http://campaigns.freedomunited.org/q/VLjJH_40r6Eh0X79wMjH0TiIhuOM0ANeVnyZcOJZ2LVlcnQudmFuaGVlc0A0Z3Jvd3RoLmJlw4glLz1mmoucqEg-ICQ6GXJJ5a79w
  • https://endchildslavery.funraise.org/?trk_msg=SSO6JRAT3V24PFR2894JH905UO&trk_contact=7F2ONTPN5PQQUDL1OMAGKTRG1C&trk_sid=QMJL79GC1L5K78FI47VC8S9SH4&utm_source=Listrak&utm_medium=email&utm_term=While...
4 KB
4 KB
Document
General
Full URL
https://endchildslavery.funraise.org/?trk_msg=SSO6JRAT3V24PFR2894JH905UO&trk_contact=7F2ONTPN5PQQUDL1OMAGKTRG1C&trk_sid=QMJL79GC1L5K78FI47VC8S9SH4&utm_source=Listrak&utm_medium=email&utm_term=While+this+is+progress%2c+our%26nbsp%3bfight+is+not+over&utm_campaign=Giving+Day+May+2019&utm_content=Email+4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.93.98 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-93-98.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fab552c84a897963d39132cb31f770307afc0e08e43f65255ae7587a3a46ba0f

Request headers

:method
GET
:authority
endchildslavery.funraise.org
:scheme
https
:path
/?trk_msg=SSO6JRAT3V24PFR2894JH905UO&trk_contact=7F2ONTPN5PQQUDL1OMAGKTRG1C&trk_sid=QMJL79GC1L5K78FI47VC8S9SH4&utm_source=Listrak&utm_medium=email&utm_term=While+this+is+progress%2c+our%26nbsp%3bfight+is+not+over&utm_campaign=Giving+Day+May+2019&utm_content=Email+4
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
content-type
text/html
content-length
3697
date
Sun, 26 May 2019 23:09:03 GMT
last-modified
Tue, 21 May 2019 19:56:08 GMT
etag
"730a44e1e131d2d81dc698ad5580d6fc"
accept-ranges
bytes
server
AmazonS3
x-cache
RefreshHit from cloudfront
via
1.1 60a935292c9892b0b7f9e56f65af863a.cloudfront.net (CloudFront)
x-amz-cf-id
yWGqN8NvxqOij-V4TXaXR7yuIRqXYXK1gzKyxwiByEIK8HvH4UvXuA==

Redirect headers

Server
nginx/1.15.2
Date
Wed, 29 May 2019 01:25:01 GMT
Content-Type
text/html; charset=utf-8
Content-Length
446
Connection
keep-alive
Cache-Control
private
Location
https://endchildslavery.funraise.org/?trk_msg=SSO6JRAT3V24PFR2894JH905UO&trk_contact=7F2ONTPN5PQQUDL1OMAGKTRG1C&trk_sid=QMJL79GC1L5K78FI47VC8S9SH4&utm_source=Listrak&utm_medium=email&utm_term=While+this+is+progress%2c+our%26nbsp%3bfight+is+not+over&utm_campaign=Giving+Day+May+2019&utm_content=Email+4
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
campaign-site-lib.css
assets.funraise.io/assets/campaign-site/@funraise/
2 MB
1 MB
Stylesheet
General
Full URL
https://assets.funraise.io/assets/campaign-site/@funraise/campaign-site-lib.css
Requested by
Host: endchildslavery.funraise.org
URL: https://endchildslavery.funraise.org/?trk_msg=SSO6JRAT3V24PFR2894JH905UO&trk_contact=7F2ONTPN5PQQUDL1OMAGKTRG1C&trk_sid=QMJL79GC1L5K78FI47VC8S9SH4&utm_source=Listrak&utm_medium=email&utm_term=While+this+is+progress%2c+our%26nbsp%3bfight+is+not+over&utm_campaign=Giving+Day+May+2019&utm_content=Email+4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:9200:b:201e:bc0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4626c7e1f5b3e499e37a344c7fd94cea9bd06e5fcab23d7be5e98bb2e5bc2c4b

Request headers

Referer
https://endchildslavery.funraise.org/?trk_msg=SSO6JRAT3V24PFR2894JH905UO&trk_contact=7F2ONTPN5PQQUDL1OMAGKTRG1C&trk_sid=QMJL79GC1L5K78FI47VC8S9SH4&utm_source=Listrak&utm_medium=email&utm_term=While+this+is+progress%2c+our%26nbsp%3bfight+is+not+over&utm_campaign=Giving+Day+May+2019&utm_content=Email+4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 24 May 2019 05:13:20 GMT
content-encoding
gzip
last-modified
Thu, 23 May 2019 21:06:44 GMT
server
AmazonS3
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/css
status
200
x-amz-cf-id
28fr6lERlpv_aSkV3beU-aHMZsJlyqXKVdLVMt4Y3_16TbBP-l0MUw==
via
1.1 6558236a06004e2e5ed43d07e2124e70.cloudfront.net (CloudFront)
campaign-site.css
assets.funraise.io/assets/campaign-site/@funraise/
61 KB
12 KB
Stylesheet
General
Full URL
https://assets.funraise.io/assets/campaign-site/@funraise/campaign-site.css
Requested by
Host: endchildslavery.funraise.org
URL: https://endchildslavery.funraise.org/?trk_msg=SSO6JRAT3V24PFR2894JH905UO&trk_contact=7F2ONTPN5PQQUDL1OMAGKTRG1C&trk_sid=QMJL79GC1L5K78FI47VC8S9SH4&utm_source=Listrak&utm_medium=email&utm_term=While+this+is+progress%2c+our%26nbsp%3bfight+is+not+over&utm_campaign=Giving+Day+May+2019&utm_content=Email+4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:9200:b:201e:bc0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
52600c20059d59f96365b4eba7cef9d5424978787c75e33a5bd88963cbf1e5f1

Request headers

Referer
https://endchildslavery.funraise.org/?trk_msg=SSO6JRAT3V24PFR2894JH905UO&trk_contact=7F2ONTPN5PQQUDL1OMAGKTRG1C&trk_sid=QMJL79GC1L5K78FI47VC8S9SH4&utm_source=Listrak&utm_medium=email&utm_term=While+this+is+progress%2c+our%26nbsp%3bfight+is+not+over&utm_campaign=Giving+Day+May+2019&utm_content=Email+4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 24 May 2019 05:13:20 GMT
content-encoding
gzip
last-modified
Thu, 23 May 2019 21:06:43 GMT
server
AmazonS3
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/css
status
200
x-amz-cf-id
l3JNpvyZmNUJeYKQR0Md9r7Q0ykLgfX_iMVWJkTHoixXncqJ6yjUVw==
via
1.1 6558236a06004e2e5ed43d07e2124e70.cloudfront.net (CloudFront)
campaign-site.js
assets.funraise.io/assets/campaign-site/@funraise/
4 MB
1 MB
Script
General
Full URL
https://assets.funraise.io/assets/campaign-site/@funraise/campaign-site.js
Requested by
Host: endchildslavery.funraise.org
URL: https://endchildslavery.funraise.org/?trk_msg=SSO6JRAT3V24PFR2894JH905UO&trk_contact=7F2ONTPN5PQQUDL1OMAGKTRG1C&trk_sid=QMJL79GC1L5K78FI47VC8S9SH4&utm_source=Listrak&utm_medium=email&utm_term=While+this+is+progress%2c+our%26nbsp%3bfight+is+not+over&utm_campaign=Giving+Day+May+2019&utm_content=Email+4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:9200:b:201e:bc0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
54f9e5e0290407df461296313135a79071ab0bed05cf1482c5e6cda36e85f8d0

Request headers

Referer
https://endchildslavery.funraise.org/?trk_msg=SSO6JRAT3V24PFR2894JH905UO&trk_contact=7F2ONTPN5PQQUDL1OMAGKTRG1C&trk_sid=QMJL79GC1L5K78FI47VC8S9SH4&utm_source=Listrak&utm_medium=email&utm_term=While+this+is+progress%2c+our%26nbsp%3bfight+is+not+over&utm_campaign=Giving+Day+May+2019&utm_content=Email+4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 24 May 2019 14:58:52 GMT
content-encoding
gzip
last-modified
Thu, 23 May 2019 21:06:45 GMT
server
AmazonS3
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
status
200
x-amz-cf-id
YXRPLQrH-6ZacLjv1Q6Kd11oA9bbue-EVatgoZx6-CcB_AT_4UqX-w==
via
1.1 6558236a06004e2e5ed43d07e2124e70.cloudfront.net (CloudFront)
funraise.min.js
assets.funraise.io/widget/common/1.3/
59 KB
14 KB
Script
General
Full URL
https://assets.funraise.io/widget/common/1.3/funraise.min.js
Requested by
Host: endchildslavery.funraise.org
URL: https://endchildslavery.funraise.org/?trk_msg=SSO6JRAT3V24PFR2894JH905UO&trk_contact=7F2ONTPN5PQQUDL1OMAGKTRG1C&trk_sid=QMJL79GC1L5K78FI47VC8S9SH4&utm_source=Listrak&utm_medium=email&utm_term=While+this+is+progress%2c+our%26nbsp%3bfight+is+not+over&utm_campaign=Giving+Day+May+2019&utm_content=Email+4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:9200:b:201e:bc0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
860e6f1c60ae39569492c960c27053e697a8d6af15ae25119dda50ba1b0b38b3

Request headers

Referer
https://endchildslavery.funraise.org/?trk_msg=SSO6JRAT3V24PFR2894JH905UO&trk_contact=7F2ONTPN5PQQUDL1OMAGKTRG1C&trk_sid=QMJL79GC1L5K78FI47VC8S9SH4&utm_source=Listrak&utm_medium=email&utm_term=While+this+is+progress%2c+our%26nbsp%3bfight+is+not+over&utm_campaign=Giving+Day+May+2019&utm_content=Email+4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 14 May 2019 11:37:39 GMT
content-encoding
gzip
last-modified
Mon, 13 May 2019 23:48:03 GMT
server
AmazonS3
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/x-javascript
status
200
x-amz-cf-id
xG3B0_NQ-5eKOAAlYMmg0upAcUTihU7CRFj-fz1Cy-R6t0wUkYLwhw==
via
1.1 6558236a06004e2e5ed43d07e2124e70.cloudfront.net (CloudFront)
fontawesome-webfont.woff2
assets.funraise.io/lib/fonts/
0
0
Font
General
Full URL
https://assets.funraise.io/lib/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: endchildslavery.funraise.org
URL: https://endchildslavery.funraise.org/?trk_msg=SSO6JRAT3V24PFR2894JH905UO&trk_contact=7F2ONTPN5PQQUDL1OMAGKTRG1C&trk_sid=QMJL79GC1L5K78FI47VC8S9SH4&utm_source=Listrak&utm_medium=email&utm_term=While+this+is+progress%2c+our%26nbsp%3bfight+is+not+over&utm_campaign=Giving+Day+May+2019&utm_content=Email+4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:8200:b:201e:bc0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://assets.funraise.io/assets/campaign-site/@funraise/campaign-site.css
Origin
https://endchildslavery.funraise.org

Response headers

date
Wed, 29 May 2019 01:25:02 GMT
via
1.1 7b88ef0d81161ffd0111d52a2de2bd25.cloudfront.net (CloudFront)
server
AmazonS3
access-control-allow-origin
*
access-control-max-age
3000
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD
content-type
application/xml
status
403
x-cache
Error from cloudfront
x-amz-cf-id
0b4BJr43C5ERpGIcuIYJG9heE6qlc2KBTWgtKr84Dx6xHKd1Um2S5g==
site.1558468567412.json
endchildslavery.funraise.org/data/
38 KB
38 KB
XHR
General
Full URL
https://endchildslavery.funraise.org/data/site.1558468567412.json
Requested by
Host: assets.funraise.io
URL: https://assets.funraise.io/assets/campaign-site/@funraise/campaign-site.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.93.98 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-93-98.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
498b21b21e16cf12418507fcde07fb5e113742990cfdfdc3c8f9ec68d2e75621

Request headers

Accept
*/*
Referer
https://endchildslavery.funraise.org/?trk_msg=SSO6JRAT3V24PFR2894JH905UO&trk_contact=7F2ONTPN5PQQUDL1OMAGKTRG1C&trk_sid=QMJL79GC1L5K78FI47VC8S9SH4&utm_source=Listrak&utm_medium=email&utm_term=While+this+is+progress%2c+our%26nbsp%3bfight+is+not+over&utm_campaign=Giving+Day+May+2019&utm_content=Email+4
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 May 2019 01:25:04 GMT
via
1.1 60a935292c9892b0b7f9e56f65af863a.cloudfront.net (CloudFront)
last-modified
Tue, 21 May 2019 19:56:08 GMT
server
AmazonS3
etag
"ee1a64090d14d34caa9269276440af05"
x-cache
RefreshHit from cloudfront
content-type
application/octet-stream
status
200
accept-ranges
bytes
content-length
38928
x-amz-cf-id
WXUGWoDVDLO-CNPau78g1I2-S1XaQTipRCmCqJ4LY58RGfFbYUW6jg==
fontawesome-webfont.woff
assets.funraise.io/lib/fonts/
0
0
Font
General
Full URL
https://assets.funraise.io/lib/fonts/fontawesome-webfont.woff?v=4.6.3
Requested by
Host: endchildslavery.funraise.org
URL: https://endchildslavery.funraise.org/?trk_msg=SSO6JRAT3V24PFR2894JH905UO&trk_contact=7F2ONTPN5PQQUDL1OMAGKTRG1C&trk_sid=QMJL79GC1L5K78FI47VC8S9SH4&utm_source=Listrak&utm_medium=email&utm_term=While+this+is+progress%2c+our%26nbsp%3bfight+is+not+over&utm_campaign=Giving+Day+May+2019&utm_content=Email+4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:8200:b:201e:bc0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://assets.funraise.io/assets/campaign-site/@funraise/campaign-site.css
Origin
https://endchildslavery.funraise.org

Response headers

date
Wed, 29 May 2019 01:25:02 GMT
via
1.1 7b88ef0d81161ffd0111d52a2de2bd25.cloudfront.net (CloudFront)
server
AmazonS3
access-control-allow-origin
*
access-control-max-age
3000
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD
content-type
application/xml
status
403
x-cache
Error from cloudfront
x-amz-cf-id
Aen7Qo_SldLTxx-cwSXgS-R4tqXRlLhltcerqr9NS1J5Stu5NKjW7A==
iframe-v1.min.js
core.spreedly.com/iframe/
39 KB
40 KB
Script
General
Full URL
https://core.spreedly.com/iframe/iframe-v1.min.js
Requested by
Host: assets.funraise.io
URL: https://assets.funraise.io/widget/common/1.3/funraise.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.182 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
8391cea7568529c582e372e02863888171c1c80d6ff4f8504aa7e21da5ab1c29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

Referer
https://endchildslavery.funraise.org/?trk_msg=SSO6JRAT3V24PFR2894JH905UO&trk_contact=7F2ONTPN5PQQUDL1OMAGKTRG1C&trk_sid=QMJL79GC1L5K78FI47VC8S9SH4&utm_source=Listrak&utm_medium=email&utm_term=While+this+is+progress%2c+our%26nbsp%3bfight+is+not+over&utm_campaign=Giving+Day+May+2019&utm_content=Email+4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains;
via
1.1 varnish
age
0, 0
x-cache
MISS
status
200
date
Wed, 29 May 2019 01:25:03 GMT
content-length
40166
x-served-by
cache-hhn1531-HHN
last-modified
Wed, 15 May 2019 18:24:22 GMT
server
nginx
x-timer
S1559093103.366205,VS0,VE221
etag
"5cdc5956-9ce6"
content-type
application/javascript
cache-control
max-age=0, private, must-revalidate
accept-ranges
bytes, bytes, bytes
x-cache-hits
0
libs.js
assets.funraise.io/widget/common/1.3/js/
121 KB
40 KB
Script
General
Full URL
https://assets.funraise.io/widget/common/1.3/js/libs.js
Requested by
Host: assets.funraise.io
URL: https://assets.funraise.io/widget/common/1.3/funraise.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:9200:b:201e:bc0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
99d526317a8df25a32a6af5eea55c9f6c166d8f21f4dc12f00787c8b146d504a

Request headers

Referer
https://endchildslavery.funraise.org/?trk_msg=SSO6JRAT3V24PFR2894JH905UO&trk_contact=7F2ONTPN5PQQUDL1OMAGKTRG1C&trk_sid=QMJL79GC1L5K78FI47VC8S9SH4&utm_source=Listrak&utm_medium=email&utm_term=While+this+is+progress%2c+our%26nbsp%3bfight+is+not+over&utm_campaign=Giving+Day+May+2019&utm_content=Email+4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 May 2019 07:22:46 GMT
content-encoding
gzip
last-modified
Sat, 04 May 2019 18:19:11 GMT
server
AmazonS3
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/x-javascript
status
200
x-amz-cf-id
1UEesCEZrS6veD2_c_dGVYD6PdepdxQTLPNV0Xusifa9HA4IQbYCrw==
via
1.1 6558236a06004e2e5ed43d07e2124e70.cloudfront.net (CloudFront)
pagePosts.json
endchildslavery.funraise.org/data/
2 B
311 B
XHR
General
Full URL
https://endchildslavery.funraise.org/data/pagePosts.json
Requested by
Host: assets.funraise.io
URL: https://assets.funraise.io/assets/campaign-site/@funraise/campaign-site.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.93.98 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-93-98.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://endchildslavery.funraise.org/?trk_msg=SSO6JRAT3V24PFR2894JH905UO&trk_contact=7F2ONTPN5PQQUDL1OMAGKTRG1C&trk_sid=QMJL79GC1L5K78FI47VC8S9SH4&utm_source=Listrak&utm_medium=email&utm_term=While+this+is+progress%2c+our%26nbsp%3bfight+is+not+over&utm_campaign=Giving+Day+May+2019&utm_content=Email+4
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Wed, 29 May 2019 01:25:04 GMT
via
1.1 60a935292c9892b0b7f9e56f65af863a.cloudfront.net (CloudFront)
last-modified
Mon, 20 May 2019 20:59:31 GMT
server
AmazonS3
etag
"99914b932bd37a50b983c5e7c90ae93b"
x-cache
RefreshHit from cloudfront
content-type
application/octet-stream
status
200
accept-ranges
bytes
content-length
2
x-amz-cf-id
l6FpeBscqbXVqc-Y3l1_FgjUe7hABph3_t_uRhpDcESduP-HQDI_7g==
activity
endchildslavery.funraise.org/api/v1/public/campaignSite/page/ff4fb6cd-78f2-46c5-a2ee-aae5d991cc25/
4 KB
1 KB
XHR
General
Full URL
https://endchildslavery.funraise.org/api/v1/public/campaignSite/page/ff4fb6cd-78f2-46c5-a2ee-aae5d991cc25/activity
Requested by
Host: assets.funraise.io
URL: https://assets.funraise.io/assets/campaign-site/@funraise/campaign-site.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.93.98 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-93-98.fra2.r.cloudfront.net
Software
Cowboy /
Resource Hash
fa6cede5acf6be5fa6b474b95f74c94befeaecddb06eb523ab15d3348adfe836
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://endchildslavery.funraise.org/?trk_msg=SSO6JRAT3V24PFR2894JH905UO&trk_contact=7F2ONTPN5PQQUDL1OMAGKTRG1C&trk_sid=QMJL79GC1L5K78FI47VC8S9SH4&utm_source=Listrak&utm_medium=email&utm_term=While+this+is+progress%2c+our%26nbsp%3bfight+is+not+over&utm_campaign=Giving+Day+May+2019&utm_content=Email+4
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Wed, 29 May 2019 01:25:04 GMT
via
1.1 vegur, 1.1 60a935292c9892b0b7f9e56f65af863a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-cache
Miss from cloudfront
status
200
content-encoding
gzip
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
server
Cowboy
x-frame-options
DENY
allow
*
content-type
application/json
access-control-allow-origin
*
cache-control
public, s-maxage=120
x-request-time
112
x-amz-cf-id
lKK8Ym3iUKZMr222NbkzOoofIWf5cXuDcAySVjtqJEux_3Bmh-0EPg==
10
endchildslavery.funraise.org/api/v1/public/campaignSite/page/ff4fb6cd-78f2-46c5-a2ee-aae5d991cc25/top/donations/
3 KB
909 B
XHR
General
Full URL
https://endchildslavery.funraise.org/api/v1/public/campaignSite/page/ff4fb6cd-78f2-46c5-a2ee-aae5d991cc25/top/donations/10
Requested by
Host: assets.funraise.io
URL: https://assets.funraise.io/assets/campaign-site/@funraise/campaign-site.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.93.98 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-93-98.fra2.r.cloudfront.net
Software
Cowboy /
Resource Hash
9261320b4c11c361e030f11719ba612b9c756502355672047e39211b6c04a3a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://endchildslavery.funraise.org/?trk_msg=SSO6JRAT3V24PFR2894JH905UO&trk_contact=7F2ONTPN5PQQUDL1OMAGKTRG1C&trk_sid=QMJL79GC1L5K78FI47VC8S9SH4&utm_source=Listrak&utm_medium=email&utm_term=While+this+is+progress%2c+our%26nbsp%3bfight+is+not+over&utm_campaign=Giving+Day+May+2019&utm_content=Email+4
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Wed, 29 May 2019 01:25:04 GMT
via
1.1 vegur, 1.1 60a935292c9892b0b7f9e56f65af863a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-cache
Miss from cloudfront
status
200
content-encoding
gzip
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
server
Cowboy
x-frame-options
DENY
allow
*
content-type
application/json
access-control-allow-origin
*
cache-control
public, s-maxage=120
x-request-time
64
x-amz-cf-id
buN2RQnTSowTu9HSIfkx4gPMbW08peBR22XEPEEtnwsOFoMdctWAAA==
c958faa4-e833-4307-bc94-e8f7ed77b565
endchildslavery.funraise.org/api/v1/public/organization/
314 B
770 B
XHR
General
Full URL
https://endchildslavery.funraise.org/api/v1/public/organization/c958faa4-e833-4307-bc94-e8f7ed77b565
Requested by
Host: assets.funraise.io
URL: https://assets.funraise.io/assets/campaign-site/@funraise/campaign-site.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.93.98 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-93-98.fra2.r.cloudfront.net
Software
Cowboy /
Resource Hash
b74ae9ffa09860ef79035bc5621985e00354d3ac5d51ef5fca38353941db65ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://endchildslavery.funraise.org/?trk_msg=SSO6JRAT3V24PFR2894JH905UO&trk_contact=7F2ONTPN5PQQUDL1OMAGKTRG1C&trk_sid=QMJL79GC1L5K78FI47VC8S9SH4&utm_source=Listrak&utm_medium=email&utm_term=While+this+is+progress%2c+our%26nbsp%3bfight+is+not+over&utm_campaign=Giving+Day+May+2019&utm_content=Email+4
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Wed, 29 May 2019 01:25:04 GMT
via
1.1 vegur, 1.1 60a935292c9892b0b7f9e56f65af863a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-cache
Miss from cloudfront
status
200
content-length
314
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
server
Cowboy
x-frame-options
DENY
allow
*
content-type
application/json
access-control-allow-origin
*
cache-control
public, s-maxage=120
x-request-time
10
x-amz-cf-id
Xp8RDo3ERpfxPZQx5ns-iIrP4TpWjIEUmTxkefhaD90uqRuo0iNAqQ==
14GwbsBjadg
www.youtube.com/embed/ Frame BBC6
0
0
Document
General
Full URL
https://www.youtube.com/embed/14GwbsBjadg
Requested by
Host: assets.funraise.io
URL: https://assets.funraise.io/assets/campaign-site/@funraise/campaign-site.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/14GwbsBjadg
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://endchildslavery.funraise.org/?trk_msg=SSO6JRAT3V24PFR2894JH905UO&trk_contact=7F2ONTPN5PQQUDL1OMAGKTRG1C&trk_sid=QMJL79GC1L5K78FI47VC8S9SH4&utm_source=Listrak&utm_medium=email&utm_term=While+this+is+progress%2c+our%26nbsp%3bfight+is+not+over&utm_campaign=Giving+Day+May+2019&utm_content=Email+4
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://endchildslavery.funraise.org/?trk_msg=SSO6JRAT3V24PFR2894JH905UO&trk_contact=7F2ONTPN5PQQUDL1OMAGKTRG1C&trk_sid=QMJL79GC1L5K78FI47VC8S9SH4&utm_source=Listrak&utm_medium=email&utm_term=While+this+is+progress%2c+our%26nbsp%3bfight+is+not+over&utm_campaign=Giving+Day+May+2019&utm_content=Email+4

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache
strict-transport-security
max-age=31536000
expires
Tue, 27 Apr 1971 19:44:06 EST
content-encoding
br
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
date
Wed, 29 May 2019 01:25:03 GMT
server
YouTube Frontend Proxy
x-xss-protection
0
set-cookie
VISITOR_INFO1_LIVE=By63EyFDTpM; path=/; domain=.youtube.com; expires=Mon, 25-Nov-2019 01:25:03 GMT; httponly GPS=1; path=/; domain=.youtube.com; expires=Wed, 29-May-2019 01:55:03 GMT PREF=f1=50000000; path=/; domain=.youtube.com; expires=Mon, 27-Jan-2020 13:18:03 GMT VISITOR_INFO1_LIVE=By63EyFDTpM; path=/; domain=.youtube.com; expires=Mon, 25-Nov-2019 01:25:03 GMT; httponly YSC=49JGPmH20TE; path=/; domain=.youtube.com; httponly
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
companion-v1.0.1-min.css
deru1uwy27a9u.cloudfront.net/template-styles/
6 KB
6 KB
Stylesheet
General
Full URL
https://deru1uwy27a9u.cloudfront.net/template-styles/companion-v1.0.1-min.css
Requested by
Host: assets.funraise.io
URL: https://assets.funraise.io/assets/campaign-site/@funraise/campaign-site.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:e00:17:962e:7080:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx/1.13.6 /
Resource Hash
55af40838faa8e636b197f9a7a21cefd5f6b5a88d7d357c5b4d2f8610b8ce1f8

Request headers

Referer
https://endchildslavery.funraise.org/?trk_msg=SSO6JRAT3V24PFR2894JH905UO&trk_contact=7F2ONTPN5PQQUDL1OMAGKTRG1C&trk_sid=QMJL79GC1L5K78FI47VC8S9SH4&utm_source=Listrak&utm_medium=email&utm_term=While+this+is+progress%2c+our%26nbsp%3bfight+is+not+over&utm_campaign=Giving+Day+May+2019&utm_content=Email+4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 05 May 2019 05:32:50 GMT
via
1.1 8391f131e4acb30724947dab1f8592a5.cloudfront.net (CloudFront)
last-modified
Fri, 12 Oct 2018 17:53:59 GMT
server
nginx/1.13.6
access-control-allow-origin
https://codepen.io
etag
"462f3e9859e3f0f7eea800fcda703f58"
access-control-allow-methods
GET, OPTIONS
content-type
text/css
status
200
cache-control
public, must-revalidate, proxy-revalidate
x-cache
Hit from cloudfront
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
5685
x-amz-cf-id
U_c6teU4lmeYuYL-ABIno5QNqHjtK9uMYZvWzUn2Fn_FEt9-pEXZjg==
css
fonts.googleapis.com/
9 KB
837 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,400i,700,700i
Requested by
Host: assets.funraise.io
URL: https://assets.funraise.io/assets/campaign-site/@funraise/campaign-site.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
e0dfd654851f4736b141e1bf4798116a47c6d7c2cc4712e880a28d69a33f5930
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://endchildslavery.funraise.org/?trk_msg=SSO6JRAT3V24PFR2894JH905UO&trk_contact=7F2ONTPN5PQQUDL1OMAGKTRG1C&trk_sid=QMJL79GC1L5K78FI47VC8S9SH4&utm_source=Listrak&utm_medium=email&utm_term=While+this+is+progress%2c+our%26nbsp%3bfight+is+not+over&utm_campaign=Giving+Day+May+2019&utm_content=Email+4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 29 May 2019 01:25:03 GMT
server
ESF
access-control-allow-origin
*
date
Wed, 29 May 2019 01:25:03 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Wed, 29 May 2019 01:25:03 GMT
analytics.js
www.google-analytics.com/
43 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: endchildslavery.funraise.org
URL: https://endchildslavery.funraise.org/?trk_msg=SSO6JRAT3V24PFR2894JH905UO&trk_contact=7F2ONTPN5PQQUDL1OMAGKTRG1C&trk_sid=QMJL79GC1L5K78FI47VC8S9SH4&utm_source=Listrak&utm_medium=email&utm_term=While+this+is+progress%2c+our%26nbsp%3bfight+is+not+over&utm_campaign=Giving+Day+May+2019&utm_content=Email+4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://endchildslavery.funraise.org/?trk_msg=SSO6JRAT3V24PFR2894JH905UO&trk_contact=7F2ONTPN5PQQUDL1OMAGKTRG1C&trk_sid=QMJL79GC1L5K78FI47VC8S9SH4&utm_source=Listrak&utm_medium=email&utm_term=While+this+is+progress%2c+our%26nbsp%3bfight+is+not+over&utm_campaign=Giving+Day+May+2019&utm_content=Email+4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 21 May 2019 23:53:44 GMT
server
Golfe2
age
6750
date
Tue, 28 May 2019 23:32:33 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17595
expires
Wed, 29 May 2019 01:32:33 GMT
goal
endchildslavery.funraise.org/api/v1/public/campaignSite/page/ff4fb6cd-78f2-46c5-a2ee-aae5d991cc25/
166 B
624 B
XHR
General
Full URL
https://endchildslavery.funraise.org/api/v1/public/campaignSite/page/ff4fb6cd-78f2-46c5-a2ee-aae5d991cc25/goal
Requested by
Host: assets.funraise.io
URL: https://assets.funraise.io/assets/campaign-site/@funraise/campaign-site.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.93.98 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-93-98.fra2.r.cloudfront.net
Software
Cowboy /
Resource Hash
81630e34a545b5d59db4f6b7dc7ddf636f6a36a2387c93774d39c349a1d68c44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://endchildslavery.funraise.org/?trk_msg=SSO6JRAT3V24PFR2894JH905UO&trk_contact=7F2ONTPN5PQQUDL1OMAGKTRG1C&trk_sid=QMJL79GC1L5K78FI47VC8S9SH4&utm_source=Listrak&utm_medium=email&utm_term=While+this+is+progress%2c+our%26nbsp%3bfight+is+not+over&utm_campaign=Giving+Day+May+2019&utm_content=Email+4
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Wed, 29 May 2019 01:25:04 GMT
via
1.1 vegur, 1.1 60a935292c9892b0b7f9e56f65af863a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-cache
Miss from cloudfront
status
200
content-length
166
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
server
Cowboy
x-frame-options
DENY
allow
*
content-type
application/json
access-control-allow-origin
*
cache-control
public, s-maxage=120
x-request-time
10
x-amz-cf-id
BdPzMFlIXY_czzYOlBPK0cQYEXyoDHiBl6qZIMUJKgTegEHxN5FLEA==
8f5a2710559bcfaf4504a1e3e3dc052d0d6050fa.png
funraise-platform.s3.amazonaws.com/
20 KB
21 KB
Image
General
Full URL
https://funraise-platform.s3.amazonaws.com/8f5a2710559bcfaf4504a1e3e3dc052d0d6050fa.png
Requested by
Host: endchildslavery.funraise.org
URL: https://endchildslavery.funraise.org/?trk_msg=SSO6JRAT3V24PFR2894JH905UO&trk_contact=7F2ONTPN5PQQUDL1OMAGKTRG1C&trk_sid=QMJL79GC1L5K78FI47VC8S9SH4&utm_source=Listrak&utm_medium=email&utm_term=While+this+is+progress%2c+our%26nbsp%3bfight+is+not+over&utm_campaign=Giving+Day+May+2019&utm_content=Email+4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.230.43 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
68f5dadc66268517a6d7305f854825a14b114314ea3f0515e20328a40c31da25

Request headers

Referer
https://endchildslavery.funraise.org/?trk_msg=SSO6JRAT3V24PFR2894JH905UO&trk_contact=7F2ONTPN5PQQUDL1OMAGKTRG1C&trk_sid=QMJL79GC1L5K78FI47VC8S9SH4&utm_source=Listrak&utm_medium=email&utm_term=While+this+is+progress%2c+our%26nbsp%3bfight+is+not+over&utm_campaign=Giving+Day+May+2019&utm_content=Email+4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 29 May 2019 01:25:05 GMT
ETag
"624cbfcd5fb2c165bedebbe3936c0edc"
Last-Modified
Fri, 16 Nov 2018 17:30:25 GMT
Server
AmazonS3
x-amz-request-id
1A9F19175E966424
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
20600
x-amz-id-2
LIZdTtenvJX0qheOm3k2/DQ+6hyDdNGwqLEFS/93aHCaQj7hSWaxZrEUr3/4bui5P30vRCEIzCY=
d83b3127e5f00b5eca612113084be310d353841a.jpg
funraise-platform.s3.amazonaws.com/
334 KB
335 KB
Image
General
Full URL
https://funraise-platform.s3.amazonaws.com/d83b3127e5f00b5eca612113084be310d353841a.jpg
Requested by
Host: endchildslavery.funraise.org
URL: https://endchildslavery.funraise.org/?trk_msg=SSO6JRAT3V24PFR2894JH905UO&trk_contact=7F2ONTPN5PQQUDL1OMAGKTRG1C&trk_sid=QMJL79GC1L5K78FI47VC8S9SH4&utm_source=Listrak&utm_medium=email&utm_term=While+this+is+progress%2c+our%26nbsp%3bfight+is+not+over&utm_campaign=Giving+Day+May+2019&utm_content=Email+4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.230.43 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
3e865de28c54ca364a78614430460195fccee8de3a363a2239f68be8f68deae6

Request headers

Referer
https://endchildslavery.funraise.org/?trk_msg=SSO6JRAT3V24PFR2894JH905UO&trk_contact=7F2ONTPN5PQQUDL1OMAGKTRG1C&trk_sid=QMJL79GC1L5K78FI47VC8S9SH4&utm_source=Listrak&utm_medium=email&utm_term=While+this+is+progress%2c+our%26nbsp%3bfight+is+not+over&utm_campaign=Giving+Day+May+2019&utm_content=Email+4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 29 May 2019 01:25:05 GMT
ETag
"b8d0b89b44794e2ad69052a2a1b2829a"
Last-Modified
Mon, 20 May 2019 16:46:54 GMT
Server
AmazonS3
x-amz-request-id
C33BBF866EDC0EC8
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
342193
x-amz-id-2
jXcdQwD8HthmfPxbMgQisaLnCAjGddASl5l/B75gAw0sd0h5EPEVsIxPGhdYuWGnEKMitF8DZY4=
truncated
/
15 KB
15 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6309b0265edb8a409b1a120036a651230824b326e26a5f24eca1b9f544e2a42f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin
https://endchildslavery.funraise.org

Response headers

Content-Type
font/woff2
truncated
/
15 KB
15 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1d5b7c64458f4af91dcfee0354be47adde1f739b5aded03a7ab6068a1bb6ca97

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin
https://endchildslavery.funraise.org

Response headers

Content-Type
font/woff2
truncated
/
15 KB
15 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin
https://endchildslavery.funraise.org

Response headers

Content-Type
font/woff2
fontawesome-webfont.ttf
assets.funraise.io/lib/fonts/
0
0
Font
General
Full URL
https://assets.funraise.io/lib/fonts/fontawesome-webfont.ttf?v=4.6.3
Requested by
Host: endchildslavery.funraise.org
URL: https://endchildslavery.funraise.org/?trk_msg=SSO6JRAT3V24PFR2894JH905UO&trk_contact=7F2ONTPN5PQQUDL1OMAGKTRG1C&trk_sid=QMJL79GC1L5K78FI47VC8S9SH4&utm_source=Listrak&utm_medium=email&utm_term=While+this+is+progress%2c+our%26nbsp%3bfight+is+not+over&utm_campaign=Giving+Day+May+2019&utm_content=Email+4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:8200:b:201e:bc0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://assets.funraise.io/assets/campaign-site/@funraise/campaign-site.css
Origin
https://endchildslavery.funraise.org

Response headers

date
Wed, 29 May 2019 01:25:04 GMT
via
1.1 7b88ef0d81161ffd0111d52a2de2bd25.cloudfront.net (CloudFront)
server
AmazonS3
access-control-allow-origin
*
access-control-max-age
3000
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD
content-type
application/xml
status
403
x-cache
Error from cloudfront
x-amz-cf-id
YxXPyqgYBCzm5OsNIRL-ZCxbYfV5qN29l5dz-Tfh3kVyFO8KJ92lmg==
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v19/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v19/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: endchildslavery.funraise.org
URL: https://endchildslavery.funraise.org/?trk_msg=SSO6JRAT3V24PFR2894JH905UO&trk_contact=7F2ONTPN5PQQUDL1OMAGKTRG1C&trk_sid=QMJL79GC1L5K78FI47VC8S9SH4&utm_source=Listrak&utm_medium=email&utm_term=While+this+is+progress%2c+our%26nbsp%3bfight+is+not+over&utm_campaign=Giving+Day+May+2019&utm_content=Email+4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:400,400i,700,700i
Origin
https://endchildslavery.funraise.org

Response headers

date
Mon, 25 Mar 2019 20:20:11 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:14:03 GMT
server
sffe
age
5547892
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11020
x-xss-protection
1; mode=block
expires
Tue, 24 Mar 2020 20:20:11 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v19/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v19/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: endchildslavery.funraise.org
URL: https://endchildslavery.funraise.org/?trk_msg=SSO6JRAT3V24PFR2894JH905UO&trk_contact=7F2ONTPN5PQQUDL1OMAGKTRG1C&trk_sid=QMJL79GC1L5K78FI47VC8S9SH4&utm_source=Listrak&utm_medium=email&utm_term=While+this+is+progress%2c+our%26nbsp%3bfight+is+not+over&utm_campaign=Giving+Day+May+2019&utm_content=Email+4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:400,400i,700,700i
Origin
https://endchildslavery.funraise.org

Response headers

date
Mon, 25 Mar 2019 20:19:32 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:13:33 GMT
server
sffe
age
5547931
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11016
x-xss-protection
1; mode=block
expires
Tue, 24 Mar 2020 20:19:32 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j76&a=810811563&t=pageview&_s=1&dl=https%3A%2F%2Fendchildslavery.funraise.org%2F%3Ftrk_msg%3DSSO6JRAT3V24PFR2894JH905UO%26trk_contact%3D7F2ONTPN5PQ...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-81133946-1&cid=1195312753.1559093104&jid=790843750&_gid=571912228.1559093104&gjid=1907611357&_v=j76&z=1762171951
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-81133946-1&cid=1195312753.1559093104&jid=790843750&_v=j76&z=1762171951
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-81133946-1&cid=1195312753.1559093104&jid=790843750&_v=j76&z=1762171951&slf_rd=1&random=355833916
42 B
109 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-81133946-1&cid=1195312753.1559093104&jid=790843750&_v=j76&z=1762171951&slf_rd=1&random=355833916
Requested by
Host: endchildslavery.funraise.org
URL: https://endchildslavery.funraise.org/?trk_msg=SSO6JRAT3V24PFR2894JH905UO&trk_contact=7F2ONTPN5PQQUDL1OMAGKTRG1C&trk_sid=QMJL79GC1L5K78FI47VC8S9SH4&utm_source=Listrak&utm_medium=email&utm_term=While+this+is+progress%2c+our%26nbsp%3bfight+is+not+over&utm_campaign=Giving+Day+May+2019&utm_content=Email+4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://endchildslavery.funraise.org/?trk_msg=SSO6JRAT3V24PFR2894JH905UO&trk_contact=7F2ONTPN5PQQUDL1OMAGKTRG1C&trk_sid=QMJL79GC1L5K78FI47VC8S9SH4&utm_source=Listrak&utm_medium=email&utm_term=While+this+is+progress%2c+our%26nbsp%3bfight+is+not+over&utm_campaign=Giving+Day+May+2019&utm_content=Email+4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 May 2019 01:25:04 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 29 May 2019 01:25:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-81133946-1&cid=1195312753.1559093104&jid=790843750&_v=j76&z=1762171951&slf_rd=1&random=355833916
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
funraise.css
assets.funraise.io/widget/client/c958faa4-e833-4307-bc94-e8f7ed77b565/6968/1.3/
106 KB
20 KB
Stylesheet
General
Full URL
https://assets.funraise.io/widget/client/c958faa4-e833-4307-bc94-e8f7ed77b565/6968/1.3/funraise.css
Requested by
Host: assets.funraise.io
URL: https://assets.funraise.io/widget/common/1.3/js/libs.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:9200:b:201e:bc0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cfd1964278ccd1684fa9a0346c53d9bf16200fdc22d40af24ff19e4add1d3c6c

Request headers

Referer
https://endchildslavery.funraise.org/?trk_msg=SSO6JRAT3V24PFR2894JH905UO&trk_contact=7F2ONTPN5PQQUDL1OMAGKTRG1C&trk_sid=QMJL79GC1L5K78FI47VC8S9SH4&utm_source=Listrak&utm_medium=email&utm_term=While+this+is+progress%2c+our%26nbsp%3bfight+is+not+over&utm_campaign=Giving+Day+May+2019&utm_content=Email+4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 May 2019 01:25:05 GMT
content-encoding
gzip
last-modified
Mon, 20 May 2019 16:48:55 GMT
server
AmazonS3
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/css
status
200
x-amz-cf-id
ezJMGgzqsVzbEwNtq6rHXJbCmH1PkpRO8v7gQ3cuRuqWoM_KnirjuA==
via
1.1 6558236a06004e2e5ed43d07e2124e70.cloudfront.net (CloudFront)
widget-settings.json
assets.funraise.io/widget/client/c958faa4-e833-4307-bc94-e8f7ed77b565/6968/1.3/
0
376 B
XHR
General
Full URL
https://assets.funraise.io/widget/client/c958faa4-e833-4307-bc94-e8f7ed77b565/6968/1.3/widget-settings.json
Requested by
Host: assets.funraise.io
URL: https://assets.funraise.io/widget/common/1.3/js/libs.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:8200:b:201e:bc0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
GET
Origin
https://endchildslavery.funraise.org
Referer
https://endchildslavery.funraise.org/?trk_msg=SSO6JRAT3V24PFR2894JH905UO&trk_contact=7F2ONTPN5PQQUDL1OMAGKTRG1C&trk_sid=QMJL79GC1L5K78FI47VC8S9SH4&utm_source=Listrak&utm_medium=email&utm_term=While+this+is+progress%2c+our%26nbsp%3bfight+is+not+over&utm_campaign=Giving+Day+May+2019&utm_content=Email+4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

date
Wed, 29 May 2019 01:25:05 GMT
via
1.1 7b88ef0d81161ffd0111d52a2de2bd25.cloudfront.net (CloudFront)
server
AmazonS3
access-control-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD
status
200
access-control-max-age
3000
x-cache
Miss from cloudfront
access-control-allow-headers
content-type
content-length
0
x-amz-cf-id
o2pU7AqgtJsiPOoyiquAktLso7GOsAGLoRfkjNU3_gQnPyW_kWNiIQ==
companion-v1.0.1-min.css
deru1uwy27a9u.cloudfront.net/template-styles/
6 KB
6 KB
Stylesheet
General
Full URL
https://deru1uwy27a9u.cloudfront.net/template-styles/companion-v1.0.1-min.css
Requested by
Host: assets.funraise.io
URL: https://assets.funraise.io/assets/campaign-site/@funraise/campaign-site.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:e00:17:962e:7080:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx/1.13.6 /
Resource Hash
55af40838faa8e636b197f9a7a21cefd5f6b5a88d7d357c5b4d2f8610b8ce1f8

Request headers

Referer
https://endchildslavery.funraise.org/?trk_msg=SSO6JRAT3V24PFR2894JH905UO&trk_contact=7F2ONTPN5PQQUDL1OMAGKTRG1C&trk_sid=QMJL79GC1L5K78FI47VC8S9SH4&utm_source=Listrak&utm_medium=email&utm_term=While+this+is+progress%2c+our%26nbsp%3bfight+is+not+over&utm_campaign=Giving+Day+May+2019&utm_content=Email+4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 May 2019 01:25:03 GMT
via
1.1 8391f131e4acb30724947dab1f8592a5.cloudfront.net (CloudFront)
age
19014
x-cache
Hit from cloudfront
status
200
content-length
5685
pragma
public
last-modified
Fri, 12 Oct 2018 17:53:59 GMT
server
nginx/1.13.6
etag
"462f3e9859e3f0f7eea800fcda703f58"
access-control-allow-methods
GET, OPTIONS
content-type
text/css
access-control-allow-origin
https://codepen.io
cache-control
public, must-revalidate, proxy-revalidate
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
CW9RCA45vwwbmI9mi5YXd6jMs_RSDiLKd5l86TqPGYVcLBUL34VA8g==
css
fonts.googleapis.com/
9 KB
839 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,400i,700,700i
Requested by
Host: assets.funraise.io
URL: https://assets.funraise.io/assets/campaign-site/@funraise/campaign-site.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
e0dfd654851f4736b141e1bf4798116a47c6d7c2cc4712e880a28d69a33f5930
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://endchildslavery.funraise.org/?trk_msg=SSO6JRAT3V24PFR2894JH905UO&trk_contact=7F2ONTPN5PQQUDL1OMAGKTRG1C&trk_sid=QMJL79GC1L5K78FI47VC8S9SH4&utm_source=Listrak&utm_medium=email&utm_term=While+this+is+progress%2c+our%26nbsp%3bfight+is+not+over&utm_campaign=Giving+Day+May+2019&utm_content=Email+4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 29 May 2019 01:25:04 GMT
server
ESF
access-control-allow-origin
*
date
Wed, 29 May 2019 01:25:04 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Wed, 29 May 2019 01:25:04 GMT
analytics.js
www.google-analytics.com/
43 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: endchildslavery.funraise.org
URL: https://endchildslavery.funraise.org/?trk_msg=SSO6JRAT3V24PFR2894JH905UO&trk_contact=7F2ONTPN5PQQUDL1OMAGKTRG1C&trk_sid=QMJL79GC1L5K78FI47VC8S9SH4&utm_source=Listrak&utm_medium=email&utm_term=While+this+is+progress%2c+our%26nbsp%3bfight+is+not+over&utm_campaign=Giving+Day+May+2019&utm_content=Email+4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://endchildslavery.funraise.org/?trk_msg=SSO6JRAT3V24PFR2894JH905UO&trk_contact=7F2ONTPN5PQQUDL1OMAGKTRG1C&trk_sid=QMJL79GC1L5K78FI47VC8S9SH4&utm_source=Listrak&utm_medium=email&utm_term=While+this+is+progress%2c+our%26nbsp%3bfight+is+not+over&utm_campaign=Giving+Day+May+2019&utm_content=Email+4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 21 May 2019 23:53:44 GMT
server
Golfe2
age
6751
date
Tue, 28 May 2019 23:32:33 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17595
expires
Wed, 29 May 2019 01:32:33 GMT
collect
www.google-analytics.com/
35 B
99 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j76&a=810811563&t=pageview&_s=2&dl=https%3A%2F%2Fendchildslavery.funraise.org%2F%3Ftrk_msg%3DSSO6JRAT3V24PFR2894JH905UO%26trk_contact%3D7F2ONTPN5PQQUDL1OMAGKTRG1C%26trk_sid%3DQMJL79GC1L5K78FI47VC8S9SH4%26utm_source%3DListrak%26utm_medium%3Demail%26utm_term%3DWhile%2Bthis%2Bis%2Bprogress%252c%2Bour%2526nbsp%253bfight%2Bis%2Bnot%2Bover%26utm_campaign%3DGiving%2BDay%2BMay%2B2019%26utm_content%3DEmail%2B4&ul=en-us&de=UTF-8&dt=End%20Child%20Slavery&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=KEBAAEAB~&jid=&gjid=&cid=1195312753.1559093104&tid=UA-81133946-1&_gid=571912228.1559093104&z=970391920
Requested by
Host: endchildslavery.funraise.org
URL: https://endchildslavery.funraise.org/?trk_msg=SSO6JRAT3V24PFR2894JH905UO&trk_contact=7F2ONTPN5PQQUDL1OMAGKTRG1C&trk_sid=QMJL79GC1L5K78FI47VC8S9SH4&utm_source=Listrak&utm_medium=email&utm_term=While+this+is+progress%2c+our%26nbsp%3bfight+is+not+over&utm_campaign=Giving+Day+May+2019&utm_content=Email+4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://endchildslavery.funraise.org/?trk_msg=SSO6JRAT3V24PFR2894JH905UO&trk_contact=7F2ONTPN5PQQUDL1OMAGKTRG1C&trk_sid=QMJL79GC1L5K78FI47VC8S9SH4&utm_source=Listrak&utm_medium=email&utm_term=While+this+is+progress%2c+our%26nbsp%3bfight+is+not+over&utm_campaign=Giving+Day+May+2019&utm_content=Email+4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 May 2019 16:28:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
2019411
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
state-country.json
assets.funraise.io/widget/common/1.3/js/
0
377 B
XHR
General
Full URL
https://assets.funraise.io/widget/common/1.3/js/state-country.json
Requested by
Host: assets.funraise.io
URL: https://assets.funraise.io/widget/common/1.3/js/libs.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:8200:b:201e:bc0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
GET
Origin
https://endchildslavery.funraise.org
Referer
https://endchildslavery.funraise.org/?trk_msg=SSO6JRAT3V24PFR2894JH905UO&trk_contact=7F2ONTPN5PQQUDL1OMAGKTRG1C&trk_sid=QMJL79GC1L5K78FI47VC8S9SH4&utm_source=Listrak&utm_medium=email&utm_term=While+this+is+progress%2c+our%26nbsp%3bfight+is+not+over&utm_campaign=Giving+Day+May+2019&utm_content=Email+4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

date
Wed, 29 May 2019 01:25:05 GMT
via
1.1 7b88ef0d81161ffd0111d52a2de2bd25.cloudfront.net (CloudFront)
server
AmazonS3
access-control-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD
status
200
access-control-max-age
3000
x-cache
Miss from cloudfront
access-control-allow-headers
content-type
content-length
0
x-amz-cf-id
ecR2i9HUeLgzP_W_qpXZbjW1k5fgg4dNWZ1tU_UOgeKQusTD7h5DTg==
truncated
/
70 KB
70 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin
https://endchildslavery.funraise.org

Response headers

Content-Type
font/woff2
widget-settings.json
assets.funraise.io/widget/client/c958faa4-e833-4307-bc94-e8f7ed77b565/6968/1.3/
3 KB
4 KB
XHR
General
Full URL
https://assets.funraise.io/widget/client/c958faa4-e833-4307-bc94-e8f7ed77b565/6968/1.3/widget-settings.json
Requested by
Host: endchildslavery.funraise.org
URL: https://endchildslavery.funraise.org/?trk_msg=SSO6JRAT3V24PFR2894JH905UO&trk_contact=7F2ONTPN5PQQUDL1OMAGKTRG1C&trk_sid=QMJL79GC1L5K78FI47VC8S9SH4&utm_source=Listrak&utm_medium=email&utm_term=While+this+is+progress%2c+our%26nbsp%3bfight+is+not+over&utm_campaign=Giving+Day+May+2019&utm_content=Email+4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:8200:b:201e:bc0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
151682b4c1e93aa289aa2278401dccdce3cc0a35609cb23fbc046df576cdef8d

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://endchildslavery.funraise.org/?trk_msg=SSO6JRAT3V24PFR2894JH905UO&trk_contact=7F2ONTPN5PQQUDL1OMAGKTRG1C&trk_sid=QMJL79GC1L5K78FI47VC8S9SH4&utm_source=Listrak&utm_medium=email&utm_term=While+this+is+progress%2c+our%26nbsp%3bfight+is+not+over&utm_campaign=Giving+Day+May+2019&utm_content=Email+4
Origin
https://endchildslavery.funraise.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Wed, 29 May 2019 01:25:05 GMT
via
1.1 7b88ef0d81161ffd0111d52a2de2bd25.cloudfront.net (CloudFront)
last-modified
Mon, 20 May 2019 16:48:54 GMT
server
AmazonS3
status
200
etag
"c21211d4a851cdb78148e236caa13daa"
access-control-max-age
3000
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD
content-type
application/octet-stream
access-control-allow-origin
*
x-cache
RefreshHit from cloudfront
accept-ranges
bytes
content-length
3234
x-amz-cf-id
NxJkkACMhE7l3XxTJFYkd9iwPJ4056YviK5wMY5nxrzPY8uDT1R6Hg==
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/
55 KB
56 KB
Font
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by
Host: endchildslavery.funraise.org
URL: https://endchildslavery.funraise.org/?trk_msg=SSO6JRAT3V24PFR2894JH905UO&trk_contact=7F2ONTPN5PQQUDL1OMAGKTRG1C&trk_sid=QMJL79GC1L5K78FI47VC8S9SH4&utm_source=Listrak&utm_medium=email&utm_term=While+this+is+progress%2c+our%26nbsp%3bfight+is+not+over&utm_campaign=Giving+Day+May+2019&utm_content=Email+4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip0x00f.map2.ssl.hwcdn.net
Software
/
Resource Hash
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://assets.funraise.io/widget/client/c958faa4-e833-4307-bc94-e8f7ed77b565/6968/1.3/funraise.css
Origin
https://endchildslavery.funraise.org

Response headers

date
Wed, 29 May 2019 01:25:04 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:36:18 GMT
access-control-allow-origin
*
etag
"1544639778"
vary
Accept-Encoding
x-cache
HIT
content-type
font/woff2
status
200
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
56792
state-country.json
assets.funraise.io/widget/common/1.3/js/
84 KB
85 KB
XHR
General
Full URL
https://assets.funraise.io/widget/common/1.3/js/state-country.json
Requested by
Host: endchildslavery.funraise.org
URL: https://endchildslavery.funraise.org/?trk_msg=SSO6JRAT3V24PFR2894JH905UO&trk_contact=7F2ONTPN5PQQUDL1OMAGKTRG1C&trk_sid=QMJL79GC1L5K78FI47VC8S9SH4&utm_source=Listrak&utm_medium=email&utm_term=While+this+is+progress%2c+our%26nbsp%3bfight+is+not+over&utm_campaign=Giving+Day+May+2019&utm_content=Email+4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:8200:b:201e:bc0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6f1b7cd38d98c3a52893762771f3363b6bbf565caab9a714e44d1dc579967173

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://endchildslavery.funraise.org/?trk_msg=SSO6JRAT3V24PFR2894JH905UO&trk_contact=7F2ONTPN5PQQUDL1OMAGKTRG1C&trk_sid=QMJL79GC1L5K78FI47VC8S9SH4&utm_source=Listrak&utm_medium=email&utm_term=While+this+is+progress%2c+our%26nbsp%3bfight+is+not+over&utm_campaign=Giving+Day+May+2019&utm_content=Email+4
Origin
https://endchildslavery.funraise.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Wed, 29 May 2019 00:38:44 GMT
via
1.1 7b88ef0d81161ffd0111d52a2de2bd25.cloudfront.net (CloudFront)
last-modified
Sat, 04 May 2019 18:19:11 GMT
server
AmazonS3
status
200
etag
"868312c616e21a73143ab17966a7ad81"
access-control-max-age
3000
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD
content-type
application/octet-stream
access-control-allow-origin
*
x-cache
RefreshHit from cloudfront
accept-ranges
bytes
content-length
86064
x-amz-cf-id
pMTW1zhuBZdP6SCscsDvA3XFRCmrFyLl6Ty3E91nfPE7ndLQpqdnHw==
widget.html
assets.funraise.io/widget/client/c958faa4-e833-4307-bc94-e8f7ed77b565/6968/1.3/
17 KB
5 KB
XHR
General
Full URL
https://assets.funraise.io/widget/client/c958faa4-e833-4307-bc94-e8f7ed77b565/6968/1.3/widget.html
Requested by
Host: assets.funraise.io
URL: https://assets.funraise.io/widget/common/1.3/js/libs.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:8200:b:201e:bc0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5753fe77f04f641e52e025f3afd5dd51e950504b47338b6ca3fe6a421611c1b5

Request headers

Accept
text/html, */*; q=0.01
Referer
https://endchildslavery.funraise.org/?trk_msg=SSO6JRAT3V24PFR2894JH905UO&trk_contact=7F2ONTPN5PQQUDL1OMAGKTRG1C&trk_sid=QMJL79GC1L5K78FI47VC8S9SH4&utm_source=Listrak&utm_medium=email&utm_term=While+this+is+progress%2c+our%26nbsp%3bfight+is+not+over&utm_campaign=Giving+Day+May+2019&utm_content=Email+4
Origin
https://endchildslavery.funraise.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 21 May 2019 08:10:21 GMT
content-encoding
gzip
last-modified
Mon, 20 May 2019 16:48:54 GMT
server
AmazonS3
status
200
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD
content-type
text/html
access-control-allow-origin
*
access-control-max-age
3000
x-cache
RefreshHit from cloudfront
x-amz-cf-id
ObdE5conkVIMzhEzQ-K8RLZpHp1d4Xi8SL5Ms7cmjbvaSctnIgvh4A==
via
1.1 7b88ef0d81161ffd0111d52a2de2bd25.cloudfront.net (CloudFront)
analytics.js
www.google-analytics.com/
43 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: endchildslavery.funraise.org
URL: https://endchildslavery.funraise.org/?trk_msg=SSO6JRAT3V24PFR2894JH905UO&trk_contact=7F2ONTPN5PQQUDL1OMAGKTRG1C&trk_sid=QMJL79GC1L5K78FI47VC8S9SH4&utm_source=Listrak&utm_medium=email&utm_term=While+this+is+progress%2c+our%26nbsp%3bfight+is+not+over&utm_campaign=Giving+Day+May+2019&utm_content=Email+4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://endchildslavery.funraise.org/?trk_msg=SSO6JRAT3V24PFR2894JH905UO&trk_contact=7F2ONTPN5PQQUDL1OMAGKTRG1C&trk_sid=QMJL79GC1L5K78FI47VC8S9SH4&utm_source=Listrak&utm_medium=email&utm_term=While+this+is+progress%2c+our%26nbsp%3bfight+is+not+over&utm_campaign=Giving+Day+May+2019&utm_content=Email+4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 21 May 2019 23:53:44 GMT
server
Golfe2
age
6752
date
Tue, 28 May 2019 23:32:33 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17595
expires
Wed, 29 May 2019 01:32:33 GMT
ssl_lock_funraise.png
assets.funraise.io/widget/common/1.3/img/
1 KB
1 KB
Image
General
Full URL
https://assets.funraise.io/widget/common/1.3/img/ssl_lock_funraise.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:9200:b:201e:bc0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
983ae24ea7af9a6631587cc0df58ffbe7a69aecdf0fb46cd1beed33d06ba3371

Request headers

Referer
https://endchildslavery.funraise.org/?trk_msg=SSO6JRAT3V24PFR2894JH905UO&trk_contact=7F2ONTPN5PQQUDL1OMAGKTRG1C&trk_sid=QMJL79GC1L5K78FI47VC8S9SH4&utm_source=Listrak&utm_medium=email&utm_term=While+this+is+progress%2c+our%26nbsp%3bfight+is+not+over&utm_campaign=Giving+Day+May+2019&utm_content=Email+4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 May 2019 01:25:06 GMT
via
1.1 6558236a06004e2e5ed43d07e2124e70.cloudfront.net (CloudFront)
last-modified
Sat, 04 May 2019 18:19:11 GMT
server
AmazonS3
etag
"a88c588fcb9606cdd0a2cc84f0752561"
x-cache
RefreshHit from cloudfront
content-type
image/png
status
200
accept-ranges
bytes
content-length
1195
x-amz-cf-id
5Rj3Jx4ZmYvBvADdBO8hSnUZRw3DPKklJLHRnSeKgbYRz3KpJsUQlA==
credit_card_cvv.jpg
assets.funraise.io/widget/common/1.3/img/
3 KB
4 KB
Image
General
Full URL
https://assets.funraise.io/widget/common/1.3/img/credit_card_cvv.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:9200:b:201e:bc0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e5faba8c68d7a34dd04e031f05f7bc08dc143d6f7d6da3b0023445bb54f72bc7

Request headers

Referer
https://endchildslavery.funraise.org/?trk_msg=SSO6JRAT3V24PFR2894JH905UO&trk_contact=7F2ONTPN5PQQUDL1OMAGKTRG1C&trk_sid=QMJL79GC1L5K78FI47VC8S9SH4&utm_source=Listrak&utm_medium=email&utm_term=While+this+is+progress%2c+our%26nbsp%3bfight+is+not+over&utm_campaign=Giving+Day+May+2019&utm_content=Email+4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 May 2019 06:37:48 GMT
via
1.1 6558236a06004e2e5ed43d07e2124e70.cloudfront.net (CloudFront)
last-modified
Sat, 04 May 2019 18:19:11 GMT
server
AmazonS3
etag
"f7c5a0096b224dc2986df38eb7a51831"
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
3418
x-amz-cf-id
V1Un0ykgSsSZaIjClA5ASI6jOCR4q7AdNvdkb0UM0TwAJtpNPLdIpQ==
check_help.jpg
assets.funraise.io/widget/common/1.3/img/
4 KB
4 KB
Image
General
Full URL
https://assets.funraise.io/widget/common/1.3/img/check_help.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:9200:b:201e:bc0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d32719f70cb65ae1b93639425178ed6a63505a568a685718d234eb3d91031407

Request headers

Referer
https://endchildslavery.funraise.org/?trk_msg=SSO6JRAT3V24PFR2894JH905UO&trk_contact=7F2ONTPN5PQQUDL1OMAGKTRG1C&trk_sid=QMJL79GC1L5K78FI47VC8S9SH4&utm_source=Listrak&utm_medium=email&utm_term=While+this+is+progress%2c+our%26nbsp%3bfight+is+not+over&utm_campaign=Giving+Day+May+2019&utm_content=Email+4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 May 2019 01:25:06 GMT
via
1.1 6558236a06004e2e5ed43d07e2124e70.cloudfront.net (CloudFront)
last-modified
Sat, 04 May 2019 18:19:11 GMT
server
AmazonS3
etag
"3c0c884460062c71b5af24434b63e40d"
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
4044
x-amz-cf-id
_zaHOjvMNlKOpJWUy3j7OEiwwi6hzv8YmrqG8Jz_AZdQVGPQbT1ZBg==
bitcoin_logo.jpg
assets.funraise.io/widget/common/1.3/img/
828 B
1 KB
Image
General
Full URL
https://assets.funraise.io/widget/common/1.3/img/bitcoin_logo.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:9200:b:201e:bc0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
feb39981a7f4950c7a391b7679bd2d75ab31d112c6dd7ce72e6442fbf6dc6724

Request headers

Referer
https://endchildslavery.funraise.org/?trk_msg=SSO6JRAT3V24PFR2894JH905UO&trk_contact=7F2ONTPN5PQQUDL1OMAGKTRG1C&trk_sid=QMJL79GC1L5K78FI47VC8S9SH4&utm_source=Listrak&utm_medium=email&utm_term=While+this+is+progress%2c+our%26nbsp%3bfight+is+not+over&utm_campaign=Giving+Day+May+2019&utm_content=Email+4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 May 2019 06:30:59 GMT
via
1.1 6558236a06004e2e5ed43d07e2124e70.cloudfront.net (CloudFront)
last-modified
Sat, 04 May 2019 18:19:11 GMT
server
AmazonS3
etag
"e246b7c3593aa2830d30853495b860b4"
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
828
x-amz-cf-id
zm6iuFHor7R5VcGyVQq8IzuF9MAg6VL2qWv0gOM7PlX0ItEWSPQhCg==
number-frame.html
core.spreedly.com/v1/embedded/ Frame 9EEA
0
0
Document
General
Full URL
https://core.spreedly.com/v1/embedded/number-frame.html?v=1.21
Requested by
Host: core.spreedly.com
URL: https://core.spreedly.com/iframe/iframe-v1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.182 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
core.spreedly.com
:scheme
https
:path
/v1/embedded/number-frame.html?v=1.21
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://endchildslavery.funraise.org/?trk_msg=SSO6JRAT3V24PFR2894JH905UO&trk_contact=7F2ONTPN5PQQUDL1OMAGKTRG1C&trk_sid=QMJL79GC1L5K78FI47VC8S9SH4&utm_source=Listrak&utm_medium=email&utm_term=While+this+is+progress%2c+our%26nbsp%3bfight+is+not+over&utm_campaign=Giving+Day+May+2019&utm_content=Email+4
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://endchildslavery.funraise.org/?trk_msg=SSO6JRAT3V24PFR2894JH905UO&trk_contact=7F2ONTPN5PQQUDL1OMAGKTRG1C&trk_sid=QMJL79GC1L5K78FI47VC8S9SH4&utm_source=Listrak&utm_medium=email&utm_term=While+this+is+progress%2c+our%26nbsp%3bfight+is+not+over&utm_campaign=Giving+Day+May+2019&utm_content=Email+4

Response headers

status
200
content-type
text/html; charset=utf-8
x-xss-protection
1; mode=block
x-content-type-options
nosniff
etag
W/"a2e250e9981acd4f84b2032dfba2b60c"
cache-control
max-age=0, private, must-revalidate
x-request-id
bb04od80qvbhdk6u02v0.core_cc9b9e5087a0cfe3
content-encoding
gzip
server
nginx
strict-transport-security
max-age=31536000; includeSubdomains;
accept-ranges
bytes bytes
age
0 0
date
Wed, 29 May 2019 01:25:05 GMT
via
1.1 varnish
x-served-by
cache-hhn1531-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1559093105.319274,VS0,VE416
cvv-frame.html
core.spreedly.com/v1/embedded/ Frame 52A1
0
0
Document
General
Full URL
https://core.spreedly.com/v1/embedded/cvv-frame.html?v=1.21
Requested by
Host: core.spreedly.com
URL: https://core.spreedly.com/iframe/iframe-v1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.182 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
core.spreedly.com
:scheme
https
:path
/v1/embedded/cvv-frame.html?v=1.21
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://endchildslavery.funraise.org/?trk_msg=SSO6JRAT3V24PFR2894JH905UO&trk_contact=7F2ONTPN5PQQUDL1OMAGKTRG1C&trk_sid=QMJL79GC1L5K78FI47VC8S9SH4&utm_source=Listrak&utm_medium=email&utm_term=While+this+is+progress%2c+our%26nbsp%3bfight+is+not+over&utm_campaign=Giving+Day+May+2019&utm_content=Email+4
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://endchildslavery.funraise.org/?trk_msg=SSO6JRAT3V24PFR2894JH905UO&trk_contact=7F2ONTPN5PQQUDL1OMAGKTRG1C&trk_sid=QMJL79GC1L5K78FI47VC8S9SH4&utm_source=Listrak&utm_medium=email&utm_term=While+this+is+progress%2c+our%26nbsp%3bfight+is+not+over&utm_campaign=Giving+Day+May+2019&utm_content=Email+4

Response headers

status
200
content-type
text/html; charset=utf-8
x-xss-protection
1; mode=block
x-content-type-options
nosniff
etag
W/"d74bbce9573bfe35be17e01e6c017546"
cache-control
max-age=0, private, must-revalidate
x-request-id
bb04od89c2g19h7qkt7g.core_39895ac7470cd616
content-encoding
gzip
server
nginx
strict-transport-security
max-age=31536000; includeSubdomains;
accept-ranges
bytes bytes
age
0 0
date
Wed, 29 May 2019 01:25:05 GMT
via
1.1 varnish
x-served-by
cache-hhn1531-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1559093105.325126,VS0,VE443
collect
www.google-analytics.com/
35 B
96 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j76&a=810811563&t=pageview&_s=1&dl=https%3A%2F%2Fendchildslavery.funraise.org%2F%3Ftrk_msg%3DSSO6JRAT3V24PFR2894JH905UO%26trk_contact%3D7F2ONTPN5PQQUDL1OMAGKTRG1C%26trk_sid%3DQMJL79GC1L5K78FI47VC8S9SH4%26utm_source%3DListrak%26utm_medium%3Demail%26utm_term%3DWhile%2Bthis%2Bis%2Bprogress%252c%2Bour%2526nbsp%253bfight%2Bis%2Bnot%2Bover%26utm_campaign%3DGiving%2BDay%2BMay%2B2019%26utm_content%3DEmail%2B4&ul=en-us&de=UTF-8&dt=End%20Child%20Slavery&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IIAAAAABC~&cid=c958faa4-e833-4307-bc94-e8f7ed77b565&tid=UA-70611417-3&_gid=469688563.1559093105&z=503116331
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://endchildslavery.funraise.org/?trk_msg=SSO6JRAT3V24PFR2894JH905UO&trk_contact=7F2ONTPN5PQQUDL1OMAGKTRG1C&trk_sid=QMJL79GC1L5K78FI47VC8S9SH4&utm_source=Listrak&utm_medium=email&utm_term=While+this+is+progress%2c+our%26nbsp%3bfight+is+not+over&utm_campaign=Giving+Day+May+2019&utm_content=Email+4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 May 2019 16:28:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
2019412
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| FR object| core object| __core-js_shared__ function| setImmediate function| clearImmediate object| regeneratorRuntime function| $ function| _ number| __JSS_VERSION_COUNTER__ function| getCookie object| ace number| funraiseCampaignSiteFormId function| Funraise object| f string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| Spreedly function| SpreedlyPaymentFrame function| initfunraiseBootstrap function| initQueryValidate undefined| jQuery function| ga_c958faa46968_func

7 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: 49JGPmH20TE
.youtube.com/ Name: GPS
Value: 1
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: By63EyFDTpM
.youtube.com/ Name: PREF
Value: f1=50000000
.funraise.org/ Name: _ga
Value: GA1.2.1195312753.1559093104
.funraise.org/ Name: _gat
Value: 1
.funraise.org/ Name: _gid
Value: GA1.2.571912228.1559093104

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.funraise.io
campaigns.freedomunited.org
core.spreedly.com
deru1uwy27a9u.cloudfront.net
endchildslavery.funraise.org
fonts.googleapis.com
fonts.gstatic.com
funraise-platform.s3.amazonaws.com
maxcdn.bootstrapcdn.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.youtube.com
142.0.93.10
151.101.2.182
209.197.3.15
2600:9000:200c:8200:b:201e:bc0:93a1
2600:9000:200c:9200:b:201e:bc0:93a1
2600:9000:200c:e00:17:962e:7080:21
2a00:1450:4001:808::2003
2a00:1450:4001:814::200e
2a00:1450:4001:819::200a
2a00:1450:4001:81d::2004
2a00:1450:4001:81e::2003
2a00:1450:4001:81e::200e
2a00:1450:400c:c06::9c
52.216.230.43
54.230.93.98
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
151682b4c1e93aa289aa2278401dccdce3cc0a35609cb23fbc046df576cdef8d
1d5b7c64458f4af91dcfee0354be47adde1f739b5aded03a7ab6068a1bb6ca97
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e865de28c54ca364a78614430460195fccee8de3a363a2239f68be8f68deae6
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4626c7e1f5b3e499e37a344c7fd94cea9bd06e5fcab23d7be5e98bb2e5bc2c4b
498b21b21e16cf12418507fcde07fb5e113742990cfdfdc3c8f9ec68d2e75621
52600c20059d59f96365b4eba7cef9d5424978787c75e33a5bd88963cbf1e5f1
54f9e5e0290407df461296313135a79071ab0bed05cf1482c5e6cda36e85f8d0
55af40838faa8e636b197f9a7a21cefd5f6b5a88d7d357c5b4d2f8610b8ce1f8
5753fe77f04f641e52e025f3afd5dd51e950504b47338b6ca3fe6a421611c1b5
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
6309b0265edb8a409b1a120036a651230824b326e26a5f24eca1b9f544e2a42f
68f5dadc66268517a6d7305f854825a14b114314ea3f0515e20328a40c31da25
6f1b7cd38d98c3a52893762771f3363b6bbf565caab9a714e44d1dc579967173
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
81630e34a545b5d59db4f6b7dc7ddf636f6a36a2387c93774d39c349a1d68c44
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8391cea7568529c582e372e02863888171c1c80d6ff4f8504aa7e21da5ab1c29
860e6f1c60ae39569492c960c27053e697a8d6af15ae25119dda50ba1b0b38b3
8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2
9261320b4c11c361e030f11719ba612b9c756502355672047e39211b6c04a3a0
983ae24ea7af9a6631587cc0df58ffbe7a69aecdf0fb46cd1beed33d06ba3371
99d526317a8df25a32a6af5eea55c9f6c166d8f21f4dc12f00787c8b146d504a
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
b74ae9ffa09860ef79035bc5621985e00354d3ac5d51ef5fca38353941db65ad
cfd1964278ccd1684fa9a0346c53d9bf16200fdc22d40af24ff19e4add1d3c6c
d32719f70cb65ae1b93639425178ed6a63505a568a685718d234eb3d91031407
e0dfd654851f4736b141e1bf4798116a47c6d7c2cc4712e880a28d69a33f5930
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5faba8c68d7a34dd04e031f05f7bc08dc143d6f7d6da3b0023445bb54f72bc7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa6cede5acf6be5fa6b474b95f74c94befeaecddb06eb523ab15d3348adfe836
fab552c84a897963d39132cb31f770307afc0e08e43f65255ae7587a3a46ba0f
feb39981a7f4950c7a391b7679bd2d75ab31d112c6dd7ce72e6442fbf6dc6724