urlscan.io logo urlscan.io
SecurityTrails logo

helpfulfunds.org Open in urlscan Pro
34.237.70.30  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://clt1352279.bmetrack.com/c/l?u=C85DB52&e=12B375D&c=14A257&t=0&l=656CDFC3&email=oFyipAZloh4B%2BdPDj3m3tntApxPOXgeoNyIeD9Vs...
Effective URL: https://helpfulfunds.org/welcome?utm_source=2972&cid=503279~54638489~1237613&s1=BM5_Helpful&email=%20david.a.woosley@ampf...
Submission: On July 15 via manual from IN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 3 countries across 14 domains to perform 44 HTTP transactions. The main IP is 34.237.70.30, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is helpfulfunds.org.
TLS certificate: Issued by Amazon on February 2nd 2021. Valid for: a year.
This is the only time helpfulfunds.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    44.235.147.222 (Boardman, United States)

ASN16509 (AMAZON-02, US)
clt1352279.bmetrack.com
1    54.148.133.247 (Boardman, United States)

ASN16509 (AMAZON-02, US)
offer.eloanconnect.com
13    34.237.70.30 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
helpfulfunds.org
3    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    13.224.96.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-42.zrh50.r.cloudfront.net
api.pushnami.com
4    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
4    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
www.googleadservices.com
1    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
13 helpfulfunds.org offer.eloanconnect.com
helpfulfunds.org
5 www.google.com helpfulfunds.org
www.gstatic.com
www.google.com
4 www.gstatic.com www.google.com
www.gstatic.com
4 fonts.googleapis.com helpfulfunds.org
3 fonts.gstatic.com fonts.googleapis.com
www.google.com
3 www.googletagmanager.com helpfulfunds.org
www.googletagmanager.com
2 www.facebook.com helpfulfunds.org
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 connect.facebook.net helpfulfunds.org
connect.facebook.net
1 www.google.de helpfulfunds.org
1 stats.g.doubleclick.net www.google-analytics.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.googleadservices.com www.googletagmanager.com
1 api.pushnami.com helpfulfunds.org
1 offer.eloanconnect.com
1 clt1352279.bmetrack.com 1 redirects
44 16

This site contains no links.

Subject Issuer Validity Valid
eloanconnect.com
Amazon		 2020-10-29 -
2021-11-27		 a year crt.sh
helpfulfunds.org
Amazon		 2021-02-02 -
2022-03-03		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.pushnami.com
Amazon		 2021-04-18 -
2022-05-17		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-05-26 -
2021-08-24		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://helpfulfunds.org/welcome?utm_source=2972&cid=503279~54638489~1237613&s1=BM5_Helpful&email=%20david.a.woosley@ampf.com&first=Kathleen&last=Brewer&zip=
Frame ID: 277B4C8F5AB6D640F6DC2D6EC37F6475
Requests: 36 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf26JsUAAAAAJ6FUMH47KYxrhU5zJ12X11Uh9C9&co=aHR0cHM6Ly9oZWxwZnVsZnVuZHMub3JnOjQ0Mw..&hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&size=invisible&badge=inline&cb=3xtjlh15zy70
Frame ID: DEACB4CE1D9B18008EC0B844141B5487
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://clt1352279.bmetrack.com/c/l?u=C85DB52&e=12B375D&c=14A257&t=0&l=656CDFC3&email=oFyipAZloh4B%2BdPDj3m3... HTTP 302
    https://offer.eloanconnect.com/?aid=503279&acid=31&subid=BM5_Helpful&fname=Kathleen&email=david.a.woosley@a... Page URL
  2. https://helpfulfunds.org/welcome?utm_source=2972&cid=503279~54638489~1237613&s1=BM5_Helpful&email=%20... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /php\/?([\d.]+)?/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /\/recaptcha\/api\.js/i

Page Statistics

44
Requests

100 %
HTTPS

74 %
IPv6

14
Domains

16
Subdomains

18
IPs

3
Countries

2965 kB
Transfer

4028 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://clt1352279.bmetrack.com/c/l?u=C85DB52&e=12B375D&c=14A257&t=0&l=656CDFC3&email=oFyipAZloh4B%2BdPDj3m3tntApxPOXgeoNyIeD9VsXLU%3D&seq=2 HTTP 302
    https://offer.eloanconnect.com/?aid=503279&acid=31&subid=BM5_Helpful&fname=Kathleen&email=david.a.woosley@ampf.com&lname=Brewer&hpostal=&state=&city=&utm_source=BenchmarkEmail&utm_campaign=7%2f15%2f2021_-_HelpfulFunds&utm_medium=email Page URL
  2. https://helpfulfunds.org/welcome?utm_source=2972&cid=503279~54638489~1237613&s1=BM5_Helpful&email=%20david.a.woosley@ampf.com&first=Kathleen&last=Brewer&zip= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://clt1352279.bmetrack.com/c/l?u=C85DB52&e=12B375D&c=14A257&t=0&l=656CDFC3&email=oFyipAZloh4B%2BdPDj3m3tntApxPOXgeoNyIeD9VsXLU%3D&seq=2 HTTP 302
  • https://offer.eloanconnect.com/?aid=503279&acid=31&subid=BM5_Helpful&fname=Kathleen&email=david.a.woosley@ampf.com&lname=Brewer&hpostal=&state=&city=&utm_source=BenchmarkEmail&utm_campaign=7%2f15%2f2021_-_HelpfulFunds&utm_medium=email

44 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
offer.eloanconnect.com/
Redirect Chain
  • https://clt1352279.bmetrack.com/c/l?u=C85DB52&e=12B375D&c=14A257&t=0&l=656CDFC3&email=oFyipAZloh4B%2BdPDj3m3tntApxPOXgeoNyIeD9VsXLU%3D&seq=2
  • https://offer.eloanconnect.com/?aid=503279&acid=31&subid=BM5_Helpful&fname=Kathleen&email=david.a.woosley@ampf.com&lname=Brewer&hpostal=&state=&city=&utm_source=BenchmarkEmail&utm_campaign=7%2f15%2...
236 B
715 B 		Document
General
Check archive.org
Download Go to
Full URL
https://offer.eloanconnect.com/?aid=503279&acid=31&subid=BM5_Helpful&fname=Kathleen&email=david.a.woosley@ampf.com&lname=Brewer&hpostal=&state=&city=&utm_source=BenchmarkEmail&utm_campaign=7%2f15%2f2021_-_HelpfulFunds&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.148.133.247 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.9 / PHP/7.4.9
Resource Hash

Request headers

:method
GET
:authority
offer.eloanconnect.com
:scheme
https
:path
/?aid=503279&acid=31&subid=BM5_Helpful&fname=Kathleen&email=david.a.woosley@ampf.com&lname=Brewer&hpostal=&state=&city=&utm_source=BenchmarkEmail&utm_campaign=7%2f15%2f2021_-_HelpfulFunds&utm_medium=email
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Jul 2021 15:19:47 GMT
content-type
text/html; charset=UTF-8
content-length
236
server
Apache/2.4.46 () PHP/7.4.9
access-control-allow-origin
*
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT
access-control-max-age
1000
access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, client-security-token, accept-encoding, accept-language, host, referer, user-agent
x-powered-by
PHP/7.4.9
refresh
1; url=https://helpfulfunds.org/welcome?utm_source=2972&cid=503279~54638489~1237613&s1=BM5_Helpful&email= david.a.woosley@ampf.com&first=Kathleen&last=Brewer&zip=

Redirect headers

date
Thu, 15 Jul 2021 15:19:46 GMT
content-type
text/html; charset=utf-8
content-length
395
location
https://offer.eloanconnect.com/?aid=503279&acid=31&subid=BM5_Helpful&fname=Kathleen&email=david.a.woosley@ampf.com&lname=Brewer&hpostal=&state=&city=&utm_source=BenchmarkEmail&utm_campaign=7%2f15%2f2021_-_HelpfulFunds&utm_medium=email
cache-control
private
server
Microsoft-IIS/10.0
set-cookie
ASP.NET_SessionId=0szn2sqxpuhbadnv5vmje4ov; domain=bmetrack.com; path=/; SameSite=Lax sourcetracking=sourceid=0&phrase=%2fc%2fl%3fu%3dC85DB52%26e%3d12B375D%26c%3d14A257%26t%3d0%26l%3d656CDFC3%26email%3doFyipAZloh4B%2bdPDj3m3tntApxPOXgeoNyIeD9VsXLU%3d%26seq%3d2&refurl=&searchphrase=u%3dC85DB52%26e%3d12B375D%26c%3d14A257%26t%3d0%26l%3d656CDFC3%26email%3doFyipAZloh4B%2bdPDj3m3tntApxPOXgeoNyIeD9VsXLU%3d%26seq%3d2; expires=Fri, 12-Nov-2021 16:19:46 GMT; path=/
x-aspnet-version
4.0.30319
x-xss-protection
0
Primary Request Cookie set welcome
helpfulfunds.org/ 		22 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://helpfulfunds.org/welcome?utm_source=2972&cid=503279~54638489~1237613&s1=BM5_Helpful&email=%20david.a.woosley@ampf.com&first=Kathleen&last=Brewer&zip=
Requested by
Host: offer.eloanconnect.com
URL: https://offer.eloanconnect.com/?aid=503279&acid=31&subid=BM5_Helpful&fname=Kathleen&email=david.a.woosley@ampf.com&lname=Brewer&hpostal=&state=&city=&utm_source=BenchmarkEmail&utm_campaign=7%2f15%2f2021_-_HelpfulFunds&utm_medium=email
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.237.70.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
d4433dc8311c8328dfd80ab0ef9cac97e7d87b363c44db272caa94352969116b

Request headers

Host
helpfulfunds.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://offer.eloanconnect.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://offer.eloanconnect.com/

Response headers

Cache-Control
no-cache, private
Cache-control
no-cache="set-cookie"
Content-Type
text/html; charset=UTF-8
Date
Thu, 15 Jul 2021 15:19:48 GMT
Server
nginx/1.20.0
Set-Cookie
XSRF-TOKEN=eyJpdiI6InFDN01BTHJTY3hCMldtd2JHZVY4Ync9PSIsInZhbHVlIjoiOUhVcTQ1Z0VLT24xN2FobmpGODJ1aWRyUVBGbzkvdUdERmJSa1ptVXE1L2RFVWNJaGIrSkIvTThMMzU1amI1bSIsIm1hYyI6IjA1Yzc1NjVkODA5MzY1MmJmYjkyNmRkMmQ5MzExYzk4NTYzYTlkYjQ2NmRiMDljOGJlMWE2YTdlMjc1MjlhOWUifQ%3D%3D; expires=Thu, 15-Jul-2021 17:19:48 GMT; Max-Age=7200; path=/ helpfulfundsorg_session=eyJpdiI6InpjRDkvVi9nWXJxL3JCa3hSTFczeXc9PSIsInZhbHVlIjoiZ2lPaUtSZ0hmTXp4T092cEpMRjVoWHhvTkRHR1lJdVo0NE82bEFvTmhwM3crVmFLMUZYTmNXVXBoUjZoak95byIsIm1hYyI6Ijc0YzZjMjliMjIwZDM5ZDUzOGFkMzllM2IyNDY3NDgwZmRmMTVhYzJiMGM4YTZjYzc2MDQ0ODE1MzExM2U4NjYifQ%3D%3D; expires=Thu, 15-Jul-2021 17:19:48 GMT; Max-Age=7200; path=/; httponly AWSELB=FB3FD7350A5E20FD9CFE03EB417ADA22125ACC19936E0FEE3CA8653A12B5391C7EAAB15711FB241217D71334F1369E402768FF13BE51BFEE7BAE05A638C00035866D295CC3;PATH=/;MAX-AGE=3600 AWSELBCORS=FB3FD7350A5E20FD9CFE03EB417ADA22125ACC19936E0FEE3CA8653A12B5391C7EAAB15711FB241217D71334F1369E402768FF13BE51BFEE7BAE05A638C00035866D295CC3;PATH=/;MAX-AGE=3600;SECURE;SAMESITE=None
Content-Length
22820
Connection
keep-alive
app.js
helpfulfunds.org/js/ 		1 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://helpfulfunds.org/js/app.js
Requested by
Host: helpfulfunds.org
URL: https://helpfulfunds.org/welcome?utm_source=2972&cid=503279~54638489~1237613&s1=BM5_Helpful&email=%20david.a.woosley@ampf.com&first=Kathleen&last=Brewer&zip=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.237.70.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
8efef88427f8a289f5d20e5b1d5ebc8390c04fc48b302de727dc5a6360dfa470

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
helpfulfunds.org
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://helpfulfunds.org/welcome?utm_source=2972&cid=503279~54638489~1237613&s1=BM5_Helpful&email=%20david.a.woosley@ampf.com&first=Kathleen&last=Brewer&zip=
Cookie
XSRF-TOKEN=eyJpdiI6InFDN01BTHJTY3hCMldtd2JHZVY4Ync9PSIsInZhbHVlIjoiOUhVcTQ1Z0VLT24xN2FobmpGODJ1aWRyUVBGbzkvdUdERmJSa1ptVXE1L2RFVWNJaGIrSkIvTThMMzU1amI1bSIsIm1hYyI6IjA1Yzc1NjVkODA5MzY1MmJmYjkyNmRkMmQ5MzExYzk4NTYzYTlkYjQ2NmRiMDljOGJlMWE2YTdlMjc1MjlhOWUifQ%3D%3D; helpfulfundsorg_session=eyJpdiI6InpjRDkvVi9nWXJxL3JCa3hSTFczeXc9PSIsInZhbHVlIjoiZ2lPaUtSZ0hmTXp4T092cEpMRjVoWHhvTkRHR1lJdVo0NE82bEFvTmhwM3crVmFLMUZYTmNXVXBoUjZoak95byIsIm1hYyI6Ijc0YzZjMjliMjIwZDM5ZDUzOGFkMzllM2IyNDY3NDgwZmRmMTVhYzJiMGM4YTZjYzc2MDQ0ODE1MzExM2U4NjYifQ%3D%3D; AWSELB=FB3FD7350A5E20FD9CFE03EB417ADA22125ACC19936E0FEE3CA8653A12B5391C7EAAB15711FB241217D71334F1369E402768FF13BE51BFEE7BAE05A638C00035866D295CC3; AWSELBCORS=FB3FD7350A5E20FD9CFE03EB417ADA22125ACC19936E0FEE3CA8653A12B5391C7EAAB15711FB241217D71334F1369E402768FF13BE51BFEE7BAE05A638C00035866D295CC3
Connection
keep-alive
Referer
https://helpfulfunds.org/welcome?utm_source=2972&cid=503279~54638489~1237613&s1=BM5_Helpful&email=%20david.a.woosley@ampf.com&first=Kathleen&last=Brewer&zip=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Jul 2021 15:19:48 GMT
Last-Modified
Fri, 19 Feb 2021 01:25:00 GMT
Server
nginx/1.20.0
ETag
"602f136c-16389d"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1456285
js
www.googletagmanager.com/gtag/ 		98 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-137479209-1
Requested by
Host: helpfulfunds.org
URL: https://helpfulfunds.org/welcome?utm_source=2972&cid=503279~54638489~1237613&s1=BM5_Helpful&email=%20david.a.woosley@ampf.com&first=Kathleen&last=Brewer&zip=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d68cda834caf6b026d2b0cb44e9793e1ac5f4d37f3f9d1f078dbfc1d274e8072
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://helpfulfunds.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Jul 2021 15:19:48 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39676
x-xss-protection
0
last-modified
Thu, 15 Jul 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 15 Jul 2021 15:19:48 GMT
js
www.googletagmanager.com/gtag/ 		94 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-594142944
Requested by
Host: helpfulfunds.org
URL: https://helpfulfunds.org/welcome?utm_source=2972&cid=503279~54638489~1237613&s1=BM5_Helpful&email=%20david.a.woosley@ampf.com&first=Kathleen&last=Brewer&zip=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f0ee5ebb4eebc433148bbc9886210eaf8b6ac2ee93b45f1ecd18dd28f61dc914
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://helpfulfunds.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Jul 2021 15:19:48 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37948
x-xss-protection
0
last-modified
Thu, 15 Jul 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 15 Jul 2021 15:19:48 GMT
api.js
www.google.com/recaptcha/ 		918 B
683 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=explicit&onload=onRecaptchaLoadCallback
Requested by
Host: helpfulfunds.org
URL: https://helpfulfunds.org/welcome?utm_source=2972&cid=503279~54638489~1237613&s1=BM5_Helpful&email=%20david.a.woosley@ampf.com&first=Kathleen&last=Brewer&zip=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d7bcf5f1793c9cd79d927a07045dcf420ce17df0b44daa89bfe92f4337ba2020
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://helpfulfunds.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Jul 2021 15:19:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
587
x-xss-protection
1; mode=block
expires
Thu, 15 Jul 2021 15:19:48 GMT
app.css
helpfulfunds.org/css/ 		265 KB
265 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://helpfulfunds.org/css/app.css
Requested by
Host: helpfulfunds.org
URL: https://helpfulfunds.org/welcome?utm_source=2972&cid=503279~54638489~1237613&s1=BM5_Helpful&email=%20david.a.woosley@ampf.com&first=Kathleen&last=Brewer&zip=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.237.70.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
896fff0e5545dbed49620d013321b3ffd856683a53e6d9cebe0398f9d319d0be

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
helpfulfunds.org
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://helpfulfunds.org/welcome?utm_source=2972&cid=503279~54638489~1237613&s1=BM5_Helpful&email=%20david.a.woosley@ampf.com&first=Kathleen&last=Brewer&zip=
Cookie
XSRF-TOKEN=eyJpdiI6InFDN01BTHJTY3hCMldtd2JHZVY4Ync9PSIsInZhbHVlIjoiOUhVcTQ1Z0VLT24xN2FobmpGODJ1aWRyUVBGbzkvdUdERmJSa1ptVXE1L2RFVWNJaGIrSkIvTThMMzU1amI1bSIsIm1hYyI6IjA1Yzc1NjVkODA5MzY1MmJmYjkyNmRkMmQ5MzExYzk4NTYzYTlkYjQ2NmRiMDljOGJlMWE2YTdlMjc1MjlhOWUifQ%3D%3D; helpfulfundsorg_session=eyJpdiI6InpjRDkvVi9nWXJxL3JCa3hSTFczeXc9PSIsInZhbHVlIjoiZ2lPaUtSZ0hmTXp4T092cEpMRjVoWHhvTkRHR1lJdVo0NE82bEFvTmhwM3crVmFLMUZYTmNXVXBoUjZoak95byIsIm1hYyI6Ijc0YzZjMjliMjIwZDM5ZDUzOGFkMzllM2IyNDY3NDgwZmRmMTVhYzJiMGM4YTZjYzc2MDQ0ODE1MzExM2U4NjYifQ%3D%3D; AWSELB=FB3FD7350A5E20FD9CFE03EB417ADA22125ACC19936E0FEE3CA8653A12B5391C7EAAB15711FB241217D71334F1369E402768FF13BE51BFEE7BAE05A638C00035866D295CC3; AWSELBCORS=FB3FD7350A5E20FD9CFE03EB417ADA22125ACC19936E0FEE3CA8653A12B5391C7EAAB15711FB241217D71334F1369E402768FF13BE51BFEE7BAE05A638C00035866D295CC3
Connection
keep-alive
Referer
https://helpfulfunds.org/welcome?utm_source=2972&cid=503279~54638489~1237613&s1=BM5_Helpful&email=%20david.a.woosley@ampf.com&first=Kathleen&last=Brewer&zip=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Jul 2021 15:19:48 GMT
Last-Modified
Fri, 26 Feb 2021 20:04:05 GMT
Server
nginx/1.20.0
ETag
"60395435-42427"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
271399
css
fonts.googleapis.com/ 		2 KB
611 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nunito
Requested by
Host: helpfulfunds.org
URL: https://helpfulfunds.org/welcome?utm_source=2972&cid=503279~54638489~1237613&s1=BM5_Helpful&email=%20david.a.woosley@ampf.com&first=Kathleen&last=Brewer&zip=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
92e84db6987ce882afbf7bf6a990760008eb6f08af890a00b0ee7f1301e5f7d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://helpfulfunds.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 15 Jul 2021 15:12:17 GMT
server
ESF
date
Thu, 15 Jul 2021 15:19:48 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 15 Jul 2021 15:19:48 GMT
css
fonts.googleapis.com/ 		4 KB
584 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,700,300italic,400italic,700italic
Requested by
Host: helpfulfunds.org
URL: https://helpfulfunds.org/welcome?utm_source=2972&cid=503279~54638489~1237613&s1=BM5_Helpful&email=%20david.a.woosley@ampf.com&first=Kathleen&last=Brewer&zip=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
85294902ee0519eec70df5ab51a6c3641e9ced2bf670e537910bb9b30af3f9d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://helpfulfunds.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 15 Jul 2021 13:38:23 GMT
server
ESF
date
Thu, 15 Jul 2021 15:19:48 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 15 Jul 2021 15:19:48 GMT
helpfulfunds.org.new.png
helpfulfunds.org/storage/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://helpfulfunds.org/storage/helpfulfunds.org.new.png
Requested by
Host: helpfulfunds.org
URL: https://helpfulfunds.org/welcome?utm_source=2972&cid=503279~54638489~1237613&s1=BM5_Helpful&email=%20david.a.woosley@ampf.com&first=Kathleen&last=Brewer&zip=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.237.70.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
0431b46da5c3aecc1442140b04c313bc6bc7115642b4b43a22392c800c8419dc

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
helpfulfunds.org
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://helpfulfunds.org/welcome?utm_source=2972&cid=503279~54638489~1237613&s1=BM5_Helpful&email=%20david.a.woosley@ampf.com&first=Kathleen&last=Brewer&zip=
Cookie
XSRF-TOKEN=eyJpdiI6InFDN01BTHJTY3hCMldtd2JHZVY4Ync9PSIsInZhbHVlIjoiOUhVcTQ1Z0VLT24xN2FobmpGODJ1aWRyUVBGbzkvdUdERmJSa1ptVXE1L2RFVWNJaGIrSkIvTThMMzU1amI1bSIsIm1hYyI6IjA1Yzc1NjVkODA5MzY1MmJmYjkyNmRkMmQ5MzExYzk4NTYzYTlkYjQ2NmRiMDljOGJlMWE2YTdlMjc1MjlhOWUifQ%3D%3D; helpfulfundsorg_session=eyJpdiI6InpjRDkvVi9nWXJxL3JCa3hSTFczeXc9PSIsInZhbHVlIjoiZ2lPaUtSZ0hmTXp4T092cEpMRjVoWHhvTkRHR1lJdVo0NE82bEFvTmhwM3crVmFLMUZYTmNXVXBoUjZoak95byIsIm1hYyI6Ijc0YzZjMjliMjIwZDM5ZDUzOGFkMzllM2IyNDY3NDgwZmRmMTVhYzJiMGM4YTZjYzc2MDQ0ODE1MzExM2U4NjYifQ%3D%3D; AWSELB=FB3FD7350A5E20FD9CFE03EB417ADA22125ACC19936E0FEE3CA8653A12B5391C7EAAB15711FB241217D71334F1369E402768FF13BE51BFEE7BAE05A638C00035866D295CC3; AWSELBCORS=FB3FD7350A5E20FD9CFE03EB417ADA22125ACC19936E0FEE3CA8653A12B5391C7EAAB15711FB241217D71334F1369E402768FF13BE51BFEE7BAE05A638C00035866D295CC3
Connection
keep-alive
Referer
https://helpfulfunds.org/welcome?utm_source=2972&cid=503279~54638489~1237613&s1=BM5_Helpful&email=%20david.a.woosley@ampf.com&first=Kathleen&last=Brewer&zip=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Jul 2021 15:19:48 GMT
Last-Modified
Thu, 13 Feb 2020 23:22:07 GMT
Server
nginx/1.20.0
ETag
"5e45da1f-274a"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10058
testimonials-1.jpg
helpfulfunds.org/storage/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://helpfulfunds.org/storage/testimonials-1.jpg
Requested by
Host: helpfulfunds.org
URL: https://helpfulfunds.org/welcome?utm_source=2972&cid=503279~54638489~1237613&s1=BM5_Helpful&email=%20david.a.woosley@ampf.com&first=Kathleen&last=Brewer&zip=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.237.70.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
139d2da0ff1859b8b2b1c1b0e5fe68303ad569ad5205a780b387e92d70b7ed9d

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
helpfulfunds.org
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://helpfulfunds.org/welcome?utm_source=2972&cid=503279~54638489~1237613&s1=BM5_Helpful&email=%20david.a.woosley@ampf.com&first=Kathleen&last=Brewer&zip=
Cookie
XSRF-TOKEN=eyJpdiI6InFDN01BTHJTY3hCMldtd2JHZVY4Ync9PSIsInZhbHVlIjoiOUhVcTQ1Z0VLT24xN2FobmpGODJ1aWRyUVBGbzkvdUdERmJSa1ptVXE1L2RFVWNJaGIrSkIvTThMMzU1amI1bSIsIm1hYyI6IjA1Yzc1NjVkODA5MzY1MmJmYjkyNmRkMmQ5MzExYzk4NTYzYTlkYjQ2NmRiMDljOGJlMWE2YTdlMjc1MjlhOWUifQ%3D%3D; helpfulfundsorg_session=eyJpdiI6InpjRDkvVi9nWXJxL3JCa3hSTFczeXc9PSIsInZhbHVlIjoiZ2lPaUtSZ0hmTXp4T092cEpMRjVoWHhvTkRHR1lJdVo0NE82bEFvTmhwM3crVmFLMUZYTmNXVXBoUjZoak95byIsIm1hYyI6Ijc0YzZjMjliMjIwZDM5ZDUzOGFkMzllM2IyNDY3NDgwZmRmMTVhYzJiMGM4YTZjYzc2MDQ0ODE1MzExM2U4NjYifQ%3D%3D; AWSELB=FB3FD7350A5E20FD9CFE03EB417ADA22125ACC19936E0FEE3CA8653A12B5391C7EAAB15711FB241217D71334F1369E402768FF13BE51BFEE7BAE05A638C00035866D295CC3; AWSELBCORS=FB3FD7350A5E20FD9CFE03EB417ADA22125ACC19936E0FEE3CA8653A12B5391C7EAAB15711FB241217D71334F1369E402768FF13BE51BFEE7BAE05A638C00035866D295CC3
Connection
keep-alive
Referer
https://helpfulfunds.org/welcome?utm_source=2972&cid=503279~54638489~1237613&s1=BM5_Helpful&email=%20david.a.woosley@ampf.com&first=Kathleen&last=Brewer&zip=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Jul 2021 15:19:48 GMT
Last-Modified
Wed, 10 Apr 2019 17:23:05 GMT
Server
nginx/1.20.0
ETag
"5cae2679-846b"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33899
testimonials-2.jpg
helpfulfunds.org/storage/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://helpfulfunds.org/storage/testimonials-2.jpg
Requested by
Host: helpfulfunds.org
URL: https://helpfulfunds.org/welcome?utm_source=2972&cid=503279~54638489~1237613&s1=BM5_Helpful&email=%20david.a.woosley@ampf.com&first=Kathleen&last=Brewer&zip=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.237.70.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
95734d1c9964c792cdeb18281d7eb1a6aa23618d0e5c7d4ac75c6ead022863ed

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
helpfulfunds.org
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://helpfulfunds.org/welcome?utm_source=2972&cid=503279~54638489~1237613&s1=BM5_Helpful&email=%20david.a.woosley@ampf.com&first=Kathleen&last=Brewer&zip=
Cookie
XSRF-TOKEN=eyJpdiI6InFDN01BTHJTY3hCMldtd2JHZVY4Ync9PSIsInZhbHVlIjoiOUhVcTQ1Z0VLT24xN2FobmpGODJ1aWRyUVBGbzkvdUdERmJSa1ptVXE1L2RFVWNJaGIrSkIvTThMMzU1amI1bSIsIm1hYyI6IjA1Yzc1NjVkODA5MzY1MmJmYjkyNmRkMmQ5MzExYzk4NTYzYTlkYjQ2NmRiMDljOGJlMWE2YTdlMjc1MjlhOWUifQ%3D%3D; helpfulfundsorg_session=eyJpdiI6InpjRDkvVi9nWXJxL3JCa3hSTFczeXc9PSIsInZhbHVlIjoiZ2lPaUtSZ0hmTXp4T092cEpMRjVoWHhvTkRHR1lJdVo0NE82bEFvTmhwM3crVmFLMUZYTmNXVXBoUjZoak95byIsIm1hYyI6Ijc0YzZjMjliMjIwZDM5ZDUzOGFkMzllM2IyNDY3NDgwZmRmMTVhYzJiMGM4YTZjYzc2MDQ0ODE1MzExM2U4NjYifQ%3D%3D; AWSELB=FB3FD7350A5E20FD9CFE03EB417ADA22125ACC19936E0FEE3CA8653A12B5391C7EAAB15711FB241217D71334F1369E402768FF13BE51BFEE7BAE05A638C00035866D295CC3; AWSELBCORS=FB3FD7350A5E20FD9CFE03EB417ADA22125ACC19936E0FEE3CA8653A12B5391C7EAAB15711FB241217D71334F1369E402768FF13BE51BFEE7BAE05A638C00035866D295CC3
Connection
keep-alive
Referer
https://helpfulfunds.org/welcome?utm_source=2972&cid=503279~54638489~1237613&s1=BM5_Helpful&email=%20david.a.woosley@ampf.com&first=Kathleen&last=Brewer&zip=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Jul 2021 15:19:48 GMT
Last-Modified
Wed, 10 Apr 2019 17:23:26 GMT
Server
nginx/1.20.0
ETag
"5cae268e-93cd"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
37837
testimonials-3.jpg
helpfulfunds.org/storage/ 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://helpfulfunds.org/storage/testimonials-3.jpg
Requested by
Host: helpfulfunds.org
URL: https://helpfulfunds.org/welcome?utm_source=2972&cid=503279~54638489~1237613&s1=BM5_Helpful&email=%20david.a.woosley@ampf.com&first=Kathleen&last=Brewer&zip=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.237.70.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
8bcdaa30f56d9bd7833f3c843f412e8e14a6e6071415ae8bc8edff69944872ea

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
helpfulfunds.org
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://helpfulfunds.org/welcome?utm_source=2972&cid=503279~54638489~1237613&s1=BM5_Helpful&email=%20david.a.woosley@ampf.com&first=Kathleen&last=Brewer&zip=
Cookie
XSRF-TOKEN=eyJpdiI6InFDN01BTHJTY3hCMldtd2JHZVY4Ync9PSIsInZhbHVlIjoiOUhVcTQ1Z0VLT24xN2FobmpGODJ1aWRyUVBGbzkvdUdERmJSa1ptVXE1L2RFVWNJaGIrSkIvTThMMzU1amI1bSIsIm1hYyI6IjA1Yzc1NjVkODA5MzY1MmJmYjkyNmRkMmQ5MzExYzk4NTYzYTlkYjQ2NmRiMDljOGJlMWE2YTdlMjc1MjlhOWUifQ%3D%3D; helpfulfundsorg_session=eyJpdiI6InpjRDkvVi9nWXJxL3JCa3hSTFczeXc9PSIsInZhbHVlIjoiZ2lPaUtSZ0hmTXp4T092cEpMRjVoWHhvTkRHR1lJdVo0NE82bEFvTmhwM3crVmFLMUZYTmNXVXBoUjZoak95byIsIm1hYyI6Ijc0YzZjMjliMjIwZDM5ZDUzOGFkMzllM2IyNDY3NDgwZmRmMTVhYzJiMGM4YTZjYzc2MDQ0ODE1MzExM2U4NjYifQ%3D%3D; AWSELB=FB3FD7350A5E20FD9CFE03EB417ADA22125ACC19936E0FEE3CA8653A12B5391C7EAAB15711FB241217D71334F1369E402768FF13BE51BFEE7BAE05A638C00035866D295CC3; AWSELBCORS=FB3FD7350A5E20FD9CFE03EB417ADA22125ACC19936E0FEE3CA8653A12B5391C7EAAB15711FB241217D71334F1369E402768FF13BE51BFEE7BAE05A638C00035866D295CC3
Connection
keep-alive
Referer
https://helpfulfunds.org/welcome?utm_source=2972&cid=503279~54638489~1237613&s1=BM5_Helpful&email=%20david.a.woosley@ampf.com&first=Kathleen&last=Brewer&zip=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Jul 2021 15:19:49 GMT
Last-Modified
Wed, 10 Apr 2019 17:23:43 GMT
Server
nginx/1.20.0
ETag
"5cae269f-f41c"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
62492
5eeceeaacc8ccb209974ff1f
api.pushnami.com/scripts/v1/pushnami-adv/ 		128 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.pushnami.com/scripts/v1/pushnami-adv/5eeceeaacc8ccb209974ff1f
Requested by
Host: helpfulfunds.org
URL: https://helpfulfunds.org/welcome?utm_source=2972&cid=503279~54638489~1237613&s1=BM5_Helpful&email=%20david.a.woosley@ampf.com&first=Kathleen&last=Brewer&zip=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-42.zrh50.r.cloudfront.net
Software
/
Resource Hash
3656a46604075702b1d1eedb9dcc77f8d5a99777e37643cf936796768968ea53

Request headers

Referer
https://helpfulfunds.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Jul 2021 15:13:38 GMT
via
1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
age
370
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
no-cache
x-amz-cf-pop
ZRH50-C1
content-encoding
gzip
x-amz-cf-id
umbziXIr8EgjB47EXxDRD_ZSgj-gXbWkWB71ise_3ZI5INSM4EcCCw==
recaptcha__en.js
www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/ 		341 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit&onload=onRecaptchaLoadCallback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
839392b626a00e09ce3ec77706959d551de27cca63c559fcd4a6415aef3e722a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://helpfulfunds.org
Referer
https://helpfulfunds.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Jul 2021 10:12:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18452
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
135961
x-xss-protection
0
last-modified
Mon, 28 Jun 2021 04:05:04 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 15 Jul 2022 10:12:16 GMT
fbevents.js
connect.facebook.net/en_US/ 		95 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: helpfulfunds.org
URL: https://helpfulfunds.org/welcome?utm_source=2972&cid=503279~54638489~1237613&s1=BM5_Helpful&email=%20david.a.woosley@ampf.com&first=Kathleen&last=Brewer&zip=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0d17b8a38d3dce6f7357bbc8da105d92c21b6cf1c4b92351ce2b1861b065f2c5
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://helpfulfunds.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
24676
x-xss-protection
0
pragma
public
x-fb-debug
yAG0cYJrks+NaXds6BoYvx1oY9qAAgEbKZDk33weoTxinAhk5Thq/M/+Y/mJWg8NH+TK1yuyknMFgi6VmfT30g==
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 15 Jul 2021 15:19:48 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
girl-using-a-laptop_t20_lWjPNm.jpg
helpfulfunds.org/storage/ 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://helpfulfunds.org/storage/girl-using-a-laptop_t20_lWjPNm.jpg
Requested by
Host: helpfulfunds.org
URL: https://helpfulfunds.org/welcome?utm_source=2972&cid=503279~54638489~1237613&s1=BM5_Helpful&email=%20david.a.woosley@ampf.com&first=Kathleen&last=Brewer&zip=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.237.70.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
1d61e6d9eaddbf6dd306141df504e944bcc93c9aff9f508e07a3a84a2a5527c6

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
helpfulfunds.org
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://helpfulfunds.org/welcome?utm_source=2972&cid=503279~54638489~1237613&s1=BM5_Helpful&email=%20david.a.woosley@ampf.com&first=Kathleen&last=Brewer&zip=
Cookie
XSRF-TOKEN=eyJpdiI6InFDN01BTHJTY3hCMldtd2JHZVY4Ync9PSIsInZhbHVlIjoiOUhVcTQ1Z0VLT24xN2FobmpGODJ1aWRyUVBGbzkvdUdERmJSa1ptVXE1L2RFVWNJaGIrSkIvTThMMzU1amI1bSIsIm1hYyI6IjA1Yzc1NjVkODA5MzY1MmJmYjkyNmRkMmQ5MzExYzk4NTYzYTlkYjQ2NmRiMDljOGJlMWE2YTdlMjc1MjlhOWUifQ%3D%3D; helpfulfundsorg_session=eyJpdiI6InpjRDkvVi9nWXJxL3JCa3hSTFczeXc9PSIsInZhbHVlIjoiZ2lPaUtSZ0hmTXp4T092cEpMRjVoWHhvTkRHR1lJdVo0NE82bEFvTmhwM3crVmFLMUZYTmNXVXBoUjZoak95byIsIm1hYyI6Ijc0YzZjMjliMjIwZDM5ZDUzOGFkMzllM2IyNDY3NDgwZmRmMTVhYzJiMGM4YTZjYzc2MDQ0ODE1MzExM2U4NjYifQ%3D%3D; AWSELB=FB3FD7350A5E20FD9CFE03EB417ADA22125ACC19936E0FEE3CA8653A12B5391C7EAAB15711FB241217D71334F1369E402768FF13BE51BFEE7BAE05A638C00035866D295CC3; AWSELBCORS=FB3FD7350A5E20FD9CFE03EB417ADA22125ACC19936E0FEE3CA8653A12B5391C7EAAB15711FB241217D71334F1369E402768FF13BE51BFEE7BAE05A638C00035866D295CC3
Connection
keep-alive
Referer
https://helpfulfunds.org/welcome?utm_source=2972&cid=503279~54638489~1237613&s1=BM5_Helpful&email=%20david.a.woosley@ampf.com&first=Kathleen&last=Brewer&zip=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Jul 2021 15:19:49 GMT
Last-Modified
Wed, 10 Apr 2019 17:22:04 GMT
Server
nginx/1.20.0
ETag
"5cae263c-f33b"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
62267
housing.jpg
helpfulfunds.org/storage/ 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://helpfulfunds.org/storage/housing.jpg
Requested by
Host: helpfulfunds.org
URL: https://helpfulfunds.org/welcome?utm_source=2972&cid=503279~54638489~1237613&s1=BM5_Helpful&email=%20david.a.woosley@ampf.com&first=Kathleen&last=Brewer&zip=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.237.70.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
f0c4bae94e5ffee13b860425e8e1ec03742d66008e2d8f90daee3eda75901037

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
helpfulfunds.org
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://helpfulfunds.org/welcome?utm_source=2972&cid=503279~54638489~1237613&s1=BM5_Helpful&email=%20david.a.woosley@ampf.com&first=Kathleen&last=Brewer&zip=
Cookie
XSRF-TOKEN=eyJpdiI6InFDN01BTHJTY3hCMldtd2JHZVY4Ync9PSIsInZhbHVlIjoiOUhVcTQ1Z0VLT24xN2FobmpGODJ1aWRyUVBGbzkvdUdERmJSa1ptVXE1L2RFVWNJaGIrSkIvTThMMzU1amI1bSIsIm1hYyI6IjA1Yzc1NjVkODA5MzY1MmJmYjkyNmRkMmQ5MzExYzk4NTYzYTlkYjQ2NmRiMDljOGJlMWE2YTdlMjc1MjlhOWUifQ%3D%3D; helpfulfundsorg_session=eyJpdiI6InpjRDkvVi9nWXJxL3JCa3hSTFczeXc9PSIsInZhbHVlIjoiZ2lPaUtSZ0hmTXp4T092cEpMRjVoWHhvTkRHR1lJdVo0NE82bEFvTmhwM3crVmFLMUZYTmNXVXBoUjZoak95byIsIm1hYyI6Ijc0YzZjMjliMjIwZDM5ZDUzOGFkMzllM2IyNDY3NDgwZmRmMTVhYzJiMGM4YTZjYzc2MDQ0ODE1MzExM2U4NjYifQ%3D%3D; AWSELB=FB3FD7350A5E20FD9CFE03EB417ADA22125ACC19936E0FEE3CA8653A12B5391C7EAAB15711FB241217D71334F1369E402768FF13BE51BFEE7BAE05A638C00035866D295CC3; AWSELBCORS=FB3FD7350A5E20FD9CFE03EB417ADA22125ACC19936E0FEE3CA8653A12B5391C7EAAB15711FB241217D71334F1369E402768FF13BE51BFEE7BAE05A638C00035866D295CC3
Connection
keep-alive
Referer
https://helpfulfunds.org/welcome?utm_source=2972&cid=503279~54638489~1237613&s1=BM5_Helpful&email=%20david.a.woosley@ampf.com&first=Kathleen&last=Brewer&zip=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Jul 2021 15:19:49 GMT
Last-Modified
Wed, 10 Apr 2019 17:13:24 GMT
Server
nginx/1.20.0
ETag
"5cae2434-10f47"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
69447
smiles-and-laughs-with-the-graduates_t20_JadQZR.jpg
helpfulfunds.org/storage/ 		111 KB
112 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://helpfulfunds.org/storage/smiles-and-laughs-with-the-graduates_t20_JadQZR.jpg
Requested by
Host: helpfulfunds.org
URL: https://helpfulfunds.org/welcome?utm_source=2972&cid=503279~54638489~1237613&s1=BM5_Helpful&email=%20david.a.woosley@ampf.com&first=Kathleen&last=Brewer&zip=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.237.70.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
8125cbc53fce95507288a9c661d5cd14472cf019566f27549da6acfe2db86d2a

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
helpfulfunds.org
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://helpfulfunds.org/welcome?utm_source=2972&cid=503279~54638489~1237613&s1=BM5_Helpful&email=%20david.a.woosley@ampf.com&first=Kathleen&last=Brewer&zip=
Cookie
XSRF-TOKEN=eyJpdiI6InFDN01BTHJTY3hCMldtd2JHZVY4Ync9PSIsInZhbHVlIjoiOUhVcTQ1Z0VLT24xN2FobmpGODJ1aWRyUVBGbzkvdUdERmJSa1ptVXE1L2RFVWNJaGIrSkIvTThMMzU1amI1bSIsIm1hYyI6IjA1Yzc1NjVkODA5MzY1MmJmYjkyNmRkMmQ5MzExYzk4NTYzYTlkYjQ2NmRiMDljOGJlMWE2YTdlMjc1MjlhOWUifQ%3D%3D; helpfulfundsorg_session=eyJpdiI6InpjRDkvVi9nWXJxL3JCa3hSTFczeXc9PSIsInZhbHVlIjoiZ2lPaUtSZ0hmTXp4T092cEpMRjVoWHhvTkRHR1lJdVo0NE82bEFvTmhwM3crVmFLMUZYTmNXVXBoUjZoak95byIsIm1hYyI6Ijc0YzZjMjliMjIwZDM5ZDUzOGFkMzllM2IyNDY3NDgwZmRmMTVhYzJiMGM4YTZjYzc2MDQ0ODE1MzExM2U4NjYifQ%3D%3D; AWSELB=FB3FD7350A5E20FD9CFE03EB417ADA22125ACC19936E0FEE3CA8653A12B5391C7EAAB15711FB241217D71334F1369E402768FF13BE51BFEE7BAE05A638C00035866D295CC3; AWSELBCORS=FB3FD7350A5E20FD9CFE03EB417ADA22125ACC19936E0FEE3CA8653A12B5391C7EAAB15711FB241217D71334F1369E402768FF13BE51BFEE7BAE05A638C00035866D295CC3
Connection
keep-alive
Referer
https://helpfulfunds.org/welcome?utm_source=2972&cid=503279~54638489~1237613&s1=BM5_Helpful&email=%20david.a.woosley@ampf.com&first=Kathleen&last=Brewer&zip=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Jul 2021 15:19:49 GMT
Last-Modified
Wed, 10 Apr 2019 17:15:09 GMT
Server
nginx/1.20.0
ETag
"5cae249d-1bd1d"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
113949
js
www.googletagmanager.com/gtag/ 		94 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-594142944&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-137479209-1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a06cbf039fea2cda869abb2180a232302932ca4bb8eb27404dc85551f9a739ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://helpfulfunds.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Jul 2021 15:19:48 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37997
x-xss-protection
0
last-modified
Thu, 15 Jul 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 15 Jul 2021 15:19:48 GMT
css
fonts.googleapis.com/ 		2 KB
518 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:600
Requested by
Host: helpfulfunds.org
URL: https://helpfulfunds.org/css/app.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fe320334f2be59790333391688d2e6161a969e957e842bd6fdbc0aa73a1f37a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://helpfulfunds.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 15 Jul 2021 13:53:29 GMT
server
ESF
date
Thu, 15 Jul 2021 15:19:48 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 15 Jul 2021 15:19:48 GMT
css
fonts.googleapis.com/ 		7 KB
682 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Literata:400,600,700
Requested by
Host: helpfulfunds.org
URL: https://helpfulfunds.org/css/app.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8bd1a8ebc3359b4a2079d2cd09e43839565d0973895e2314a220cee9139b4294
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://helpfulfunds.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 15 Jul 2021 15:19:48 GMT
server
ESF
date
Thu, 15 Jul 2021 15:19:48 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 15 Jul 2021 15:19:48 GMT
1712351278896503
connect.facebook.net/signals/config/ 		260 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1712351278896503?v=2.9.43&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ef2adf05fd4fc9cdebc06c350e285912c69aff7e2ec62d496c934d25386a2665
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://helpfulfunds.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
cpTNRnvEvJCgiusErdrb/QeVO1CtmK+n/gHFypgfo0c5dGapDfCEIsq81Dj2FsZ56Rh5iQ/x291ZZb8hRCicpw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 15 Jul 2021 15:19:48 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
anchor
www.google.com/recaptcha/api2/ Frame DEAC 		38 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf26JsUAAAAAJ6FUMH47KYxrhU5zJ12X11Uh9C9&co=aHR0cHM6Ly9oZWxwZnVsZnVuZHMub3JnOjQ0Mw..&hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&size=invisible&badge=inline&cb=3xtjlh15zy70
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/recaptcha__en.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6a707bede7353a4753f1c0e36efc63f4262ecfca79bd7ee41da54b4e63d56edc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Lf3tUpXKW31c0Rq9qrw7DA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6Lf26JsUAAAAAJ6FUMH47KYxrhU5zJ12X11Uh9C9&co=aHR0cHM6Ly9oZWxwZnVsZnVuZHMub3JnOjQ0Mw..&hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&size=invisible&badge=inline&cb=3xtjlh15zy70
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://helpfulfunds.org/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://helpfulfunds.org/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 15 Jul 2021 15:19:48 GMT
content-security-policy
script-src 'report-sample' 'nonce-Lf3tUpXKW31c0Rq9qrw7DA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
19742
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
conversion_async.js
www.googleadservices.com/pagead/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-594142944
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
3863aa27a94c63552443bac3e301ede9d17255a7e1794bba5b6ff21850c66e35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://helpfulfunds.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Jul 2021 15:19:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13978
x-xss-protection
0
server
cafe
etag
8394079078796230488
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 15 Jul 2021 15:19:48 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-137479209-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://helpfulfunds.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Jun 2021 17:36:57 GMT
server
Golfe2
age
1729
date
Thu, 15 Jul 2021 14:50:59 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19661
expires
Thu, 15 Jul 2021 16:50:59 GMT
family-stroll_t20_wa3xom.jpg
helpfulfunds.org/storage/ 		109 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://helpfulfunds.org/storage/family-stroll_t20_wa3xom.jpg
Requested by
Host: helpfulfunds.org
URL: https://helpfulfunds.org/css/app.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.237.70.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
e192761f11a8f50a1de519914bc59f141c6f2d71ca586f490e7087d046b74657

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
helpfulfunds.org
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://helpfulfunds.org/css/app.css
Cookie
XSRF-TOKEN=eyJpdiI6InFDN01BTHJTY3hCMldtd2JHZVY4Ync9PSIsInZhbHVlIjoiOUhVcTQ1Z0VLT24xN2FobmpGODJ1aWRyUVBGbzkvdUdERmJSa1ptVXE1L2RFVWNJaGIrSkIvTThMMzU1amI1bSIsIm1hYyI6IjA1Yzc1NjVkODA5MzY1MmJmYjkyNmRkMmQ5MzExYzk4NTYzYTlkYjQ2NmRiMDljOGJlMWE2YTdlMjc1MjlhOWUifQ%3D%3D; helpfulfundsorg_session=eyJpdiI6InpjRDkvVi9nWXJxL3JCa3hSTFczeXc9PSIsInZhbHVlIjoiZ2lPaUtSZ0hmTXp4T092cEpMRjVoWHhvTkRHR1lJdVo0NE82bEFvTmhwM3crVmFLMUZYTmNXVXBoUjZoak95byIsIm1hYyI6Ijc0YzZjMjliMjIwZDM5ZDUzOGFkMzllM2IyNDY3NDgwZmRmMTVhYzJiMGM4YTZjYzc2MDQ0ODE1MzExM2U4NjYifQ%3D%3D; AWSELB=FB3FD7350A5E20FD9CFE03EB417ADA22125ACC19936E0FEE3CA8653A12B5391C7EAAB15711FB241217D71334F1369E402768FF13BE51BFEE7BAE05A638C00035866D295CC3; AWSELBCORS=FB3FD7350A5E20FD9CFE03EB417ADA22125ACC19936E0FEE3CA8653A12B5391C7EAAB15711FB241217D71334F1369E402768FF13BE51BFEE7BAE05A638C00035866D295CC3; _gcl_au=1.1.570906519.1626362389
Connection
keep-alive
Referer
https://helpfulfunds.org/css/app.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Jul 2021 15:19:49 GMT
Last-Modified
Wed, 10 Apr 2019 17:20:54 GMT
Server
nginx/1.20.0
ETag
"5cae25f6-1b598"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
112024
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,300italic,400italic,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://helpfulfunds.org
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 05:38:05 GMT
x-content-type-options
nosniff
age
207703
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22992
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:12:12 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Jul 2022 05:38:05 GMT
webfa-brands-400.woff2
helpfulfunds.org/fonts/vendor/@fortawesome/fontawesome-free/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://helpfulfunds.org/fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.woff2?067595ad77ecc0db9c81c8905a7eef32
Requested by
Host: helpfulfunds.org
URL: https://helpfulfunds.org/css/app.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.237.70.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
089630244600f33230010f5e04c67419ec642c5228540adb42e3fe92c631e6bf

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://helpfulfunds.org
Accept-Encoding
gzip, deflate, br
Host
helpfulfunds.org
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://helpfulfunds.org/css/app.css
Cookie
XSRF-TOKEN=eyJpdiI6InFDN01BTHJTY3hCMldtd2JHZVY4Ync9PSIsInZhbHVlIjoiOUhVcTQ1Z0VLT24xN2FobmpGODJ1aWRyUVBGbzkvdUdERmJSa1ptVXE1L2RFVWNJaGIrSkIvTThMMzU1amI1bSIsIm1hYyI6IjA1Yzc1NjVkODA5MzY1MmJmYjkyNmRkMmQ5MzExYzk4NTYzYTlkYjQ2NmRiMDljOGJlMWE2YTdlMjc1MjlhOWUifQ%3D%3D; helpfulfundsorg_session=eyJpdiI6InpjRDkvVi9nWXJxL3JCa3hSTFczeXc9PSIsInZhbHVlIjoiZ2lPaUtSZ0hmTXp4T092cEpMRjVoWHhvTkRHR1lJdVo0NE82bEFvTmhwM3crVmFLMUZYTmNXVXBoUjZoak95byIsIm1hYyI6Ijc0YzZjMjliMjIwZDM5ZDUzOGFkMzllM2IyNDY3NDgwZmRmMTVhYzJiMGM4YTZjYzc2MDQ0ODE1MzExM2U4NjYifQ%3D%3D; AWSELB=FB3FD7350A5E20FD9CFE03EB417ADA22125ACC19936E0FEE3CA8653A12B5391C7EAAB15711FB241217D71334F1369E402768FF13BE51BFEE7BAE05A638C00035866D295CC3; AWSELBCORS=FB3FD7350A5E20FD9CFE03EB417ADA22125ACC19936E0FEE3CA8653A12B5391C7EAAB15711FB241217D71334F1369E402768FF13BE51BFEE7BAE05A638C00035866D295CC3; _gcl_au=1.1.570906519.1626362389
Connection
keep-alive
Origin
https://helpfulfunds.org
Referer
https://helpfulfunds.org/css/app.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Jul 2021 15:19:49 GMT
Last-Modified
Fri, 19 Feb 2021 01:25:00 GMT
Server
nginx/1.20.0
ETag
"602f136c-12b04"
Content-Type
font/woff2
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
76548
Simple-Line-Icons.woff2
helpfulfunds.org/fonts/vendor/simple-line-icons/ 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://helpfulfunds.org/fonts/vendor/simple-line-icons/Simple-Line-Icons.woff2?0cb0b9c589c0624c9c78dd3d83e946f6
Requested by
Host: helpfulfunds.org
URL: https://helpfulfunds.org/css/app.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.237.70.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
104673f4859604362a18fc6294197d8fffb8cb24ad3211e92eb04f655e18cf4a

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://helpfulfunds.org
Accept-Encoding
gzip, deflate, br
Host
helpfulfunds.org
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://helpfulfunds.org/css/app.css
Cookie
XSRF-TOKEN=eyJpdiI6InFDN01BTHJTY3hCMldtd2JHZVY4Ync9PSIsInZhbHVlIjoiOUhVcTQ1Z0VLT24xN2FobmpGODJ1aWRyUVBGbzkvdUdERmJSa1ptVXE1L2RFVWNJaGIrSkIvTThMMzU1amI1bSIsIm1hYyI6IjA1Yzc1NjVkODA5MzY1MmJmYjkyNmRkMmQ5MzExYzk4NTYzYTlkYjQ2NmRiMDljOGJlMWE2YTdlMjc1MjlhOWUifQ%3D%3D; helpfulfundsorg_session=eyJpdiI6InpjRDkvVi9nWXJxL3JCa3hSTFczeXc9PSIsInZhbHVlIjoiZ2lPaUtSZ0hmTXp4T092cEpMRjVoWHhvTkRHR1lJdVo0NE82bEFvTmhwM3crVmFLMUZYTmNXVXBoUjZoak95byIsIm1hYyI6Ijc0YzZjMjliMjIwZDM5ZDUzOGFkMzllM2IyNDY3NDgwZmRmMTVhYzJiMGM4YTZjYzc2MDQ0ODE1MzExM2U4NjYifQ%3D%3D; AWSELB=FB3FD7350A5E20FD9CFE03EB417ADA22125ACC19936E0FEE3CA8653A12B5391C7EAAB15711FB241217D71334F1369E402768FF13BE51BFEE7BAE05A638C00035866D295CC3; AWSELBCORS=FB3FD7350A5E20FD9CFE03EB417ADA22125ACC19936E0FEE3CA8653A12B5391C7EAAB15711FB241217D71334F1369E402768FF13BE51BFEE7BAE05A638C00035866D295CC3; _gcl_au=1.1.570906519.1626362389
Connection
keep-alive
Origin
https://helpfulfunds.org
Referer
https://helpfulfunds.org/css/app.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Jul 2021 15:19:49 GMT
Last-Modified
Fri, 19 Feb 2021 01:25:00 GMT
Server
nginx/1.20.0
ETag
"602f136c-7570"
Content-Type
font/woff2
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30064
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j91&a=2039829750&t=pageview&_s=1&dl=https%3A%2F%2Fhelpfulfunds.org%2Fwelcome%3Futm_source%3D2972%26cid%3D503279~54638489~1237613%26s1%3DBM5_Helpful%26email%3D%2520david.a.woosley%40ampf.com%26first%3DKathleen%26last%3DBrewer%26zip%3D&dr=https%3A%2F%2Foffer.eloanconnect.com%2F&ul=en-us&de=UTF-8&dt=A%20Free%20Service%20to%20Better%20Understand%20Assistance%20Programs%3A%20HelpfulFunds.org&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1380170996&gjid=2103499948&cid=1561549218.1626362389&tid=UA-137479209-1&_gid=1609849486.1626362389&_r=1&gtm=2ou7e0&z=627657699
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://helpfulfunds.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Jul 2021 15:19:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://helpfulfunds.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/594142944/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/594142944/?random=1626362389212&cv=9&fst=1626362389212&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7e0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fhelpfulfunds.org%2Fwelcome%3Futm_source%3D2972%26cid%3D503279~54638489~1237613%26s1%3DBM5_Helpful%26email%3D%2520david.a.woosley%40ampf.com%26first%3DKathleen%26last%3DBrewer%26zip%3D&ref=https%3A%2F%2Foffer.eloanconnect.com%2F&tiba=A%20Free%20Service%20to%20Better%20Understand%20Assistance%20Programs%3A%20HelpfulFunds.org&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7ef463a5b10172c1bf83e9174789a44f65e70a289e2963121c6b889449b8f64c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://helpfulfunds.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Jul 2021 15:19:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1712351278896503&ev=PageView&dl=https%3A%2F%2Fhelpfulfunds.org%2Fwelcome%3Futm_source%3D2972%26cid%3D503279~54638489~1237613%26s1%3DBM5_Helpful%26email%3D%2520david.a.woosley%40ampf.com%26first%3DKathleen%26last%3DBrewer%26zip%3D&rl=https%3A%2F%2Foffer.eloanconnect.com%2F&if=false&ts=1626362389244&sw=1600&sh=1200&v=2.9.43&r=stable&ec=0&o=30&fbp=fb.1.1626362389243.78216209&it=1626362388909&coo=false&rqm=GET
Requested by
Host: helpfulfunds.org
URL: https://helpfulfunds.org/welcome?utm_source=2972&cid=503279~54638489~1237613&s1=BM5_Helpful&email=%20david.a.woosley@ampf.com&first=Kathleen&last=Brewer&zip=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://helpfulfunds.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Jul 2021 15:19:49 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Thu, 15 Jul 2021 15:19:49 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/ Frame DEAC 		52 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf26JsUAAAAAJ6FUMH47KYxrhU5zJ12X11Uh9C9&co=aHR0cHM6Ly9oZWxwZnVsZnVuZHMub3JnOjQ0Mw..&hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&size=invisible&badge=inline&cb=3xtjlh15zy70
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Jul 2021 13:57:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4935
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25732
x-xss-protection
0
last-modified
Mon, 28 Jun 2021 04:05:04 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 15 Jul 2022 13:57:34 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/ Frame DEAC 		341 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf26JsUAAAAAJ6FUMH47KYxrhU5zJ12X11Uh9C9&co=aHR0cHM6Ly9oZWxwZnVsZnVuZHMub3JnOjQ0Mw..&hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&size=invisible&badge=inline&cb=3xtjlh15zy70
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
839392b626a00e09ce3ec77706959d551de27cca63c559fcd4a6415aef3e722a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Jul 2021 10:12:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18453
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
135961
x-xss-protection
0
last-modified
Mon, 28 Jun 2021 04:05:04 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 15 Jul 2022 10:12:16 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
86 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-137479209-1&cid=1561549218.1626362389&jid=1380170996&gjid=2103499948&_gid=1609849486.1626362389&_u=YEBAAUAAAAAAAC~&z=1355810815
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://helpfulfunds.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 15 Jul 2021 15:19:49 GMT
content-type
text/plain
access-control-allow-origin
https://helpfulfunds.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/594142944/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/594142944/?random=1626362389212&cv=9&fst=1626361200000&num=1&bg=ffffff&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7e0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fhelpfulfunds.org%2Fwelcome%3Futm_source%3D2972%26cid%3D503279~54638489~1237613%26s1%3DBM5_Helpful%26email%3D%2520david.a.woosley%40ampf.com%26first%3DKathleen%26last%3DBrewer%26zip%3D&ref=https%3A%2F%2Foffer.eloanconnect.com%2F&tiba=A%20Free%20Service%20to%20Better%20Understand%20Assistance%20Programs%3A%20HelpfulFunds.org&async=1&fmt=3&is_vtc=1&random=3538861261&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: helpfulfunds.org
URL: https://helpfulfunds.org/welcome?utm_source=2972&cid=503279~54638489~1237613&s1=BM5_Helpful&email=%20david.a.woosley@ampf.com&first=Kathleen&last=Brewer&zip=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://helpfulfunds.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Jul 2021 15:19:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/594142944/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/594142944/?random=1626362389212&cv=9&fst=1626361200000&num=1&bg=ffffff&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7e0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fhelpfulfunds.org%2Fwelcome%3Futm_source%3D2972%26cid%3D503279~54638489~1237613%26s1%3DBM5_Helpful%26email%3D%2520david.a.woosley%40ampf.com%26first%3DKathleen%26last%3DBrewer%26zip%3D&ref=https%3A%2F%2Foffer.eloanconnect.com%2F&tiba=A%20Free%20Service%20to%20Better%20Understand%20Assistance%20Programs%3A%20HelpfulFunds.org&async=1&fmt=3&is_vtc=1&random=3538861261&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: helpfulfunds.org
URL: https://helpfulfunds.org/welcome?utm_source=2972&cid=503279~54638489~1237613&s1=BM5_Helpful&email=%20david.a.woosley@ampf.com&first=Kathleen&last=Brewer&zip=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://helpfulfunds.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Jul 2021 15:19:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame DEAC 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/styles__ltr.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Jul 2021 23:34:05 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
age
229544
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
expires
Mon, 19 Jul 2021 23:34:05 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame DEAC 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf26JsUAAAAAJ6FUMH47KYxrhU5zJ12X11Uh9C9&co=aHR0cHM6Ly9oZWxwZnVsZnVuZHMub3JnOjQ0Mw..&hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&size=invisible&badge=inline&cb=3xtjlh15zy70
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.google.com
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Jul 2021 21:27:21 GMT
x-content-type-options
nosniff
age
237148
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Jul 2022 21:27:21 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame DEAC 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf26JsUAAAAAJ6FUMH47KYxrhU5zJ12X11Uh9C9&co=aHR0cHM6Ly9oZWxwZnVsZnVuZHMub3JnOjQ0Mw..&hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&size=invisible&badge=inline&cb=3xtjlh15zy70
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.google.com
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 14:26:18 GMT
x-content-type-options
nosniff
age
176011
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Jul 2022 14:26:18 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame DEAC 		102 B
132 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf26JsUAAAAAJ6FUMH47KYxrhU5zJ12X11Uh9C9&co=aHR0cHM6Ly9oZWxwZnVsZnVuZHMub3JnOjQ0Mw..&hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&size=invisible&badge=inline&cb=3xtjlh15zy70
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5dfdffa77335a103ec942c9384df984b5d38a267d619ee0ac3a045b766bbf2d5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf26JsUAAAAAJ6FUMH47KYxrhU5zJ12X11Uh9C9&co=aHR0cHM6Ly9oZWxwZnVsZnVuZHMub3JnOjQ0Mw..&hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&size=invisible&badge=inline&cb=3xtjlh15zy70
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Jul 2021 15:19:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Thu, 15 Jul 2021 15:19:49 GMT
reload
www.google.com/recaptcha/api2/ Frame DEAC 		28 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6Lf26JsUAAAAAJ6FUMH47KYxrhU5zJ12X11Uh9C9
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/recaptcha__en.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6f7d2f0a99ad6a8c4f5a2e6410404824c30205fb73176aba0e9deb5a430990d9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf26JsUAAAAAJ6FUMH47KYxrhU5zJ12X11Uh9C9&co=aHR0cHM6Ly9oZWxwZnVsZnVuZHMub3JnOjQ0Mw..&hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&size=invisible&badge=inline&cb=3xtjlh15zy70
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Thu, 15 Jul 2021 15:19:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16118
x-xss-protection
1; mode=block
expires
Thu, 15 Jul 2021 15:19:49 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1712351278896503&ev=Microdata&dl=https%3A%2F%2Fhelpfulfunds.org%2Fwelcome%3Futm_source%3D2972%26cid%3D503279~54638489~1237613%26s1%3DBM5_Helpful%26email%3D%2520david.a.woosley%40ampf.com%26first%3DKathleen%26last%3DBrewer%26zip%3D&rl=https%3A%2F%2Foffer.eloanconnect.com%2F&if=false&ts=1626362390747&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22A%20Free%20Service%20to%20Better%20Understand%20Assistance%20Programs%3A%20%20HelpfulFunds.org%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.43&r=stable&ec=1&o=30&fbp=fb.1.1626362389243.78216209&it=1626362388909&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://helpfulfunds.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Jul 2021 15:19:50 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Thu, 15 Jul 2021 15:19:50 GMT

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| _ function| Popper function| jQuery function| $ function| axios function| setImmediate function| clearImmediate function| Vue function| gtag object| dataLayer object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| onRecaptchaLoadCallback function| fbq function| _fbq object| google_tag_manager object| recaptcha object| closure_lm_361963 object| google_tag_data string| GoogleAnalyticsObject function| ga object| pushWrap function| showFbChkOptIn object| mailnamiPromptModule boolean| isOSXSafari undefined| safariScript undefined| o object| mailnami object| Pushnami object| gaplugins object| gaGlobal object| gaData function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO

9 Cookies

Domain/Path Name / Value
.helpfulfunds.org/ Name: _fbp
Value: fb.1.1626362389243.78216209
.helpfulfunds.org/ Name: _gat_gtag_UA_137479209_1
Value: 1
.helpfulfunds.org/ Name: _gid
Value: GA1.2.1609849486.1626362389
.helpfulfunds.org/ Name: _ga
Value: GA1.2.1561549218.1626362389
helpfulfunds.org/ Name: XSRF-TOKEN
Value: eyJpdiI6InFDN01BTHJTY3hCMldtd2JHZVY4Ync9PSIsInZhbHVlIjoiOUhVcTQ1Z0VLT24xN2FobmpGODJ1aWRyUVBGbzkvdUdERmJSa1ptVXE1L2RFVWNJaGIrSkIvTThMMzU1amI1bSIsIm1hYyI6IjA1Yzc1NjVkODA5MzY1MmJmYjkyNmRkMmQ5MzExYzk4NTYzYTlkYjQ2NmRiMDljOGJlMWE2YTdlMjc1MjlhOWUifQ%3D%3D
.helpfulfunds.org/ Name: _gcl_au
Value: 1.1.570906519.1626362389
helpfulfunds.org/ Name: AWSELB
Value: FB3FD7350A5E20FD9CFE03EB417ADA22125ACC19936E0FEE3CA8653A12B5391C7EAAB15711FB241217D71334F1369E402768FF13BE51BFEE7BAE05A638C00035866D295CC3
helpfulfunds.org/ Name: helpfulfundsorg_session
Value: eyJpdiI6InpjRDkvVi9nWXJxL3JCa3hSTFczeXc9PSIsInZhbHVlIjoiZ2lPaUtSZ0hmTXp4T092cEpMRjVoWHhvTkRHR1lJdVo0NE82bEFvTmhwM3crVmFLMUZYTmNXVXBoUjZoak95byIsIm1hYyI6Ijc0YzZjMjliMjIwZDM5ZDUzOGFkMzllM2IyNDY3NDgwZmRmMTVhYzJiMGM4YTZjYzc2MDQ0ODE1MzExM2U4NjYifQ%3D%3D
helpfulfunds.org/ Name: AWSELBCORS
Value: FB3FD7350A5E20FD9CFE03EB417ADA22125ACC19936E0FEE3CA8653A12B5391C7EAAB15711FB241217D71334F1369E402768FF13BE51BFEE7BAE05A638C00035866D295CC3

3 Console Messages

Source Level URL
Text
console-api error URL: https://helpfulfunds.org/js/app.js(Line 38081)
Message:
[Vue warn]: Cannot find element: #app
console-api info URL: https://helpfulfunds.org/js/app.js(Line 46502)
Message:
Download the Vue Devtools extension for a better development experience: https://github.com/vuejs/vue-devtools
console-api info URL: https://helpfulfunds.org/js/app.js(Line 46511)
Message:
You are running Vue in development mode. Make sure to turn on production mode when deploying for production. See more tips at https://vuejs.org/guide/deployment.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.pushnami.com
clt1352279.bmetrack.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
helpfulfunds.org
offer.eloanconnect.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
13.224.96.42
172.217.16.130
2a00:1450:4001:801::2004
2a00:1450:4001:803::200a
2a00:1450:4001:809::2003
2a00:1450:4001:810::2004
2a00:1450:4001:810::200e
2a00:1450:4001:811::2008
2a00:1450:4001:827::2003
2a00:1450:4001:828::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::200e
2a00:1450:400c:c06::9c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.237.70.30
44.235.147.222
54.148.133.247
0431b46da5c3aecc1442140b04c313bc6bc7115642b4b43a22392c800c8419dc
089630244600f33230010f5e04c67419ec642c5228540adb42e3fe92c631e6bf
0d17b8a38d3dce6f7357bbc8da105d92c21b6cf1c4b92351ce2b1861b065f2c5
104673f4859604362a18fc6294197d8fffb8cb24ad3211e92eb04f655e18cf4a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
139d2da0ff1859b8b2b1c1b0e5fe68303ad569ad5205a780b387e92d70b7ed9d
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1d61e6d9eaddbf6dd306141df504e944bcc93c9aff9f508e07a3a84a2a5527c6
3656a46604075702b1d1eedb9dcc77f8d5a99777e37643cf936796768968ea53
3863aa27a94c63552443bac3e301ede9d17255a7e1794bba5b6ff21850c66e35
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5dfdffa77335a103ec942c9384df984b5d38a267d619ee0ac3a045b766bbf2d5
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
6a707bede7353a4753f1c0e36efc63f4262ecfca79bd7ee41da54b4e63d56edc
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f7d2f0a99ad6a8c4f5a2e6410404824c30205fb73176aba0e9deb5a430990d9
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
7ef463a5b10172c1bf83e9174789a44f65e70a289e2963121c6b889449b8f64c
8125cbc53fce95507288a9c661d5cd14472cf019566f27549da6acfe2db86d2a
839392b626a00e09ce3ec77706959d551de27cca63c559fcd4a6415aef3e722a
85294902ee0519eec70df5ab51a6c3641e9ced2bf670e537910bb9b30af3f9d4
896fff0e5545dbed49620d013321b3ffd856683a53e6d9cebe0398f9d319d0be
8bcdaa30f56d9bd7833f3c843f412e8e14a6e6071415ae8bc8edff69944872ea
8bd1a8ebc3359b4a2079d2cd09e43839565d0973895e2314a220cee9139b4294
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8efef88427f8a289f5d20e5b1d5ebc8390c04fc48b302de727dc5a6360dfa470
92e84db6987ce882afbf7bf6a990760008eb6f08af890a00b0ee7f1301e5f7d2
95734d1c9964c792cdeb18281d7eb1a6aa23618d0e5c7d4ac75c6ead022863ed
a06cbf039fea2cda869abb2180a232302932ca4bb8eb27404dc85551f9a739ed
d4433dc8311c8328dfd80ab0ef9cac97e7d87b363c44db272caa94352969116b
d68cda834caf6b026d2b0cb44e9793e1ac5f4d37f3f9d1f078dbfc1d274e8072
d7bcf5f1793c9cd79d927a07045dcf420ce17df0b44daa89bfe92f4337ba2020
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e192761f11a8f50a1de519914bc59f141c6f2d71ca586f490e7087d046b74657
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2adf05fd4fc9cdebc06c350e285912c69aff7e2ec62d496c934d25386a2665
f0c4bae94e5ffee13b860425e8e1ec03742d66008e2d8f90daee3eda75901037
f0ee5ebb4eebc433148bbc9886210eaf8b6ac2ee93b45f1ecd18dd28f61dc914
fe320334f2be59790333391688d2e6161a969e957e842bd6fdbc0aa73a1f37a5