urlscan.io logo urlscan.io
SecurityTrails logo

ahla.quorum.us Open in urlscan Pro
34.238.58.227  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://email.highnoon.co/t/r-l-jkduiyiy-udllliuiut-h/
Effective URL: https://ahla.quorum.us/campaign/27864/
Submission: On July 29 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 5 countries across 11 domains to perform 30 HTTP transactions. The main IP is 34.238.58.227, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is ahla.quorum.us.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 20th 2019. Valid for: 2 years.
This is the only time ahla.quorum.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    54.183.0.47 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-183-0-47.us-west-1.compute.amazonaws.com
email.highnoon.co
6    34.238.58.227 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-238-58-227.compute-1.amazonaws.com
ahla.quorum.us
2    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
3    2600:9000:21f3:6a00:12:cac3:2380:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.quorum.us
1    2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)
maxcdn.bootstrapcdn.com
2    52.216.112.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
quorum-media.s3.amazonaws.com
1    2a04:4e42::729 (Ascension Island)

ASN54113 (FASTLY, US)
cdn.ravenjs.com
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.googleapis.com
1    2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.gstatic.com
1    151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
2    162.247.242.21 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-9.nr-data.net
bam.nr-data.net
Domain Requested by
6 maps.googleapis.com ahla.quorum.us
maps.googleapis.com
6 ahla.quorum.us static.quorum.us
ahla.quorum.us
3 static.quorum.us ahla.quorum.us
2 bam.nr-data.net js-agent.newrelic.com
ahla.quorum.us
2 maps.gstatic.com ahla.quorum.us
2 connect.facebook.net ahla.quorum.us
connect.facebook.net
2 quorum-media.s3.amazonaws.com ahla.quorum.us
static.quorum.us
2 platform.twitter.com ahla.quorum.us
platform.twitter.com
1 js-agent.newrelic.com ahla.quorum.us
1 fonts.gstatic.com static.quorum.us
1 fonts.googleapis.com ahla.quorum.us
1 cdn.ravenjs.com ahla.quorum.us
1 maxcdn.bootstrapcdn.com ahla.quorum.us
1 email.highnoon.co 1 redirects
30 14

This site contains links to these domains. Also see Links.

Domain
www.quorum.us
Subject Issuer Validity Valid
www.quorum.us
Sectigo RSA Domain Validation Secure Server CA		 2019-06-20 -
2021-06-19		 2 years crt.sh
*.twimg.com
DigiCert SHA2 High Assurance Server CA		 2019-11-12 -
2020-11-18		 a year crt.sh
*.quorum.us
COMODO RSA Domain Validation Secure Server CA		 2018-01-25 -
2021-02-13		 3 years crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2019-09-14 -
2020-10-13		 a year crt.sh
*.s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2019-11-09 -
2021-03-12		 a year crt.sh
osff.map.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-05-20 -
2020-12-18		 7 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-07-21 -
2020-10-12		 3 months crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-07-22 -
2021-05-07		 10 months crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA		 2020-02-05 -
2022-02-08		 2 years crt.sh

This page contains 2 frames:

Primary Page: https://ahla.quorum.us/campaign/27864/
Frame ID: 6E1A48427EDE3ABB3685CB8ADFFE640E
Requests: 31 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.c4b33f07650267db9f8a72eaac551cac.html?origin=https%3A%2F%2Fahla.quorum.us
Frame ID: D5E7582C889BFE61FFBE18C240F717F1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://email.highnoon.co/t/r-l-jkduiyiy-udllliuiut-h/ HTTP 302
    https://ahla.quorum.us/campaign/27864/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

30
Requests

100 %
HTTPS

64 %
IPv6

11
Domains

14
Subdomains

14
IPs

5
Countries

1296 kB
Transfer

4487 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://email.highnoon.co/t/r-l-jkduiyiy-udllliuiut-h/ HTTP 302
    https://ahla.quorum.us/campaign/27864/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ahla.quorum.us/campaign/27864/
Redirect Chain
  • https://email.highnoon.co/t/r-l-jkduiyiy-udllliuiut-h/
  • https://ahla.quorum.us/campaign/27864/
759 KB
129 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ahla.quorum.us/campaign/27864/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.238.58.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-58-227.compute-1.amazonaws.com
Software
nginx /
Resource Hash
46ff63d7e4e322aed3aeae6d4b7cac00872e9a0f7e63e77acd2c258faab5e953
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
ahla.quorum.us
:scheme
https
:path
/campaign/27864/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Wed, 29 Jul 2020 19:08:21 GMT
content-type
text/html; charset=utf-8
server
nginx
x-xss-protection
1; mode=block
x-content-type-options
nosniff
expires
-1
vary
Cookie
strict-transport-security
max-age=31536000; includeSubDomains
pragma
no-cache
cache-control
no-store, no-cache
set-cookie
current_version="2.11.2.31/25507676"; expires=time.struct_time(tm_year=2021, tm_mon=7, tm_mday=29, tm_hour=19, tm_min=8, tm_sec=21, tm_wday=3, tm_yday=210, tm_isdst=0); Max-Age=31536000; Path=/; secure qsesid=akq0pvfacne130znliduqg110yt6xyn6; expires=Mon, 25-Jan-2021 19:08:21 GMT; httponly; Max-Age=15552000; Path=/; secure
content-encoding
gzip

Redirect headers

status
302
server
csw
content-type
text/html
date
Wed, 29 Jul 2020 19:08:21 GMT
location
https://ahla.quorum.us/campaign/27864/
x-xss-protection
1;mode=block
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
content-length
167
widgets.js
platform.twitter.com/ 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: ahla.quorum.us
URL: https://ahla.quorum.us/campaign/27864/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40B5) /
Resource Hash
99ab6fd805e3873aa0a5adedd4b27e9c74becff9cd70b5ae1e96d420379736b0

Request headers

Referer
https://ahla.quorum.us/campaign/27864/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 29 Jul 2020 19:08:22 GMT
Content-Encoding
gzip
Last-Modified
Tue, 30 Jun 2020 18:28:19 GMT
Server
ECS (fcn/40B5)
Age
949
Etag
"39da0b876a64ee1b6bc99d214750b9f3+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3000
Cache-Control
public, max-age=1800
X-Cache
HIT
Content-Type
application/javascript; charset=utf-8
Content-Length
28903
new_grassroots.css
static.quorum.us/versions/desktop/2.11.2.31/25507676/ 		54 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.quorum.us/versions/desktop/2.11.2.31/25507676/new_grassroots.css
Requested by
Host: ahla.quorum.us
URL: https://ahla.quorum.us/campaign/27864/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:6a00:12:cac3:2380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
17bffb267b7c1b87c3e24c27f81d3d68d1c8576854d295796943f0121fefad24

Request headers

Referer
https://ahla.quorum.us/campaign/27864/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 29 Jul 2020 17:35:47 GMT
content-encoding
gzip
x-amz-meta-x-amz-acl
public-read
age
5556
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
content-length
11530
last-modified
Wed, 29 Jul 2020 16:27:55 GMT
server
AmazonS3
etag
"03a75aa44211a354ea547c046bf9aa6c"
content-type
text/css
via
1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
cache-control
max-age=94608000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
LTL6KTs3XW3eBLYWjDEmDShJxB_ZfMm2VCXJP-UKwYG5YS67NpVw8Q==
expires
Thu, 31 Dec 2099 20:00:00 GMT
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: ahla.quorum.us
URL: https://ahla.quorum.us/campaign/27864/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ahla.quorum.us/campaign/27864/
Origin
https://ahla.quorum.us

Response headers

date
Wed, 29 Jul 2020 19:08:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:34:07 GMT
status
200
etag
"1544639647"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
19740
aHbjfS4hUcn2xveA85bg.css
quorum-media.s3.amazonaws.com/media/css/grassroots/custom/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://quorum-media.s3.amazonaws.com/media/css/grassroots/custom/aHbjfS4hUcn2xveA85bg.css
Requested by
Host: ahla.quorum.us
URL: https://ahla.quorum.us/campaign/27864/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.112.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
1cbfcef32ac8eddd803853dfe1a247e27c2844e6d179d72dd447e78995910bed

Request headers

Referer
https://ahla.quorum.us/campaign/27864/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
Date
Wed, 29 Jul 2020 19:08:23 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 Oct 2018 16:10:08 GMT
x-amz-meta-x-amz-acl
public-read
x-amz-request-id
E770DE279C986F42
ETag
"e56a38c077d4999477de977afb103366"
Content-Type
text/css
Cache-Control
max-age=94608000
Accept-Ranges
bytes
X-Robots-Tag
noindex
Content-Length
5728
x-amz-id-2
P+LmLMI2/4xEDsk6sxZJNxLr6ewzxERNRLvqDbQBPCpYtCSGzcgwSPFE/SEemTWQWY3vn1gPuNM=
Server
AmazonS3
Expires
Thu, 31 Dec 2099 20:00:00 GMT
raven.min.js
cdn.ravenjs.com/3.24.1/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ravenjs.com/3.24.1/raven.min.js
Requested by
Host: ahla.quorum.us
URL: https://ahla.quorum.us/campaign/27864/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::729 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
45c21e543acfcaa9e5a503228d1943c876b11d80a0721aa4e159c3affeb6ede0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ahla.quorum.us/campaign/27864/
Origin
https://ahla.quorum.us

Response headers

date
Wed, 29 Jul 2020 19:08:22 GMT
content-encoding
gzip
last-modified
Mon, 09 Apr 2018 13:02:12 GMT
server
Fastly
age
52693
etag
"d9eb38ac6487cc0d2451945049b0d87d"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13151
new_grassroots.js
static.quorum.us/versions/desktop/2.11.2.31/25507676/ 		2 MB
600 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.quorum.us/versions/desktop/2.11.2.31/25507676/new_grassroots.js
Requested by
Host: ahla.quorum.us
URL: https://ahla.quorum.us/campaign/27864/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:6a00:12:cac3:2380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0cbdf9a5f8ac2a143fc5529b31164cbf449f99d969843df9aae120ddf659318f

Request headers

Referer
https://ahla.quorum.us/campaign/27864/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 29 Jul 2020 17:35:47 GMT
content-encoding
gzip
x-amz-meta-x-amz-acl
public-read
age
5556
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
content-length
613467
last-modified
Wed, 29 Jul 2020 16:27:52 GMT
server
AmazonS3
etag
"fa017260b67983b5868435cd7fc4d4ad"
content-type
application/javascript
via
1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
cache-control
max-age=94608000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
BujAwN4Iiw2QFAOlacXSaB8pApx89w7CQjVQdRxV0gxZxor9280Q6w==
expires
Thu, 31 Dec 2099 20:00:00 GMT
css
fonts.googleapis.com/ 		2 KB
615 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Muli:400,400i
Requested by
Host: ahla.quorum.us
URL: https://ahla.quorum.us/campaign/27864/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4f2d5096ed272aa849d0753d5f4ebb1873f63d80670ff032cbd02cf5c171fdaf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ahla.quorum.us/campaign/27864/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 29 Jul 2020 19:08:22 GMT
server
ESF
date
Wed, 29 Jul 2020 19:08:22 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 29 Jul 2020 19:08:22 GMT
js
maps.googleapis.com/maps/api/ 		125 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyBjcvwlpc-T0EqNj24kQrhZEaM7cA2DI6o&libraries=places
Requested by
Host: ahla.quorum.us
URL: https://ahla.quorum.us/campaign/27864/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
7176be8be722411127c507733c0ec0a1db629f1fe8ae1b5f887f2fbdea2bcd6d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ahla.quorum.us/campaign/27864/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Wed, 29 Jul 2020 19:08:23 GMT
content-encoding
gzip
vary
Accept-Language
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, max-age=1800
server-timing
gfet4t7; dur=21
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41976
x-xss-protection
0
expires
Wed, 29 Jul 2020 19:38:23 GMT
2016-07-07_18:32:56.082059_2559__Hotel-Lobby.jpg
ahla.quorum.us/media/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ahla.quorum.us/media/2016-07-07_18:32:56.082059_2559__Hotel-Lobby.jpg
Requested by
Host: static.quorum.us
URL: https://static.quorum.us/versions/desktop/2.11.2.31/25507676/new_grassroots.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.238.58.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-58-227.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ahla.quorum.us/campaign/27864/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Jul 2020 19:08:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Cookie
content-type
text/html; charset=utf-8
status
200
cache-control
no-store, no-cache
strict-transport-security
max-age=31536000; includeSubDomains
x-xss-protection
1; mode=block
expires
-1
2016-09-07_00:54:12.004218_2559__HotelsACTlogoFinal.png
quorum-media.s3.amazonaws.com/media/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://quorum-media.s3.amazonaws.com/media/2016-09-07_00:54:12.004218_2559__HotelsACTlogoFinal.png
Requested by
Host: static.quorum.us
URL: https://static.quorum.us/versions/desktop/2.11.2.31/25507676/new_grassroots.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.112.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
2de3501030a60b30d663947fe95efaf8eba5dbb9be36f26893387a7a575133fb

Request headers

Referer
https://ahla.quorum.us/campaign/27864/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 29 Jul 2020 19:08:24 GMT
Last-Modified
Wed, 07 Sep 2016 04:54:13 GMT
Server
AmazonS3
x-amz-request-id
ES1H3P4YFRBKEV7G
ETag
"0807c84850860f99f59ae981e9c11327"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
32966
x-amz-id-2
/tuNTwMHskqFS7TiLAcUNrIz9qiIG92YLfR2CGchPswfFBh+4zLoW6NmaaBbowt/CARZZfnBILI=
7Aulp_0qiz-aVz7u3PJLcUMYOFnOkEk30e6fwniDtzM.woff
fonts.gstatic.com/s/muli/v22/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/muli/v22/7Aulp_0qiz-aVz7u3PJLcUMYOFnOkEk30e6fwniDtzM.woff
Requested by
Host: static.quorum.us
URL: https://static.quorum.us/versions/desktop/2.11.2.31/25507676/new_grassroots.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
302f0fbc9d7907bf57c61dfb1a6cce18b65b7ef936e71d9177f278793e4b7872
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Muli:400,400i
Origin
https://ahla.quorum.us

Response headers

date
Wed, 15 Jul 2020 21:28:51 GMT
x-content-type-options
nosniff
last-modified
Wed, 15 Jul 2020 20:50:33 GMT
server
sffe
age
1201172
status
200
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13532
x-xss-protection
0
expires
Thu, 15 Jul 2021 21:28:51 GMT
/
ahla.quorum.us/api/grassrootscustomevent/ 		276 B
927 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ahla.quorum.us/api/grassrootscustomevent/?decode_enums=false&count=false&exclude=%7B%7D&archived=false&limit=0&max_limit=0
Requested by
Host: ahla.quorum.us
URL: https://ahla.quorum.us/campaign/27864/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.238.58.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-58-227.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b25e1e7145a66edbf71a2d71a39de7b8b9f9aafea4891b7d8bbc663a478144b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
X-NewRelic-ID
XAEBUVZVGwIGVlZQBgMB
Referer
https://ahla.quorum.us/campaign/27864/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Jul 2020 19:08:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-newrelic-app-data
PxQPVlBTCAUTVVdQAAMGVFITGhE1AwE2QgNWEVlbQFtcCxYnRA9QFg1ZWU4HE0gdVxYAEURDWAkQQhhdBxECEllYfxBZS0dAXApNEnIUQBYLW3IXAw1MYVUXDhdFUlJIAFhFQwMSAApvDlERTBoYAh9VF1EFVAZaVA4BUl9WCgUDUlZQGxwGSkZSBAtbUQEBBwMOBlkJUlYCRxUHUA1ABzk=
server
nginx
vary
Accept, Cookie
content-type
application/json
status
200
cache-control
no-store, no-cache
strict-transport-security
max-age=31536000; includeSubDomains
x-xss-protection
1; mode=block
expires
-1
/
ahla.quorum.us/api/grassrootsissue/ 		264 B
911 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ahla.quorum.us/api/grassrootsissue/?decode_enums=false&count=false&exclude=%7B%7D&archived=false&limit=0&max_limit=0
Requested by
Host: ahla.quorum.us
URL: https://ahla.quorum.us/campaign/27864/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.238.58.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-58-227.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4d4109649e7ab9c2a424074c6d2f0afd1037d3254396e5d24a1d6c085ee2a238
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
X-NewRelic-ID
XAEBUVZVGwIGVlZQBgMB
Referer
https://ahla.quorum.us/campaign/27864/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Jul 2020 19:08:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-newrelic-app-data
PxQPVlBTCAUTVVdQAAMGVFITGhE1AwE2QgNWEVlbQFtcCxYnRA9QFg1ZWU4HE0gdVxYAEURDWAkQQhhdBxECEllYfxBZS0dAXApNEngSQBcBZFISCRZKUFVKBQtEQVYSB1lpXwsVF0AcUhRSFggHCwtTCVEAUQJWUwYOVVFQFB4BSENaU1MBA1ABBAYHVFMGCFIIQBReVV5AAGQ=
server
nginx
vary
Accept, Cookie
content-type
application/json
status
200
cache-control
no-store, no-cache
strict-transport-security
max-age=31536000; includeSubDomains
x-xss-protection
1; mode=block
expires
-1
/
ahla.quorum.us/api/grassrootsregistrationpage/ 		463 B
1022 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ahla.quorum.us/api/grassrootsregistrationpage/?decode_enums=false&count=false&exclude=%7B%7D&archived=false&limit=0&max_limit=0&only_fields=donation_amounts%2Cdonation_form_type%2Cform_fields%2Cid%2Cpost_submission_action_type%2Cpost_text%2Cpre_text%2Credirect_url%2Cthank_you_text&grassroots_form_type=2
Requested by
Host: ahla.quorum.us
URL: https://ahla.quorum.us/campaign/27864/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.238.58.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-58-227.compute-1.amazonaws.com
Software
nginx /
Resource Hash
2fa5cf741948212bb723a44fec256b2f63dbb65bd4e6b6ce5584bb58d6d5221a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
X-NewRelic-ID
XAEBUVZVGwIGVlZQBgMB
Referer
https://ahla.quorum.us/campaign/27864/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Jul 2020 19:08:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-newrelic-app-data
PxQPVlBTCAUTVVdQAAMGVFITGhE1AwE2QgNWEVlbQFtcCxYnRA9QFg1ZWU4HE0gdVxYAEURDWAkQQhhdBxECEllYfxBZS0dAXApNEmMEVAsXQkUAEgpXXWAFBgdlVEQJEUNVVkwCChFAA0wBUGdYW0ARG00BTQNMVAIPVl5RAAEFUFdbDgYHUUgcBx9AUVNWBlULAAkODFYGAQ1RB0MfBAVaRAQ7
server
nginx
vary
Accept, Cookie
content-type
application/json
status
200
cache-control
no-store, no-cache
strict-transport-security
max-age=31536000; includeSubDomains
x-xss-protection
1; mode=block
expires
-1
/
ahla.quorum.us/api/grassrootscampaign/get_grassroots_campaign_detail/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ahla.quorum.us/api/grassrootscampaign/get_grassroots_campaign_detail/?slug=27864&widget_type=1&dehydrate_extra=can_participate&decode_enums=false&count=false&exclude=%7B%7D
Requested by
Host: ahla.quorum.us
URL: https://ahla.quorum.us/campaign/27864/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.238.58.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-58-227.compute-1.amazonaws.com
Software
nginx /
Resource Hash
c55e6260ff8e823b731867a20aa58c848604d836de8aeb09b91feb8cb00f7cc2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
X-NewRelic-ID
XAEBUVZVGwIGVlZQBgMB
Referer
https://ahla.quorum.us/campaign/27864/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Jul 2020 19:08:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-newrelic-app-data
PxQPVlBTCAUTVVdQAAMGVFITGhE1AwE2QgNWEVlbQFtcCxYnRA9QFg1ZWU4HE0gdVxYAEURDWAkQQhhQAwsTA1kFVkxWXUNTQwwDJkMAQBEWWVgVFSBZXkAFCAVZY1IVC0REUAdIBAdEPV8QWUtHQFwKTRJuAlIPFFdeBgg8XFZEBQgOFR0HSlQfBgZRX1VRAVoMUQ0OAgoKUQxNHFAfQFVVBwUEAF0BAFMEVAdUUlFGHVBSDhUGPw==
server
nginx
vary
Accept, Cookie
content-type
application/json
status
200
cache-control
no-store, no-cache
strict-transport-security
max-age=31536000; includeSubDomains
x-xss-protection
1; mode=block
expires
-1
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: ahla.quorum.us
URL: https://ahla.quorum.us/campaign/27864/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8caea3e58665d8a56ac1140f37ab4ed259c735a12fd63a8c84aa71eef7b46887
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://ahla.quorum.us/campaign/27864/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
UCqpmis0qcDKKGXfiJrQ5A==
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1779
etag
"0815c00322f9662585a0beed5eb58837"
x-fb-debug
IH/GPG6Q0p1PU9PJgy/a2R1bNPwsFXsjX6i1A45ytCJ0iXV2nncr4iZGWh8DhEZniZYjSbD7jKReWrKRJl5qTQ==
x-fb-trip-id
2011651281
x-fb-content-md5
6961e7b94178db59da4acf7ec3dad5d8
x-frame-options
DENY
date
Wed, 29 Jul 2020 19:08:23 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 29 Jul 2020 19:20:36 GMT
widget_iframe.c4b33f07650267db9f8a72eaac551cac.html
platform.twitter.com/widgets/ Frame D5E7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.c4b33f07650267db9f8a72eaac551cac.html?origin=https%3A%2F%2Fahla.quorum.us
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/4192) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ahla.quorum.us/campaign/27864/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ahla.quorum.us/campaign/27864/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
506379
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Wed, 29 Jul 2020 19:08:23 GMT
Etag
"9fa476ae827f556d5b037fe43632370d+gzip"
Last-Modified
Tue, 30 Jun 2020 18:26:55 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/4192)
Vary
Accept-Encoding
X-Cache
HIT
Content-Length
5825
sdk.js
connect.facebook.net/en_US/ 		199 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=de65ee56b6c3c9cddef644af66957f90&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1da5f87b65589dee4b910c7e9a1f00a8d8f72e0409c07be06b0b922845173b4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ahla.quorum.us/campaign/27864/
Origin
https://ahla.quorum.us

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
JOtP2rYko6Y5/iCpPjFFxQ==
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
61251
etag
"d351cae6e59ae5e938eba703aa5dfb5b"
x-fb-debug
UrtiikwA/BLm/o3ZSOhGc7mPrDRjQkYiMzOXvfSRl6X7eonajOt/d0iqafvzoGzeNKujQe1EW+1ScTute9BZAg==
x-fb-trip-id
664085054
x-fb-content-md5
a85712722de5bf22382f3c4bfee1959b
x-frame-options
DENY
date
Wed, 29 Jul 2020 19:08:23 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Thu, 29 Jul 2021 18:15:01 GMT
common.js
maps.googleapis.com/maps-api-v3/api/js/41/7/ 		78 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/41/7/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBjcvwlpc-T0EqNj24kQrhZEaM7cA2DI6o&libraries=places
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a79c44ef471513afd464db0470033bbd443770d9d47e0c4e20fb5377f74c2ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ahla.quorum.us/campaign/27864/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 23 Jul 2020 19:58:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 22 Jul 2020 22:14:14 GMT
server
sffe
age
515396
vary
Accept-Encoding, Origin
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29296
x-xss-protection
0
expires
Fri, 23 Jul 2021 19:58:27 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/41/7/ 		144 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/41/7/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBjcvwlpc-T0EqNj24kQrhZEaM7cA2DI6o&libraries=places
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
237ba874ae79252e7a517bbf2f3b3a3e8b72ec2f761ee0422f32ffc77d224042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ahla.quorum.us/campaign/27864/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 29 Jul 2020 03:24:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 22 Jul 2020 22:14:14 GMT
server
sffe
age
56661
vary
Accept-Encoding, Origin
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54462
x-xss-protection
0
expires
Thu, 29 Jul 2021 03:24:02 GMT
controls.js
maps.googleapis.com/maps-api-v3/api/js/41/7/ 		208 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/41/7/controls.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBjcvwlpc-T0EqNj24kQrhZEaM7cA2DI6o&libraries=places
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db490a3761450f5af43dbae404030508ecfb60f4011ea60492849f03fbe06b89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ahla.quorum.us/campaign/27864/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 23 Jul 2020 19:58:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 22 Jul 2020 22:14:14 GMT
server
sffe
age
515396
vary
Accept-Encoding, Origin
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57347
x-xss-protection
0
expires
Fri, 23 Jul 2021 19:58:27 GMT
places_impl.js
maps.googleapis.com/maps-api-v3/api/js/41/7/ 		43 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/41/7/places_impl.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBjcvwlpc-T0EqNj24kQrhZEaM7cA2DI6o&libraries=places
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
394efb4b3c27d91c57ec24b001aadcd622e3056ec2b57adc41cb5fb0d8535366
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ahla.quorum.us/campaign/27864/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 29 Jul 2020 00:23:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 22 Jul 2020 22:14:14 GMT
server
sffe
age
67503
vary
Accept-Encoding, Origin
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16593
x-xss-protection
0
expires
Thu, 29 Jul 2021 00:23:20 GMT
truncated
/ 		84 B
84 B 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aba4cd44e18dc6345bd6543303e8f133afc146b73278d63ccbea47e236a2c895

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
Origin
https://ahla.quorum.us

Response headers

Content-Type
application/font-woff
truncated
/ 		83 B
83 B 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ea5cdb8bcb4447d5f482f6b4a0e4a04ebf5e51a4c463bd97ef538758b13ac975

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
Origin
https://ahla.quorum.us

Response headers

Content-Type
application/font-woff
b06871f281fee6b241d60582ae9369b9.ttf
static.quorum.us/versions/desktop/2.11.2.31/25507676/ 		162 KB
97 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.quorum.us/versions/desktop/2.11.2.31/25507676/b06871f281fee6b241d60582ae9369b9.ttf
Requested by
Host: ahla.quorum.us
URL: https://ahla.quorum.us/campaign/27864/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:6a00:12:cac3:2380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aa58f33f239a0fb02f5c7a6c45c043d7a9ac9a093335806694ecd6d4edc0d6a8

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://static.quorum.us/versions/desktop/2.11.2.31/25507676/new_grassroots.css
Origin
https://ahla.quorum.us

Response headers

date
Wed, 29 Jul 2020 18:24:41 GMT
content-encoding
gzip
x-amz-meta-x-amz-acl
public-read
age
2623
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
access-control-max-age
3000
content-length
98143
access-control-allow-origin
*
last-modified
Wed, 29 Jul 2020 16:27:55 GMT
server
AmazonS3
etag
"d202bdad3b1d01debc9d7dfe25506fcb"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, POST
content-type
application/font-sfnt
via
1.1 71dbd5706c5b0c7b733248e1171f2d4f.cloudfront.net (CloudFront)
cache-control
max-age=94608000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
8aADBNWyrUroofAeGHZk5kWDTQQ4yF28p8hebQLpdwrp-qMHk_uvxg==
expires
Thu, 31 Dec 2099 20:00:00 GMT
powered-by-google-on-white3.png
maps.gstatic.com/mapfiles/api-3/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.gstatic.com/mapfiles/api-3/images/powered-by-google-on-white3.png
Requested by
Host: ahla.quorum.us
URL: https://ahla.quorum.us/campaign/27864/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ahla.quorum.us/campaign/27864/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 29 Jul 2020 19:08:23 GMT
x-content-type-options
nosniff
last-modified
Thu, 17 Oct 2019 23:15:00 GMT
server
sffe
status
200
content-type
image/png
access-control-allow-origin
*
cache-control
private, max-age=31536000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1616
x-xss-protection
0
expires
Wed, 29 Jul 2020 19:08:23 GMT
autocomplete-icons.png
maps.gstatic.com/mapfiles/api-3/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.gstatic.com/mapfiles/api-3/images/autocomplete-icons.png
Requested by
Host: ahla.quorum.us
URL: https://ahla.quorum.us/campaign/27864/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ahla.quorum.us/campaign/27864/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 29 Jul 2020 19:08:23 GMT
x-content-type-options
nosniff
last-modified
Thu, 17 Oct 2019 23:15:00 GMT
server
sffe
status
200
content-type
image/png
access-control-allow-origin
*
cache-control
private, max-age=31536000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3351
x-xss-protection
0
expires
Wed, 29 Jul 2020 19:08:23 GMT
nr-1173.min.js
js-agent.newrelic.com/ 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1173.min.js
Requested by
Host: ahla.quorum.us
URL: https://ahla.quorum.us/campaign/27864/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9666c4b4ff8494ef844a31d46f0e436e10c5914a28dcf78e43f880c7dfcd7c36

Request headers

Referer
https://ahla.quorum.us/campaign/27864/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 29 Jul 2020 19:08:23 GMT
content-encoding
gzip
x-amz-request-id
E6D3F1910A679F27
x-cache
HIT
status
200
content-length
10274
x-amz-id-2
ys/z3NZ+V3rUlCEj1KSODwmmm1TWm+mr1GPYvBVboUsIB8l91YxfF8XpivFumGGv2VxShyoTPO0=
x-served-by
cache-hhn4047-HHN
last-modified
Fri, 10 Jul 2020 18:42:03 GMT
server
AmazonS3
x-timer
S1596049704.897199,VS0,VE0
etag
"b92d3dbf75d13116d7a4d0e6e3e30a00"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
13255
d1446abd66
bam.nr-data.net/1/ 		57 B
275 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/d1446abd66?a=16272126&v=1173.01dd3ba&to=ZVYGZERRX0IFBxJeX1wcIkVYU0VYCwpJVkBCHQNCV0NCQwsLEkQeXFYTRl9VRkJeKgNAd0BSF0NEX15FFzIPUkccVAFE&rst=3168&ck=1&ref=https://ahla.quorum.us/campaign/27864/&ap=117&be=1344&fe=3013&dc=2679&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1596049700758,%22n%22:0,%22f%22:637,%22dn%22:638,%22dne%22:684,%22c%22:684,%22s%22:713,%22ce%22:965,%22rq%22:965,%22rp%22:1336,%22rpe%22:1565,%22dl%22:1339,%22di%22:2679,%22ds%22:2679,%22de%22:2682,%22dc%22:3012,%22l%22:3012,%22le%22:3017%7D,%22navigation%22:%7B%7D%7D&fp=2698&fcp=2698&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1173.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.21 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-9.nr-data.net
Software
/
Resource Hash
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d

Request headers

Referer
https://ahla.quorum.us/campaign/27864/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
57
Content-Type
text/javascript;charset=ISO-8859-1
AuthenticationService.Authenticate
maps.googleapis.com/maps/api/js/ 		62 B
147 B 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fahla.quorum.us%2Fcampaign%2F27864%2F&4sAIzaSyBjcvwlpc-T0EqNj24kQrhZEaM7cA2DI6o&callback=_xdc_._13f8cm&key=AIzaSyBjcvwlpc-T0EqNj24kQrhZEaM7cA2DI6o&token=29905
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/41/7/common.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
f87950f61369af5b89e4d5c3ff2d5f70e5457fab93ea90b992017fc0aa7ff2da
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ahla.quorum.us/campaign/27864/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Jul 2020 19:08:28 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment
server-timing
gfet4t7; dur=20
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
d1446abd66
bam.nr-data.net/events/1/ 		24 B
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/events/1/d1446abd66?a=16272126&v=1173.01dd3ba&to=ZVYGZERRX0IFBxJeX1wcIkVYU0VYCwpJVkBCHQNCV0NCQwsLEkQeXFYTRl9VRkJeKgNAd0BSF0NEX15FFzIPUkccVAFE&rst=13167&ck=1&ref=https://ahla.quorum.us/campaign/27864/
Requested by
Host: ahla.quorum.us
URL: https://ahla.quorum.us/campaign/27864/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.21 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-9.nr-data.net
Software
/
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://ahla.quorum.us/campaign/27864/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://ahla.quorum.us
Access-Control-Allow-Credentials
true
Content-Length
24
Content-Type
image/gif

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| NREUM object| newrelic function| __nr_require object| __twttrll object| twttr object| __twttr object| DJANGIO_ENTRY_POINT function| detectIEEdge boolean| ieVersion object| google object| module$contents$MapsEvent_MapsEvent object| module$contents$mapsapi$overlay$OverlayView_OverlayView object| Raven object| optionalFields string| property object| action_center_settings number| supporter_points object| organization object| pages string| index_route object| organization_design object| userdata object| Userdata object| permissions string| language string| sso_url object| registrationPages object| customFields object| campaignList boolean| cookielessSafariWindow boolean| registrationForm function| inIframe object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| axios object| DjangIO function| swal function| sweetAlert function| generateStaticUrl function| BACKENDERROR function| segue object| store function| SearchifyWrapper object| options function| setRavenContext function| fbAsyncInit object| FB object| __e3_ object| _xdc_

2 Cookies

Domain/Path Name / Value
ahla.quorum.us/ Name: qsesid
Value: 8zuizw2z2pgce250y0al82kryx305qlz
ahla.quorum.us/ Name: current_version
Value: "2.11.2.31/25507676"

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ahla.quorum.us
bam.nr-data.net
cdn.ravenjs.com
connect.facebook.net
email.highnoon.co
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
maps.googleapis.com
maps.gstatic.com
maxcdn.bootstrapcdn.com
platform.twitter.com
quorum-media.s3.amazonaws.com
static.quorum.us
151.101.114.110
162.247.242.21
2001:4de0:ac19::1:b:1a
2600:9000:21f3:6a00:12:cac3:2380:93a1
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:800::200a
2a00:1450:4001:809::2003
2a00:1450:4001:818::2003
2a00:1450:4001:820::200a
2a03:2880:f01c:8012:face:b00c:0:3
2a04:4e42::729
34.238.58.227
52.216.112.91
54.183.0.47
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0cbdf9a5f8ac2a143fc5529b31164cbf449f99d969843df9aae120ddf659318f
17bffb267b7c1b87c3e24c27f81d3d68d1c8576854d295796943f0121fefad24
1cbfcef32ac8eddd803853dfe1a247e27c2844e6d179d72dd447e78995910bed
1da5f87b65589dee4b910c7e9a1f00a8d8f72e0409c07be06b0b922845173b4f
237ba874ae79252e7a517bbf2f3b3a3e8b72ec2f761ee0422f32ffc77d224042
2de3501030a60b30d663947fe95efaf8eba5dbb9be36f26893387a7a575133fb
2fa5cf741948212bb723a44fec256b2f63dbb65bd4e6b6ce5584bb58d6d5221a
302f0fbc9d7907bf57c61dfb1a6cce18b65b7ef936e71d9177f278793e4b7872
394efb4b3c27d91c57ec24b001aadcd622e3056ec2b57adc41cb5fb0d8535366
45c21e543acfcaa9e5a503228d1943c876b11d80a0721aa4e159c3affeb6ede0
46ff63d7e4e322aed3aeae6d4b7cac00872e9a0f7e63e77acd2c258faab5e953
4d4109649e7ab9c2a424074c6d2f0afd1037d3254396e5d24a1d6c085ee2a238
4f2d5096ed272aa849d0753d5f4ebb1873f63d80670ff032cbd02cf5c171fdaf
5a79c44ef471513afd464db0470033bbd443770d9d47e0c4e20fb5377f74c2ee
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
7176be8be722411127c507733c0ec0a1db629f1fe8ae1b5f887f2fbdea2bcd6d
8caea3e58665d8a56ac1140f37ab4ed259c735a12fd63a8c84aa71eef7b46887
9666c4b4ff8494ef844a31d46f0e436e10c5914a28dcf78e43f880c7dfcd7c36
99ab6fd805e3873aa0a5adedd4b27e9c74becff9cd70b5ae1e96d420379736b0
aa58f33f239a0fb02f5c7a6c45c043d7a9ac9a093335806694ecd6d4edc0d6a8
aba4cd44e18dc6345bd6543303e8f133afc146b73278d63ccbea47e236a2c895
b25e1e7145a66edbf71a2d71a39de7b8b9f9aafea4891b7d8bbc663a478144b1
c55e6260ff8e823b731867a20aa58c848604d836de8aeb09b91feb8cb00f7cc2
cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4
db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb
db490a3761450f5af43dbae404030508ecfb60f4011ea60492849f03fbe06b89
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea5cdb8bcb4447d5f482f6b4a0e4a04ebf5e51a4c463bd97ef538758b13ac975
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f87950f61369af5b89e4d5c3ff2d5f70e5457fab93ea90b992017fc0aa7ff2da