urlscan.io logo urlscan.io
SecurityTrails logo

secured.heritage.org Open in urlscan Pro
2606:4700:10::6814:28f0  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://links.conservativeintel.com/u/click?_t=06987e4dc3184376a5094bb3854429ac&_m=cdfbd287bf3545d993975d0277a979f6&_e=9cpIk6UFaicUB...
Effective URL: https://secured.heritage.org/constitution/?utm_campaign=constitutionguide&utm_medium=email&utm_source=prospecting&utm_content...
Submission: On April 06 via manual from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 24 IPs in 3 countries across 19 domains to perform 43 HTTP transactions. The main IP is 2606:4700:10::6814:28f0, located in United States and belongs to CLOUDFLARENET, US. The main domain is secured.heritage.org.
TLS certificate: Issued by Thawte EV RSA CA 2018 on July 13th 2020. Valid for: a year.
This is the only time secured.heritage.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 34.193.170.119 14618 (AMAZON-AES)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
3 13.226.159.87 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:218... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.130 15169 (GOOGLE)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
3 2a03:2880:f01... 32934 (FACEBOOK)
1 151.101.193.131 54113 (FASTLY)
2 88.221.60.75 16625 (AKAMAI-AS)
1 35.173.63.32 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 2620:119:50e3... 14413 (LINKEDIN)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 13.226.156.219 16509 (AMAZON-02)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 65.9.90.3 16509 (AMAZON-02)
43 24
1    34.193.170.119 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-170-119.compute-1.amazonaws.com
links.conservativeintel.com
1    2606:4700:10::6814:28f0 (United States)

ASN13335 (CLOUDFLARENET, US)
secured.heritage.org
3    13.226.159.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-87.dus51.r.cloudfront.net
builder-assets.unbounce.com
2    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2600:9000:2182:7c00:1d:11cf:5800:93a1 (United States)

ASN16509 (AMAZON-02, US)
d34qb8suadcc4g.cloudfront.net
2    2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
www.googleadservices.com
2    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
1    2a02:26f0:6c00:2b0::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
3    2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    151.101.193.131 (United States)

ASN54113 (FASTLY, US)
23fb6d9ba3f348d2b885dfa43ec08ab4.js.ubembed.com
2    88.221.60.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-60-75.deploy.static.akamaitechnologies.com
munchkin.marketo.net
1    35.173.63.32 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
events.ub-analytics.com
1    2a00:1450:400c:c1b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2620:119:50e3:101::6cae:b45 (United States)

ASN14413 (LINKEDIN, US)
px.ads.linkedin.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.linkedin.com
2    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
analytics.google.com
1    2a00:1450:400c:c0b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    13.226.156.219 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-156-219.dus51.r.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
2    2a03:2880:f11c:8183:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    65.9.90.3 (United States)

ASN16509 (AMAZON-02, US)
assets.ubembed.com
Domain Requested by
4 d9hhrg4mnvzow.cloudfront.net secured.heritage.org
3 www.google.de secured.heritage.org
3 connect.facebook.net www.googletagmanager.com
connect.facebook.net
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 builder-assets.unbounce.com secured.heritage.org
2 www.facebook.com secured.heritage.org
2 www.google.com secured.heritage.org
2 analytics.google.com www.googletagmanager.com
2 px.ads.linkedin.com 1 redirects secured.heritage.org
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 munchkin.marketo.net www.googletagmanager.com
munchkin.marketo.net
2 bat.bing.com www.googletagmanager.com
secured.heritage.org
2 www.googletagmanager.com secured.heritage.org
www.googletagmanager.com
2 d34qb8suadcc4g.cloudfront.net secured.heritage.org
d34qb8suadcc4g.cloudfront.net
2 ajax.googleapis.com secured.heritage.org
1 assets.ubembed.com 23fb6d9ba3f348d2b885dfa43ec08ab4.js.ubembed.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.linkedin.com 1 redirects
1 events.ub-analytics.com secured.heritage.org
1 23fb6d9ba3f348d2b885dfa43ec08ab4.js.ubembed.com www.googletagmanager.com
1 snap.licdn.com www.googletagmanager.com
1 www.googleadservices.com www.googletagmanager.com
1 secured.heritage.org
1 links.conservativeintel.com 1 redirects
43 24

This site contains no links.

Subject Issuer Validity Valid
secured.heritage.org
Thawte EV RSA CA 2018		 2020-07-13 -
2021-09-11		 a year crt.sh
*.unbounce.com
Amazon		 2021-03-10 -
2022-04-08		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2021-02-22 -
2022-02-21		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
www.googleadservices.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2021-01-19 -
2021-07-19		 6 months crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2019-04-01 -
2021-05-07		 2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-02-10 -
2021-05-10		 3 months crt.sh
*.js.ubembed.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
*.marketo.net
DigiCert SHA2 Secure Server CA		 2021-03-29 -
2022-04-06		 a year crt.sh
*.ub-analytics.com
Amazon		 2020-06-08 -
2021-07-08		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2021-01-06 -
2021-07-05		 6 months crt.sh
*.google.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
www.google.de
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
www.google.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.google.de
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
assets.ubembed.com
Amazon		 2021-03-06 -
2022-04-04		 a year crt.sh

This page contains 1 frames:

Primary Page: https://secured.heritage.org/constitution/?utm_campaign=constitutionguide&utm_medium=email&utm_source=prospecting&utm_content=CC-constitution-2002&utm_cc=ccc_2174047_recAIpm1YrufGUvgl&leadcreated=false
Frame ID: 45525013514C0CAD0AF906598004BF45
Requests: 44 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://links.conservativeintel.com/u/click?_t=06987e4dc3184376a5094bb3854429ac&_m=cdfbd287bf3545d993975d0277a97... HTTP 303
    https://secured.heritage.org/constitution/?utm_campaign=constitutionguide&utm_medium=email&utm_source=pro... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

43
Requests

98 %
HTTPS

68 %
IPv6

19
Domains

24
Subdomains

24
IPs

3
Countries

511 kB
Transfer

1565 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://links.conservativeintel.com/u/click?_t=06987e4dc3184376a5094bb3854429ac&_m=cdfbd287bf3545d993975d0277a979f6&_e=9cpIk6UFaicUBHMgcLu98N6wbpY4V2IV-OeBS_eObPPDdCs3SXHLqSGdk_qifbKZ-s_-9TUpCkRLmy6Txvve0aRXLkf0d7bDpccOaO61QanWptPEshBk1N8mypXp6D8WYbA0zSV4JBJADKmdH_r1ssxlST2-GdKIYcuqoT1kEuFEZcaFZGYQryHHmUHh_s7BuI7nBgzT59ZHOenkl5SykYXmwSAx-wBLNQ9LtD43rNnhP0ND-7t3gG_rAZo3kHPH9ShUzrOiV4vVAziXw1NEhASafzby60-lHadPeAVlvAHXWtSRQtGYkP1lxKTcPOrXn-pgqR4NeUiRjzIMBpIaglCp-O0tCcWxW6UypzOp9jxhTKPtMBYZndxX2ee-zLpFwVy0NhxyHIq7ymI45MuwKTyzgPJKpKmnGZNAZxEfF_EcJSBrqi1V1mc4iyVCrAyiRSXpAATkX5vjJFeEjFdBQt8ZWAHOCtJHmCyi4dngAGo%3D HTTP 303
    https://secured.heritage.org/constitution/?utm_campaign=constitutionguide&utm_medium=email&utm_source=prospecting&utm_content=CC-constitution-2002&utm_cc=ccc_2174047_recAIpm1YrufGUvgl&leadcreated=false Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1757818&time=1617735939800&url=https%3A%2F%2Fsecured.heritage.org%2Fconstitution%2F%3Futm_campaign%3Dconstitutionguide%26utm_medium%3Demail%26utm_source%3Dprospecting%26utm_content%3DCC-constitution-2002%26utm_cc%3Dccc_2174047_recAIpm1YrufGUvgl%26leadcreated%3Dfalse HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1757818%26time%3D1617735939800%26url%3Dhttps%253A%252F%252Fsecured.heritage.org%252Fconstitution%252F%253Futm_campaign%253Dconstitutionguide%2526utm_medium%253Demail%2526utm_source%253Dprospecting%2526utm_content%253DCC-constitution-2002%2526utm_cc%253Dccc_2174047_recAIpm1YrufGUvgl%2526leadcreated%253Dfalse%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1757818&time=1617735939800&url=https%3A%2F%2Fsecured.heritage.org%2Fconstitution%2F%3Futm_campaign%3Dconstitutionguide%26utm_medium%3Demail%26utm_source%3Dprospecting%26utm_content%3DCC-constitution-2002%26utm_cc%3Dccc_2174047_recAIpm1YrufGUvgl%26leadcreated%3Dfalse&liSync=true

43 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
secured.heritage.org/constitution/
Redirect Chain
  • http://links.conservativeintel.com/u/click?_t=06987e4dc3184376a5094bb3854429ac&_m=cdfbd287bf3545d993975d0277a979f6&_e=9cpIk6UFaicUBHMgcLu98N6wbpY4V2IV-OeBS_eObPPDdCs3SXHLqSGdk_qifbKZ-s_-9TUpCkRLmy6...
  • https://secured.heritage.org/constitution/?utm_campaign=constitutionguide&utm_medium=email&utm_source=prospecting&utm_content=CC-constitution-2002&utm_cc=ccc_2174047_recAIpm1YrufGUvgl&leadcreated=f...
36 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secured.heritage.org/constitution/?utm_campaign=constitutionguide&utm_medium=email&utm_source=prospecting&utm_content=CC-constitution-2002&utm_cc=ccc_2174047_recAIpm1YrufGUvgl&leadcreated=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:10::6814:28f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20226f745aef929db900531dcce70888c463a79e0c9f52db93b8c6c32268941d

Request headers

:method
GET
:authority
secured.heritage.org
:scheme
https
:path
/constitution/?utm_campaign=constitutionguide&utm_medium=email&utm_source=prospecting&utm_content=CC-constitution-2002&utm_cc=ccc_2174047_recAIpm1YrufGUvgl&leadcreated=false
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Apr 2021 19:05:38 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=ddcd901013ffe3ae9cda400fbe7e576141617735937; expires=Thu, 06-May-21 19:05:37 GMT; path=/; domain=.heritage.org; HttpOnly; SameSite=Lax ubpv=c%2C06ef4334-f49a-46c1-a9e5-66cd583883cd; Max-Age=15897600; Expires=Thu, 07 Oct 2021 19:05:38 GMT; Path=/constitution/; SameSite=Lax ubrs=weighted; Path=/constitution/; SameSite=Lax ubvs=251.42.5.1411618430546526033; Max-Age=15552000; Expires=Sun, 03 Oct 2021 19:05:38 GMT; Path=/; SameSite=Lax ubvt=251.42.5.1411618430546526033; Max-Age=259200; Expires=Fri, 09 Apr 2021 19:05:38 GMT; Path=/; Domain=heritage.org; SameSite=Lax LB-Persist=!P+6TocmYkkr37pktvZm2YC3qkLNa8tQvbuQB6IyC3K0Qj2PEVMIpcq9A5wn5w8FhgmwGj4/mdAfETg==; path=/; Httponly; Secure
vary
Accept-Encoding
cache-control
max-age=0; private
x-unbounce-plugin
1
x-unbounce-pageid
06ef4334-f49a-46c1-a9e5-66cd583883cd
content-location
https://secured.heritage.org/constitution/
x-unbounce-visitorid
251.42.5.1411618430546526033
x-unbounce-variant
c
link
<https://secured.heritage.org/constitution/>; rel="canonical"
server-id
WW2.PROD
content-encoding
gzip
cf-cache-status
BYPASS
cf-request-id
094a2c86f600004e7f190f4000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
63bd49eb2b4c4e7f-FRA

Redirect headers

Date
Tue, 06 Apr 2021 19:05:36 GMT
Content-Length
0
Connection
keep-alive
Vary
Origin
Location
https://secured.heritage.org/constitution/?utm_campaign=constitutionguide&utm_medium=email&utm_source=prospecting&utm_content=CC-constitution-2002&utm_cc=ccc_2174047_recAIpm1YrufGUvgl&leadcreated=false
Set-Cookie
iterableEndUserId=r313%40clayton.net; Max-Age=31536000; Expires=Wed, 06 Apr 2022 19:05:36 GMT; Path=/; Domain=.conservativeintel.com iterableEmailCampaignId=2174047; Max-Age=86400; Expires=Wed, 07 Apr 2021 19:05:36 GMT; Path=/; Domain=.conservativeintel.com iterableTemplateId=2981335; Max-Age=86400; Expires=Wed, 07 Apr 2021 19:05:36 GMT; Path=/; Domain=.conservativeintel.com iterableMessageId=cdfbd287bf3545d993975d0277a979f6; Max-Age=86400; Expires=Wed, 07 Apr 2021 19:05:36 GMT; Path=/; Domain=.conservativeintel.com XSRF-TOKEN=161e87782a0a27aaf4ff92b872791d3516cde7a3-1617735936940-64d969f8db359a3e09e58a4a; SameSite=Lax; Path=/
Request-Time
13
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options
sameorigin
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
Content-Security-Policy
X-Permitted-Cross-Domain-Policies
master-only
Server
iterable-links 08b0
main-7b78720.z.css
builder-assets.unbounce.com/published-css/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by
Host: secured.heritage.org
URL: https://secured.heritage.org/constitution/?utm_campaign=constitutionguide&utm_medium=email&utm_source=prospecting&utm_content=CC-constitution-2002&utm_cc=ccc_2174047_recAIpm1YrufGUvgl&leadcreated=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-87.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Feb 2021 01:12:18 GMT
content-encoding
gzip
last-modified
Thu, 14 Jan 2021 00:04:15 GMT
server
AmazonS3
age
5248402
etag
"387bd017c5b4c65e427e652174ec93b6"
x-cache
Hit from cloudfront
x-amz-version-id
g0dWGVKuz6Te2m6gM.NTNKySvNlc4fV3
via
1.1 3395b043e03ecb4acfd925a6e5a26e92.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
text/css
content-length
2902
x-amz-cf-id
dt1dXOUcXpUQZSEq-am57gIt3F0kOn9F8bz88pqLSOjxJFCvcjCJng==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.4.2/ 		70 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
Requested by
Host: secured.heritage.org
URL: https://secured.heritage.org/constitution/?utm_campaign=constitutionguide&utm_medium=email&utm_source=prospecting&utm_content=CC-constitution-2002&utm_cc=ccc_2174047_recAIpm1YrufGUvgl&leadcreated=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Apr 2021 09:09:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35786
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24715
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Apr 2022 09:09:12 GMT
jquery-shims.bundle-0983003.z.js
builder-assets.unbounce.com/published-js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-js/jquery-shims.bundle-0983003.z.js
Requested by
Host: secured.heritage.org
URL: https://secured.heritage.org/constitution/?utm_campaign=constitutionguide&utm_medium=email&utm_source=prospecting&utm_content=CC-constitution-2002&utm_cc=ccc_2174047_recAIpm1YrufGUvgl&leadcreated=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-87.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0983003c2827bd0b24985d096cb40456780a70afc96c5913bf1217529c18254b

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 30 Jan 2021 04:53:24 GMT
content-encoding
gzip
last-modified
Thu, 14 Jan 2021 00:04:10 GMT
server
AmazonS3
age
5753536
etag
"3b66d56998a2783e24247b98afc91699"
x-cache
Hit from cloudfront
x-amz-version-id
ry9zpTwX4fPowGAj2.vjMkgU6xjmzh2o
via
1.1 3395b043e03ecb4acfd925a6e5a26e92.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
application/javascript
content-length
1993
x-amz-cf-id
U7sb9qge0C__mgUnUyfuA5MkyF5KWtrKZppZzEEZFDN9WKX9VWL2og==
ub.js
d34qb8suadcc4g.cloudfront.net/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d34qb8suadcc4g.cloudfront.net/ub.js?1605293162
Requested by
Host: secured.heritage.org
URL: https://secured.heritage.org/constitution/?utm_campaign=constitutionguide&utm_medium=email&utm_source=prospecting&utm_content=CC-constitution-2002&utm_cc=ccc_2174047_recAIpm1YrufGUvgl&leadcreated=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:7c00:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
146713f310842933dc62d2bed7f0eaaf8a9cf3cdf72fd37610ef51e58378c8dc

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 01:39:35 GMT
content-encoding
gzip
last-modified
Fri, 13 Nov 2020 18:45:36 GMT
server
AmazonS3
age
4555565
etag
"91086183e2039359e4bf5622dfb57722"
x-cache
Hit from cloudfront
x-amz-version-id
D6xyQ1UlRnHjPycouA5Yb4DYOQiJWBkd
via
1.1 c51e3be89c14e3f859ea898f7e36eced.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
application/javascript
content-length
1992
x-amz-cf-id
Jsm5GJD9l6abSPOugW3i9IWeesBAvL3Ypz7aCM0T2J-qDa3l5Z4btA==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: secured.heritage.org
URL: https://secured.heritage.org/constitution/?utm_campaign=constitutionguide&utm_medium=email&utm_source=prospecting&utm_content=CC-constitution-2002&utm_cc=ccc_2174047_recAIpm1YrufGUvgl&leadcreated=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Apr 2021 15:50:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11698
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30306
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Apr 2022 15:50:40 GMT
main.bundle-5c6e41c.z.js
builder-assets.unbounce.com/published-js/ 		104 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-js/main.bundle-5c6e41c.z.js
Requested by
Host: secured.heritage.org
URL: https://secured.heritage.org/constitution/?utm_campaign=constitutionguide&utm_medium=email&utm_source=prospecting&utm_content=CC-constitution-2002&utm_cc=ccc_2174047_recAIpm1YrufGUvgl&leadcreated=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-87.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5c6e41cab44d3fc8958df6b852e4e728360a81d7a5fc3079b36e677cc07f8edb

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 03:07:39 GMT
content-encoding
gzip
last-modified
Thu, 14 Jan 2021 00:04:10 GMT
server
AmazonS3
age
1785481
etag
"bb50eefe0cf9244bc17fe34bb55821bb"
x-cache
Hit from cloudfront
x-amz-version-id
ipR703zeXb6Y9CZFo9gIWbPXuPKHmpp3
via
1.1 3395b043e03ecb4acfd925a6e5a26e92.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
application/javascript
content-length
33645
x-amz-cf-id
iAwSrlOqBychy03ErscL0iYPB0rmC4-D7GgbKCVob_cBgig39AKVZQ==
gtm.js
www.googletagmanager.com/ 		207 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M7B3LZV
Requested by
Host: secured.heritage.org
URL: https://secured.heritage.org/constitution/?utm_campaign=constitutionguide&utm_medium=email&utm_source=prospecting&utm_content=CC-constitution-2002&utm_cc=ccc_2174047_recAIpm1YrufGUvgl&leadcreated=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d95623d5a8cbc051acd8e5ec08c165e3a46f20d3d9eb2e0cd9d6c12d63363f22
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Apr 2021 19:05:39 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65585
x-xss-protection
0
last-modified
Tue, 06 Apr 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 06 Apr 2021 19:05:39 GMT
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
sp-2.14.0.js
d34qb8suadcc4g.cloudfront.net/ 		98 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d34qb8suadcc4g.cloudfront.net/sp-2.14.0.js
Requested by
Host: d34qb8suadcc4g.cloudfront.net
URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1605293162
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:7c00:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 23:20:35 GMT
content-encoding
gzip
last-modified
Wed, 04 Nov 2020 01:35:32 GMT
server
AmazonS3
age
2835905
etag
"73de733c308b8b5e44d2a6242dc4bd99"
x-cache
Hit from cloudfront
x-amz-version-id
rVTqklA1qqyT_0VdOCY323BKPISR0uej
via
1.1 c51e3be89c14e3f859ea898f7e36eced.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
application/javascript
content-length
30399
x-amz-cf-id
-Abx8WSpml5VM88z0vjBhBaQD31G446Y2hgfMIJOsTQwFBEGeWASxg==
js
www.googletagmanager.com/gtag/ 		164 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-W14BT6YQ87&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7B3LZV
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d26eeaf074a264eef56cbe11c720823af0f8dc29fde11728cc95ccfa2708dc2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Apr 2021 19:05:39 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61092
x-xss-protection
0
expires
Tue, 06 Apr 2021 19:05:39 GMT
analytics.js
www.google-analytics.com/ 		48 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7B3LZV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
last-modified
Fri, 19 Mar 2021 19:22:18 GMT
server
Golfe2
date
Tue, 06 Apr 2021 19:05:39 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17432
expires
Tue, 06 Apr 2021 21:05:39 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7B3LZV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
cd3601b2f79f3cccc6333afba636cc8e645f7703257326df7df02497dc09d2df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Apr 2021 19:05:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13758
x-xss-protection
0
server
cafe
etag
4262303240453495685
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 06 Apr 2021 19:05:39 GMT
bat.js
bat.bing.com/ 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7B3LZV
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1fe2437a79282fb26d2267e40cdb7ac59164d0ee5e5b9f955f05a49f686ab616

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Apr 2021 19:05:39 GMT
content-encoding
gzip
last-modified
Fri, 02 Apr 2021 18:16:38 GMT
x-msedge-ref
Ref A: 0D3BAC460989483E99553EAB3A03F460 Ref B: FRAEDGE1521 Ref C: 2021-04-06T19:05:39Z
etag
"0c77652ec27d71:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
8885
insight.min.js
snap.licdn.com/li.lms-analytics/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7B3LZV
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b0::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 06 Apr 2021 19:05:39 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Jan 2021 22:14:03 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=50128
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1855
fbevents.js
connect.facebook.net/en_US/ 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7B3LZV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
86cc35989be655e6cbe68540cf835dec34388862a948fbd05850100797c32319
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23784
x-fb-rlafr
0
pragma
public
x-fb-debug
CGUBGeIbdwCh5coJqkz9cGcymP6kzhwyTuGsY00CGjTNFA9a73PdB5ZGgFrqAHbZVPwtJVaag5e2uAZaEbhJsA==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 06 Apr 2021 19:05:39 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coop_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
23fb6d9ba3f348d2b885dfa43ec08ab4.js.ubembed.com/ 		485 B
620 B 		Script
General
Check archive.org
Download Go to
Full URL
https://23fb6d9ba3f348d2b885dfa43ec08ab4.js.ubembed.com/
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7B3LZV
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7f837a85613b22790e8364b0d43a43a683b6732a7279c4a7fb58bc7f6975c4c6

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Apr 2021 19:05:40 GMT
content-encoding
br
x-backend-region
eu_west_1
age
0
etag
b1f350e122ef70c2d0db4e98b7da5b7b-v0.179.0
vary
Accept-Encoding, Referer
x-cache
Miss from cloudfront, MISS
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0, must-revalidate
x-amz-cf-pop
CDG50-C2
accept-ranges
none
x-amz-apigw-id
dYCYpH39DoEFY2g=
munchkin.js
munchkin.marketo.net/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://munchkin.marketo.net/munchkin.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7B3LZV
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.60.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-60-75.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5cc2628039ee08964a5f46fb8abb1d5e1ec87e1200d12862ef1232bbfed7da55

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 06 Apr 2021 19:05:40 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Aug 2020 03:11:00 GMT
Server
AkamaiNetStorage
ETag
"a67ed8ce0a86706b9f73a86806ce5bd3:1596597060.25158"
Vary
Accept-Encoding
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
752
i
events.ub-analytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.ub-analytics.com/i?stm=1617735939769&e=pv&url=https%3A%2F%2Fsecured.heritage.org%2Fconstitution%2F%3Futm_campaign%3Dconstitutionguide%26utm_medium%3Demail%26utm_source%3Dprospecting%26utm_content%3DCC-constitution-2002%26utm_cc%3Dccc_2174047_recAIpm1YrufGUvgl%26leadcreated%3Dfalse&page=Heritage%20Guide%20to%20the%20Constitution&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=Europe%2FBerlin&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&cookie=1&eid=31310a0f-1063-4123-8d71-2e9fa61e1686&dtm=1617735939768&vp=1600x1200&ds=1600x1200&vid=1&sid=0fdfb8d0-8a38-4bba-83a1-1a4b02dd2657&duid=a90911ac-26a9-4872-a2c3-175a9c577846&uid=251.42.5.1411618430546526033&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiMDZlZjQzMzQtZjQ5YS00NmMxLWE5ZTUtNjZjZDU4Mzg4M2NkIiwidmFyaWFudElkIjoiYyIsImV2ZW50VHlwZSI6InZpc2l0IiwiZXZlbnRNZXRhZGF0YSI6W10sInJvdXRpbmdTdHJhdGVneSI6IndlaWdodGVkIn19XX0
Requested by
Host: secured.heritage.org
URL: https://secured.heritage.org/constitution/?utm_campaign=constitutionguide&utm_medium=email&utm_source=prospecting&utm_content=CC-constitution-2002&utm_cc=ccc_2174047_recAIpm1YrufGUvgl&leadcreated=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.173.63.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
akka-http/10.0.9 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 06 Apr 2021 19:05:40 GMT
access-control-allow-credentials
true
server
akka-http/10.0.9
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
content-length
43
content-type
image/gif
collect
www.google-analytics.com/j/ 		2 B
69 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j89&a=106747449&t=pageview&_s=1&dl=https%3A%2F%2Fsecured.heritage.org%2Fconstitution%2F%3Futm_campaign%3Dconstitutionguide%26utm_medium%3Demail%26utm_source%3Dprospecting%26utm_content%3DCC-constitution-2002%26utm_cc%3Dccc_2174047_recAIpm1YrufGUvgl%26leadcreated%3Dfalse&ul=en-us&de=UTF-8&dt=Heritage%20Guide%20to%20the%20Constitution&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEADQAAAAC~&jid=1950051738&gjid=1477008724&cid=890552114.1617735940&tid=UA-1393129-30&_gid=792669217.1617735940&_r=1&gtm=2wg3o0M7B3LZV&z=132141590
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Apr 2021 19:05:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://secured.heritage.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.google-analytics.com/gtm/ 		117 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-TDTF3LZ&t=gtm7&cid=890552114.1617735940
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dda892ad4ffeb533d49639f623b03414a6713dd0be2a978ba550930e0fa7741d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Apr 2021 19:05:39 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42018
x-xss-protection
0
expires
Tue, 06 Apr 2021 19:05:39 GMT
identity.js
connect.facebook.net/signals/plugins/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.33
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
4673
x-fb-rlafr
0
pragma
public
x-fb-debug
5f63nws4eIxkUJxriNSpe/5NXfHwOA6/uqfFEuh+kFTwGjN40h8OctSlDjHq4LE3OdwLdEajzgrPLrze2hN81A==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 06 Apr 2021 19:05:39 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coop_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
493332274159836
connect.facebook.net/signals/config/ 		242 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/493332274159836?v=2.9.33&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b4019edd296bebe063dd6bcd45e571715226e9b5c864eef9b94ef113b6ab3808
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
public
x-fb-debug
uWDzs0ic8Tu5o0Gom7B8JUtsnp0FEnhkqUydBxDep2CznxjgoUTvzLr3E43vP0Lz6oPaIKIPDjCZSwgNYnYdkQ==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 06 Apr 2021 19:05:39 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coop_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
91 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-1393129-30&cid=890552114.1617735940&jid=1950051738&gjid=1477008724&_gid=792669217.1617735940&_u=YEBAAEACQAAAAC~&z=1699773330
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 06 Apr 2021 19:05:39 GMT
content-type
text/plain
access-control-allow-origin
https://secured.heritage.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1757818&time=1617735939800&url=https%3A%2F%2Fsecured.heritage.org%2Fconstitution%2F%3Futm_campaign%3Dconstitutionguide%26utm_medium%3Demail%26utm_...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1757818%26time%3D1617735939800%26url%3Dhttps%253A%252F%252Fsecured.heritage.org%2...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1757818&time=1617735939800&url=https%3A%2F%2Fsecured.heritage.org%2Fconstitution%2F%3Futm_campaign%3Dconstitutionguide%26utm_medium%3Demail%26utm_...
0
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1757818&time=1617735939800&url=https%3A%2F%2Fsecured.heritage.org%2Fconstitution%2F%3Futm_campaign%3Dconstitutionguide%26utm_medium%3Demail%26utm_source%3Dprospecting%26utm_content%3DCC-constitution-2002%26utm_cc%3Dccc_2174047_recAIpm1YrufGUvgl%26leadcreated%3Dfalse&liSync=true
Requested by
Host: secured.heritage.org
URL: https://secured.heritage.org/constitution/?utm_campaign=constitutionguide&utm_medium=email&utm_source=prospecting&utm_content=CC-constitution-2002&utm_cc=ccc_2174047_recAIpm1YrufGUvgl&leadcreated=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:119:50e3:101::6cae:b45 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Apr 2021 19:05:40 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-ltx1
x-li-proto
http/2
x-li-pop
prod-eda6
content-type
application/javascript
content-length
0
x-li-uuid
+jcfRkRacxbwW8+KPSsAAA==

Redirect headers

content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-content-type-options
nosniff
linkedin-action
1
content-length
0
x-li-uuid
jGQQPURacxYQqV/g2yoAAA==
pragma
no-cache
x-li-pop
afd-prod-ltx1
x-msedge-ref
Ref A: 03CA9315386C42E2AB96DF6AB3B5DBBF Ref B: FRAEDGE1410 Ref C: 2021-04-06T19:05:40Z
x-frame-options
sameorigin
date
Tue, 06 Apr 2021 19:05:39 GMT
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security
max-age=31536000
x-li-fabric
prod-ltx1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1757818&time=1617735939800&url=https%3A%2F%2Fsecured.heritage.org%2Fconstitution%2F%3Futm_campaign%3Dconstitutionguide%26utm_medium%3Demail%26utm_source%3Dprospecting%26utm_content%3DCC-constitution-2002%26utm_cc%3Dccc_2174047_recAIpm1YrufGUvgl%26leadcreated%3Dfalse&liSync=true
cache-control
no-cache, no-store
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
0
bat.bing.com/action/ 		0
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5060389&tm=gtm001&Ver=2&mid=80eabc17-3c34-41e4-81ca-348e74e22aef&sid=13d43210970b11ebb67b3f737ac1ecf2&vid=13d46d70970b11ebabf4ffbc1afded39&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Heritage%20Guide%20to%20the%20Constitution&p=https%3A%2F%2Fsecured.heritage.org%2Fconstitution%2F%3Futm_campaign%3Dconstitutionguide%26utm_medium%3Demail%26utm_source%3Dprospecting%26utm_content%3DCC-constitution-2002%26utm_cc%3Dccc_2174047_recAIpm1YrufGUvgl%26leadcreated%3Dfalse&r=&lt=2994&evt=pageLoad&msclkid=N&sv=1&rn=699340
Requested by
Host: secured.heritage.org
URL: https://secured.heritage.org/constitution/?utm_campaign=constitutionguide&utm_medium=email&utm_source=prospecting&utm_content=CC-constitution-2002&utm_cc=ccc_2174047_recAIpm1YrufGUvgl&leadcreated=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 06 Apr 2021 19:05:39 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: BDD17263DFAF4DA6BEEA514F165346C5 Ref B: FRAEDGE1521 Ref C: 2021-04-06T19:05:39Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
138 B 		Other
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-W14BT6YQ87&gtm=2oe3o0&_p=106747449&sr=1600x1200&_gaz=1&ul=en-us&cid=890552114.1617735940&_s=1&dl=https%3A%2F%2Fsecured.heritage.org%2Fconstitution%2F%3Futm_campaign%3Dconstitutionguide%26utm_medium%3Demail%26utm_source%3Dprospecting%26utm_content%3DCC-constitution-2002%26utm_cc%3Dccc_2174047_recAIpm1YrufGUvgl%26leadcreated%3Dfalse&dr=&dt=Heritage%20Guide%20to%20the%20Constitution&sid=1617735939&sct=1&seg=0&en=page_view&_fv=1&_ss=1&epn.page_content_reading_time=60.67&epn.page_content_grade_level=13&ep.page_load_time=
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W14BT6YQ87&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 06 Apr 2021 19:05:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://secured.heritage.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
341 B 		Other
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-W14BT6YQ87&cid=890552114.1617735940&gtm=2oe3o0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W14BT6YQ87&l=dataLayer&cx=c
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c0b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 06 Apr 2021 19:05:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://secured.heritage.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-W14BT6YQ87&cid=890552114.1617735940&gtm=2oe3o0&aip=1&z=1075447594
Requested by
Host: secured.heritage.org
URL: https://secured.heritage.org/constitution/?utm_campaign=constitutionguide&utm_medium=email&utm_source=prospecting&utm_content=CC-constitution-2002&utm_cc=ccc_2174047_recAIpm1YrufGUvgl&leadcreated=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Apr 2021 19:05:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-1393129-30&cid=890552114.1617735940&jid=1950051738&_u=YEBAAEACQAAAAC~&z=38005118
Requested by
Host: secured.heritage.org
URL: https://secured.heritage.org/constitution/?utm_campaign=constitutionguide&utm_medium=email&utm_source=prospecting&utm_content=CC-constitution-2002&utm_cc=ccc_2174047_recAIpm1YrufGUvgl&leadcreated=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Apr 2021 19:05:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-1393129-30&cid=890552114.1617735940&jid=1950051738&_u=YEBAAEACQAAAAC~&z=38005118
Requested by
Host: secured.heritage.org
URL: https://secured.heritage.org/constitution/?utm_campaign=constitutionguide&utm_medium=email&utm_source=prospecting&utm_content=CC-constitution-2002&utm_cc=ccc_2174047_recAIpm1YrufGUvgl&leadcreated=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Apr 2021 19:05:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
7b63f22d-0eff-461f-8e12-e2576ef98c49
https://secured.heritage.org/ 		5 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
blob:https://secured.heritage.org/7b63f22d-0eff-461f-8e12-e2576ef98c49
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-5c6e41c.z.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
5603
Content-Type
text/css
6e4b47e7-white_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/secured.heritage.org/constitution/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/secured.heritage.org/constitution/6e4b47e7-white_1000000000000000000028.png
Requested by
Host: secured.heritage.org
URL: https://secured.heritage.org/constitution/?utm_campaign=constitutionguide&utm_medium=email&utm_source=prospecting&utm_content=CC-constitution-2002&utm_cc=ccc_2174047_recAIpm1YrufGUvgl&leadcreated=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.156.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-156-219.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ff7579dbbafe0b642d51d14a94ed96dbbbe3ccca46207b3c541cab2a029010f6

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 21:09:47 GMT
via
1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront)
last-modified
Thu, 01 Apr 2021 15:34:19 GMT
server
AmazonS3
age
251754
etag
"75fe7164c0847d88dfd41291d38b8a3a"
x-cache
Hit from cloudfront
x-amz-version-id
crEB_fu4COtyXh.0mf_3aRpgpVIQ5aXL
cache-control
max-age=31557600
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
image/png
content-length
2103
x-amz-cf-id
39TiaMLo9l94HnyRIEN62YHoYwFYKvT-xzVmv2kMnTeYsOg2rVnJzg==
951b6926-thfguide_103005r03005q000000028.png
d9hhrg4mnvzow.cloudfront.net/secured.heritage.org/constitution/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/secured.heritage.org/constitution/951b6926-thfguide_103005r03005q000000028.png
Requested by
Host: secured.heritage.org
URL: https://secured.heritage.org/constitution/?utm_campaign=constitutionguide&utm_medium=email&utm_source=prospecting&utm_content=CC-constitution-2002&utm_cc=ccc_2174047_recAIpm1YrufGUvgl&leadcreated=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.156.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-156-219.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
761300c8121f5ffade942469aee5872f5796ba860d3f48b23784b86f527e2f24

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 21:09:47 GMT
via
1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront)
last-modified
Thu, 01 Apr 2021 15:34:19 GMT
server
AmazonS3
age
251754
etag
"ab2af0c63573524eee5828e934a8cbe1"
x-cache
Hit from cloudfront
x-amz-version-id
jo9LXfVZHdnQVSjdZ9kzugicVWnvpM71
cache-control
max-age=31557600
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
image/png
content-length
4490
x-amz-cf-id
pwtTyIHhwfZxtGdVFu-wuBzofWCnjf9negcTOd1yGserlHhg1nmFZg==
b27d6dfe-guide-desktop_107c05b000000000000028.png
d9hhrg4mnvzow.cloudfront.net/secured.heritage.org/constitution/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/secured.heritage.org/constitution/b27d6dfe-guide-desktop_107c05b000000000000028.png
Requested by
Host: secured.heritage.org
URL: https://secured.heritage.org/constitution/?utm_campaign=constitutionguide&utm_medium=email&utm_source=prospecting&utm_content=CC-constitution-2002&utm_cc=ccc_2174047_recAIpm1YrufGUvgl&leadcreated=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.156.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-156-219.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5cc358dc3fdf827a9c7e07345ec4ac343eb8ae8b4ac6de8f899badf422e2da49

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 15:42:20 GMT
via
1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront)
last-modified
Thu, 01 Apr 2021 15:34:19 GMT
server
AmazonS3
age
444201
etag
"f6a1aeb476cb74dce682115620a330b1"
x-cache
Hit from cloudfront
x-amz-version-id
V.xk4qCZJQPWMd0CoKwH0BNWtaA7OI7N
cache-control
max-age=31557600
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
image/png
content-length
6902
x-amz-cf-id
hWGqkZ_Pn0SgoVn3fY6jtGN3ZrWDpRD3ek9y7q0nSajqqPOR0OVvCQ==
ac737ec2-five-stars_103z00y000000000000028.png
d9hhrg4mnvzow.cloudfront.net/secured.heritage.org/constitution/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/secured.heritage.org/constitution/ac737ec2-five-stars_103z00y000000000000028.png
Requested by
Host: secured.heritage.org
URL: https://secured.heritage.org/constitution/?utm_campaign=constitutionguide&utm_medium=email&utm_source=prospecting&utm_content=CC-constitution-2002&utm_cc=ccc_2174047_recAIpm1YrufGUvgl&leadcreated=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.156.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-156-219.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f01789d872505e99cb8f16838be590429f035fd8ff2ad5cfb2cc6da631a4ad87

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 15:42:20 GMT
via
1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront)
last-modified
Thu, 01 Apr 2021 15:34:19 GMT
server
AmazonS3
age
444201
etag
"523a9cb4c76ecf6cb60d29854d0fc16d"
x-cache
Hit from cloudfront
x-amz-version-id
wlGhUE177ppUBZp5UBsQQ6dkrpyXXw48
cache-control
max-age=31557600
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
image/png
content-length
1029
x-amz-cf-id
5XvfIF1f-sNLDs4Ph1Zrl32kOKPYbxL2_vq-DCZPCzjJm4HJVzqFDQ==
/
www.facebook.com/tr/ 		44 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=493332274159836&ev=PageView&dl=https%3A%2F%2Fsecured.heritage.org%2Fconstitution%2F%3Futm_campaign%3Dconstitutionguide%26utm_medium%3Demail%26utm_source%3Dprospecting%26utm_content%3DCC-constitution-2002%26utm_cc%3Dccc_2174047_recAIpm1YrufGUvgl%26leadcreated%3Dfalse&rl=&if=false&ts=1617735939878&sw=1600&sh=1200&v=2.9.33&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1617735939877.610203497&it=1617735939795&coo=false&tm=1&rqm=GET
Requested by
Host: secured.heritage.org
URL: https://secured.heritage.org/constitution/?utm_campaign=constitutionguide&utm_medium=email&utm_source=prospecting&utm_content=CC-constitution-2002&utm_cc=ccc_2174047_recAIpm1YrufGUvgl&leadcreated=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Apr 2021 19:05:39 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Tue, 06 Apr 2021 19:05:39 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/975702554/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/975702554/?random=1617735940043&cv=9&fst=1617735940043&num=1&label=E7Z9CIvpqVkQmpSg0QM&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3o0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fsecured.heritage.org%2Fconstitution%2F%3Futm_campaign%3Dconstitutionguide%26utm_medium%3Demail%26utm_source%3Dprospecting%26utm_content%3DCC-constitution-2002%26utm_cc%3Dccc_2174047_recAIpm1YrufGUvgl%26leadcreated%3Dfalse&tiba=Heritage%20Guide%20to%20the%20Constitution&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2618cfe8c77aafa616eb1bf67d0207689724dee45c4cad6bda086a3aad5818b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Apr 2021 19:05:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1173
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/975702554/ 		42 B
530 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/975702554/?random=1617735940043&cv=9&fst=1617735600000&num=1&label=E7Z9CIvpqVkQmpSg0QM&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3o0&sendb=1&frm=0&url=https%3A%2F%2Fsecured.heritage.org%2Fconstitution%2F%3Futm_campaign%3Dconstitutionguide%26utm_medium%3Demail%26utm_source%3Dprospecting%26utm_content%3DCC-constitution-2002%26utm_cc%3Dccc_2174047_recAIpm1YrufGUvgl%26leadcreated%3Dfalse&tiba=Heritage%20Guide%20to%20the%20Constitution&async=1&fmt=3&is_vtc=1&random=2256021132&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: secured.heritage.org
URL: https://secured.heritage.org/constitution/?utm_campaign=constitutionguide&utm_medium=email&utm_source=prospecting&utm_content=CC-constitution-2002&utm_cc=ccc_2174047_recAIpm1YrufGUvgl&leadcreated=false
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Apr 2021 19:05:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/975702554/ 		42 B
530 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/975702554/?random=1617735940043&cv=9&fst=1617735600000&num=1&label=E7Z9CIvpqVkQmpSg0QM&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3o0&sendb=1&frm=0&url=https%3A%2F%2Fsecured.heritage.org%2Fconstitution%2F%3Futm_campaign%3Dconstitutionguide%26utm_medium%3Demail%26utm_source%3Dprospecting%26utm_content%3DCC-constitution-2002%26utm_cc%3Dccc_2174047_recAIpm1YrufGUvgl%26leadcreated%3Dfalse&tiba=Heritage%20Guide%20to%20the%20Constitution&async=1&fmt=3&is_vtc=1&random=2256021132&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: secured.heritage.org
URL: https://secured.heritage.org/constitution/?utm_campaign=constitutionguide&utm_medium=email&utm_source=prospecting&utm_content=CC-constitution-2002&utm_cc=ccc_2174047_recAIpm1YrufGUvgl&leadcreated=false
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Apr 2021 19:05:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bundle.js
assets.ubembed.com/universalscript/releases/v0.179.0/ 		162 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.ubembed.com/universalscript/releases/v0.179.0/bundle.js
Requested by
Host: 23fb6d9ba3f348d2b885dfa43ec08ab4.js.ubembed.com
URL: https://23fb6d9ba3f348d2b885dfa43ec08ab4.js.ubembed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.90.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aef23deda339b41ec1128bd29fb926bd6b5317b06583cfe713da67ae9db605ba

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Feb 2021 03:34:38 GMT
content-encoding
gzip
last-modified
Wed, 16 Dec 2020 18:50:36 GMT
server
AmazonS3
age
5326263
etag
W/"5989757bd8ad29a05f48a0b643993aae"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 4b7022ec3e11edfdd972039992f837df.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
PRG50-C1
x-amz-cf-id
9cQTRlbWbKj15GEJ2i2rAaAIZxQ_ZZOfpBYeYxN3Ht2eYitLQ-Pzmg==
munchkin.js
munchkin.marketo.net/159/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://munchkin.marketo.net/159/munchkin.js
Requested by
Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.60.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-60-75.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 06 Apr 2021 19:05:40 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 May 2020 02:24:14 GMT
Server
AkamaiNetStorage
ETag
"79274ffc293e4f76fc372b953f780d16:1588904654.430334"
Vary
Accept-Encoding
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control
max-age=8640000
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
4810
Expires
Thu, 15 Jul 2021 19:05:40 GMT
/
www.facebook.com/tr/ 		44 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=493332274159836&ev=Microdata&dl=https%3A%2F%2Fsecured.heritage.org%2Fconstitution%2F%3Futm_campaign%3Dconstitutionguide%26utm_medium%3Demail%26utm_source%3Dprospecting%26utm_content%3DCC-constitution-2002%26utm_cc%3Dccc_2174047_recAIpm1YrufGUvgl%26leadcreated%3Dfalse&rl=&if=false&ts=1617735940381&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Heritage%20Guide%20to%20the%20Constitution%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Heritage%20Guide%20to%20the%20Constitution%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.33&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1617735939877.610203497&it=1617735939795&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: secured.heritage.org
URL: https://secured.heritage.org/constitution/?utm_campaign=constitutionguide&utm_medium=email&utm_source=prospecting&utm_content=CC-constitution-2002&utm_cc=ccc_2174047_recAIpm1YrufGUvgl&leadcreated=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Apr 2021 19:05:40 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Tue, 06 Apr 2021 19:05:40 GMT
collect
analytics.google.com/g/ 		0
54 B 		Other
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-W14BT6YQ87&gtm=2oe3o0&_p=106747449&sr=1600x1200&ul=en-us&cid=890552114.1617735940&dl=https%3A%2F%2Fsecured.heritage.org%2Fconstitution%2F%3Futm_campaign%3Dconstitutionguide%26utm_medium%3Demail%26utm_source%3Dprospecting%26utm_content%3DCC-constitution-2002%26utm_cc%3Dccc_2174047_recAIpm1YrufGUvgl%26leadcreated%3Dfalse&dr=&dt=Heritage%20Guide%20to%20the%20Constitution&sid=1617735939&sct=1&seg=0&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W14BT6YQ87&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://secured.heritage.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 06 Apr 2021 19:05:44 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://secured.heritage.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| lp object| ub object| module object| dataLayer object| UnbounceSnowplowNamespace function| ubSnowplow object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| GoogleAnalyticsObject function| ga object| uetq string| _linkedin_data_partner_id function| fbq function| _fbq object| _fbq_gtm_ids function| getLinkerParam function| decorateUrl function| linkDecorator function| ownKeys function| _objectSpread function| _defineProperty function| _typeof object| Snowplow object| gaplugins object| gaGlobal object| gaData function| lintrk boolean| _already_called_lintrk function| UET object| google_optimize function| onYouTubeIframeAPIReady function| setImmediate function| clearImmediate boolean| VimeoPlayerResizeEmbeds_ function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| mktoMunchkinFunction object| Munchkin function| mktoMunchkin object| MunchkinTracker object| ube

16 Cookies

Domain/Path Name / Value
.heritage.org/ Name: _ga_W14BT6YQ87
Value: GS1.1.1617735939.1.0.1617735940.59
.heritage.org/ Name: _fbp
Value: fb.1.1617735939877.610203497
.heritage.org/ Name: _uetsid
Value: 13d43210970b11ebb67b3f737ac1ecf2
.heritage.org/ Name: _gat_UA-1393129-30
Value: 1
secured.heritage.org/ Name: _sp_id.060e
Value: a90911ac-26a9-4872-a2c3-175a9c577846.1617735940.1.1617735940.1617735940.0fdfb8d0-8a38-4bba-83a1-1a4b02dd2657
.heritage.org/ Name: _ga
Value: GA1.1.890552114.1617735940
.heritage.org/ Name: _gcl_au
Value: 1.1.651517236.1617735940
secured.heritage.org/ Name: LB-Persist
Value: !P+6TocmYkkr37pktvZm2YC3qkLNa8tQvbuQB6IyC3K0Qj2PEVMIpcq9A5wn5w8FhgmwGj4/mdAfETg==
.heritage.org/ Name: ubvt
Value: 251.42.5.1411618430546526033
.heritage.org/ Name: _uetvid
Value: 13d46d70970b11ebabf4ffbc1afded39
.heritage.org/ Name: _gid
Value: GA1.2.792669217.1617735940
secured.heritage.org/ Name: ubvs
Value: 251.42.5.1411618430546526033
secured.heritage.org/constitution/ Name: ubrs
Value: weighted
.heritage.org/ Name: __cfduid
Value: ddcd901013ffe3ae9cda400fbe7e576141617735937
secured.heritage.org/ Name: _sp_ses.060e
Value: *
secured.heritage.org/constitution/ Name: ubpv
Value: c%2C06ef4334-f49a-46c1-a9e5-66cd583883cd

1 Console Messages

Source Level URL
Text
console-api debug URL: https://munchkin.marketo.net/159/munchkin.js(Line 22)
Message:
Munchkin.init("%s") options: 824-MHT-304 [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

23fb6d9ba3f348d2b885dfa43ec08ab4.js.ubembed.com
ajax.googleapis.com
analytics.google.com
assets.ubembed.com
bat.bing.com
builder-assets.unbounce.com
connect.facebook.net
d34qb8suadcc4g.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
events.ub-analytics.com
googleads.g.doubleclick.net
links.conservativeintel.com
munchkin.marketo.net
px.ads.linkedin.com
secured.heritage.org
snap.licdn.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
13.226.156.219
13.226.159.87
142.250.186.130
151.101.193.131
2600:9000:2182:7c00:1d:11cf:5800:93a1
2606:4700:10::6814:28f0
2620:119:50e3:101::6cae:b45
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:803::2003
2a00:1450:4001:809::2008
2a00:1450:4001:80e::200e
2a00:1450:4001:812::200e
2a00:1450:4001:827::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2004
2a00:1450:400c:c0b::9d
2a00:1450:400c:c1b::9b
2a02:26f0:6c00:2b0::25ea
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.193.170.119
35.173.63.32
65.9.90.3
88.221.60.75
0983003c2827bd0b24985d096cb40456780a70afc96c5913bf1217529c18254b
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
146713f310842933dc62d2bed7f0eaaf8a9cf3cdf72fd37610ef51e58378c8dc
1fe2437a79282fb26d2267e40cdb7ac59164d0ee5e5b9f955f05a49f686ab616
20226f745aef929db900531dcce70888c463a79e0c9f52db93b8c6c32268941d
2618cfe8c77aafa616eb1bf67d0207689724dee45c4cad6bda086a3aad5818b8
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb
3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66
459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc
5c6e41cab44d3fc8958df6b852e4e728360a81d7a5fc3079b36e677cc07f8edb
5cc2628039ee08964a5f46fb8abb1d5e1ec87e1200d12862ef1232bbfed7da55
5cc358dc3fdf827a9c7e07345ec4ac343eb8ae8b4ac6de8f899badf422e2da49
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
761300c8121f5ffade942469aee5872f5796ba860d3f48b23784b86f527e2f24
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
7f837a85613b22790e8364b0d43a43a683b6732a7279c4a7fb58bc7f6975c4c6
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86cc35989be655e6cbe68540cf835dec34388862a948fbd05850100797c32319
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7
aef23deda339b41ec1128bd29fb926bd6b5317b06583cfe713da67ae9db605ba
b4019edd296bebe063dd6bcd45e571715226e9b5c864eef9b94ef113b6ab3808
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cd3601b2f79f3cccc6333afba636cc8e645f7703257326df7df02497dc09d2df
d26eeaf074a264eef56cbe11c720823af0f8dc29fde11728cc95ccfa2708dc2f
d95623d5a8cbc051acd8e5ec08c165e3a46f20d3d9eb2e0cd9d6c12d63363f22
dda892ad4ffeb533d49639f623b03414a6713dd0be2a978ba550930e0fa7741d
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f01789d872505e99cb8f16838be590429f035fd8ff2ad5cfb2cc6da631a4ad87
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
ff7579dbbafe0b642d51d14a94ed96dbbbe3ccca46207b3c541cab2a029010f6