urlscan.io logo urlscan.io
SecurityTrails logo

www.jcgassociatecarefund.org Open in urlscan Pro
20.119.16.11  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.jcgassociatecarefund.org/
Submission: On July 10 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 3 countries across 9 domains to perform 39 HTTP transactions. The main IP is 20.119.16.11, located in Washington, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.jcgassociatecarefund.org.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on July 9th 2023. Valid for: a year.
This is the only time www.jcgassociatecarefund.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

6    20.119.16.11 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.jcgassociatecarefund.org
4    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    20.60.2.68 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
eafurlstorage.blob.core.windows.net
1    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
translate.google.com
7    104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)
static.zdassets.com
ekr.zdassets.com
1    2600:9000:235a:f800:12:de4a:40:93a1 (United States)

ASN16509 (AMAZON-02, US)
164915.tctm.co
3    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
translate.googleapis.com
1    2600:9000:235a:7c00:12:de4a:40:93a1 (United States)

ASN16509 (AMAZON-02, US)
164915.tctm.co
6    2a02:6ea0:c700::101 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)
cdn.userway.org
1    2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2600:1f14:5db:eb22:3666:3d48:6c2b:699e (Boardman, United States)

ASN16509 (AMAZON-02, US)
api.userway.org
1    104.16.51.111 (None, )

ASN13335 (CLOUDFLARENET, US)
emergencyassistancefdn.zendesk.com
Apex Domain
Subdomains		 Transfer
7 userway.org
cdn.userway.org — Cisco Umbrella Rank: 6851
api.userway.org — Cisco Umbrella Rank: 6703
64 KB
7 zdassets.com
static.zdassets.com — Cisco Umbrella Rank: 3787
ekr.zdassets.com — Cisco Umbrella Rank: 4225
363 KB
6 gstatic.com
fonts.gstatic.com
www.gstatic.com
42 KB
6 jcgassociatecarefund.org
www.jcgassociatecarefund.org
118 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 108
translate.googleapis.com — Cisco Umbrella Rank: 1417
76 KB
3 windows.net
eafurlstorage.blob.core.windows.net
43 KB
2 tctm.co
164915.tctm.co
5 KB
2 google.com
translate.google.com — Cisco Umbrella Rank: 2023
www.google.com — Cisco Umbrella Rank: 10
32 KB
1 zendesk.com
emergencyassistancefdn.zendesk.com
1 KB
39 9
Domain Requested by
6 cdn.userway.org www.jcgassociatecarefund.org
cdn.userway.org
6 static.zdassets.com www.jcgassociatecarefund.org
static.zdassets.com
6 www.jcgassociatecarefund.org www.jcgassociatecarefund.org
4 fonts.googleapis.com www.jcgassociatecarefund.org
3 www.gstatic.com translate.googleapis.com
www.gstatic.com
3 fonts.gstatic.com fonts.googleapis.com
www.jcgassociatecarefund.org
3 eafurlstorage.blob.core.windows.net www.jcgassociatecarefund.org
2 164915.tctm.co www.jcgassociatecarefund.org
1 emergencyassistancefdn.zendesk.com static.zdassets.com
1 api.userway.org cdn.userway.org
1 www.google.com www.jcgassociatecarefund.org
1 ekr.zdassets.com static.zdassets.com
1 translate.googleapis.com
1 translate.google.com www.jcgassociatecarefund.org
39 14

This site contains links to these domains. Also see Links.

Domain
www.emergencyassistancefdn.org
eafurlstorage.blob.core.windows.net
Subject Issuer Validity Valid
jcgassociatecarefund.org
Go Daddy Secure Certificate Authority - G2		 2023-07-09 -
2024-08-09		 a year crt.sh
upload.video.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.blob.core.windows.net
Microsoft RSA TLS CA 01		 2023-09-27 -
2024-09-27		 a year crt.sh
*.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
zdassets.com
E6		 2024-06-29 -
2024-09-27		 3 months crt.sh
*.tctm.co
Amazon RSA 2048 M03		 2024-07-06 -
2025-08-03		 a year crt.sh
*.gstatic.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
1667503734.rsc.cdn77.org
R3		 2024-05-07 -
2024-08-05		 3 months crt.sh
api.userway.org
Amazon RSA 2048 M03		 2023-09-02 -
2024-09-30		 a year crt.sh
emergencyassistancefdn.zendesk.com
Cloudflare Inc ECC CA-3		 2024-03-02 -
2024-12-31		 10 months crt.sh

This page contains 5 frames:

Primary Page: https://www.jcgassociatecarefund.org/
Frame ID: 8F88D7C79879B6E654DEEA4925551F60
Requests: 31 HTTP requests in this frame

Frame: https://164915.tctm.co/form/FRT472ABB2C5B9B141A6BF84EDED671B1BC357BE9055E0C13CCC31A0F53DF6BBF6E.html
Frame ID: 3E7E3F1B08A5D9551899A658560B2E5B
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: BD81CE205B5EE43FD46D17CD4D2814D6
Requests: 1 HTTP requests in this frame

Frame: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=GAY/d=0/rs=AN8SPfrev-A3NvrBP0gNq8zXCqKY7IcBLA/m=el_main_css
Frame ID: 276D6D323226316D1C3024F63935BB1B
Requests: 1 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-82b779d.js
Frame ID: 8C361A6ABF01B09BB71D1620500F3AB5
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The JCG Associate Care Fund

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • cdn\.userway\.org/widget.*\.js

Page Statistics

39
Requests

100 %
HTTPS

71 %
IPv6

9
Domains

14
Subdomains

15
IPs

3
Countries

746 kB
Transfer

2160 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.jcgassociatecarefund.org/ 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.jcgassociatecarefund.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.119.16.11 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ffe637130ea6971ffbcdd3dac599a3d7efc9f89ac9082e1ef917d0fc6575ecc0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Cache-Control
private
Content-Encoding
gzip
Content-Length
4135
Content-Type
text/html; charset=utf-8
Date
Wed, 10 Jul 2024 00:29:45 GMT
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
X-AspNet-Version
4.0.30319
X-AspNetMvc-Version
5.2
X-Powered-By
ASP.NET
css
fonts.googleapis.com/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: www.jcgassociatecarefund.org
URL: https://www.jcgassociatecarefund.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c3061c3788ad5783ef8a5d10c454bafe7eb942c48200dccc852cc6d3c9f303d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.jcgassociatecarefund.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 10 Jul 2024 00:29:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 09 Jul 2024 23:22:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 Jul 2024 00:29:45 GMT
css
fonts.googleapis.com/ 		765 B
465 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Cinzel
Requested by
Host: www.jcgassociatecarefund.org
URL: https://www.jcgassociatecarefund.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3aa00b83a0fec30f36dc127dff3d899fdeb7d5027092de7c77d93f13f1955f35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.jcgassociatecarefund.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 10 Jul 2024 00:29:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 10 Jul 2024 00:29:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 Jul 2024 00:29:45 GMT
css
fonts.googleapis.com/ 		2 KB
968 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat
Requested by
Host: www.jcgassociatecarefund.org
URL: https://www.jcgassociatecarefund.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
11f0f33f9711ca7551b10cdff821a5c9b8ab7d74055c1d84adf61708991774a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.jcgassociatecarefund.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 10 Jul 2024 00:29:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 09 Jul 2024 22:48:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 Jul 2024 00:29:45 GMT
css
fonts.googleapis.com/ 		2 KB
628 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway
Requested by
Host: www.jcgassociatecarefund.org
URL: https://www.jcgassociatecarefund.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cdbcbb6ab7680b6f7ee6f09ff2a54b0e8e3eb6e758efb1c0a7fe5e71fb0da118
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.jcgassociatecarefund.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 10 Jul 2024 00:29:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 10 Jul 2024 00:22:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 Jul 2024 00:29:45 GMT
css
www.jcgassociatecarefund.org/Content/ 		95 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.jcgassociatecarefund.org/Content/css?v=QBHnHhBCqAzFYVb99gDz-9PyjpMCSrfioL13K_NEHgo1
Requested by
Host: www.jcgassociatecarefund.org
URL: https://www.jcgassociatecarefund.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.119.16.11 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
64a222eec554aa192e6623f8157d6724112eebc991c1c17bfd66184d51e702fd

Request headers

Referer
https://www.jcgassociatecarefund.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 10 Jul 2024 00:29:45 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Jul 2024 00:29:45 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
User-Agent,Accept-Encoding
Content-Type
text/css; charset=utf-8
Cache-Control
public
Content-Length
23002
Expires
Thu, 10 Jul 2025 00:29:45 GMT
modernizr
www.jcgassociatecarefund.org/bundles/ 		11 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.jcgassociatecarefund.org/bundles/modernizr?v=inCVuEFe6J4Q07A0AcRsbJic_UE5MwpRMNGcOtk94TE1
Requested by
Host: www.jcgassociatecarefund.org
URL: https://www.jcgassociatecarefund.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.119.16.11 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9e83216908224ffbc39992a5e60f93ca21b8e2240ba28025ba679c4b70f7112d

Request headers

Referer
https://www.jcgassociatecarefund.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 10 Jul 2024 00:29:45 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Jul 2024 00:29:45 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
User-Agent,Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public
Content-Length
5292
Expires
Thu, 10 Jul 2025 00:29:45 GMT
302-3.jpg
eafurlstorage.blob.core.windows.net/url-content/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eafurlstorage.blob.core.windows.net/url-content/302-3.jpg
Requested by
Host: www.jcgassociatecarefund.org
URL: https://www.jcgassociatecarefund.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.60.2.68 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
be2656e3faa3d7d4b4aaad78ed44f5b3388ea624b40557618398b08b224081eb

Request headers

Referer
https://www.jcgassociatecarefund.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 10 Jul 2024 00:29:45 GMT
Last-Modified
Tue, 18 Jun 2024 08:43:58 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
tg9hBZ/P586omV5rYlkq5w==
ETag
0x8DC8F72CB6F0D98
Content-Type
image/jpeg
x-ms-request-id
10dffb5d-601e-0064-5760-d298b6000000
x-ms-version
2009-09-19
Content-Length
22615
EAFLogo.png
eafurlstorage.blob.core.windows.net/url-content/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eafurlstorage.blob.core.windows.net/url-content/EAFLogo.png
Requested by
Host: www.jcgassociatecarefund.org
URL: https://www.jcgassociatecarefund.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.60.2.68 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0bee8931c5331b90db0d4c0620f3997cc526a33589ab47d5a77901df8a58982b

Request headers

Referer
https://www.jcgassociatecarefund.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 10 Jul 2024 00:29:45 GMT
Last-Modified
Tue, 01 Dec 2020 15:33:38 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
TuQ6O7B+f9F08DMglr/VeQ==
ETag
0x8D8960E7944F8BA
Content-Type
image/png
x-ms-request-id
8cdb0396-f01e-0092-3b60-d2edf8000000
x-ms-version
2009-09-19
Content-Length
14999
element.js
translate.google.com/translate_a/ 		90 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Requested by
Host: www.jcgassociatecarefund.org
URL: https://www.jcgassociatecarefund.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b27de040132455f55fb594368dd34b8f2d2d9b388d31c3ae127dd83c71cd8fb5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.jcgassociatecarefund.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jul 2024 00:29:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
snippet.js
static.zdassets.com/ekr/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/ekr/snippet.js?key=ec340d12-2e87-4385-8457-80bbff72f9b4
Requested by
Host: www.jcgassociatecarefund.org
URL: https://www.jcgassociatecarefund.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://www.jcgassociatecarefund.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 00:29:45 GMT
x-amz-version-id
sR7NItkX1i3nKckB5vEat7T2DUmPnRiJ
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
CYEYQJYMT4QZ3T8W
age
8
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
w9Ykh+WtFixOrLFiNzGhpYHZOwk6DKoyxfhtDfVQkoErmToTSi1OHWtlNSPdHtDc+O/3ZoaZyAk=
last-modified
Mon, 15 Jan 2024 02:56:11 GMT
server
cloudflare
etag
W/"c0053b411b753138af468db1bd3b19f3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qTh01RilvDaf0Vkm7aLHkRBQ%2FaeGzoc32dypUYDjmNI1q%2BkxLeK%2BaNWRY7jmOhINNbYCvqmyz5tzBO%2Ffzouhrf9ZG1Bqx%2FAubiyYR%2BLR2oi9uCvpHlI6YqrAAKOTnwrPI9ChFc4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=3600, s-maxage=60
access-control-max-age
0
cf-ray
8a0c70fa298e3819-FRA
access-control-allow-headers
*
formreactor.js
164915.tctm.co/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://164915.tctm.co/formreactor.js
Requested by
Host: www.jcgassociatecarefund.org
URL: https://www.jcgassociatecarefund.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:f800:12:de4a:40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ctm /
Resource Hash
901299a6a74d98fe1f9e26a6f34fa8f39cd076478d59f3111b3a6980621350e6

Request headers

Referer
https://www.jcgassociatecarefund.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 00:29:45 GMT
content-encoding
gzip
via
1.1 78668cba389ee6455cf1c23180f33cf8.cloudfront.net (CloudFront)
last-modified
Wed, 12 Jun 2024 14:40:26 GMT
server
ctm
x-amz-cf-pop
FRA60-P9
etag
W/"6669b35a-4009"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/x-javascript
cache-control
public, must-revalidate
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
o_VAsD1KYIcWoIfHt-wx4IcPqnPu7WxcwpWthToy0CkcbB_kiDOKyw==
jquery
www.jcgassociatecarefund.org/bundles/ 		86 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.jcgassociatecarefund.org/bundles/jquery?v=8Oos0avDZyPg-cbyVzvkIfERIE1DGSe3sRQdCSYrgEQ1
Requested by
Host: www.jcgassociatecarefund.org
URL: https://www.jcgassociatecarefund.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.119.16.11 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c6c9c55306e0cc0fbd50b3488121de96630e66f6744a6538e97e982d64144889

Request headers

Referer
https://www.jcgassociatecarefund.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 10 Jul 2024 00:29:45 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Jul 2024 00:29:45 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
User-Agent,Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public
Content-Length
40204
Expires
Thu, 10 Jul 2025 00:29:45 GMT
bootstrap
www.jcgassociatecarefund.org/bundles/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.jcgassociatecarefund.org/bundles/bootstrap?v=M4Nk6kIOwMFflsEKET0iPL9i5YBqbzMzvUOrd8gyCnw1
Requested by
Host: www.jcgassociatecarefund.org
URL: https://www.jcgassociatecarefund.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.119.16.11 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a71fd6207f6416a9147eab09c1cafe22c8104507dd6391248ea2921bf7d8d78b

Request headers

Referer
https://www.jcgassociatecarefund.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 10 Jul 2024 00:29:45 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Jul 2024 00:29:45 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
User-Agent,Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public
Content-Length
14183
Expires
Thu, 10 Jul 2025 00:29:45 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.jcgassociatecarefund.org
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 10:00:57 GMT
x-content-type-options
nosniff
age
52128
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18668
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:00:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Jul 2025 10:00:57 GMT
8vIU7ww63mVu7gtR-kwKxNvkNOjw-tbnfY3lDQ.woff2
fonts.gstatic.com/s/cinzel/v23/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/cinzel/v23/8vIU7ww63mVu7gtR-kwKxNvkNOjw-tbnfY3lDQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cinzel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29bffc887e1a255b1bd9f3f6ebf9fc4558bac2eeffa134e503bb25a29cd8b9f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.jcgassociatecarefund.org
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 09:13:02 GMT
x-content-type-options
nosniff
age
55003
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13732
x-xss-protection
0
last-modified
Mon, 20 Mar 2023 21:06:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Jul 2025 09:13:02 GMT
m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=GAY/d=0/rs=AN8SPfrev-A3NvrBP0gNq8zXCqKY7IcBLA/ 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=GAY/d=0/rs=AN8SPfrev-A3NvrBP0gNq8zXCqKY7IcBLA/m=el_main_css
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.XIE2V_XJXEs.O/am=GAY/d=1/rs=AN8SPfr2vDQS6LarnVcm2JbM0KsBPXrImg/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.jcgassociatecarefund.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 09:44:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53096
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4144
x-xss-protection
0
last-modified
Thu, 04 Apr 2024 07:26:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Jul 2025 09:44:50 GMT
m=el_main
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.XIE2V_XJXEs.O/am=ABA/d=1/exm=el_conf/ed=1/rs=AN8SPfoD1cThdHO3QrptHKwzJzgSON7gdQ/ 		207 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.XIE2V_XJXEs.O/am=ABA/d=1/exm=el_conf/ed=1/rs=AN8SPfoD1cThdHO3QrptHKwzJzgSON7gdQ/m=el_main
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.XIE2V_XJXEs.O/am=GAY/d=1/rs=AN8SPfr2vDQS6LarnVcm2JbM0KsBPXrImg/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4129e05cd37030d098a34f3c932c7cdfd2128007c5b7aae3aeb2b427038a028
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.jcgassociatecarefund.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 17:58:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23457
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73146
x-xss-protection
0
last-modified
Mon, 08 Jul 2024 21:10:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Jul 2025 17:58:49 GMT
ec340d12-2e87-4385-8457-80bbff72f9b4
ekr.zdassets.com/compose/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ekr.zdassets.com/compose/ec340d12-2e87-4385-8457-80bbff72f9b4
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=ec340d12-2e87-4385-8457-80bbff72f9b4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3f6d2986c34364fa09eb4ea51ad8e0f9055d7ffea8153980251dbe428342417
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.jcgassociatecarefund.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 00:29:46 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
content-encoding
br
cdn-cache-control
max-age=60
x-xss-protection
1; mode=block
x-request-id
8a0c70fafac93666-SEA, 8a0c70fafac93666-SEA
x-runtime
0.002971
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"a3f6d2986c34364fa09eb4ea51ad8e0f"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1CA2hd69xGA1mGzJR2%2FwIaSsRsW3cDPSIouBhgapgK%2BNhjhfHIIOV1E2jWsirt3AVspj%2B7XttWVNlDwKMxzAYpFyaOy6x5DAgidgKZm%2FN4Kapw%2FLG0LLzLLCyFGtPnglpaY%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary
Accept, Origin, Accept-Encoding
cache-control
max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type
application/json; charset=utf-8
x-zendesk-zorg
yes
cf-ray
8a0c70fafac93666-FRA
FRT472ABB2C5B9B141A6BF84EDED671B1BC357BE9055E0C13CCC31A0F53DF6BBF6E.html
164915.tctm.co/form/ Frame 3E7E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://164915.tctm.co/form/FRT472ABB2C5B9B141A6BF84EDED671B1BC357BE9055E0C13CCC31A0F53DF6BBF6E.html
Requested by
Host: www.jcgassociatecarefund.org
URL: https://www.jcgassociatecarefund.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:7c00:12:de4a:40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ctm /
Resource Hash

Request headers

Referer
https://www.jcgassociatecarefund.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, must-revalidate
content-encoding
gzip
content-type
text/html
date
Wed, 10 Jul 2024 00:29:46 GMT
etag
W/668dd5fa00028433689acbbc
last-modified
Wed, 27 Jul 2022 14:51:39 GMT
server
ctm
via
1.1 c8faaa7d637dd73af72e1355a476ffc2.cloudfront.net (CloudFront)
x-amz-cf-id
CmgG_JUFm61Q8YiYojsifM2gFat10Ms2lVTwy2HSKnQTA6gzFAluug==
x-amz-cf-pop
FRA60-P9
x-cache
Miss from cloudfront
widget.js
cdn.userway.org/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widget.js
Requested by
Host: www.jcgassociatecarefund.org
URL: https://www.jcgassociatecarefund.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::101 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
6ca15fb8bec943405b0a2ab78082119971f18ebf0d1eb7d771a1292890c683dd

Request headers

Referer
https://www.jcgassociatecarefund.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Wed, 10 Jul 2024 00:29:46 GMT
via
1.1 950827d16996e598fc854bddb58b3ff0.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-P10
age
248
x-amz-server-side-encryption
AES256
x-accel-date-max
1720170654
x-77-cache
HIT
x-cache
HIT
x-age
1827
x-accel-date
1720569559
x-77-nzt
EgwBnJIhDQH3IwcAAAwBJRPCNAH3AAAAAA
x-accel-expires
@1720573159
x-77-age
1827
last-modified
Fri, 05 Jul 2024 09:05:30 GMT
server
CDN77-Turbo
etag
W/"b106bd0c183303a7d661f13fced07408"
x-77-nzt-ray
0d1fa51886462035fad58d6653440504
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=3600, public
vary
Accept-Encoding
x-amz-cf-id
_2IGdhzVHSF06DCAKwiGe_iFgxaTuX4g04xUIWAj6LklPDrCO9Z9JA==
302-4.jpg
eafurlstorage.blob.core.windows.net/url-content/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eafurlstorage.blob.core.windows.net/url-content/302-4.jpg
Requested by
Host: www.jcgassociatecarefund.org
URL: https://www.jcgassociatecarefund.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.60.2.68 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
89bb75485ed14612e1536a7b63f2eb28f4d65774ae76e5b574cc377a17f2b851

Request headers

Referer
https://www.jcgassociatecarefund.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 10 Jul 2024 00:29:45 GMT
Last-Modified
Tue, 28 Jun 2022 20:38:01 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
EmOvQIGbIAgzgoEw/ykuZA==
ETag
0x8DA594618473E80
Content-Type
image/jpeg
x-ms-request-id
8cdb03e4-f01e-0092-7c60-d2edf8000000
x-ms-version
2009-09-19
Content-Length
5529
widget_app_base_1720170198437.js
cdn.userway.org/widgetapp/2024-07-05-09-03-18/ 		153 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widgetapp/2024-07-05-09-03-18/widget_app_base_1720170198437.js
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::101 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
25eb835d036f9696f166d1955c42500845e00e4473d93fb20ad43939cf7f1acd

Request headers

Referer
https://www.jcgassociatecarefund.org/
Origin
https://www.jcgassociatecarefund.org
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Wed, 10 Jul 2024 00:29:46 GMT
via
1.1 67a9db8bae62321fca21cfd1c50bec56.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-P10
x-accel-date-max
1720170655
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-cache
HIT
x-age
400731
x-accel-date
1720170655
x-77-nzt
EgwBnJIhDQH3Wx0GAAwBJRPCLgH39QAAAA
x-accel-expires
@1746090410
x-77-age
400731
last-modified
Fri, 05 Jul 2024 09:05:24 GMT
server
CDN77-Turbo
etag
W/"450d1be7460efab44c317e168e2612a9"
x-77-nzt-ray
0d1fa518a2306035fad58d6640ba4605
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
vary
Accept-Encoding
x-amz-cf-id
oCQNxQzuZe7kk3LxWZORAZidnf3ESkDDf0Fm9CkkcrTAKB7cpJFbGw==
truncated
/ Frame BD81 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43717a87f5a33f3bfb7d0be4c054905fe024306b94885c70e8a67f9d02a321f3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
text/html;charset=UTF-8
m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=GAY/d=0/rs=AN8SPfrev-A3NvrBP0gNq8zXCqKY7IcBLA/ Frame 276D 		22 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=GAY/d=0/rs=AN8SPfrev-A3NvrBP0gNq8zXCqKY7IcBLA/m=el_main_css
Requested by
Host: translate.googleapis.com
URL: https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.XIE2V_XJXEs.O/am=ABA/d=1/exm=el_conf/ed=1/rs=AN8SPfoD1cThdHO3QrptHKwzJzgSON7gdQ/m=el_main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.jcgassociatecarefund.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 09:44:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53096
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4144
x-xss-protection
0
last-modified
Thu, 04 Apr 2024 07:26:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Jul 2025 09:44:50 GMT
24px.svg
fonts.gstatic.com/s/i/productlogos/translate/v14/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg
Requested by
Host: www.jcgassociatecarefund.org
URL: https://www.jcgassociatecarefund.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.jcgassociatecarefund.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 10:01:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52075
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3340
x-xss-protection
0
last-modified
Wed, 20 Apr 2022 14:24:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Jul 2025 10:01:51 GMT
cleardot.gif
www.google.com/images/ 		43 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/cleardot.gif
Requested by
Host: www.jcgassociatecarefund.org
URL: https://www.jcgassociatecarefund.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.jcgassociatecarefund.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jul 2024 00:29:46 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 01 Jan 1990 00:00:00 GMT
translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/product/2x/translate_24dp.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=GAY/d=0/rs=AN8SPfrev-A3NvrBP0gNq8zXCqKY7IcBLA/m=el_main_css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=GAY/d=0/rs=AN8SPfrev-A3NvrBP0gNq8zXCqKY7IcBLA/m=el_main_css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 18:10:06 GMT
x-content-type-options
nosniff
age
22780
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1842
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 09:08:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 09 Jul 2025 18:10:06 GMT
EKg9Pa2M10
api.userway.org/api/tunings/ 		661 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.userway.org/api/tunings/EKg9Pa2M10
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-07-05-09-03-18/widget_app_base_1720170198437.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f14:5db:eb22:3666:3d48:6c2b:699e Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
82b0aae40df666919bf4d18848a5aef4ac19b796a2a03030382c9f35b641e7f5

Request headers

Referer
https://www.jcgassociatecarefund.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 10 Jul 2024 00:29:46 GMT
etag
W/"295-8rQcxsrTzTKy58TooyqknjNsU6U"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-service-request-id
usr27ed360fe07542b
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
*
content-length
661
x-service-version
uw-pr
favicon.ico
www.jcgassociatecarefund.org/ 		31 KB
32 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.jcgassociatecarefund.org/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.119.16.11 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a94f8a8553caea8430dd4ca3cc01d4e318d19828f74cb65453ffb7f5d9e2f44d

Request headers

Referer
https://www.jcgassociatecarefund.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 10 Jul 2024 00:29:45 GMT
Last-Modified
Fri, 24 Jun 2022 19:21:17 GMT
Server
Microsoft-IIS/10.0
ETag
"4f58c993ff87d81:0"
X-Powered-By
ASP.NET
Content-Type
image/x-icon
Accept-Ranges
bytes
Content-Length
32038
web-widget-main-82b779d.js
static.zdassets.com/web_widget/classic/latest/ Frame 8C36 		972 KB
276 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/classic/latest/web-widget-main-82b779d.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=ec340d12-2e87-4385-8457-80bbff72f9b4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
094810cad57e8631aa472aa9c0a10a8557f0250122413140107ee0c2e0fb0e14
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 00:29:46 GMT
x-amz-version-id
SCTjl2ckf2U7IDSCZT0gOekjqnpP9.yU
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
YN3ZGGQDBH827DBM
age
659468
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
fgR+YnZX4Ce2qlkttdxIZM7jNAZ6NJAa2MGKzlz7Hrd/0wUOf1c755G1sTcgr1CG2QLVJforOGY=
last-modified
Wed, 26 Jun 2024 14:31:29 GMT
server
cloudflare
etag
W/"b3b85d5ef4df5f1e3f8278e1b9281b9c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5WtzGq0sfKdhKupDqcSWZoJZSk9bhXmAoR0CuIp4%2BW%2FHFix25rTenyi2whVBU6m8c%2FyLz6qafhJLNJo5SVxDuYLF%2FSHftPlUEbN2jfqpE%2BLhV%2BICGXO77qtxfle8ScOYCBSCo6Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
8a0c70fc4ae13819-FRA
access-control-allow-headers
*
expires
Thu, 26 Jun 2025 14:31:28 GMT
en-us-json-82b779d.js
static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/ Frame 8C36 		25 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-82b779d.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-82b779d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 00:29:46 GMT
x-amz-version-id
Dr7UckWLuA_hHpsnpwYlJtB94RJkxOxH
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
5QBFN815VJRMEH40
age
659467
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
0FkuZT0ThuH028fOSxNnCk01CyHbU4Dqz5Ed/rrpOmjkFfYnbT8Wm/iRFcHD0kjqLVzo/hN5l5Y=
last-modified
Wed, 26 Jun 2024 14:31:31 GMT
server
cloudflare
etag
W/"6eb45e96a7cbb4b8ca10897f3cf09981"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=84KLzilYmEqa4kjdSGEL0wpzGBoqsgaoirW6znCLepLDxFx9zfQDLhJB3t%2BjqNE6pkbW%2BEf6W0009TS8q97Yit3s%2FtD9OwDsiYUjAN4ksNeJBmTRJnezbW1rs8%2FHNtz%2FGttGAxQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
8a0c70fd1b473819-FRA
access-control-allow-headers
*
expires
Thu, 26 Jun 2025 14:31:30 GMT
config
emergencyassistancefdn.zendesk.com/embeddable/ Frame 8C36 		886 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://emergencyassistancefdn.zendesk.com/embeddable/config
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-82b779d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a8c82d714718b2145da701dd60f2b42bde22180c507b6e46fc270b00bb45263

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 00:29:46 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
20
x-zendesk-origin-server
embeddable-app-server-dfbf5bf9b-m4tb2
x-cached
STALE
x-runtime
0.002461
last-modified
Wed, 10 Jul 2024 00:29:26 GMT
server
cloudflare
access-control-max-age
7200
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YErt6TKiv%2FHy0HwCJT%2Fnp3glYoFk%2Finhj5cztCVfnc7yl6jvjyp2WzOL42JcFl4otXPcW06kcNyuGPaTinYL4aYy4HlD8n8ZoRAWvy9Iowi95J0tEiQPB6pQzBvbQdtIYnK9oBdENihcISWhShCbQAAhAyo%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control
public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary
Origin, Accept-Encoding
cf-ray
8a0c70fd4a3130f6-FRA
web-widget-chat-sdk-82b779d.js
static.zdassets.com/web_widget/classic/latest/ Frame 8C36 		216 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-sdk-82b779d.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-82b779d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8caa3b3ec2630f77a22e865988f01fc8e76abb8ca6c288910b93db0d0b806162
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 00:29:46 GMT
x-amz-version-id
.p8nX1U4xbyw23vl3u3azk5iCuj0VTgC
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
6PEW6ASZHW1G7MKY
age
250432
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
IwuZTqpD0Lf4uOF2NPi6gBCunhc5SGIBf65Z9JLYwcDZaVujapb4WIyiHcTaK1hGfakhuc3S4tVDhT781S3pB8NxBGL/Ov8j
last-modified
Wed, 26 Jun 2024 14:31:29 GMT
server
cloudflare
etag
W/"bf7f24c006f934261d7ff732b528402b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WQylnI19%2FpeDmorZuwpr8kR0imo2snrpJV1tURX40iCGc%2B22h1%2FoZbaEROZIuXS3FEf2zhUoBV1yAPG5ZYZh2240OzuvOwLCD1vs4NtLzaCTNH2NOLhnYBfFtMmtkefgfVC97nA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
8a0c70fd4b5f3819-FRA
access-control-allow-headers
*
expires
Thu, 26 Jun 2025 14:31:28 GMT
en-US.json
cdn.userway.org/widgetapp/2024-07-05-09-03-18/locales/ 		621 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widgetapp/2024-07-05-09-03-18/locales/en-US.json
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-07-05-09-03-18/widget_app_base_1720170198437.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::101 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
4ad9a5493aafc1f43e8882aeb9d07b945139ad6326d82a04b5237ee1a3283538

Request headers

Referer
https://www.jcgassociatecarefund.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Wed, 10 Jul 2024 00:29:46 GMT
via
1.1 b61ff825a3ca0ff851caf7741034ca52.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-P10
age
240
x-amz-server-side-encryption
AES256
x-accel-date-max
1720170659
x-77-cache
HIT
x-cache
HIT
x-age
400727
x-accel-date
1720170659
x-77-nzt
EgwBnJIhDQH3Vx0GAAwBnJIhJwH3BAAAAA
x-accel-expires
@1746090655
x-77-age
400727
last-modified
Fri, 05 Jul 2024 09:05:24 GMT
server
CDN77-Turbo
etag
W/"85d8c40aac9c25bb0b993d4aa039a56f"
x-77-nzt-ray
0d1fa518a2306035fad58d66e6333c3a
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
vary
Accept-Encoding
x-amz-cf-id
31shi0nbtnecgAb8xwYEM8eG9M_Ng7XilKgIsIgZUUQ_c2296-yFBw==
web-widget-chat-incoming-message-notification-82b779d.js
static.zdassets.com/web_widget/classic/latest/ Frame 8C36 		236 B
842 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-incoming-message-notification-82b779d.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-82b779d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a29e4af6aa6a95982d1092a20f0068173b9a9d5df0a89bc99da556aebec3ce54
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 00:29:47 GMT
x-amz-version-id
wqFk_CJZiQBBOQ2sMRe7y2sc8oCQAFUy
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
7AN43QXF4ZPFGECW
age
659468
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
4ne+RR2VoC0DqWEmlTOqyG+pYoaiVFVi0ZoxQz1XPNYu6UNr7aF2cSnRsg7gdGy7ZMpR6IxfG5Q=
last-modified
Wed, 26 Jun 2024 14:31:29 GMT
server
cloudflare
etag
W/"77bb07ca171e3ff2b72a7dafa7822bc8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p9BLfBnGh4FLwaoV8h9%2FgEnRAgR04DTJ1cRJ4N%2Fdrl06sSJrm6g1fnsUAT12NSddvwEt%2F3Couh%2FqPc%2FD7tHV5z%2FecrZyGj%2Fjt41YCdSUlLH%2BX3Co80%2BKgN5jSDTPNzmYAdS7zmg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
8a0c71013e2f3819-FRA
access-control-allow-headers
*
expires
Thu, 26 Jun 2025 14:31:28 GMT
fda6cd35495c75f83508d9d2e77ee33d.mp3
static.zdassets.com/web_widget/classic/latest/ Frame 8C36 		19 KB
20 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/classic/latest/fda6cd35495c75f83508d9d2e77ee33d.mp3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05069cc62b394b6ecc2daf3c51b4b2ba7f6cc8735988e8234487234af47eceee
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 10 Jul 2024 00:29:47 GMT
x-amz-version-id
Kl.biZfM8rz6re2aS0glnDheA8R9Dmfl
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
KH5VE2Z70ZGQ75A2
age
10218587
x-amz-server-side-encryption
AES256
Content-Range
bytes 0-19697/19698
x-amz-replication-status
COMPLETED
Content-Length
19698
x-amz-id-2
LqweHRijvBdbgWotLxDeNcs9Lz6cG09nTN1pbS7TIlVP/kJbpnlLrkq/B74CU90UTxSTSp+E3xk=
last-modified
Wed, 29 Nov 2023 08:06:43 GMT
server
cloudflare
etag
"f11ce9e8f40a392830217253fe75d6de"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VLGBvZUYJ8V5mgQ1KUX40RorFozC%2BW4ARcT6E51vc8S7ccTGZInOEZ%2FsEADPgUo0qVb4MWYdtv4tuxcr9QWSVcWc0aL2YjIuOl%2B5aQ%2FR54V3HfH1WblVFwrQasFk2BKFphn3VaE%3D"}],"group":"cf-nel","max_age":604800}
content-type
audio/mpeg; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
8a0c71016e3f3819-FRA
access-control-allow-headers
*
expires
Thu, 28 Nov 2024 08:06:42 GMT
remediation-tool-free.js
cdn.userway.org/remediation/2024-07-05-09-03-18/free/ 		31 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/remediation/2024-07-05-09-03-18/free/remediation-tool-free.js?ts=1720170198437
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-07-05-09-03-18/widget_app_base_1720170198437.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::101 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
78793ed6af79a53f0a983daa7bf01fb2151d5c76938994e9a0a3f9b820714c42

Request headers

Referer
https://www.jcgassociatecarefund.org/
Origin
https://www.jcgassociatecarefund.org
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Wed, 10 Jul 2024 00:29:47 GMT
via
1.1 577d8c1d3279d6a0f53cebe01ead8c6e.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-P10
age
232
x-amz-server-side-encryption
AES256
x-accel-date-max
1720170659
x-77-cache
HIT
x-cache
HIT
x-age
400728
x-accel-date
1720170659
x-77-nzt
EgwBnJIhDQH3WB0GAAwBJRPCLgH3EAAAAA
x-accel-expires
@1746090643
x-77-age
400728
last-modified
Fri, 05 Jul 2024 09:05:28 GMT
server
CDN77-Turbo
etag
W/"9db409bc341a6520412b5c42d90785b2"
x-77-nzt-ray
0d1fa518a2306035fbd58d668cdb8a1c
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
vary
Accept-Encoding
x-amz-cf-id
wqxUjKzBDb7w1OPBX_sKDgS_aCcopYIR00mDvchiMgE0CQ9NTh025g==
body_wh.svg
cdn.userway.org/widgetapp/images/ 		4 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.userway.org/widgetapp/images/body_wh.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::101 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
21eb1e487c899c6192c31800445bfb81caa7ff1fca550ea3fdb3444834d85710

Request headers

Referer
https://www.jcgassociatecarefund.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Wed, 10 Jul 2024 00:29:47 GMT
via
1.1 47bf742fc3975367a1788e300150d028.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-P10
x-accel-date-max
1720170655
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-cache
HIT
x-age
400732
x-accel-date
1720170655
x-77-nzt
EgwBnJIhDQH3XB0GAAwBnJIhJwH3BQAAAA
x-accel-expires
@1746090650
x-77-age
400732
last-modified
Fri, 22 Mar 2024 12:49:37 GMT
server
CDN77-Turbo
etag
W/"1d8b1582fe82bd329041cc1982ad42e4"
x-77-nzt-ray
0d1fa51886462035fbd58d66eb88171d
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
vary
Accept-Encoding
x-amz-cf-id
AyFyno5p1fbfAUVOI1kcGEsk3W0Hzp0HcZrzg7KqtULTx_ziAhOfQg==
spin_wh.svg
cdn.userway.org/widgetapp/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.userway.org/widgetapp/images/spin_wh.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::101 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

Referer
https://www.jcgassociatecarefund.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Wed, 10 Jul 2024 00:29:47 GMT
via
1.1 e3d6f049badd72a460740c783d33cfa4.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-P10
x-accel-date-max
1720170655
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-cache
HIT
x-age
400732
x-accel-date
1720170655
x-77-nzt
EgwBnJIhDQH3XB0GAAwBnJIhJwH3BQAAAA
x-accel-expires
@1746090650
x-77-age
400732
last-modified
Fri, 22 Mar 2024 12:49:37 GMT
server
CDN77-Turbo
etag
W/"8e0a35946bf39d10f46a1f1653366a0a"
x-77-nzt-ray
0d1fa51886462035fbd58d66aca21e1d
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
vary
Accept-Encoding
x-amz-cf-id
gQjoVotf2srr_wLW1xgpIIKMtfvQlTnrmnVGiRDl2Rs-4I5vNAym8w==

Verdicts & Comments Add Verdict or Comment

118 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| html5 object| Modernizr function| googleTranslateElementInit function| _DumpException object| default_tr object| _F_toggles string| MSG_TRANSLATE string| MSG_CANCEL string| MSG_CLOSE function| MSGFUNC_PAGE_TRANSLATED_TO function| MSGFUNC_TRANSLATED_TO string| MSG_GENERAL_ERROR string| MSG_LEARN_MORE function| MSGFUNC_POWERED_BY string| MSG_TRANSLATE_PRODUCT_NAME string| MSG_TRANSLATION_IN_PROGRESS function| MSGFUNC_TRANSLATE_PAGE_TO function| MSGFUNC_VIEW_PAGE_IN string| MSG_RESTORE string| MSG_SSL_INFO_LOCAL_FILE string| MSG_SSL_INFO_SECURE_PAGE string| MSG_SSL_INFO_INTRANET_PAGE string| MSG_SELECT_LANGUAGE function| MSGFUNC_TURN_OFF_TRANSLATION function| MSGFUNC_TURN_OFF_FOR string| MSG_ALWAYS_HIDE_AUTO_POPUP_BANNER string| MSG_ORIGINAL_TEXT string| MSG_FILL_SUGGESTION string| MSG_SUBMIT_SUGGESTION string| MSG_SHOW_TRANSLATE_ALL string| MSG_SHOW_RESTORE_ALL string| MSG_SHOW_CANCEL_ALL string| MSG_TRANSLATE_TO_MY_LANGUAGE function| MSGFUNC_TRANSLATE_EVERYTHING_TO string| MSG_SHOW_ORIGINAL_LANGUAGES string| MSG_OPTIONS string| MSG_TURN_OFF_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_SUGGESTION string| MSG_ALT_ACTIVITY_HELPER_TEXT string| MSG_USE_ALTERNATIVES string| MSG_DRAG_TIP string| MSG_CLICK_FOR_ALT string| MSG_DRAG_INSTUCTIONS string| MSG_SUGGESTION_SUBMITTED string| MSG_MANAGE_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_AND_CONTRIBUTE_ACTIVITY_HELPER_TEXT string| MSG_ORIGINAL_TEXT_NO_COLON string| MSG_LANGUAGE_UNSUPPORTED string| MSG_LANGUAGE_TRANSLATE_WIDGET string| MSG_RATE_THIS_TRANSLATION string| MSG_FEEDBACK_USAGE_FOR_IMPROVEMENT string| MSG_FEEDBACK_SATISFIED_LABEL string| MSG_FEEDBACK_DISSATISFIED_LABEL string| MSG_TRANSLATION_NO_COLON function| _exportVersion function| _getCallbackFunction function| _exportMessages function| _loadJs function| _loadCss function| _isNS function| _setupNS object| google object| zEWebpackACJsonp function| zE function| zEmbed function| $ function| jQuery boolean| __ctm_loader_run number| __ctm_count function| setCookie function| getCookie function| notifyChildOfParent object| __ctm_loaded object| __jctm_loaded function| ctm_chat object| UserWayWidgetApp object| closure_lm_744996 function| __read function| __spreadArray function| __values string| LS_KEY string| CDN_BASE string| LOCALES string| VERSION object| FuncKeys object| DEFAULT_OPEN_HOTKEY object| userwaySupportedLanguages object| userwayMapToSupportedLanguages object| userwaySupportedLocales string| USERWAY_DEFAULT_FALLBACK_LANGUAGE function| userwaySupports function| formatLangCode function| __assign function| __rest object| messageStream object| _userway_config boolean| _userway object| widget_reg boolean| zEACLoaded function| $zopim object| UserWay function| __defProp function| __defProps function| __getOwnPropDescs function| __getOwnPropSymbols function| __hasOwnProp function| __propIsEnum function| __defNormalProp function| __spreadValues function| __spreadProps function| __objRest function| __async

5 Cookies

Domain/Path Name / Value
.www.jcgassociatecarefund.org/ Name: ARRAffinity
Value: 54146e8a427f2ebd92841849bd05deb7404c264922301252bfeb1f942b3f0989
.www.jcgassociatecarefund.org/ Name: ARRAffinitySameSite
Value: 54146e8a427f2ebd92841849bd05deb7404c264922301252bfeb1f942b3f0989
164915.tctm.co/ Name: ct164915
Value: 668dd5fa00028433689acbbc
widget-mediator.zopim.com/ Name: AWSALBCORS
Value: TNjJ5IbAS08ObPSwBkVBeavzwVKPiHNY68otEsoSkNd+ela9FccM4L2cX4S/WtQcalU/pZtCTYi0I5n6Hg+Wi8l+MQi/ApDwdu8X9E/ApIwSRfElw/t77DC7gnD1
.jcgassociatecarefund.org/ Name: __zlcmid
Value: 1MgmrA4JZSf5DkF

1 Console Messages

Source Level URL
Text
security warning URL: https://164915.tctm.co/formreactor.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://164915.tctm.co') does not match the recipient window's origin ('https://www.jcgassociatecarefund.org').

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

164915.tctm.co
api.userway.org
cdn.userway.org
eafurlstorage.blob.core.windows.net
ekr.zdassets.com
emergencyassistancefdn.zendesk.com
fonts.googleapis.com
fonts.gstatic.com
static.zdassets.com
translate.google.com
translate.googleapis.com
www.google.com
www.gstatic.com
www.jcgassociatecarefund.org
104.16.51.111
104.18.72.113
20.119.16.11
20.60.2.68
2600:1f14:5db:eb22:3666:3d48:6c2b:699e
2600:9000:235a:7c00:12:de4a:40:93a1
2600:9000:235a:f800:12:de4a:40:93a1
2a00:1450:4001:801::200a
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:812::2003
2a00:1450:4001:812::2004
2a00:1450:4001:829::200a
2a02:6ea0:c700::101
05069cc62b394b6ecc2daf3c51b4b2ba7f6cc8735988e8234487234af47eceee
094810cad57e8631aa472aa9c0a10a8557f0250122413140107ee0c2e0fb0e14
0bee8931c5331b90db0d4c0620f3997cc526a33589ab47d5a77901df8a58982b
11f0f33f9711ca7551b10cdff821a5c9b8ab7d74055c1d84adf61708991774a4
1a8c82d714718b2145da701dd60f2b42bde22180c507b6e46fc270b00bb45263
21eb1e487c899c6192c31800445bfb81caa7ff1fca550ea3fdb3444834d85710
25eb835d036f9696f166d1955c42500845e00e4473d93fb20ad43939cf7f1acd
29bffc887e1a255b1bd9f3f6ebf9fc4558bac2eeffa134e503bb25a29cd8b9f0
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3aa00b83a0fec30f36dc127dff3d899fdeb7d5027092de7c77d93f13f1955f35
43717a87f5a33f3bfb7d0be4c054905fe024306b94885c70e8a67f9d02a321f3
4ad9a5493aafc1f43e8882aeb9d07b945139ad6326d82a04b5237ee1a3283538
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
64a222eec554aa192e6623f8157d6724112eebc991c1c17bfd66184d51e702fd
6ca15fb8bec943405b0a2ab78082119971f18ebf0d1eb7d771a1292890c683dd
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
78793ed6af79a53f0a983daa7bf01fb2151d5c76938994e9a0a3f9b820714c42
82b0aae40df666919bf4d18848a5aef4ac19b796a2a03030382c9f35b641e7f5
89bb75485ed14612e1536a7b63f2eb28f4d65774ae76e5b574cc377a17f2b851
8caa3b3ec2630f77a22e865988f01fc8e76abb8ca6c288910b93db0d0b806162
901299a6a74d98fe1f9e26a6f34fa8f39cd076478d59f3111b3a6980621350e6
9e83216908224ffbc39992a5e60f93ca21b8e2240ba28025ba679c4b70f7112d
a29e4af6aa6a95982d1092a20f0068173b9a9d5df0a89bc99da556aebec3ce54
a3f6d2986c34364fa09eb4ea51ad8e0f9055d7ffea8153980251dbe428342417
a4129e05cd37030d098a34f3c932c7cdfd2128007c5b7aae3aeb2b427038a028
a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e
a71fd6207f6416a9147eab09c1cafe22c8104507dd6391248ea2921bf7d8d78b
a94f8a8553caea8430dd4ca3cc01d4e318d19828f74cb65453ffb7f5d9e2f44d
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
b27de040132455f55fb594368dd34b8f2d2d9b388d31c3ae127dd83c71cd8fb5
be2656e3faa3d7d4b4aaad78ed44f5b3388ea624b40557618398b08b224081eb
c3061c3788ad5783ef8a5d10c454bafe7eb942c48200dccc852cc6d3c9f303d4
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
c6c9c55306e0cc0fbd50b3488121de96630e66f6744a6538e97e982d64144889
cdbcbb6ab7680b6f7ee6f09ff2a54b0e8e3eb6e758efb1c0a7fe5e71fb0da118
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
ffe637130ea6971ffbcdd3dac599a3d7efc9f89ac9082e1ef917d0fc6575ecc0