urlscan.io logo urlscan.io
SecurityTrails logo

secured.heritage.org Open in urlscan Pro
2606:4700:10::6814:28f0  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://links.conservativeintel.com/u/click?_t=06987e4dc3184376a5094bb3854429ac&_m=1f1f7211a0cc4b89b2127b3b554aee2f&_e=9MIzK0JEvbSx7...
Effective URL: https://secured.heritage.org/constitution/?utm_campaign=constitutionguide&utm_medium=email&utm_source=prospecting&utm_content...
Submission: On April 07 via manual from IN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 3 countries across 19 domains to perform 43 HTTP transactions. The main IP is 2606:4700:10::6814:28f0, located in United States and belongs to CLOUDFLARENET, US. The main domain is secured.heritage.org.
TLS certificate: Issued by Thawte EV RSA CA 2018 on July 13th 2020. Valid for: a year.
This is the only time secured.heritage.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 34.193.170.119 14618 (AMAZON-AES)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
3 54.230.183.104 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:201... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
4 52.222.190.77 16509 (AMAZON-02)
1 3.212.31.157 14618 (AMAZON-AES)
3 2a00:1450:400... 15169 (GOOGLE)
1 142.250.185.194 15169 (GOOGLE)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
3 2a03:2880:f03... 32934 (FACEBOOK)
1 151.101.113.131 54113 (FASTLY)
2 104.111.234.67 16625 (AKAMAI-AS)
1 2 2620:119:50e1... 14413 (LINKEDIN)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 52.222.179.105 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f13... 32934 (FACEBOOK)
43 23
1    34.193.170.119 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-170-119.compute-1.amazonaws.com
links.conservativeintel.com
1    2606:4700:10::6814:28f0 (United States)

ASN13335 (CLOUDFLARENET, US)
secured.heritage.org
3    54.230.183.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-183-104.ham50.r.cloudfront.net
builder-assets.unbounce.com
2    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2600:9000:2016:fe00:1d:11cf:5800:93a1 (United States)

ASN16509 (AMAZON-02, US)
d34qb8suadcc4g.cloudfront.net
2    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    52.222.190.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-190-77.ham50.r.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
1    3.212.31.157 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-31-157.compute-1.amazonaws.com
events.ub-analytics.com
3    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
www.googleadservices.com
2    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
1    2a02:26f0:6c00:295::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
3    2a03:2880:f036:1d:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    151.101.113.131 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
23fb6d9ba3f348d2b885dfa43ec08ab4.js.ubembed.com
2    104.111.234.67 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-234-67.deploy.static.akamaitechnologies.com
munchkin.marketo.net
2    2620:119:50e1:101::6cae:b25 (United States)

ASN14413 (LINKEDIN, US)
px.ads.linkedin.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.linkedin.com
2    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
analytics.google.com
2    2a00:1450:400c:c0b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    52.222.179.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-179-105.ham50.r.cloudfront.net
assets.ubembed.com
2    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a03:2880:f136:83:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
Domain Requested by
4 d9hhrg4mnvzow.cloudfront.net secured.heritage.org
3 www.google.de secured.heritage.org
3 connect.facebook.net www.googletagmanager.com
connect.facebook.net
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 builder-assets.unbounce.com secured.heritage.org
2 www.facebook.com secured.heritage.org
2 www.google.com secured.heritage.org
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 analytics.google.com www.googletagmanager.com
2 px.ads.linkedin.com 1 redirects secured.heritage.org
2 munchkin.marketo.net www.googletagmanager.com
munchkin.marketo.net
2 bat.bing.com www.googletagmanager.com
secured.heritage.org
2 www.googletagmanager.com secured.heritage.org
www.googletagmanager.com
2 d34qb8suadcc4g.cloudfront.net secured.heritage.org
d34qb8suadcc4g.cloudfront.net
2 ajax.googleapis.com secured.heritage.org
1 googleads.g.doubleclick.net www.googleadservices.com
1 assets.ubembed.com 23fb6d9ba3f348d2b885dfa43ec08ab4.js.ubembed.com
1 www.linkedin.com 1 redirects
1 23fb6d9ba3f348d2b885dfa43ec08ab4.js.ubembed.com www.googletagmanager.com
1 snap.licdn.com www.googletagmanager.com
1 www.googleadservices.com www.googletagmanager.com
1 events.ub-analytics.com secured.heritage.org
1 secured.heritage.org
1 links.conservativeintel.com 1 redirects
43 24

This site contains no links.

Subject Issuer Validity Valid
secured.heritage.org
Thawte EV RSA CA 2018		 2020-07-13 -
2021-09-11		 a year crt.sh
*.unbounce.com
Amazon		 2021-03-10 -
2022-04-08		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2021-02-22 -
2022-02-21		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.ub-analytics.com
Amazon		 2020-06-08 -
2021-07-08		 a year crt.sh
www.googleadservices.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2021-01-19 -
2021-07-19		 6 months crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2019-04-01 -
2021-05-07		 2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-02-10 -
2021-05-10		 3 months crt.sh
*.js.ubembed.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
*.marketo.net
DigiCert SHA2 Secure Server CA		 2021-03-29 -
2022-04-06		 a year crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2021-01-06 -
2021-07-05		 6 months crt.sh
*.google.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
www.google.de
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
assets.ubembed.com
Amazon		 2021-03-06 -
2022-04-04		 a year crt.sh
www.google.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.google.de
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://secured.heritage.org/constitution/?utm_campaign=constitutionguide&utm_medium=email&utm_source=prospecting&utm_content=CC-constitution-2003&utm_cc=ccc_2193635_recTz8ASkjLrZrG2U&leadcreated=false
Frame ID: DE8FE30BD96992982646EDCA5B6C893A
Requests: 44 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://links.conservativeintel.com/u/click?_t=06987e4dc3184376a5094bb3854429ac&_m=1f1f7211a0cc4b89b2127b3b554ae... HTTP 303
    https://secured.heritage.org/constitution/?utm_campaign=constitutionguide&utm_medium=email&utm_source=pro... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

43
Requests

98 %
HTTPS

67 %
IPv6

19
Domains

24
Subdomains

23
IPs

3
Countries

516 kB
Transfer

1565 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://links.conservativeintel.com/u/click?_t=06987e4dc3184376a5094bb3854429ac&_m=1f1f7211a0cc4b89b2127b3b554aee2f&_e=9MIzK0JEvbSx7QcvmVXIafNHE_maPYXivnqTJJzfYaU_H1avLWtbDjJ_ZSmlqclBO9v_ekqkfxbHLQhjjZ89mC74vCdU-9Jryn2-x7Go4x88zpv7f3myEPlNWpXPLsO16-cljwX4ydXK06fZ6DPdCNL8vbA_kGXRM5Nn4LCsQlfxepOa_NsP0DEnO3G_S6YOIwmhAh2J4SEo4dSS7TrVTtg5qV72bL3du6AYGm87ebZMfIVxdevhnKWdaLOA2WoMHJ5yVINFU9jF6e1kajudbMWKNDHB13H_QeS2hYUgrIzZ_D5OhGXWdtGBqOoFlqhN8uIz8PIw5-5Yhx5aVjZMePqBBfu0tNf-RtDo-ZbwynQZXXZ5q3bSgbZ5zj6phJP4E6gvpDE5Up_pjUAvJym5ufouUeFkBtZX0zBzYQNbSV3N-aODQ8S4YLjdkEh3mx7ahXTbw5M5vEJMndkerNnuGMV59AIdQi4Zu_OV9mBHJB0%3D HTTP 303
    https://secured.heritage.org/constitution/?utm_campaign=constitutionguide&utm_medium=email&utm_source=prospecting&utm_content=CC-constitution-2003&utm_cc=ccc_2193635_recTz8ASkjLrZrG2U&leadcreated=false Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1757818&time=1617831821952&url=https%3A%2F%2Fsecured.heritage.org%2Fconstitution%2F%3Futm_campaign%3Dconstitutionguide%26utm_medium%3Demail%26utm_source%3Dprospecting%26utm_content%3DCC-constitution-2003%26utm_cc%3Dccc_2193635_recTz8ASkjLrZrG2U%26leadcreated%3Dfalse HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1757818%26time%3D1617831821952%26url%3Dhttps%253A%252F%252Fsecured.heritage.org%252Fconstitution%252F%253Futm_campaign%253Dconstitutionguide%2526utm_medium%253Demail%2526utm_source%253Dprospecting%2526utm_content%253DCC-constitution-2003%2526utm_cc%253Dccc_2193635_recTz8ASkjLrZrG2U%2526leadcreated%253Dfalse%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1757818&time=1617831821952&url=https%3A%2F%2Fsecured.heritage.org%2Fconstitution%2F%3Futm_campaign%3Dconstitutionguide%26utm_medium%3Demail%26utm_source%3Dprospecting%26utm_content%3DCC-constitution-2003%26utm_cc%3Dccc_2193635_recTz8ASkjLrZrG2U%26leadcreated%3Dfalse&liSync=true

43 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
secured.heritage.org/constitution/
Redirect Chain
  • http://links.conservativeintel.com/u/click?_t=06987e4dc3184376a5094bb3854429ac&_m=1f1f7211a0cc4b89b2127b3b554aee2f&_e=9MIzK0JEvbSx7QcvmVXIafNHE_maPYXivnqTJJzfYaU_H1avLWtbDjJ_ZSmlqclBO9v_ekqkfxbHLQh...
  • https://secured.heritage.org/constitution/?utm_campaign=constitutionguide&utm_medium=email&utm_source=prospecting&utm_content=CC-constitution-2003&utm_cc=ccc_2193635_recTz8ASkjLrZrG2U&leadcreated=f...
36 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secured.heritage.org/constitution/?utm_campaign=constitutionguide&utm_medium=email&utm_source=prospecting&utm_content=CC-constitution-2003&utm_cc=ccc_2193635_recTz8ASkjLrZrG2U&leadcreated=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:10::6814:28f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02c4aa248d9de2a8ff07da5bd79dbec3344e2f2fb2652bf7273847d509940436

Request headers

:method
GET
:authority
secured.heritage.org
:scheme
https
:path
/constitution/?utm_campaign=constitutionguide&utm_medium=email&utm_source=prospecting&utm_content=CC-constitution-2003&utm_cc=ccc_2193635_recTz8ASkjLrZrG2U&leadcreated=false
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 21:43:41 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d3710982f1880afa9c1a664814982ebb21617831821; expires=Fri, 07-May-21 21:43:41 GMT; path=/; domain=.heritage.org; HttpOnly; SameSite=Lax ubpv=c%2C06ef4334-f49a-46c1-a9e5-66cd583883cd; Max-Age=15897600; Expires=Fri, 08 Oct 2021 21:43:41 GMT; Path=/constitution/; SameSite=Lax ubrs=weighted; Path=/constitution/; SameSite=Lax ubvs=252.146.87.2131618622309109573; Max-Age=15552000; Expires=Mon, 04 Oct 2021 21:43:41 GMT; Path=/; SameSite=Lax ubvt=252.146.87.2131618622309109573; Max-Age=259200; Expires=Sat, 10 Apr 2021 21:43:41 GMT; Path=/; Domain=heritage.org; SameSite=Lax LB-Persist=!NL6S2BlZUALluMUtvZm2YC3qkLNa8pFH6s9cteJLUC9vrA5mh5pQWICh8dHWb6JGk3QNuG01lrc8Ow==; path=/; Httponly; Secure
vary
Accept-Encoding
cache-control
max-age=0; private
x-unbounce-plugin
1
x-unbounce-pageid
06ef4334-f49a-46c1-a9e5-66cd583883cd
content-location
https://secured.heritage.org/constitution/
x-unbounce-visitorid
252.146.87.2131618622309109573
x-unbounce-variant
c
link
<https://secured.heritage.org/constitution/>; rel="canonical"
server-id
WW1.PROD
content-encoding
gzip
cf-cache-status
BYPASS
cf-request-id
094fe3970c000097f688805000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
63c66ed1abdc97f6-FRA

Redirect headers

Date
Wed, 07 Apr 2021 21:43:40 GMT
Content-Length
0
Connection
keep-alive
Vary
Origin
Location
https://secured.heritage.org/constitution/?utm_campaign=constitutionguide&utm_medium=email&utm_source=prospecting&utm_content=CC-constitution-2003&utm_cc=ccc_2193635_recTz8ASkjLrZrG2U&leadcreated=false
Set-Cookie
iterableEndUserId=r313%40clayton.net; Max-Age=31536000; Expires=Thu, 07 Apr 2022 21:43:40 GMT; Path=/; Domain=.conservativeintel.com iterableEmailCampaignId=2193635; Max-Age=86400; Expires=Thu, 08 Apr 2021 21:43:40 GMT; Path=/; Domain=.conservativeintel.com iterableTemplateId=3007625; Max-Age=86400; Expires=Thu, 08 Apr 2021 21:43:40 GMT; Path=/; Domain=.conservativeintel.com iterableMessageId=1f1f7211a0cc4b89b2127b3b554aee2f; Max-Age=86400; Expires=Thu, 08 Apr 2021 21:43:40 GMT; Path=/; Domain=.conservativeintel.com XSRF-TOKEN=c1d8603a89b270c88002b0a7e52bc205afa07e6e-1617831820932-11f0de07388b279b252da975; SameSite=Lax; Path=/
Request-Time
5
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options
sameorigin
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
Content-Security-Policy
X-Permitted-Cross-Domain-Policies
master-only
Server
iterable-links 08b0
main-7b78720.z.css
builder-assets.unbounce.com/published-css/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by
Host: secured.heritage.org
URL: https://secured.heritage.org/constitution/?utm_campaign=constitutionguide&utm_medium=email&utm_source=prospecting&utm_content=CC-constitution-2003&utm_cc=ccc_2193635_recTz8ASkjLrZrG2U&leadcreated=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-104.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Feb 2021 01:12:18 GMT
content-encoding
gzip
last-modified
Thu, 14 Jan 2021 00:04:15 GMT
server
AmazonS3
age
5344284
etag
"387bd017c5b4c65e427e652174ec93b6"
x-cache
Hit from cloudfront
x-amz-version-id
g0dWGVKuz6Te2m6gM.NTNKySvNlc4fV3
via
1.1 91bfa1bdba15fba4281ea367ab656f54.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
HAM50-C3
accept-ranges
bytes
content-type
text/css
content-length
2902
x-amz-cf-id
q0Xlu9giP7LW7Nndfm4t6CfQUWAbFalvEF9PVGSrLLoDJkFlQGWHqA==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.4.2/ 		70 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
Requested by
Host: secured.heritage.org
URL: https://secured.heritage.org/constitution/?utm_campaign=constitutionguide&utm_medium=email&utm_source=prospecting&utm_content=CC-constitution-2003&utm_cc=ccc_2193635_recTz8ASkjLrZrG2U&leadcreated=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Apr 2021 07:30:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
137603
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24715
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Apr 2022 07:30:18 GMT
jquery-shims.bundle-0983003.z.js
builder-assets.unbounce.com/published-js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-js/jquery-shims.bundle-0983003.z.js
Requested by
Host: secured.heritage.org
URL: https://secured.heritage.org/constitution/?utm_campaign=constitutionguide&utm_medium=email&utm_source=prospecting&utm_content=CC-constitution-2003&utm_cc=ccc_2193635_recTz8ASkjLrZrG2U&leadcreated=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-104.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0983003c2827bd0b24985d096cb40456780a70afc96c5913bf1217529c18254b

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 30 Jan 2021 04:53:24 GMT
content-encoding
gzip
last-modified
Thu, 14 Jan 2021 00:04:10 GMT
server
AmazonS3
age
5849418
etag
"3b66d56998a2783e24247b98afc91699"
x-cache
Hit from cloudfront
x-amz-version-id
ry9zpTwX4fPowGAj2.vjMkgU6xjmzh2o
via
1.1 91bfa1bdba15fba4281ea367ab656f54.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
HAM50-C3
accept-ranges
bytes
content-type
application/javascript
content-length
1993
x-amz-cf-id
dhMbE-kjj7ZsQThxsFvNFEwa0SqqUsxUasrhtORrHFtV8oNQ5kmI9g==
ub.js
d34qb8suadcc4g.cloudfront.net/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d34qb8suadcc4g.cloudfront.net/ub.js?1605293162
Requested by
Host: secured.heritage.org
URL: https://secured.heritage.org/constitution/?utm_campaign=constitutionguide&utm_medium=email&utm_source=prospecting&utm_content=CC-constitution-2003&utm_cc=ccc_2193635_recTz8ASkjLrZrG2U&leadcreated=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2016:fe00:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
146713f310842933dc62d2bed7f0eaaf8a9cf3cdf72fd37610ef51e58378c8dc

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 01:39:35 GMT
content-encoding
gzip
last-modified
Fri, 13 Nov 2020 18:45:36 GMT
server
AmazonS3
age
4651447
etag
"91086183e2039359e4bf5622dfb57722"
x-cache
Hit from cloudfront
x-amz-version-id
D6xyQ1UlRnHjPycouA5Yb4DYOQiJWBkd
via
1.1 2408979685aa1bdb752824d292e63bf7.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
HAM50-C2
accept-ranges
bytes
content-type
application/javascript
content-length
1992
x-amz-cf-id
iwIMmax3nYrInuYuPBOtSp31FVkAIcIBTwx1xV7fjrE6JhbAEuH9gw==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: secured.heritage.org
URL: https://secured.heritage.org/constitution/?utm_campaign=constitutionguide&utm_medium=email&utm_source=prospecting&utm_content=CC-constitution-2003&utm_cc=ccc_2193635_recTz8ASkjLrZrG2U&leadcreated=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 10:49:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39229
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30306
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Apr 2022 10:49:52 GMT
main.bundle-5c6e41c.z.js
builder-assets.unbounce.com/published-js/ 		104 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-js/main.bundle-5c6e41c.z.js
Requested by
Host: secured.heritage.org
URL: https://secured.heritage.org/constitution/?utm_campaign=constitutionguide&utm_medium=email&utm_source=prospecting&utm_content=CC-constitution-2003&utm_cc=ccc_2193635_recTz8ASkjLrZrG2U&leadcreated=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-104.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5c6e41cab44d3fc8958df6b852e4e728360a81d7a5fc3079b36e677cc07f8edb

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 03:07:39 GMT
content-encoding
gzip
last-modified
Thu, 14 Jan 2021 00:04:10 GMT
server
AmazonS3
age
1881363
etag
"bb50eefe0cf9244bc17fe34bb55821bb"
x-cache
Hit from cloudfront
x-amz-version-id
ipR703zeXb6Y9CZFo9gIWbPXuPKHmpp3
via
1.1 91bfa1bdba15fba4281ea367ab656f54.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
HAM50-C3
accept-ranges
bytes
content-type
application/javascript
content-length
33645
x-amz-cf-id
t3SlTgsLXJJvBANp6bCsgg6rtUyMDTQe4fuK1J9oO3DDwlK33_Dbtg==
gtm.js
www.googletagmanager.com/ 		207 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M7B3LZV
Requested by
Host: secured.heritage.org
URL: https://secured.heritage.org/constitution/?utm_campaign=constitutionguide&utm_medium=email&utm_source=prospecting&utm_content=CC-constitution-2003&utm_cc=ccc_2193635_recTz8ASkjLrZrG2U&leadcreated=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
23cf7d27cab64171f59065c082033a5ce7cad06475924340066779d1623d6de7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 21:43:41 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65634
x-xss-protection
0
last-modified
Wed, 07 Apr 2021 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 07 Apr 2021 21:43:41 GMT
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
sp-2.14.0.js
d34qb8suadcc4g.cloudfront.net/ 		98 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d34qb8suadcc4g.cloudfront.net/sp-2.14.0.js
Requested by
Host: d34qb8suadcc4g.cloudfront.net
URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1605293162
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2016:fe00:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 23:20:35 GMT
content-encoding
gzip
last-modified
Wed, 04 Nov 2020 01:35:32 GMT
server
AmazonS3
age
2931787
etag
"73de733c308b8b5e44d2a6242dc4bd99"
x-cache
Hit from cloudfront
x-amz-version-id
rVTqklA1qqyT_0VdOCY323BKPISR0uej
via
1.1 2408979685aa1bdb752824d292e63bf7.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
HAM50-C2
accept-ranges
bytes
content-type
application/javascript
content-length
30399
x-amz-cf-id
nkftfVF1E4jb1Wb1GeS9WdVbCrVLZnvzUKbXCS-lUR_ptirJLf-r1A==
ccb3f4ee-7b25-4034-9283-b6d3efdaffbc
https://secured.heritage.org/ 		5 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
blob:https://secured.heritage.org/ccb3f4ee-7b25-4034-9283-b6d3efdaffbc
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-5c6e41c.z.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
5603
Content-Type
text/css
6e4b47e7-white_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/secured.heritage.org/constitution/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/secured.heritage.org/constitution/6e4b47e7-white_1000000000000000000028.png
Requested by
Host: secured.heritage.org
URL: https://secured.heritage.org/constitution/?utm_campaign=constitutionguide&utm_medium=email&utm_source=prospecting&utm_content=CC-constitution-2003&utm_cc=ccc_2193635_recTz8ASkjLrZrG2U&leadcreated=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.190.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-190-77.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ff7579dbbafe0b642d51d14a94ed96dbbbe3ccca46207b3c541cab2a029010f6

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 21:09:47 GMT
via
1.1 91f3147e9f66b9e5e2ff9fa00ee626c0.cloudfront.net (CloudFront)
last-modified
Thu, 01 Apr 2021 15:34:19 GMT
server
AmazonS3
age
347635
etag
"75fe7164c0847d88dfd41291d38b8a3a"
x-cache
Hit from cloudfront
x-amz-version-id
crEB_fu4COtyXh.0mf_3aRpgpVIQ5aXL
cache-control
max-age=31557600
x-amz-cf-pop
HAM50-C2
accept-ranges
bytes
content-type
image/png
content-length
2103
x-amz-cf-id
LfAd2GDKTpqwaZHvwyyL9TqhEBJMn-2WlCRL0qcqJMq1Ti3DcAV3oA==
951b6926-thfguide_103005r03005q000000028.png
d9hhrg4mnvzow.cloudfront.net/secured.heritage.org/constitution/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/secured.heritage.org/constitution/951b6926-thfguide_103005r03005q000000028.png
Requested by
Host: secured.heritage.org
URL: https://secured.heritage.org/constitution/?utm_campaign=constitutionguide&utm_medium=email&utm_source=prospecting&utm_content=CC-constitution-2003&utm_cc=ccc_2193635_recTz8ASkjLrZrG2U&leadcreated=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.190.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-190-77.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
761300c8121f5ffade942469aee5872f5796ba860d3f48b23784b86f527e2f24

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 21:09:47 GMT
via
1.1 91f3147e9f66b9e5e2ff9fa00ee626c0.cloudfront.net (CloudFront)
last-modified
Thu, 01 Apr 2021 15:34:19 GMT
server
AmazonS3
age
347635
etag
"ab2af0c63573524eee5828e934a8cbe1"
x-cache
Hit from cloudfront
x-amz-version-id
jo9LXfVZHdnQVSjdZ9kzugicVWnvpM71
cache-control
max-age=31557600
x-amz-cf-pop
HAM50-C2
accept-ranges
bytes
content-type
image/png
content-length
4490
x-amz-cf-id
B9FxTQR6ERt9pcEMipo3LZUbOE_UUL8aMReIH-E3hMWUNWp60AaWEQ==
b27d6dfe-guide-desktop_107c05b000000000000028.png
d9hhrg4mnvzow.cloudfront.net/secured.heritage.org/constitution/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/secured.heritage.org/constitution/b27d6dfe-guide-desktop_107c05b000000000000028.png
Requested by
Host: secured.heritage.org
URL: https://secured.heritage.org/constitution/?utm_campaign=constitutionguide&utm_medium=email&utm_source=prospecting&utm_content=CC-constitution-2003&utm_cc=ccc_2193635_recTz8ASkjLrZrG2U&leadcreated=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.190.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-190-77.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5cc358dc3fdf827a9c7e07345ec4ac343eb8ae8b4ac6de8f899badf422e2da49

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 15:42:20 GMT
via
1.1 91f3147e9f66b9e5e2ff9fa00ee626c0.cloudfront.net (CloudFront)
last-modified
Thu, 01 Apr 2021 15:34:19 GMT
server
AmazonS3
age
540082
etag
"f6a1aeb476cb74dce682115620a330b1"
x-cache
Hit from cloudfront
x-amz-version-id
V.xk4qCZJQPWMd0CoKwH0BNWtaA7OI7N
cache-control
max-age=31557600
x-amz-cf-pop
HAM50-C2
accept-ranges
bytes
content-type
image/png
content-length
6902
x-amz-cf-id
R56TSGI9cfvD6HbKdgIobCFlXXy1NwYYTOkytFMcBi15RRR0UzniDw==
ac737ec2-five-stars_103z00y000000000000028.png
d9hhrg4mnvzow.cloudfront.net/secured.heritage.org/constitution/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/secured.heritage.org/constitution/ac737ec2-five-stars_103z00y000000000000028.png
Requested by
Host: secured.heritage.org
URL: https://secured.heritage.org/constitution/?utm_campaign=constitutionguide&utm_medium=email&utm_source=prospecting&utm_content=CC-constitution-2003&utm_cc=ccc_2193635_recTz8ASkjLrZrG2U&leadcreated=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.190.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-190-77.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f01789d872505e99cb8f16838be590429f035fd8ff2ad5cfb2cc6da631a4ad87

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 15:42:20 GMT
via
1.1 91f3147e9f66b9e5e2ff9fa00ee626c0.cloudfront.net (CloudFront)
last-modified
Thu, 01 Apr 2021 15:34:19 GMT
server
AmazonS3
age
540082
etag
"523a9cb4c76ecf6cb60d29854d0fc16d"
x-cache
Hit from cloudfront
x-amz-version-id
wlGhUE177ppUBZp5UBsQQ6dkrpyXXw48
cache-control
max-age=31557600
x-amz-cf-pop
HAM50-C2
accept-ranges
bytes
content-type
image/png
content-length
1029
x-amz-cf-id
WGkZYedcrc1IEQpWNx6nMklj539DSqXlk27pWlvqzdbwSEC1YpqXMg==
i
events.ub-analytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.ub-analytics.com/i?stm=1617831821879&e=pv&url=https%3A%2F%2Fsecured.heritage.org%2Fconstitution%2F%3Futm_campaign%3Dconstitutionguide%26utm_medium%3Demail%26utm_source%3Dprospecting%26utm_content%3DCC-constitution-2003%26utm_cc%3Dccc_2193635_recTz8ASkjLrZrG2U%26leadcreated%3Dfalse&page=Heritage%20Guide%20to%20the%20Constitution&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=Europe%2FBerlin&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&cookie=1&eid=219754d3-855f-448c-906f-3ac6ec24aca5&dtm=1617831821877&vp=1600x1200&ds=1600x1200&vid=1&sid=a6a796a6-633a-4371-b00d-02f5da5bda01&duid=b99a7dae-8e9d-4955-8089-e04fa36a94b8&uid=252.146.87.2131618622309109573&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiMDZlZjQzMzQtZjQ5YS00NmMxLWE5ZTUtNjZjZDU4Mzg4M2NkIiwidmFyaWFudElkIjoiYyIsImV2ZW50VHlwZSI6InZpc2l0IiwiZXZlbnRNZXRhZGF0YSI6W10sInJvdXRpbmdTdHJhdGVneSI6IndlaWdodGVkIn19XX0
Requested by
Host: secured.heritage.org
URL: https://secured.heritage.org/constitution/?utm_campaign=constitutionguide&utm_medium=email&utm_source=prospecting&utm_content=CC-constitution-2003&utm_cc=ccc_2193635_recTz8ASkjLrZrG2U&leadcreated=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.31.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-31-157.compute-1.amazonaws.com
Software
akka-http/10.0.9 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 07 Apr 2021 21:43:42 GMT
access-control-allow-credentials
true
server
akka-http/10.0.9
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
content-length
43
content-type
image/gif
js
www.googletagmanager.com/gtag/ 		164 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-W14BT6YQ87&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7B3LZV
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1db3c36cd2cdd7dc2285f0924a40a8dc83103abcd504903b4583ff94c2a69932
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 21:43:41 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61163
x-xss-protection
0
expires
Wed, 07 Apr 2021 21:43:41 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7B3LZV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 Mar 2021 19:22:18 GMT
server
Golfe2
age
3415
date
Wed, 07 Apr 2021 20:46:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19463
expires
Wed, 07 Apr 2021 22:46:46 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7B3LZV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
a91f331e1b5196cdf777af51a6aec591932f282918ecaf815d3ae3ffd369a58e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 21:43:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13811
x-xss-protection
0
server
cafe
etag
10785024895408828692
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 07 Apr 2021 21:43:41 GMT
bat.js
bat.bing.com/ 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7B3LZV
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1fe2437a79282fb26d2267e40cdb7ac59164d0ee5e5b9f955f05a49f686ab616

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 21:43:41 GMT
content-encoding
gzip
last-modified
Fri, 02 Apr 2021 18:16:38 GMT
x-msedge-ref
Ref A: 2B999F27B3C749F6B58CD08843A45C3E Ref B: FRAEDGE1309 Ref C: 2021-04-07T21:43:41Z
etag
"0c77652ec27d71:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
8885
insight.min.js
snap.licdn.com/li.lms-analytics/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7B3LZV
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:295::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 21:43:41 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Jan 2021 22:14:03 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=34012
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1855
fbevents.js
connect.facebook.net/en_US/ 		91 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7B3LZV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f036:1d:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
86cc35989be655e6cbe68540cf835dec34388862a948fbd05850100797c32319
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23784
x-fb-rlafr
0
pragma
public
x-fb-debug
xu8IbcYM7xCbFRDiNSlFgsjhlFNV710+hgcMYCdLtEDC5zB21Hprn0BZMUwuoi1L9APslB2W1Qw8xKnCNnQf0g==
x-fb-trip-id
512678718
x-frame-options
DENY
date
Wed, 07 Apr 2021 21:43:41 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
23fb6d9ba3f348d2b885dfa43ec08ab4.js.ubembed.com/ 		485 B
621 B 		Script
General
Check archive.org
Download Go to
Full URL
https://23fb6d9ba3f348d2b885dfa43ec08ab4.js.ubembed.com/
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7B3LZV
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.131 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7f837a85613b22790e8364b0d43a43a683b6732a7279c4a7fb58bc7f6975c4c6

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 21:43:42 GMT
content-encoding
br
x-backend-region
eu_west_1
age
1504
etag
b1f350e122ef70c2d0db4e98b7da5b7b-v0.179.0
vary
Accept-Encoding, Referer
x-cache
Miss from cloudfront, HIT
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0, must-revalidate
x-amz-cf-pop
FRA56-C1
accept-ranges
none
x-amz-apigw-id
dbozLEI8DoEFS4w=
munchkin.js
munchkin.marketo.net/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://munchkin.marketo.net/munchkin.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7B3LZV
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.234.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-234-67.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5cc2628039ee08964a5f46fb8abb1d5e1ec87e1200d12862ef1232bbfed7da55

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 21:43:42 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Aug 2020 03:11:00 GMT
Server
AkamaiNetStorage
ETag
"a67ed8ce0a86706b9f73a86806ce5bd3:1596597060.25158"
Vary
Accept-Encoding
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
752
collect
www.google-analytics.com/j/ 		2 B
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j89&a=886835176&t=pageview&_s=1&dl=https%3A%2F%2Fsecured.heritage.org%2Fconstitution%2F%3Futm_campaign%3Dconstitutionguide%26utm_medium%3Demail%26utm_source%3Dprospecting%26utm_content%3DCC-constitution-2003%26utm_cc%3Dccc_2193635_recTz8ASkjLrZrG2U%26leadcreated%3Dfalse&ul=en-us&de=UTF-8&dt=Heritage%20Guide%20to%20the%20Constitution&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEADQAAAAC~&jid=634670627&gjid=907149646&cid=1282552990.1617831822&tid=UA-1393129-30&_gid=210996692.1617831822&_r=1&gtm=2wg3v0M7B3LZV&z=1740750813
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 07 Apr 2021 21:43:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://secured.heritage.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.google-analytics.com/gtm/ 		117 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-TDTF3LZ&t=gtm7&cid=1282552990.1617831822
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
af4269c55443028d345a0aa55b354230bbadd75f1c81f78c6e34d8d117d2885f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 21:43:41 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42068
x-xss-protection
0
expires
Wed, 07 Apr 2021 21:43:41 GMT
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1757818&time=1617831821952&url=https%3A%2F%2Fsecured.heritage.org%2Fconstitution%2F%3Futm_campaign%3Dconstitutionguide%26utm_medium%3Demail%26utm_...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1757818%26time%3D1617831821952%26url%3Dhttps%253A%252F%252Fsecured.heritage.org%2...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1757818&time=1617831821952&url=https%3A%2F%2Fsecured.heritage.org%2Fconstitution%2F%3Futm_campaign%3Dconstitutionguide%26utm_medium%3Demail%26utm_...
0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1757818&time=1617831821952&url=https%3A%2F%2Fsecured.heritage.org%2Fconstitution%2F%3Futm_campaign%3Dconstitutionguide%26utm_medium%3Demail%26utm_source%3Dprospecting%26utm_content%3DCC-constitution-2003%26utm_cc%3Dccc_2193635_recTz8ASkjLrZrG2U%26leadcreated%3Dfalse&liSync=true
Requested by
Host: secured.heritage.org
URL: https://secured.heritage.org/constitution/?utm_campaign=constitutionguide&utm_medium=email&utm_source=prospecting&utm_content=CC-constitution-2003&utm_cc=ccc_2193635_recTz8ASkjLrZrG2U&leadcreated=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:119:50e1:101::6cae:b25 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 21:43:42 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
server
Play
linkedin-action
1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lor1
x-li-proto
http/2
x-li-pop
prod-esv5
content-type
application/javascript
content-length
0
x-li-uuid
qKxsoHixcxaw5MVc6CoAAA==

Redirect headers

content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
linkedin-action
1
content-length
0
x-li-uuid
DrDhlXixcxYwgSTSwyoAAA==
pragma
no-cache
x-li-pop
afd-prod-lor1
x-msedge-ref
Ref A: CAE9B10B8E1344CAAF24E9D29008B027 Ref B: FRAEDGE0816 Ref C: 2021-04-07T21:43:42Z
x-frame-options
sameorigin
date
Wed, 07 Apr 2021 21:43:42 GMT
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security
max-age=31536000
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lor1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1757818&time=1617831821952&url=https%3A%2F%2Fsecured.heritage.org%2Fconstitution%2F%3Futm_campaign%3Dconstitutionguide%26utm_medium%3Demail%26utm_source%3Dprospecting%26utm_content%3DCC-constitution-2003%26utm_cc%3Dccc_2193635_recTz8ASkjLrZrG2U%26leadcreated%3Dfalse&liSync=true
cache-control
no-cache, no-store
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
identity.js
connect.facebook.net/signals/plugins/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.33
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f036:1d:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
4673
x-fb-rlafr
0
pragma
public
x-fb-debug
5KguhX8SC2fZO3neR7QOH58/dhUrRm/62QW/XxDuAEZPmiTEaJbsBYsRpFH9+bPFDbzHqybN+AHazq/D+3Xong==
x-fb-trip-id
512678718
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 07 Apr 2021 21:43:41 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coop_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
493332274159836
connect.facebook.net/signals/config/ 		242 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/493332274159836?v=2.9.33&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f036:1d:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b4019edd296bebe063dd6bcd45e571715226e9b5c864eef9b94ef113b6ab3808
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
public
x-fb-debug
hB/wNxcqIqjdu3/Y59DMllEENldBQ85EzK7qIdqqdTigpXlSUJU/2WpUM9kG19VlgFYmweBzMoeLRtSV82PIqA==
x-fb-trip-id
512678718
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 07 Apr 2021 21:43:42 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coop_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
0
bat.bing.com/action/ 		0
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5060389&tm=gtm001&Ver=2&mid=ff77b6b7-f87f-4e0f-9be5-5b28cc6fe5f4&sid=520d5d3097ea11ebbe3ca7fb24297607&vid=520d87d097ea11eb9a90715f850482d5&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Heritage%20Guide%20to%20the%20Constitution&p=https%3A%2F%2Fsecured.heritage.org%2Fconstitution%2F%3Futm_campaign%3Dconstitutionguide%26utm_medium%3Demail%26utm_source%3Dprospecting%26utm_content%3DCC-constitution-2003%26utm_cc%3Dccc_2193635_recTz8ASkjLrZrG2U%26leadcreated%3Dfalse&r=&lt=1075&evt=pageLoad&msclkid=N&sv=1&rn=365015
Requested by
Host: secured.heritage.org
URL: https://secured.heritage.org/constitution/?utm_campaign=constitutionguide&utm_medium=email&utm_source=prospecting&utm_content=CC-constitution-2003&utm_cc=ccc_2193635_recTz8ASkjLrZrG2U&leadcreated=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 07 Apr 2021 21:43:41 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: 60BCA90370BE4925A63E4C06742442C4 Ref B: FRAEDGE1309 Ref C: 2021-04-07T21:43:41Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
354 B 		Other
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-W14BT6YQ87&gtm=2oe3v0&_p=886835176&sr=1600x1200&_gaz=1&ul=en-us&cid=1282552990.1617831822&_s=1&dl=https%3A%2F%2Fsecured.heritage.org%2Fconstitution%2F%3Futm_campaign%3Dconstitutionguide%26utm_medium%3Demail%26utm_source%3Dprospecting%26utm_content%3DCC-constitution-2003%26utm_cc%3Dccc_2193635_recTz8ASkjLrZrG2U%26leadcreated%3Dfalse&dr=&dt=Heritage%20Guide%20to%20the%20Constitution&sid=1617831821&sct=1&seg=0&en=page_view&_fv=1&_ss=1&epn.page_content_reading_time=60.67&epn.page_content_grade_level=13&ep.page_load_time=
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W14BT6YQ87&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 07 Apr 2021 21:43:42 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://secured.heritage.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
77 B 		Other
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-W14BT6YQ87&cid=1282552990.1617831822&gtm=2oe3v0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W14BT6YQ87&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 07 Apr 2021 21:43:42 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://secured.heritage.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-W14BT6YQ87&cid=1282552990.1617831822&gtm=2oe3v0&aip=1&z=1797647960
Requested by
Host: secured.heritage.org
URL: https://secured.heritage.org/constitution/?utm_campaign=constitutionguide&utm_medium=email&utm_source=prospecting&utm_content=CC-constitution-2003&utm_cc=ccc_2193635_recTz8ASkjLrZrG2U&leadcreated=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Apr 2021 21:43:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-1393129-30&cid=1282552990.1617831822&jid=634670627&gjid=907149646&_gid=210996692.1617831822&_u=YEBAAEACQAAAAC~&z=2060263633
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 07 Apr 2021 21:43:42 GMT
content-type
text/plain
access-control-allow-origin
https://secured.heritage.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
bundle.js
assets.ubembed.com/universalscript/releases/v0.179.0/ 		162 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.ubembed.com/universalscript/releases/v0.179.0/bundle.js
Requested by
Host: 23fb6d9ba3f348d2b885dfa43ec08ab4.js.ubembed.com
URL: https://23fb6d9ba3f348d2b885dfa43ec08ab4.js.ubembed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-105.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aef23deda339b41ec1128bd29fb926bd6b5317b06583cfe713da67ae9db605ba

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Feb 2021 03:34:38 GMT
content-encoding
gzip
last-modified
Wed, 16 Dec 2020 18:50:36 GMT
server
AmazonS3
age
5422145
etag
W/"5989757bd8ad29a05f48a0b643993aae"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6c0cf54c85a45b06ce06eb9b5a31a1c6.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
HAM50-C1
x-amz-cf-id
phdQXFHK2L83gfB6BhpZvTCSwO1pGz9j9NVEePGQnAWEhGCoESKbBw==
munchkin.js
munchkin.marketo.net/159/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://munchkin.marketo.net/159/munchkin.js
Requested by
Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.234.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-234-67.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 21:43:42 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 May 2020 02:24:14 GMT
Server
AkamaiNetStorage
ETag
"79274ffc293e4f76fc372b953f780d16:1588904654.430334"
Vary
Accept-Encoding
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control
max-age=8640000
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
4810
Expires
Fri, 16 Jul 2021 21:43:42 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-1393129-30&cid=1282552990.1617831822&jid=634670627&_u=YEBAAEACQAAAAC~&z=971415274
Requested by
Host: secured.heritage.org
URL: https://secured.heritage.org/constitution/?utm_campaign=constitutionguide&utm_medium=email&utm_source=prospecting&utm_content=CC-constitution-2003&utm_cc=ccc_2193635_recTz8ASkjLrZrG2U&leadcreated=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Apr 2021 21:43:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-1393129-30&cid=1282552990.1617831822&jid=634670627&_u=YEBAAEACQAAAAC~&z=971415274
Requested by
Host: secured.heritage.org
URL: https://secured.heritage.org/constitution/?utm_campaign=constitutionguide&utm_medium=email&utm_source=prospecting&utm_content=CC-constitution-2003&utm_cc=ccc_2193635_recTz8ASkjLrZrG2U&leadcreated=false
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Apr 2021 21:43:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/975702554/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/975702554/?random=1617831822052&cv=9&fst=1617831822052&num=1&label=E7Z9CIvpqVkQmpSg0QM&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3v0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fsecured.heritage.org%2Fconstitution%2F%3Futm_campaign%3Dconstitutionguide%26utm_medium%3Demail%26utm_source%3Dprospecting%26utm_content%3DCC-constitution-2003%26utm_cc%3Dccc_2193635_recTz8ASkjLrZrG2U%26leadcreated%3Dfalse&tiba=Heritage%20Guide%20to%20the%20Constitution&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9e55a25ba5e992e4593a8608bfdda04771b4b0fc014f3fdfe67e490a202f2804
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Apr 2021 21:43:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1178
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=493332274159836&ev=PageView&dl=https%3A%2F%2Fsecured.heritage.org%2Fconstitution%2F%3Futm_campaign%3Dconstitutionguide%26utm_medium%3Demail%26utm_source%3Dprospecting%26utm_content%3DCC-constitution-2003%26utm_cc%3Dccc_2193635_recTz8ASkjLrZrG2U%26leadcreated%3Dfalse&rl=&if=false&ts=1617831822070&sw=1600&sh=1200&v=2.9.33&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1617831822069.822868515&it=1617831821959&coo=false&tm=1&rqm=GET
Requested by
Host: secured.heritage.org
URL: https://secured.heritage.org/constitution/?utm_campaign=constitutionguide&utm_medium=email&utm_source=prospecting&utm_content=CC-constitution-2003&utm_cc=ccc_2193635_recTz8ASkjLrZrG2U&leadcreated=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f136:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 21:43:42 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Wed, 07 Apr 2021 21:43:42 GMT
/
www.google.com/pagead/1p-user-list/975702554/ 		42 B
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/975702554/?random=1617831822052&cv=9&fst=1617829200000&num=1&label=E7Z9CIvpqVkQmpSg0QM&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3v0&sendb=1&frm=0&url=https%3A%2F%2Fsecured.heritage.org%2Fconstitution%2F%3Futm_campaign%3Dconstitutionguide%26utm_medium%3Demail%26utm_source%3Dprospecting%26utm_content%3DCC-constitution-2003%26utm_cc%3Dccc_2193635_recTz8ASkjLrZrG2U%26leadcreated%3Dfalse&tiba=Heritage%20Guide%20to%20the%20Constitution&async=1&fmt=3&is_vtc=1&random=2894910275&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: secured.heritage.org
URL: https://secured.heritage.org/constitution/?utm_campaign=constitutionguide&utm_medium=email&utm_source=prospecting&utm_content=CC-constitution-2003&utm_cc=ccc_2193635_recTz8ASkjLrZrG2U&leadcreated=false
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Apr 2021 21:43:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/975702554/ 		42 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/975702554/?random=1617831822052&cv=9&fst=1617829200000&num=1&label=E7Z9CIvpqVkQmpSg0QM&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3v0&sendb=1&frm=0&url=https%3A%2F%2Fsecured.heritage.org%2Fconstitution%2F%3Futm_campaign%3Dconstitutionguide%26utm_medium%3Demail%26utm_source%3Dprospecting%26utm_content%3DCC-constitution-2003%26utm_cc%3Dccc_2193635_recTz8ASkjLrZrG2U%26leadcreated%3Dfalse&tiba=Heritage%20Guide%20to%20the%20Constitution&async=1&fmt=3&is_vtc=1&random=2894910275&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: secured.heritage.org
URL: https://secured.heritage.org/constitution/?utm_campaign=constitutionguide&utm_medium=email&utm_source=prospecting&utm_content=CC-constitution-2003&utm_cc=ccc_2193635_recTz8ASkjLrZrG2U&leadcreated=false
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Apr 2021 21:43:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=493332274159836&ev=Microdata&dl=https%3A%2F%2Fsecured.heritage.org%2Fconstitution%2F%3Futm_campaign%3Dconstitutionguide%26utm_medium%3Demail%26utm_source%3Dprospecting%26utm_content%3DCC-constitution-2003%26utm_cc%3Dccc_2193635_recTz8ASkjLrZrG2U%26leadcreated%3Dfalse&rl=&if=false&ts=1617831822573&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Heritage%20Guide%20to%20the%20Constitution%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Heritage%20Guide%20to%20the%20Constitution%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.33&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1617831822069.822868515&it=1617831821959&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: secured.heritage.org
URL: https://secured.heritage.org/constitution/?utm_campaign=constitutionguide&utm_medium=email&utm_source=prospecting&utm_content=CC-constitution-2003&utm_cc=ccc_2193635_recTz8ASkjLrZrG2U&leadcreated=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f136:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 21:43:42 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Wed, 07 Apr 2021 21:43:42 GMT
collect
analytics.google.com/g/ 		0
341 B 		Other
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-W14BT6YQ87&gtm=2oe3v0&_p=886835176&sr=1600x1200&ul=en-us&cid=1282552990.1617831822&dl=https%3A%2F%2Fsecured.heritage.org%2Fconstitution%2F%3Futm_campaign%3Dconstitutionguide%26utm_medium%3Demail%26utm_source%3Dprospecting%26utm_content%3DCC-constitution-2003%26utm_cc%3Dccc_2193635_recTz8ASkjLrZrG2U%26leadcreated%3Dfalse&dr=&dt=Heritage%20Guide%20to%20the%20Constitution&sid=1617831821&sct=1&seg=0&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W14BT6YQ87&l=dataLayer&cx=c
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 07 Apr 2021 21:43:47 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://secured.heritage.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| lp object| ub object| module object| dataLayer object| UnbounceSnowplowNamespace function| ubSnowplow function| setImmediate function| clearImmediate boolean| VimeoPlayerResizeEmbeds_ function| ownKeys function| _objectSpread function| _defineProperty function| _typeof object| Snowplow object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| GoogleAnalyticsObject function| ga object| uetq string| _linkedin_data_partner_id function| fbq function| _fbq object| _fbq_gtm_ids function| getLinkerParam function| decorateUrl function| linkDecorator object| gaplugins object| gaGlobal object| gaData function| lintrk boolean| _already_called_lintrk function| UET function| onYouTubeIframeAPIReady object| google_optimize function| mktoMunchkinFunction object| Munchkin function| mktoMunchkin function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| MunchkinTracker object| ube

16 Cookies

Domain/Path Name / Value
.heritage.org/ Name: _fbp
Value: fb.1.1617831822069.822868515
.heritage.org/ Name: _ga_W14BT6YQ87
Value: GS1.1.1617831821.1.0.1617831821.60
.heritage.org/ Name: _uetsid
Value: 520d5d3097ea11ebbe3ca7fb24297607
.heritage.org/ Name: _ga
Value: GA1.1.1282552990.1617831822
.heritage.org/ Name: _gcl_au
Value: 1.1.2126622173.1617831822
.heritage.org/ Name: _gat_UA-1393129-30
Value: 1
secured.heritage.org/ Name: _sp_id.060e
Value: b99a7dae-8e9d-4955-8089-e04fa36a94b8.1617831822.1.1617831822.1617831822.a6a796a6-633a-4371-b00d-02f5da5bda01
secured.heritage.org/ Name: LB-Persist
Value: !NL6S2BlZUALluMUtvZm2YC3qkLNa8pFH6s9cteJLUC9vrA5mh5pQWICh8dHWb6JGk3QNuG01lrc8Ow==
.heritage.org/ Name: ubvt
Value: 252.146.87.2131618622309109573
.heritage.org/ Name: _uetvid
Value: 520d87d097ea11eb9a90715f850482d5
.heritage.org/ Name: _gid
Value: GA1.2.210996692.1617831822
secured.heritage.org/ Name: ubvs
Value: 252.146.87.2131618622309109573
secured.heritage.org/constitution/ Name: ubrs
Value: weighted
.heritage.org/ Name: __cfduid
Value: d3710982f1880afa9c1a664814982ebb21617831821
secured.heritage.org/ Name: _sp_ses.060e
Value: *
secured.heritage.org/constitution/ Name: ubpv
Value: c%2C06ef4334-f49a-46c1-a9e5-66cd583883cd

1 Console Messages

Source Level URL
Text
console-api debug URL: https://munchkin.marketo.net/159/munchkin.js(Line 22)
Message:
Munchkin.init("%s") options: 824-MHT-304 [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

23fb6d9ba3f348d2b885dfa43ec08ab4.js.ubembed.com
ajax.googleapis.com
analytics.google.com
assets.ubembed.com
bat.bing.com
builder-assets.unbounce.com
connect.facebook.net
d34qb8suadcc4g.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
events.ub-analytics.com
googleads.g.doubleclick.net
links.conservativeintel.com
munchkin.marketo.net
px.ads.linkedin.com
secured.heritage.org
snap.licdn.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
104.111.234.67
142.250.185.194
151.101.113.131
2600:9000:2016:fe00:1d:11cf:5800:93a1
2606:4700:10::6814:28f0
2620:119:50e1:101::6cae:b25
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:800::200e
2a00:1450:4001:811::200a
2a00:1450:4001:813::2003
2a00:1450:4001:813::2004
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::200e
2a00:1450:400c:c0b::9c
2a02:26f0:6c00:295::25ea
2a03:2880:f036:1d:face:b00c:0:3
2a03:2880:f136:83:face:b00c:0:25de
3.212.31.157
34.193.170.119
52.222.179.105
52.222.190.77
54.230.183.104
02c4aa248d9de2a8ff07da5bd79dbec3344e2f2fb2652bf7273847d509940436
0983003c2827bd0b24985d096cb40456780a70afc96c5913bf1217529c18254b
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
146713f310842933dc62d2bed7f0eaaf8a9cf3cdf72fd37610ef51e58378c8dc
1db3c36cd2cdd7dc2285f0924a40a8dc83103abcd504903b4583ff94c2a69932
1fe2437a79282fb26d2267e40cdb7ac59164d0ee5e5b9f955f05a49f686ab616
23cf7d27cab64171f59065c082033a5ce7cad06475924340066779d1623d6de7
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb
3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66
459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc
5c6e41cab44d3fc8958df6b852e4e728360a81d7a5fc3079b36e677cc07f8edb
5cc2628039ee08964a5f46fb8abb1d5e1ec87e1200d12862ef1232bbfed7da55
5cc358dc3fdf827a9c7e07345ec4ac343eb8ae8b4ac6de8f899badf422e2da49
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
761300c8121f5ffade942469aee5872f5796ba860d3f48b23784b86f527e2f24
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
7f837a85613b22790e8364b0d43a43a683b6732a7279c4a7fb58bc7f6975c4c6
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86cc35989be655e6cbe68540cf835dec34388862a948fbd05850100797c32319
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7
9e55a25ba5e992e4593a8608bfdda04771b4b0fc014f3fdfe67e490a202f2804
a91f331e1b5196cdf777af51a6aec591932f282918ecaf815d3ae3ffd369a58e
aef23deda339b41ec1128bd29fb926bd6b5317b06583cfe713da67ae9db605ba
af4269c55443028d345a0aa55b354230bbadd75f1c81f78c6e34d8d117d2885f
b4019edd296bebe063dd6bcd45e571715226e9b5c864eef9b94ef113b6ab3808
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f01789d872505e99cb8f16838be590429f035fd8ff2ad5cfb2cc6da631a4ad87
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
ff7579dbbafe0b642d51d14a94ed96dbbbe3ccca46207b3c541cab2a029010f6