urlscan.io logo urlscan.io
SecurityTrails logo

unitedwaywinnipeg.ca Open in urlscan Pro
192.95.20.61  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://e1.envoke.com/ct/3956/2159898/754695359/f7f8f867bd6f6df00317f825db118e7b
Effective URL: https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Ex...
Submission: On October 15 via api from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 6 countries across 19 domains to perform 65 HTTP transactions. The main IP is 192.95.20.61, located in Montreal, Canada and belongs to OVH, FR. The main domain is unitedwaywinnipeg.ca.
TLS certificate: Issued by Let's Encrypt Authority X3 on August 18th 2020. Valid for: 3 months.
This is the only time unitedwaywinnipeg.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 51.79.72.201 16276 (OVH)
19 192.95.20.61 16276 (OVH)
4 2a00:1450:400... 15169 (GOOGLE)
1 9 2a00:1450:400... 15169 (GOOGLE)
3 151.101.112.176 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 216.58.212.130 15169 (GOOGLE)
1 151.101.112.157 54113 (FASTLY)
2 2a02:26f0:10c... 20940 (AKAMAI-ASN1)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.244.42.69 13414 (TWITTER)
1 2 2a05:f500:10:... 14413 (LINKEDIN)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
2 2a03:2880:f11... 32934 (FACEBOOK)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.244.42.3 13414 (TWITTER)
65 23
1    51.79.72.201 (Québec, Canada)

ASN16276 (OVH, FR)
PTR: z1b.envoke.com
e1.envoke.com
19    192.95.20.61 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: montreal300.wpcloud.ca
unitedwaywinnipeg.ca
4    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
9    2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    151.101.112.176 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
js.stripe.com
1    2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:824::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2a00:1450:4001:80b::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
2    2a00:1450:4001:81b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net
www.googleadservices.com
1    151.101.112.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
2    2a02:26f0:10c:582::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
snap.licdn.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googleadservices.com
googleads.g.doubleclick.net
1    2a00:1450:4001:825::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    104.244.42.69 (United States)

ASN13414 (TWITTER, US)
t.co
2    2a05:f500:10:101::b93f:9105 (Ireland)

ASN14413 (LINKEDIN, US)
px.ads.linkedin.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.linkedin.com
2    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:4001:820::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.snapengage.com
1    104.244.42.3 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
Domain Requested by
19 unitedwaywinnipeg.ca unitedwaywinnipeg.ca
9 www.google.com 1 redirects unitedwaywinnipeg.ca
www.gstatic.com
6 fonts.gstatic.com fonts.googleapis.com
4 fonts.googleapis.com unitedwaywinnipeg.ca
storage.googleapis.com
3 www.google.de unitedwaywinnipeg.ca
3 storage.googleapis.com unitedwaywinnipeg.ca
3 js.stripe.com unitedwaywinnipeg.ca
js.stripe.com
2 www.facebook.com unitedwaywinnipeg.ca
connect.facebook.net
2 px.ads.linkedin.com 1 redirects unitedwaywinnipeg.ca
2 googleads.g.doubleclick.net 1 redirects www.googleadservices.com
2 connect.facebook.net unitedwaywinnipeg.ca
connect.facebook.net
2 snap.licdn.com www.googletagmanager.com
snap.licdn.com
2 www.googleadservices.com www.googletagmanager.com
www.googleadservices.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 analytics.twitter.com static.ads-twitter.com
1 www.snapengage.com storage.googleapis.com
1 www.linkedin.com 1 redirects
1 t.co unitedwaywinnipeg.ca
1 stats.g.doubleclick.net www.google-analytics.com
1 static.ads-twitter.com www.googletagmanager.com
1 www.googletagmanager.com unitedwaywinnipeg.ca
1 www.gstatic.com www.google.com
1 e1.envoke.com 1 redirects
65 23
Subject Issuer Validity Valid
unitedwaywinnipeg.ca
Let's Encrypt Authority X3		 2020-08-18 -
2020-11-16		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2020-09-22 -
2021-02-03		 4 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
www.googleadservices.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
ads-twitter.com
DigiCert SHA2 High Assurance Server CA		 2020-08-14 -
2021-08-19		 a year crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2019-04-01 -
2021-05-07		 2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-09-11 -
2020-12-10		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
t.co
DigiCert SHA2 High Assurance Server CA		 2020-03-05 -
2021-03-02		 a year crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2020-08-05 -
2021-02-05		 6 months crt.sh
*.google.de
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
www.snapengage.com
GTS CA 1D2		 2020-09-27 -
2020-12-26		 3 months crt.sh
*.twitter.com
DigiCert SHA2 High Assurance Server CA		 2020-03-05 -
2021-03-02		 a year crt.sh

This page contains 9 frames:

Primary Page: https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
Frame ID: F2C94F7B8E3CC2B7FDC356CCEA173C7D
Requests: 53 HTTP requests in this frame

Frame: https://js.stripe.com/v2/channel.html?stripe_xdm_e=https%3A%2F%2Funitedwaywinnipeg.ca&stripe_xdm_c=default571062&stripe_xdm_p=1
Frame ID: 21EA755F989A3BF606538F252AD4282A
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcq674UAAAAAEyDPrj4nLYfhFpyn5rzxAdxr2Fn&co=aHR0cHM6Ly91bml0ZWR3YXl3aW5uaXBlZy5jYTo0NDM.&hl=en&v=T9w1ROdplctW2nVKvNJYXH8o&theme=light&size=normal&cb=ouwutjr495p
Frame ID: 119E556721FEB1E8391BFC69FD467A92
Requests: 1 HTTP requests in this frame

Frame: https://storage.googleapis.com/code.snapengage.com/cd/6419955776356352/1562171709526.png
Frame ID: F11CB01E6AA521D5BA6E1EF89851A652
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=T9w1ROdplctW2nVKvNJYXH8o&k=6Lcq674UAAAAAEyDPrj4nLYfhFpyn5rzxAdxr2Fn&cb=637k7ykpivp
Frame ID: E2CAE337058B111E162807F056D7155C
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:300,400
Frame ID: 10B61A30BF28CFCCE8F0BC87F01C26A7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdT7r4UAAAAAIviZtk0FZVsZ88VdmEExEdcKHMK&co=aHR0cHM6Ly91bml0ZWR3YXl3aW5uaXBlZy5jYTo0NDM.&hl=en&v=T9w1ROdplctW2nVKvNJYXH8o&theme=light&size=normal&cb=42gkwxmbpov2
Frame ID: 2CFFA4BD2678355F9467CBF922A17C9B
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v2/m/outer.html
Frame ID: 137151D163348E0BDF83BB0D7CF9D90F
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=T9w1ROdplctW2nVKvNJYXH8o&k=6LdT7r4UAAAAAIviZtk0FZVsZ88VdmEExEdcKHMK&cb=9bxvri9e78p
Frame ID: 0207C50BF71E98206C9923583F95EBB8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://e1.envoke.com/ct/3956/2159898/754695359/f7f8f867bd6f6df00317f825db118e7b HTTP 302
    https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_sourc... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • script /\/wp-content\/plugins\/gravityforms\/js\/[^/]+\.js\?ver=([\d.]+)$/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • script /\/wp-content\/plugins\/gravityforms\/js\/[^/]+\.js\?ver=([\d.]+)$/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • script /\/wp-content\/plugins\/gravityforms\/js\/[^/]+\.js\?ver=([\d.]+)$/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • headers server /^LiteSpeed$/i
Overall confidence: 100%
Detected patterns
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /\/wp-content\/plugins\/gravityforms\/js\/[^/]+\.js\?ver=([\d.]+)$/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /\/recaptcha\/api\.js/i

Page Statistics

65
Requests

100 %
HTTPS

71 %
IPv6

19
Domains

23
Subdomains

23
IPs

6
Countries

1705 kB
Transfer

4920 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://e1.envoke.com/ct/3956/2159898/754695359/f7f8f867bd6f6df00317f825db118e7b HTTP 302
    https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1413276&url=https%3A%2F%2Funitedwaywinnipeg.ca%2F150-challenge%2F%3Futm_medium%3Demail%26utm_campaign%3Dcommunitynewsletter16%26utm_source%3Denvoke%26utm_term%3DExciting-news-for-our-communit%26utm_content%3Dcore&time=1602785952976 HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1413276%26url%3Dhttps%253A%252F%252Funitedwaywinnipeg.ca%252F150-challenge%252F%253Futm_medium%253Demail%2526utm_campaign%253Dcommunitynewsletter16%2526utm_source%253Denvoke%2526utm_term%253DExciting-news-for-our-communit%2526utm_content%253Dcore%26time%3D1602785952976%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1413276&url=https%3A%2F%2Funitedwaywinnipeg.ca%2F150-challenge%2F%3Futm_medium%3Demail%26utm_campaign%3Dcommunitynewsletter16%26utm_source%3Denvoke%26utm_term%3DExciting-news-for-our-communit%26utm_content%3Dcore&time=1602785952976&liSync=true
Request Chain 50
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/806434901/?random=1925745780&cv=9&fst=*&num=1&value=0&label=X2svCKrH3oMBENXwxIAD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9u1&sendb=1&ig=1&frm=0&url=https://unitedwaywinnipeg.ca/150-challenge/%3Futm_medium%3Demail%26utm_campaign%3Dcommunitynewsletter16%26utm_source%3Denvoke%26utm_term%3DExciting-news-for-our-communit%26utm_content%3Dcore&tiba=Take%20the%20United%20Way%20Winnipeg%20150%20Challenge%20today!&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=oJKIX8arO67P7_UPzqWOmAk&sscte=1&crd=&eitems=ChEI8Oaf_AUQ_ZH29qPqg6SlARIdAD2rKCKzq9SWVZjEEKCEIEHOzo7dIBg_ikWFFXY HTTP 302
  • https://www.google.com/pagead/1p-conversion/806434901/?random=1925745780&cv=9&fst=*&num=1&value=0&label=X2svCKrH3oMBENXwxIAD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9u1&sendb=1&ig=1&frm=0&url=https://unitedwaywinnipeg.ca/150-challenge/%3Futm_medium%3Demail%26utm_campaign%3Dcommunitynewsletter16%26utm_source%3Denvoke%26utm_term%3DExciting-news-for-our-communit%26utm_content%3Dcore&tiba=Take%20the%20United%20Way%20Winnipeg%20150%20Challenge%20today!&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=oJKIX8arO67P7_UPzqWOmAk&cid=CAQSKQCNIrLMOyz2h94f9DMpMgb4wT3moVKxo0xJA_s1GR1xoyuaqMzXCH5_&eitems=ChEI8Oaf_AUQ_ZH29qPqg6SlARIdAD2rKCJHSFLwse7XUgrO2nBeyBgkAak6woTq-gs&random=1375002871&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/806434901/?random=1925745780&cv=9&fst=*&num=1&value=0&label=X2svCKrH3oMBENXwxIAD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9u1&sendb=1&ig=1&frm=0&url=https://unitedwaywinnipeg.ca/150-challenge/%3Futm_medium%3Demail%26utm_campaign%3Dcommunitynewsletter16%26utm_source%3Denvoke%26utm_term%3DExciting-news-for-our-communit%26utm_content%3Dcore&tiba=Take%20the%20United%20Way%20Winnipeg%20150%20Challenge%20today!&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=oJKIX8arO67P7_UPzqWOmAk&cid=CAQSKQCNIrLMOyz2h94f9DMpMgb4wT3moVKxo0xJA_s1GR1xoyuaqMzXCH5_&eitems=ChEI8Oaf_AUQ_ZH29qPqg6SlARIdAD2rKCJHSFLwse7XUgrO2nBeyBgkAak6woTq-gs&random=1375002871&resp=GooglemKTybQhCsO&ipr=y&ezwbk=AZuM4hCWh8VS12eOSQWvRCpdoRWXcPiJWGoJL2DQVDSTxMVPWQiA-61p3rQ0fXcVcr7E8kxgcHFYdK3ONtCWG_vMUKmH

65 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
unitedwaywinnipeg.ca/150-challenge/
Redirect Chain
  • https://e1.envoke.com/ct/3956/2159898/754695359/f7f8f867bd6f6df00317f825db118e7b
  • https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
676 KB
72 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.95.20.61 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
montreal300.wpcloud.ca
Software
LiteSpeed / PHP/7.4.11
Resource Hash
18e4f349a06983b49d8df83c5e6bb07d3826b5e08011f1c91036b0ab8c62731b

Request headers

:method
GET
:authority
unitedwaywinnipeg.ca
:scheme
https
:path
/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
x-powered-by
PHP/7.4.11
content-type
text/html; charset=UTF-8
link
<https://unitedwaywinnipeg.ca/wp-json/>; rel="https://api.w.org/" <https://unitedwaywinnipeg.ca/wp-json/wp/v2/pages/30631>; rel="alternate"; type="application/json" <https://unitedwaywinnipeg.ca/?p=30631>; rel=shortlink </wp-content/litespeed/cssjs/51c97.css?f2087>; rel=preload; as=style,</wp-includes/js/jquery/jquery.js?ver=1.12.4-wp>; rel=preload; as=script,</wp-content/plugins/gravityforms/js/jquery.json.min.js?ver=2.4.21>; rel=preload; as=script,</wp-content/plugins/gravityforms/js/placeholders.jquery.min.js?ver=2.4.21>; rel=preload; as=script,</wp-content/litespeed/cssjs/a1be6.js?35aad>; rel=preload; as=script,</wp-content/litespeed/cssjs/4aedd.js?3743e>; rel=preload; as=script
x-tec-api-version
v1
x-tec-api-root
https://unitedwaywinnipeg.ca/wp-json/tribe/events/v1/
x-tec-api-origin
https://unitedwaywinnipeg.ca
etag
"37731-1602784864;br"
x-litespeed-cache
hit
content-encoding
br
vary
Accept-Encoding
content-length
72277
date
Thu, 15 Oct 2020 18:19:11 GMT
server
LiteSpeed
set-cookie
ls_smartpush=64000600002; path=/; expires=Mon, 14 Dec 2020 18:19:11 GMT; secure; SameSite=Strict
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000

Redirect headers

Server
nginx
Date
Thu, 15 Oct 2020 18:19:11 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Location
https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
X-Server
z1b
X-Frame-Options
SAMEORIGIN
51c97.css
unitedwaywinnipeg.ca/wp-content/litespeed/cssjs/ 		987 KB
121 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unitedwaywinnipeg.ca/wp-content/litespeed/cssjs/51c97.css?f2087
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.95.20.61 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
montreal300.wpcloud.ca
Software
LiteSpeed /
Resource Hash
228e621617b1c827fdecef0daa449ac5d9a5c21eb9031c4a1c588cec50460742

Request headers

Referer
https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 18:19:11 GMT
content-encoding
br
last-modified
Thu, 15 Oct 2020 15:26:32 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length
123524
expires
Thu, 22 Oct 2020 18:19:11 GMT
jquery.js
unitedwaywinnipeg.ca/wp-includes/js/jquery/ 		95 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unitedwaywinnipeg.ca/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.95.20.61 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
montreal300.wpcloud.ca
Software
LiteSpeed /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer
https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 18:19:11 GMT
content-encoding
br
last-modified
Tue, 21 May 2019 21:46:31 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length
32853
expires
Thu, 22 Oct 2020 18:19:11 GMT
jquery.json.min.js
unitedwaywinnipeg.ca/wp-content/plugins/gravityforms/js/ 		2 KB
950 B 		Script
General
Check archive.org
Download Go to
Full URL
https://unitedwaywinnipeg.ca/wp-content/plugins/gravityforms/js/jquery.json.min.js?ver=2.4.21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.95.20.61 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
montreal300.wpcloud.ca
Software
LiteSpeed /
Resource Hash
172314ff74044b918766ed4763279b5e8798622087c0a2930f59c9d44662213d

Request headers

Referer
https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 18:19:11 GMT
content-encoding
br
last-modified
Thu, 15 Oct 2020 12:44:32 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length
874
expires
Thu, 22 Oct 2020 18:19:11 GMT
placeholders.jquery.min.js
unitedwaywinnipeg.ca/wp-content/plugins/gravityforms/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unitedwaywinnipeg.ca/wp-content/plugins/gravityforms/js/placeholders.jquery.min.js?ver=2.4.21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.95.20.61 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
montreal300.wpcloud.ca
Software
LiteSpeed /
Resource Hash
d62a7b7ec5313469ebff5c006b9068dc44d6d1c122cf787ffa29a10113b34060

Request headers

Referer
https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 18:19:11 GMT
content-encoding
br
last-modified
Thu, 15 Oct 2020 12:44:32 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length
1604
expires
Thu, 22 Oct 2020 18:19:11 GMT
a1be6.js
unitedwaywinnipeg.ca/wp-content/litespeed/cssjs/ 		503 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unitedwaywinnipeg.ca/wp-content/litespeed/cssjs/a1be6.js?35aad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.95.20.61 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
montreal300.wpcloud.ca
Software
LiteSpeed /
Resource Hash
9f96a866655ff77e36be0288f089fe64cc95c64107bd2965c1f777b5d50d1340

Request headers

Referer
https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 18:19:11 GMT
content-encoding
br
last-modified
Thu, 15 Oct 2020 15:26:34 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length
143211
expires
Thu, 22 Oct 2020 18:19:11 GMT
4aedd.js
unitedwaywinnipeg.ca/wp-content/litespeed/cssjs/ 		430 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unitedwaywinnipeg.ca/wp-content/litespeed/cssjs/4aedd.js?3743e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.95.20.61 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
montreal300.wpcloud.ca
Software
LiteSpeed /
Resource Hash
7e0d65e31fa7e2dd041d480f597a76a2f98182d1ddbfc99f182b652a1a84f0f0

Request headers

Referer
https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 18:19:11 GMT
content-encoding
br
last-modified
Thu, 15 Oct 2020 15:26:34 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length
120091
expires
Thu, 22 Oct 2020 18:19:11 GMT
icon
fonts.googleapis.com/ 		574 B
465 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: unitedwaywinnipeg.ca
URL: https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f43ed67b5dbe01a3b359d5af3077afe6543a88bc32088c322171335e09b39e76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 15 Oct 2020 18:19:11 GMT
server
ESF
date
Thu, 15 Oct 2020 18:19:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 15 Oct 2020 18:19:11 GMT
css
fonts.googleapis.com/ 		10 KB
850 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,600,600italic&subset=latin-ext
Requested by
Host: unitedwaywinnipeg.ca
URL: https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a3667e191c922801f911d1f2744f7f80b71ac9c777edfb32f9391f27d5a50e9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 15 Oct 2020 18:19:11 GMT
server
ESF
date
Thu, 15 Oct 2020 18:19:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 15 Oct 2020 18:19:11 GMT
api.js
www.google.com/recaptcha/ 		852 B
752 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=explicit&ver=5.5.1
Requested by
Host: unitedwaywinnipeg.ca
URL: https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
db26d6c8b9587ef47481a29cf0980a5573a3bb19a83bd6e74bdbec7b049f4c22
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 18:19:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
555
x-xss-protection
1; mode=block
expires
Thu, 15 Oct 2020 18:19:11 GMT
/
js.stripe.com/v2/ 		64 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v2/?ver=1.9.2.12
Requested by
Host: unitedwaywinnipeg.ca
URL: https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
92b8c0607df07f29181bcb33b0d998c978589609aa460b941dce9193a58fd86e
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 18:19:12 GMT
content-encoding
gzip
vary
Accept-Encoding
age
106
via
1.1 varnish
x-cache
HIT
status
200
content-length
21191
x-amz-id-2
kKKCYO+LilHijHeJgBVw1v96bQuK7IaxCXK4GZGRyVTFRcB24hSUQkPXzMkhyR8+ZmfLTa/migc=
x-served-by
cache-hhn4024-HHN
timing-allow-origin
*
last-modified
Tue, 29 Sep 2020 18:04:56 GMT
server
AmazonS3
etag
"c35df22a5aff6ed17542c458539b79de"
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-amz-request-id
E17124F016527A33
access-control-allow-origin
*
cache-control
public, max-age=300
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
46
logo_unitedwaywinnipeg.png
unitedwaywinnipeg.ca/wp-content/uploads/2017/07/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unitedwaywinnipeg.ca/wp-content/uploads/2017/07/logo_unitedwaywinnipeg.png
Requested by
Host: unitedwaywinnipeg.ca
URL: https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.95.20.61 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
montreal300.wpcloud.ca
Software
LiteSpeed /
Resource Hash
dcf02c94cf3794f375113f25f3367e3efac8bbff136fefac0a28e25b259c35b2

Request headers

Referer
https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 18:19:12 GMT
last-modified
Tue, 11 Jul 2017 17:12:51 GMT
server
LiteSpeed
content-type
image/png
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
5259
expires
Thu, 22 Oct 2020 18:19:12 GMT
uwo-icon.png
unitedwaywinnipeg.ca/wp-content/themes/omega-child-theme/images/ 		1021 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unitedwaywinnipeg.ca/wp-content/themes/omega-child-theme/images/uwo-icon.png
Requested by
Host: unitedwaywinnipeg.ca
URL: https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.95.20.61 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
montreal300.wpcloud.ca
Software
LiteSpeed /
Resource Hash
20c19d25df2e678693071582e3896ecdf3223897527d96ae836782b35d0a9f67

Request headers

Referer
https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 18:19:12 GMT
last-modified
Tue, 21 Jun 2016 17:26:16 GMT
server
LiteSpeed
content-type
image/png
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1021
expires
Thu, 22 Oct 2020 18:19:12 GMT
johnston-group-logo-300x83.png
unitedwaywinnipeg.ca/wp-content/uploads/2020/06/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unitedwaywinnipeg.ca/wp-content/uploads/2020/06/johnston-group-logo-300x83.png
Requested by
Host: unitedwaywinnipeg.ca
URL: https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.95.20.61 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
montreal300.wpcloud.ca
Software
LiteSpeed /
Resource Hash
320692964b2af24e6fa2a25cfd5d5442e1a25996379c7d3bc624ae8dc8ccf910

Request headers

Referer
https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 18:19:12 GMT
last-modified
Tue, 23 Jun 2020 01:00:41 GMT
server
LiteSpeed
content-type
image/png
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2057
expires
Thu, 22 Oct 2020 18:19:12 GMT
your-donation-made-difference-winnipeg-14-600x600.jpg
unitedwaywinnipeg.ca/wp-content/uploads/2019/12/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unitedwaywinnipeg.ca/wp-content/uploads/2019/12/your-donation-made-difference-winnipeg-14-600x600.jpg
Requested by
Host: unitedwaywinnipeg.ca
URL: https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.95.20.61 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
montreal300.wpcloud.ca
Software
LiteSpeed /
Resource Hash
5211fb45f17faeb3c898dfb730242af6ca2269315d04c35620ffcb285232f40c

Request headers

Referer
https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 18:19:12 GMT
last-modified
Wed, 18 Dec 2019 20:16:36 GMT
server
LiteSpeed
content-type
image/jpeg
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
25101
expires
Thu, 22 Oct 2020 18:19:12 GMT
bukky-600x600.png
unitedwaywinnipeg.ca/wp-content/uploads/2019/08/ 		167 KB
167 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unitedwaywinnipeg.ca/wp-content/uploads/2019/08/bukky-600x600.png
Requested by
Host: unitedwaywinnipeg.ca
URL: https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.95.20.61 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
montreal300.wpcloud.ca
Software
LiteSpeed /
Resource Hash
27829e4f065a275631354f8bd2101a4e976628f6ea82bab0355693034cc014f5

Request headers

Referer
https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 18:19:12 GMT
last-modified
Thu, 01 Aug 2019 19:38:49 GMT
server
LiteSpeed
content-type
image/png
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
171076
expires
Thu, 22 Oct 2020 18:19:12 GMT
Sydney-Outside-Winnipeg-600x600.jpg
unitedwaywinnipeg.ca/wp-content/uploads/2019/03/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unitedwaywinnipeg.ca/wp-content/uploads/2019/03/Sydney-Outside-Winnipeg-600x600.jpg
Requested by
Host: unitedwaywinnipeg.ca
URL: https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.95.20.61 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
montreal300.wpcloud.ca
Software
LiteSpeed /
Resource Hash
9de9269f2113a8def7f5988bd0baec0d73bbf3e6d113514d54da3e9e4085b5e9

Request headers

Referer
https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 18:19:12 GMT
last-modified
Tue, 19 Mar 2019 20:00:46 GMT
server
LiteSpeed
content-type
image/jpeg
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
34043
expires
Thu, 22 Oct 2020 18:19:12 GMT
logo_unitedwaywinnipeg_footer.png
unitedwaywinnipeg.ca/wp-content/uploads/2017/07/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unitedwaywinnipeg.ca/wp-content/uploads/2017/07/logo_unitedwaywinnipeg_footer.png
Requested by
Host: unitedwaywinnipeg.ca
URL: https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.95.20.61 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
montreal300.wpcloud.ca
Software
LiteSpeed /
Resource Hash
ff0a1f65c258160a04e2a5ba90747609a94581af89cd7cf4ff3f00ac2952abf7

Request headers

Referer
https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 18:19:12 GMT
last-modified
Tue, 11 Jul 2017 17:13:16 GMT
server
LiteSpeed
content-type
image/png
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
6844
expires
Thu, 22 Oct 2020 18:19:12 GMT
api.js
www.google.com/recaptcha/ 		852 B
624 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?hl=en&render=explicit&ver=5.5.1
Requested by
Host: unitedwaywinnipeg.ca
URL: https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
db26d6c8b9587ef47481a29cf0980a5573a3bb19a83bd6e74bdbec7b049f4c22
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 18:19:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
555
x-xss-protection
1; mode=block
expires
Thu, 15 Oct 2020 18:19:12 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/T9w1ROdplctW2nVKvNJYXH8o/ 		341 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/T9w1ROdplctW2nVKvNJYXH8o/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit&ver=5.5.1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54f3aa37078dcd01911c9da1a5fd753b5834dde5acfd90c5bd55243bba87cf6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://unitedwaywinnipeg.ca
Referer
https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 17:25:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3231
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
136962
x-xss-protection
0
last-modified
Mon, 12 Oct 2020 04:11:53 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 15 Oct 2021 17:25:21 GMT
wp-emoji-release.min.js
unitedwaywinnipeg.ca/wp-includes/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unitedwaywinnipeg.ca/wp-includes/js/wp-emoji-release.min.js?ver=5.5.1
Requested by
Host: unitedwaywinnipeg.ca
URL: https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.95.20.61 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
montreal300.wpcloud.ca
Software
LiteSpeed /
Resource Hash
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e

Request headers

Referer
https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 18:19:12 GMT
content-encoding
br
last-modified
Thu, 13 Aug 2020 14:15:24 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
4319
expires
Thu, 22 Oct 2020 18:19:12 GMT
gtm.js
www.googletagmanager.com/ 		126 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PMC32LM
Requested by
Host: unitedwaywinnipeg.ca
URL: https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3b809f6698171d4124590a1fd25cf59e6803bbff2364bc226ecdd99391fe5690
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 18:19:12 GMT
content-encoding
br
vary
Accept-Encoding
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45314
x-xss-protection
0
last-modified
Thu, 15 Oct 2020 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 15 Oct 2020 18:19:12 GMT
background.jpg
unitedwaywinnipeg.ca/wp-content/uploads/2018/07/ 		306 KB
307 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unitedwaywinnipeg.ca/wp-content/uploads/2018/07/background.jpg
Requested by
Host: unitedwaywinnipeg.ca
URL: https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.95.20.61 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
montreal300.wpcloud.ca
Software
LiteSpeed /
Resource Hash
db8942734810b6d51f6dd27140be3b3c20ce6bce9472c8afc183919f475ca77d

Request headers

Referer
https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 18:19:12 GMT
last-modified
Tue, 31 Jul 2018 15:40:24 GMT
server
LiteSpeed
content-type
image/jpeg
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
313721
expires
Thu, 22 Oct 2020 18:19:12 GMT
mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,600,600italic&subset=latin-ext
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://unitedwaywinnipeg.ca
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,600,600italic&subset=latin-ext
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 11 Oct 2020 06:40:10 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:16 GMT
server
sffe
age
387542
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9016
x-xss-protection
0
expires
Mon, 11 Oct 2021 06:40:10 GMT
fontawesome-webfont.woff2
unitedwaywinnipeg.ca/wp-content/themes/omega/assets/fonts/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://unitedwaywinnipeg.ca/wp-content/themes/omega/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: unitedwaywinnipeg.ca
URL: https://unitedwaywinnipeg.ca/wp-content/litespeed/cssjs/51c97.css?f2087
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.95.20.61 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
montreal300.wpcloud.ca
Software
LiteSpeed /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Origin
https://unitedwaywinnipeg.ca
Referer
https://unitedwaywinnipeg.ca/wp-content/litespeed/cssjs/51c97.css?f2087
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 18:19:12 GMT
last-modified
Tue, 23 Jun 2020 20:09:13 GMT
server
LiteSpeed
content-type
font/woff2
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
77160
expires
Thu, 22 Oct 2020 18:19:12 GMT
mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,600,600italic&subset=latin-ext
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://unitedwaywinnipeg.ca
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,600,600italic&subset=latin-ext
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 11 Oct 2020 17:21:50 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:49 GMT
server
sffe
age
349042
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9180
x-xss-protection
0
expires
Mon, 11 Oct 2021 17:21:50 GMT
truncated
/ 		426 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a58528b48335ccca25ae2c5b860bca4153bb1c7b2358e0569fa3dce893a1e782

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
5392db56-c2cc-4ed7-997e-cc5c7d4010ff.js
storage.googleapis.com/code.snapengage.com/js/ 		492 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/code.snapengage.com/js/5392db56-c2cc-4ed7-997e-cc5c7d4010ff.js
Requested by
Host: unitedwaywinnipeg.ca
URL: https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
14e0a9eee15d7462a59f079f91e6bcf63b63a15e403cf2422e3ea8b343c1b0b4

Request headers

Referer
https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 18:19:12 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-UyDX0iS12pNE9jN_QviM8Vlll0qhGXqPDPrxNq9E24D3Ou4Spq0kacoLTTBy8Y3_-hTXNJeqafSteBtpnEPvR0
x-goog-storage-class
STANDARD
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118320
last-modified
Thu, 24 Sep 2020 13:37:06 GMT
server
UploadServer
etag
"f58ac56c7e6222981bc60e21af28b53e"
x-goog-hash
crc32c=uenxFQ==, md5=9YrFbH5iIpgbxg4hryi1Pg==
x-goog-generation
1600954626560414
cache-control
public, max-age=120, no-transform
x-goog-stored-content-length
118320
accept-ranges
bytes
content-type
text/javascript;charset=utf-8
expires
Thu, 15 Oct 2020 18:21:12 GMT
secure-lock.png
unitedwaywinnipeg.ca/wp-content/uploads/2016/08/ 		228 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unitedwaywinnipeg.ca/wp-content/uploads/2016/08/secure-lock.png
Requested by
Host: unitedwaywinnipeg.ca
URL: https://unitedwaywinnipeg.ca/wp-content/litespeed/cssjs/51c97.css?f2087
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.95.20.61 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
montreal300.wpcloud.ca
Software
LiteSpeed /
Resource Hash
5ad37ba25d8d7c53accb8ea3a475c99d44f1aab5907f44ff3fc8b2405c654cbc

Request headers

Referer
https://unitedwaywinnipeg.ca/wp-content/litespeed/cssjs/51c97.css?f2087
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 18:19:12 GMT
last-modified
Wed, 10 Aug 2016 17:14:47 GMT
server
LiteSpeed
content-type
image/png
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
228
expires
Thu, 22 Oct 2020 18:19:12 GMT
channel.html
js.stripe.com/v2/ Frame 21EA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v2/channel.html?stripe_xdm_e=https%3A%2F%2Funitedwaywinnipeg.ca&stripe_xdm_c=default571062&stripe_xdm_p=1
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v2/?ver=1.9.2.12
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
js.stripe.com
:scheme
https
:path
/v2/channel.html?stripe_xdm_e=https%3A%2F%2Funitedwaywinnipeg.ca&stripe_xdm_c=default571062&stripe_xdm_p=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core

Response headers

status
200
x-amz-id-2
D46SWnLmqCIObKSAPM3sB54hl3wNojkisN9/DBRjdG++iefHSGxx7QJc3oS8SNWgqcwTANn583Q=
x-amz-request-id
321C780B17F5421E
last-modified
Wed, 06 Sep 2017 17:40:34 GMT
etag
"19af0c6cc7a0bca20a355b3362dc64a0"
cache-control
public, max-age=300
content-type
text/html; charset=utf-8
server
AmazonS3
content-encoding
gzip
accept-ranges
bytes
date
Thu, 15 Oct 2020 18:19:12 GMT
via
1.1 varnish
age
117
x-served-by
cache-hhn4024-HHN
x-cache
HIT
x-cache-hits
45
vary
Accept-Encoding
access-control-allow-origin
*
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
content-length
560
logo-imaginecanada-2017.png
unitedwaywinnipeg.ca/wp-content/uploads/2017/06/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unitedwaywinnipeg.ca/wp-content/uploads/2017/06/logo-imaginecanada-2017.png
Requested by
Host: unitedwaywinnipeg.ca
URL: https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.95.20.61 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
montreal300.wpcloud.ca
Software
LiteSpeed /
Resource Hash
ac9be2346ee10382b1816d9554b761e140d830ec26577bd6c400f7cf7d875eeb

Request headers

Referer
https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 18:19:12 GMT
last-modified
Wed, 28 Jun 2017 14:18:12 GMT
server
LiteSpeed
content-type
image/png
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
14898
expires
Thu, 22 Oct 2020 18:19:12 GMT
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PMC32LM
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Sep 2020 01:50:37 GMT
server
Golfe2
age
1787
date
Thu, 15 Oct 2020 17:49:25 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18650
expires
Thu, 15 Oct 2020 19:49:25 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PMC32LM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
d859a4dd217c69f291adef445e1c3a938ef7d850af3ba0f79f8ae081cda89e12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 18:19:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
11343
x-xss-protection
0
server
cafe
etag
2112904452244658753
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 15 Oct 2020 18:19:12 GMT
uwt.js
static.ads-twitter.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PMC32LM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8247f4332667950989fe6bf790f87723343db2ec83d975503e9c5dc13a6eb5dc

Request headers

Referer
https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 18:19:12 GMT
content-encoding
gzip
age
74803
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200
content-length
1958
x-served-by
cache-hhn4072-HHN
last-modified
Mon, 10 Aug 2020 18:10:59 GMT
x-timer
S1602785953.873936,VS0,VE0
etag
"a4cc3f907681b24a3efd540acd5d2996+gzip"
vary
Accept-Encoding,Host
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
no-cache
accept-ranges
bytes
insight.min.js
snap.licdn.com/li.lms-analytics/ 		965 B
761 B 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PMC32LM
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:582::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093

Request headers

Referer
https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 15 Oct 2020 18:19:12 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Sep 2020 22:01:48 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=56788
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
448
fbevents.js
connect.facebook.net/en_US/ 		88 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: unitedwaywinnipeg.ca
URL: https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e37570ef85a3553930ba20dfab7280bfcead8a2238b536b5c03c629c35b3d4ca
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23070
x-xss-protection
0
pragma
public
x-fb-debug
wUeZKZub9GKlGXE2UQ3vRu1fY/V8ixlE293kb1+5x0lv8ctRo0gaPTo4nYUJoqggWcN9dZ1waf1tUfXnDiztmw==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Thu, 15 Oct 2020 18:19:12 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
anchor
www.google.com/recaptcha/api2/ Frame 119E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcq674UAAAAAEyDPrj4nLYfhFpyn5rzxAdxr2Fn&co=aHR0cHM6Ly91bml0ZWR3YXl3aW5uaXBlZy5jYTo0NDM.&hl=en&v=T9w1ROdplctW2nVKvNJYXH8o&theme=light&size=normal&cb=ouwutjr495p
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/T9w1ROdplctW2nVKvNJYXH8o/recaptcha__en.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-l1q4jeFwD7089cZh/EtIzw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6Lcq674UAAAAAEyDPrj4nLYfhFpyn5rzxAdxr2Fn&co=aHR0cHM6Ly91bml0ZWR3YXl3aW5uaXBlZy5jYTo0NDM.&hl=en&v=T9w1ROdplctW2nVKvNJYXH8o&theme=light&size=normal&cb=ouwutjr495p
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
NID=204=0WvCBadL6G5qQUNviZZbodF3-7c-In0h8OfKULI5UPu52VBWQT22kC080FR8kvTWmfvGhfhGdfiirtdlUqBGxyGl7DRi48D7ThDCZAT-fpWYvvLKPqPfOcVgBH-QFKJzW8oCzglscb5klzEl9MlRZgmzgC2ThhWF1jThvrOGm6g
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 15 Oct 2020 18:19:12 GMT
content-security-policy
script-src 'report-sample' 'nonce-l1q4jeFwD7089cZh/EtIzw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
10628
server
GSE
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
collect
www.google-analytics.com/j/ 		2 B
46 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j86&a=919055452&t=pageview&_s=1&dl=https%3A%2F%2Funitedwaywinnipeg.ca%2F150-challenge%2F%3Futm_medium%3Demail%26utm_campaign%3Dcommunitynewsletter16%26utm_source%3Denvoke%26utm_term%3DExciting-news-for-our-communit%26utm_content%3Dcore&ul=en-us&de=UTF-8&dt=Take%20the%20United%20Way%20Winnipeg%20150%20Challenge%20today!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=2063325151&gjid=425223595&cid=1002373435.1602785953&tid=UA-1476722-1&_gid=591504764.1602785953&_r=1&gtm=2wg9u1PMC32LM&z=403488436
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Oct 2020 18:19:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
https://unitedwaywinnipeg.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
110508566399463
connect.facebook.net/signals/config/ 		234 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/110508566399463?v=2.9.27&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7142f50f91e9609553b57e1682825fe2ad398500a1876f86fbac2d21edd98ef5
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
69810
x-xss-protection
0
pragma
public
x-fb-debug
j9wtfi/trzhRPSmXAu7RN+umW8yHL2uQZLp3/tnxAEA6Q3Eha3OvvwIOgDJIYDcq4rBgYg1uDpPls6OEir05MQ==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Thu, 15 Oct 2020 18:19:12 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
insight.old.min.js
snap.licdn.com/li.lms-analytics/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:582::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer
https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 15 Oct 2020 18:19:12 GMT
Content-Encoding
gzip
Last-Modified
Thu, 03 Sep 2020 20:29:41 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=65366
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1576
collect
stats.g.doubleclick.net/j/ 		4 B
467 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-1476722-1&cid=1002373435.1602785953&jid=2063325151&gjid=425223595&_gid=591504764.1602785953&_u=YEBAAEAAAAAAAC~&z=335616495
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 15 Oct 2020 18:19:12 GMT
status
200
content-type
text/plain
access-control-allow-origin
https://unitedwaywinnipeg.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/806434901/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/806434901/?random=1602785952959&cv=9&fst=1602785952959&num=1&value=0&label=X2svCKrH3oMBENXwxIAD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9u1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Funitedwaywinnipeg.ca%2F150-challenge%2F%3Futm_medium%3Demail%26utm_campaign%3Dcommunitynewsletter16%26utm_source%3Denvoke%26utm_term%3DExciting-news-for-our-communit%26utm_content%3Dcore&tiba=Take%20the%20United%20Way%20Winnipeg%20150%20Challenge%20today!&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
30ade03ee7971abd95b28385f0133ef663c11de215d0d2b3478c8cdc1a58269f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Oct 2020 18:19:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/801484926/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/801484926/?random=1602785952964&cv=9&fst=1602785952964&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9u1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Funitedwaywinnipeg.ca%2F150-challenge%2F%3Futm_medium%3Demail%26utm_campaign%3Dcommunitynewsletter16%26utm_source%3Denvoke%26utm_term%3DExciting-news-for-our-communit%26utm_content%3Dcore&tiba=Take%20the%20United%20Way%20Winnipeg%20150%20Challenge%20today!&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1fb0afe7b643b6ec1581361c6b4772c6cdcd039fd4bed60f8a54fe811a7ad2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Oct 2020 18:19:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1113
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsct
t.co/i/ 		43 B
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=1.1.0&p_id=Twitter&p_user_id=0&txn_id=o2bb2&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Funitedwaywinnipeg.ca%2F150-challenge%2F%3Futm_medium%3Demail%26utm_campaign%3Dcommunitynewsletter16%26utm_source%3Denvoke%26utm_term%3DExciting-news-for-our-communit%26utm_content%3Dcore
Requested by
Host: unitedwaywinnipeg.ca
URL: https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.69 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 18:19:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
117
pragma
no-cache
last-modified
Thu, 15 Oct 2020 18:19:13 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
69355d078481c7243815813f542a862d
x-transaction
005bb01a00144dcc
expires
Tue, 31 Mar 1981 05:00:00 GMT
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1413276&url=https%3A%2F%2Funitedwaywinnipeg.ca%2F150-challenge%2F%3Futm_medium%3Demail%26utm_campaign%3Dcommunitynewsletter16%26utm_source%3Denvok...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1413276%26url%3Dhttps%253A%252F%252Funitedwaywinnipeg.ca%252F150-challenge%252F%2...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1413276&url=https%3A%2F%2Funitedwaywinnipeg.ca%2F150-challenge%2F%3Futm_medium%3Demail%26utm_campaign%3Dcommunitynewsletter16%26utm_source%3Denvok...
0
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1413276&url=https%3A%2F%2Funitedwaywinnipeg.ca%2F150-challenge%2F%3Futm_medium%3Demail%26utm_campaign%3Dcommunitynewsletter16%26utm_source%3Denvoke%26utm_term%3DExciting-news-for-our-communit%26utm_content%3Dcore&time=1602785952976&liSync=true
Requested by
Host: unitedwaywinnipeg.ca
URL: https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:f500:10:101::b93f:9105 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 18:19:13 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lor1
status
200
x-li-proto
http/2
x-li-pop
prod-efr5
content-type
application/javascript
content-length
0
x-li-uuid
iYCONlU9PhbgjZisbisAAA==

Redirect headers

content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-content-type-options
nosniff
linkedin-action
1
status
302
content-length
0
x-li-uuid
5VhQMFU9PhZgzSmoFSsAAA==
pragma
no-cache
x-li-pop
afd-prod-lor1
x-msedge-ref
Ref A: 7D4B767C4B064C5CAA6B0C63ECF6CDD2 Ref B: FRAEDGE1415 Ref C: 2020-10-15T18:19:13Z
x-frame-options
sameorigin
date
Thu, 15 Oct 2020 18:19:12 GMT
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security
max-age=2592000
x-li-fabric
prod-lor1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1413276&url=https%3A%2F%2Funitedwaywinnipeg.ca%2F150-challenge%2F%3Futm_medium%3Demail%26utm_campaign%3Dcommunitynewsletter16%26utm_source%3Denvoke%26utm_term%3DExciting-news-for-our-communit%26utm_content%3Dcore&time=1602785952976&liSync=true
x-xss-protection
1; mode=block
cache-control
no-cache, no-store
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
310 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=110508566399463&ev=PageView&dl=https%3A%2F%2Funitedwaywinnipeg.ca%2F150-challenge%2F%3Futm_medium%3Demail%26utm_campaign%3Dcommunitynewsletter16%26utm_source%3Denvoke%26utm_term%3DExciting-news-for-our-communit%26utm_content%3Dcore&rl=&if=false&ts=1602785952995&sw=1600&sh=1200&v=2.9.27&r=stable&ec=0&o=30&fbp=fb.1.1602785952994.1918393560&it=1602785952904&coo=false&rqm=GET
Requested by
Host: unitedwaywinnipeg.ca
URL: https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 18:19:12 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Thu, 15 Oct 2020 18:19:12 GMT
1562171709526.png
storage.googleapis.com/code.snapengage.com/cd/6419955776356352/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/code.snapengage.com/cd/6419955776356352/1562171709526.png
Requested by
Host: unitedwaywinnipeg.ca
URL: https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
71b4ef7dd259bc9cbd07f905465bfad6a183d372c7d5fe8acc5ce45690418a0d

Request headers

Referer
https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 18:19:13 GMT
x-guploader-uploadid
ABg5-UyxMYjp3BUdyzz8AnegjoTBHMiGHE9Q4exetey0D1YZ3yTY1KXLpReEBQh1R4zqbvlR-zkxz96hdWngMDE1RBg
x-goog-storage-class
STANDARD
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26918
last-modified
Wed, 03 Jul 2019 16:35:09 GMT
server
UploadServer
etag
"1b2a1f21f0f1a72d62244fab813a32ef"
x-goog-hash
crc32c=8Aztzg==, md5=GyofIfDxpy1iJE+rgToy7w==
x-goog-generation
1562171709632530
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
26918
accept-ranges
bytes
content-type
image/png
expires
Fri, 15 Oct 2021 18:19:13 GMT
1562171709526.png
storage.googleapis.com/code.snapengage.com/cd/6419955776356352/ Frame F11C 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/code.snapengage.com/cd/6419955776356352/1562171709526.png
Requested by
Host: unitedwaywinnipeg.ca
URL: https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
71b4ef7dd259bc9cbd07f905465bfad6a183d372c7d5fe8acc5ce45690418a0d

Request headers

Referer
https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 18:19:13 GMT
x-guploader-uploadid
ABg5-UzLJEJ06UNRFQHeUblw7SUm9trhTFeHXX-7GYjDntVDZIj7grtnjR75qwvZFkd0ciKHKcdfQ5R8SfBnWUPfKxkw_c83Kw
x-goog-storage-class
STANDARD
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26918
last-modified
Wed, 03 Jul 2019 16:35:09 GMT
server
UploadServer
etag
"1b2a1f21f0f1a72d62244fab813a32ef"
x-goog-hash
crc32c=8Aztzg==, md5=GyofIfDxpy1iJE+rgToy7w==
x-goog-generation
1562171709632530
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
26918
accept-ranges
bytes
content-type
image/png
expires
Fri, 15 Oct 2021 18:19:13 GMT
ga-audiences
www.google.com/ads/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-1476722-1&cid=1002373435.1602785953&jid=2063325151&_u=YEBAAEAAAAAAAC~&z=1369694393
Requested by
Host: unitedwaywinnipeg.ca
URL: https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Oct 2020 18:19:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-1476722-1&cid=1002373435.1602785953&jid=2063325151&_u=YEBAAEAAAAAAAC~&z=1369694393
Requested by
Host: unitedwaywinnipeg.ca
URL: https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Oct 2020 18:19:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ServiceGetConfig
www.snapengage.com/chatjs/ 		159 B
339 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.snapengage.com/chatjs/ServiceGetConfig?w=5392db56-c2cc-4ed7-997e-cc5c7d4010ff
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/code.snapengage.com/js/5392db56-c2cc-4ed7-997e-cc5c7d4010ff.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
4271a64614ad7058d706dd39545f6cd4a20d6059caeaa85ec8bcc583e56787c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
Public
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
Google Frontend
date
Thu, 15 Oct 2020 18:19:13 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
status
200
x-cloud-trace-context
0e7df0af544fd5f265bb3aae75803a7b
cache-control
public, max-age=30
content-length
126
/
www.google.de/pagead/1p-conversion/806434901/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/806434901/?random=1925745780&cv=9&fst=*&num=1&value=0&label=X2svCKrH3oMBENXwxIAD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_a...
  • https://www.google.com/pagead/1p-conversion/806434901/?random=1925745780&cv=9&fst=*&num=1&value=0&label=X2svCKrH3oMBENXwxIAD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd...
  • https://www.google.de/pagead/1p-conversion/806434901/?random=1925745780&cv=9&fst=*&num=1&value=0&label=X2svCKrH3oMBENXwxIAD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=...
42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/806434901/?random=1925745780&cv=9&fst=*&num=1&value=0&label=X2svCKrH3oMBENXwxIAD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9u1&sendb=1&ig=1&frm=0&url=https://unitedwaywinnipeg.ca/150-challenge/%3Futm_medium%3Demail%26utm_campaign%3Dcommunitynewsletter16%26utm_source%3Denvoke%26utm_term%3DExciting-news-for-our-communit%26utm_content%3Dcore&tiba=Take%20the%20United%20Way%20Winnipeg%20150%20Challenge%20today!&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=oJKIX8arO67P7_UPzqWOmAk&cid=CAQSKQCNIrLMOyz2h94f9DMpMgb4wT3moVKxo0xJA_s1GR1xoyuaqMzXCH5_&eitems=ChEI8Oaf_AUQ_ZH29qPqg6SlARIdAD2rKCJHSFLwse7XUgrO2nBeyBgkAak6woTq-gs&random=1375002871&resp=GooglemKTybQhCsO&ipr=y&ezwbk=AZuM4hCWh8VS12eOSQWvRCpdoRWXcPiJWGoJL2DQVDSTxMVPWQiA-61p3rQ0fXcVcr7E8kxgcHFYdK3ONtCWG_vMUKmH
Requested by
Host: unitedwaywinnipeg.ca
URL: https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Oct 2020 18:19:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Oct 2020 18:19:13 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
image/gif
location
https://www.google.de/pagead/1p-conversion/806434901/?random=1925745780&cv=9&fst=*&num=1&value=0&label=X2svCKrH3oMBENXwxIAD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9u1&sendb=1&ig=1&frm=0&url=https://unitedwaywinnipeg.ca/150-challenge/%3Futm_medium%3Demail%26utm_campaign%3Dcommunitynewsletter16%26utm_source%3Denvoke%26utm_term%3DExciting-news-for-our-communit%26utm_content%3Dcore&tiba=Take%20the%20United%20Way%20Winnipeg%20150%20Challenge%20today!&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=oJKIX8arO67P7_UPzqWOmAk&cid=CAQSKQCNIrLMOyz2h94f9DMpMgb4wT3moVKxo0xJA_s1GR1xoyuaqMzXCH5_&eitems=ChEI8Oaf_AUQ_ZH29qPqg6SlARIdAD2rKCJHSFLwse7XUgrO2nBeyBgkAak6woTq-gs&random=1375002871&resp=GooglemKTybQhCsO&ipr=y&ezwbk=AZuM4hCWh8VS12eOSQWvRCpdoRWXcPiJWGoJL2DQVDSTxMVPWQiA-61p3rQ0fXcVcr7E8kxgcHFYdK3ONtCWG_vMUKmH
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/801484926/ 		42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/801484926/?random=1602785952964&cv=9&fst=1602784800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9u1&sendb=1&frm=0&url=https%3A%2F%2Funitedwaywinnipeg.ca%2F150-challenge%2F%3Futm_medium%3Demail%26utm_campaign%3Dcommunitynewsletter16%26utm_source%3Denvoke%26utm_term%3DExciting-news-for-our-communit%26utm_content%3Dcore&tiba=Take%20the%20United%20Way%20Winnipeg%20150%20Challenge%20today!&async=1&fmt=3&is_vtc=1&random=2294493327&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: unitedwaywinnipeg.ca
URL: https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Oct 2020 18:19:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/801484926/ 		42 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/801484926/?random=1602785952964&cv=9&fst=1602784800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9u1&sendb=1&frm=0&url=https%3A%2F%2Funitedwaywinnipeg.ca%2F150-challenge%2F%3Futm_medium%3Demail%26utm_campaign%3Dcommunitynewsletter16%26utm_source%3Denvoke%26utm_term%3DExciting-news-for-our-communit%26utm_content%3Dcore&tiba=Take%20the%20United%20Way%20Winnipeg%20150%20Challenge%20today!&async=1&fmt=3&is_vtc=1&random=2294493327&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: unitedwaywinnipeg.ca
URL: https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Oct 2020 18:19:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bframe
www.google.com/recaptcha/api2/ Frame E2CA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=T9w1ROdplctW2nVKvNJYXH8o&k=6Lcq674UAAAAAEyDPrj4nLYfhFpyn5rzxAdxr2Fn&cb=637k7ykpivp
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/T9w1ROdplctW2nVKvNJYXH8o/recaptcha__en.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-lJKMiTWCQus1C/aV/oXfMg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/bframe?hl=en&v=T9w1ROdplctW2nVKvNJYXH8o&k=6Lcq674UAAAAAEyDPrj4nLYfhFpyn5rzxAdxr2Fn&cb=637k7ykpivp
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
NID=204=0WvCBadL6G5qQUNviZZbodF3-7c-In0h8OfKULI5UPu52VBWQT22kC080FR8kvTWmfvGhfhGdfiirtdlUqBGxyGl7DRi48D7ThDCZAT-fpWYvvLKPqPfOcVgBH-QFKJzW8oCzglscb5klzEl9MlRZgmzgC2ThhWF1jThvrOGm6g
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 15 Oct 2020 18:19:13 GMT
content-security-policy
script-src 'report-sample' 'nonce-lJKMiTWCQus1C/aV/oXfMg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1172
server
GSE
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
css
fonts.googleapis.com/ Frame F11C 		1 KB
880 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/code.snapengage.com/js/5392db56-c2cc-4ed7-997e-cc5c7d4010ff.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6a3d6e7e7915f6c114a581ff6481294dc68039babf3a68ca6c2bceb3f4efd7a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 15 Oct 2020 17:45:49 GMT
server
ESF
date
Thu, 15 Oct 2020 18:19:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 15 Oct 2020 18:19:13 GMT
css
fonts.googleapis.com/ Frame 10B6 		1 KB
455 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/code.snapengage.com/js/5392db56-c2cc-4ed7-997e-cc5c7d4010ff.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6a3d6e7e7915f6c114a581ff6481294dc68039babf3a68ca6c2bceb3f4efd7a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 15 Oct 2020 17:25:43 GMT
server
ESF
date
Thu, 15 Oct 2020 18:19:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 15 Oct 2020 18:19:13 GMT
/
www.facebook.com/tr/ 		0
82 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundarytljK6qiACVM2TlDG

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Thu, 15 Oct 2020 18:19:13 GMT
status
200
content-type
text/plain
access-control-allow-origin
https://unitedwaywinnipeg.ca
access-control-allow-credentials
true
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v17/ Frame 10B6 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
706494a230ae9c22ebbda2b9fce9af786bac0ea5f315c80e3fbe9f44e7883c38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://unitedwaywinnipeg.ca
Referer
https://fonts.googleapis.com/css?family=Lato:300,400
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 14 Oct 2020 03:59:19 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:14 GMT
server
sffe
age
137994
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13912
x-xss-protection
0
expires
Thu, 14 Oct 2021 03:59:19 GMT
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v17/ Frame 10B6 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://unitedwaywinnipeg.ca
Referer
https://fonts.googleapis.com/css?family=Lato:300,400
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 12 Oct 2020 15:07:53 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:12:59 GMT
server
sffe
age
270680
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14044
x-xss-protection
0
expires
Tue, 12 Oct 2021 15:07:53 GMT
S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v17/ Frame F11C 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
706494a230ae9c22ebbda2b9fce9af786bac0ea5f315c80e3fbe9f44e7883c38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://unitedwaywinnipeg.ca
Referer
https://fonts.googleapis.com/css?family=Lato:300,400
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 14 Oct 2020 03:59:19 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:14 GMT
server
sffe
age
137994
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13912
x-xss-protection
0
expires
Thu, 14 Oct 2021 03:59:19 GMT
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v17/ Frame F11C 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://unitedwaywinnipeg.ca
Referer
https://fonts.googleapis.com/css?family=Lato:300,400
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 12 Oct 2020 15:07:53 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:12:59 GMT
server
sffe
age
270680
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14044
x-xss-protection
0
expires
Tue, 12 Oct 2021 15:07:53 GMT
anchor
www.google.com/recaptcha/api2/ Frame 2CFF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdT7r4UAAAAAIviZtk0FZVsZ88VdmEExEdcKHMK&co=aHR0cHM6Ly91bml0ZWR3YXl3aW5uaXBlZy5jYTo0NDM.&hl=en&v=T9w1ROdplctW2nVKvNJYXH8o&theme=light&size=normal&cb=42gkwxmbpov2
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/T9w1ROdplctW2nVKvNJYXH8o/recaptcha__en.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-VVte+EzSa13zRU6oi9r3tg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LdT7r4UAAAAAIviZtk0FZVsZ88VdmEExEdcKHMK&co=aHR0cHM6Ly91bml0ZWR3YXl3aW5uaXBlZy5jYTo0NDM.&hl=en&v=T9w1ROdplctW2nVKvNJYXH8o&theme=light&size=normal&cb=42gkwxmbpov2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
NID=204=0WvCBadL6G5qQUNviZZbodF3-7c-In0h8OfKULI5UPu52VBWQT22kC080FR8kvTWmfvGhfhGdfiirtdlUqBGxyGl7DRi48D7ThDCZAT-fpWYvvLKPqPfOcVgBH-QFKJzW8oCzglscb5klzEl9MlRZgmzgC2ThhWF1jThvrOGm6g
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 15 Oct 2020 18:19:13 GMT
content-security-policy
script-src 'report-sample' 'nonce-VVte+EzSa13zRU6oi9r3tg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
11044
server
GSE
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
outer.html
js.stripe.com/v2/m/ Frame 1371 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v2/m/outer.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v2/?ver=1.9.2.12
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
js.stripe.com
:scheme
https
:path
/v2/m/outer.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core

Response headers

status
200
x-amz-id-2
VUZjPSGkqf3jmphNicyfj0M1xPIXry0VErMVzp1gQIr+ADV8MAwIfPaTTjRfum6jbAcWmLwPOfc=
x-amz-request-id
2K3X2TFG5YCT2T9T
last-modified
Wed, 06 Sep 2017 17:40:34 GMT
etag
"51b76bd7931c50d2bf6d4c5a93d343f9"
cache-control
public, max-age=300
content-type
text/html; charset=utf-8
server
AmazonS3
content-encoding
gzip
accept-ranges
bytes
date
Thu, 15 Oct 2020 18:19:13 GMT
via
1.1 varnish
age
248
x-served-by
cache-hhn4024-HHN
x-cache
HIT
x-cache-hits
23
vary
Accept-Encoding
access-control-allow-origin
*
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
content-length
388
adsct
analytics.twitter.com/i/ 		31 B
651 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.0&p_id=Twitter&p_user_id=0&txn_id=o2bb2&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Funitedwaywinnipeg.ca%2F150-challenge%2F%3Futm_medium%3Demail%26utm_campaign%3Dcommunitynewsletter16%26utm_source%3Denvoke%26utm_term%3DExciting-news-for-our-communit%26utm_content%3Dcore
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 18:19:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
strict-transport-security
max-age=631138519
content-length
57
x-xss-protection
0
x-response-time
113
pragma
no-cache
last-modified
Thu, 15 Oct 2020 18:19:13 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
c4df431913ae643307018eb6cf487576
x-transaction
0049231b00f169e4
expires
Tue, 31 Mar 1981 05:00:00 GMT
bframe
www.google.com/recaptcha/api2/ Frame 0207 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=T9w1ROdplctW2nVKvNJYXH8o&k=6LdT7r4UAAAAAIviZtk0FZVsZ88VdmEExEdcKHMK&cb=9bxvri9e78p
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/T9w1ROdplctW2nVKvNJYXH8o/recaptcha__en.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-q/jG9jyCuegKg6Oiw1M8Mg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/bframe?hl=en&v=T9w1ROdplctW2nVKvNJYXH8o&k=6LdT7r4UAAAAAIviZtk0FZVsZ88VdmEExEdcKHMK&cb=9bxvri9e78p
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
NID=204=0WvCBadL6G5qQUNviZZbodF3-7c-In0h8OfKULI5UPu52VBWQT22kC080FR8kvTWmfvGhfhGdfiirtdlUqBGxyGl7DRi48D7ThDCZAT-fpWYvvLKPqPfOcVgBH-QFKJzW8oCzglscb5klzEl9MlRZgmzgC2ThhWF1jThvrOGm6g
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://unitedwaywinnipeg.ca/150-challenge/?utm_medium=email&utm_campaign=communitynewsletter16&utm_source=envoke&utm_term=Exciting-news-for-our-communit&utm_content=core

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 15 Oct 2020 18:19:14 GMT
content-security-policy
script-src 'report-sample' 'nonce-q/jG9jyCuegKg6Oiw1M8Mg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1174
server
GSE
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Verdicts & Comments Add Verdict or Comment

216 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes undefined| $ function| jQuery object| Placeholders object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| gformBindFormatPricingFields function| Currency function| gformCleanNumber function| gformGetDecimalSeparator function| gformIsNumber function| gformIsNumeric function| gformDeleteUploadedFile object| _gformPriceFields boolean| _anyProductSelected function| gformIsHidden function| gformCalculateTotalPrice function| gformGetShippingPrice function| gformGetFieldId function| gformCalculateProductPrice function| gformGetProductQuantity function| gformIsProductSelected function| gformGetBasePrice function| gformFormatMoney function| gformFormatPricingField function| gformToNumber function| gformGetPriceDifference function| gformGetOptionLabel function| gformGetProductIds function| gformGetPrice function| gformRoundPrice function| gformRegisterPriceField function| gformInitPriceFields function| gformShowPasswordStrength function| gformPasswordStrength function| gformToggleShowPassword function| gformToggleCheckboxes function| gformAddListItem function| gformDeleteListItem function| gformAdjustClasses function| gformToggleIcons function| gformAddRepeaterItem function| gformDeleteRepeaterItem function| gformResetRepeaterAttributes function| gformToggleRepeaterButtons function| gformMatchCard function| gformFindCardType function| gformToggleCreditCard function| gformInitChosenFields function| gformInitCurrencyFormatFields function| GFMergeTag function| GFCalc function| gformFormatNumber function| getMatchGroups function| gf_get_field_number_format object| gform undefined| __gf_keyup_timeout function| renderRecaptcha function| gformValidateFileSize function| gformInitSpinner function| gformAddSpinner function| gf_raw_input_change function| gf_get_input_id_by_html_id function| gf_get_form_id_by_html_id function| gf_get_ids_by_html_id function| gf_input_change function| gformExtractFieldId function| gformExtractInputIndex undefined| __gf_timeout_handle function| gf_apply_rules function| gf_check_field_rule function| gf_get_field_logic function| gf_apply_field_rule function| gf_get_field_action function| gf_is_match function| gf_is_match_checkable function| gf_is_match_default function| gf_format_number function| gf_try_convert_float function| gf_matches_operation function| gf_get_value function| gf_do_field_action function| gf_do_next_button_action function| gf_do_action function| gf_reset_to_default function| gf_is_hidden_pricing_input function| gformAddStripeAction function| stripeResponseHandler function| gfp_stripe_set_stripe_info function| gfp_stripe_validate_card function| gfp_stripe_clear_card_info function| gfp_stripe_set_credit_card_error function| gfp_stripe_clear_credit_card_error function| rgars function| rgar object| gsapVersions object| tpGS object| punchgs object| RSANYID object| RSANYID_sliderID object| gfMultiFileUploader object| jQuery112403168389741596731 string| gtm4wp_datalayer_name object| dataLayer object| _wpemojiSettings object| gf_global function| Stripe object| gfp_stripe_js_vars object| dataLayer_content function| setREVStartSize object| tribe_l10n_datatables object| mejsL10n object| _wpmejsSettings object| oxyThemeData function| oxyThemeScripts object| mejs function| MediaElement object| HtmlMediaElement function| onYouTubePlayerAPIReady function| DefaultPlayer function| MediaElementPlayer object| wp object| Modernizr function| Waypoint function| EventEmitter object| eventie function| imagesLoaded function| Odometer function| Chart object| skrollr object| Pace object| paceOptions function| vc_js function| vc_plugin_flexslider function| vc_googleplus function| vc_pinterest function| vc_progress_bar function| vc_waypoints function| vc_toggleBehaviour function| vc_tabsBehaviour function| vc_accordionBehaviour function| vc_teaserGrid function| vc_carouselBehaviour function| vc_slidersBehaviour function| vc_prettyPhoto function| vc_google_fonts boolean| vcParallaxSkroll function| vc_rowBehaviour function| vc_gridBehaviour function| getColumnsCount function| wpb_prepare_tab_content function| vc_ttaActivation function| vc_accordionActivate function| initVideoBackgrounds function| vc_initVideoBackgrounds function| insertYoutubeVideoAsBackground function| vcResizeVideoBackground function| vcExtractYoutubeId function| vc_googleMapsPointer function| vc_setHoverBoxPerspective function| vc_setHoverBoxHeight function| vc_prepareHoverBox object| gf_form_conditional_logic string| gf_number_format object| gf_cc_rules string| waypointContextKey function| do_callback string| formId object| google_tag_manager object| recaptcha object| google_tag_data string| GoogleAnalyticsObject function| ga function| twq string| _linkedin_data_partner_id function| fbq function| _fbq object| closure_lm_958796 object| twemoji object| gaplugins object| gaGlobal object| gaData object| twttr function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| lintrk boolean| _already_called_lintrk function| requestChatReassignment function| clearChatReassignmentTimer function| setChatReassignmentTimer object| SnapABug object| SnapABugChat object| SnapEngage object| SnapEngageChat object| chat_custom_design object| DS_WebFont function| ListView function| Card object| SE_YAHOO

0 Cookies

5 Console Messages

Source Level URL
Text
console-api log URL: https://unitedwaywinnipeg.ca/wp-content/litespeed/cssjs/a1be6.js?35aad(Line 5)
Message:
JQMIGRATE: Migrate is installed with logging active, version 1.4.1
console-api warning URL: https://unitedwaywinnipeg.ca/wp-content/litespeed/cssjs/a1be6.js?35aad(Line 8)
Message:
JQMIGRATE: jQuery.fn.load() is deprecated
console-api log URL: https://unitedwaywinnipeg.ca/wp-content/litespeed/cssjs/a1be6.js?35aad(Line 8)
Message:
console.trace
console-api warning URL: https://unitedwaywinnipeg.ca/wp-content/litespeed/cssjs/a1be6.js?35aad(Line 8)
Message:
JQMIGRATE: jQuery.event.handle is undocumented and deprecated
console-api log URL: https://unitedwaywinnipeg.ca/wp-content/litespeed/cssjs/a1be6.js?35aad(Line 8)
Message:
console.trace

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
connect.facebook.net
e1.envoke.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js.stripe.com
px.ads.linkedin.com
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
storage.googleapis.com
t.co
unitedwaywinnipeg.ca
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.snapengage.com
104.244.42.3
104.244.42.69
151.101.112.157
151.101.112.176
192.95.20.61
216.58.212.130
2620:1ec:21::14
2a00:1450:4001:802::2004
2a00:1450:4001:802::200a
2a00:1450:4001:806::2003
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2010
2a00:1450:4001:81b::200e
2a00:1450:4001:81f::2003
2a00:1450:4001:820::2013
2a00:1450:4001:824::2008
2a00:1450:4001:825::2002
2a00:1450:4001:825::2003
2a00:1450:400c:c00::9b
2a02:26f0:10c:582::25ea
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:f500:10:101::b93f:9105
51.79.72.201
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14e0a9eee15d7462a59f079f91e6bcf63b63a15e403cf2422e3ea8b343c1b0b4
172314ff74044b918766ed4763279b5e8798622087c0a2930f59c9d44662213d
18e4f349a06983b49d8df83c5e6bb07d3826b5e08011f1c91036b0ab8c62731b
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
20c19d25df2e678693071582e3896ecdf3223897527d96ae836782b35d0a9f67
228e621617b1c827fdecef0daa449ac5d9a5c21eb9031c4a1c588cec50460742
27829e4f065a275631354f8bd2101a4e976628f6ea82bab0355693034cc014f5
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
30ade03ee7971abd95b28385f0133ef663c11de215d0d2b3478c8cdc1a58269f
320692964b2af24e6fa2a25cfd5d5442e1a25996379c7d3bc624ae8dc8ccf910
3b809f6698171d4124590a1fd25cf59e6803bbff2364bc226ecdd99391fe5690
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
4271a64614ad7058d706dd39545f6cd4a20d6059caeaa85ec8bcc583e56787c1
5211fb45f17faeb3c898dfb730242af6ca2269315d04c35620ffcb285232f40c
54f3aa37078dcd01911c9da1a5fd753b5834dde5acfd90c5bd55243bba87cf6d
5ad37ba25d8d7c53accb8ea3a475c99d44f1aab5907f44ff3fc8b2405c654cbc
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
6a3d6e7e7915f6c114a581ff6481294dc68039babf3a68ca6c2bceb3f4efd7a6
706494a230ae9c22ebbda2b9fce9af786bac0ea5f315c80e3fbe9f44e7883c38
7142f50f91e9609553b57e1682825fe2ad398500a1876f86fbac2d21edd98ef5
71b4ef7dd259bc9cbd07f905465bfad6a183d372c7d5fe8acc5ce45690418a0d
7e0d65e31fa7e2dd041d480f597a76a2f98182d1ddbfc99f182b652a1a84f0f0
8247f4332667950989fe6bf790f87723343db2ec83d975503e9c5dc13a6eb5dc
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e
92b8c0607df07f29181bcb33b0d998c978589609aa460b941dce9193a58fd86e
9de9269f2113a8def7f5988bd0baec0d73bbf3e6d113514d54da3e9e4085b5e9
9f96a866655ff77e36be0288f089fe64cc95c64107bd2965c1f777b5d50d1340
a3667e191c922801f911d1f2744f7f80b71ac9c777edfb32f9391f27d5a50e9d
a58528b48335ccca25ae2c5b860bca4153bb1c7b2358e0569fa3dce893a1e782
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ac9be2346ee10382b1816d9554b761e140d830ec26577bd6c400f7cf7d875eeb
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
d62a7b7ec5313469ebff5c006b9068dc44d6d1c122cf787ffa29a10113b34060
d859a4dd217c69f291adef445e1c3a938ef7d850af3ba0f79f8ae081cda89e12
db26d6c8b9587ef47481a29cf0980a5573a3bb19a83bd6e74bdbec7b049f4c22
db8942734810b6d51f6dd27140be3b3c20ce6bce9472c8afc183919f475ca77d
dcf02c94cf3794f375113f25f3367e3efac8bbff136fefac0a28e25b259c35b2
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e37570ef85a3553930ba20dfab7280bfcead8a2238b536b5c03c629c35b3d4ca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef1fb0afe7b643b6ec1581361c6b4772c6cdcd039fd4bed60f8a54fe811a7ad2
f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093
f43ed67b5dbe01a3b359d5af3077afe6543a88bc32088c322171335e09b39e76
ff0a1f65c258160a04e2a5ba90747609a94581af89cd7cf4ff3f00ac2952abf7