urlscan.io logo urlscan.io
SecurityTrails logo

www.sleepout.org Open in urlscan Pro
64.154.105.165  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://click.donordrive.com/track/click/30041712/www.sleepout.org?p=eyJzIjoiNlY5MDQzRkhYUmFOWmRlZnRHWEh4cVNvd1BJIiwidiI6MSwi...
Effective URL: https://www.sleepout.org/index.cfm?fuseaction=cms.home
Submission: On October 12 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 9 domains to perform 28 HTTP transactions. The main IP is 64.154.105.165, located in United States and belongs to LEVEL3 - Level 3 Parent, LLC, US. The main domain is www.sleepout.org.
TLS certificate: Issued by Thawte TLS RSA CA G1 on June 25th 2018. Valid for: 2 years.
This is the only time www.sleepout.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.213.164.114 16509 (AMAZON-02)
1 64.154.105.165 3356 (LEVEL3)
13 54.230.202.205 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f01... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2606:2800:234... 15133 (EDGECAST)
1 1 199.16.156.52 13414 (TWITTER)
1 1 2a03:2880:f11... 32934 (FACEBOOK)
28 9
1    52.213.164.114 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-213-164-114.eu-west-1.compute.amazonaws.com
click.donordrive.com
1    64.154.105.165 (United States)

ASN3356 (LEVEL3 - Level 3 Parent, LLC, US)
www.sleepout.org
13    54.230.202.205 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-202-205.fra50.r.cloudfront.net
assets.donordrive.com
1    2a00:1450:4001:81a::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com
1    2a00:1450:4001:825::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
2    2a00:1450:4001:825::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
3    2a03:2880:f01c:216:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
staticxx.facebook.com
2    2a00:1450:4001:825::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
2    2a00:1450:4001:825::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
3    2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
platform.twitter.com
1    199.16.156.52 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)
syndication.twitter.com
1    2a03:2880:f11c:8083:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
Domain Requested by
13 assets.donordrive.com www.sleepout.org
3 platform.twitter.com ajax.googleapis.com
platform.twitter.com
2 staticxx.facebook.com connect.facebook.net
2 www.google-analytics.com www.googletagmanager.com
www.sleepout.org
2 fonts.gstatic.com www.sleepout.org
2 www.googletagmanager.com www.sleepout.org
1 www.facebook.com 1 redirects
1 syndication.twitter.com 1 redirects
1 connect.facebook.net ajax.googleapis.com
1 fonts.googleapis.com www.sleepout.org
1 ajax.googleapis.com www.sleepout.org
1 www.sleepout.org
1 click.donordrive.com 1 redirects
28 13

This site contains links to these domains. Also see Links.

Domain
www.covenanthouse.org
www.donordrive.com
Subject Issuer Validity Valid
www.sleepout.org
Thawte TLS RSA CA G1		 2018-06-25 -
2020-06-24		 2 years crt.sh
*.donordrive.com
Thawte RSA CA 2018		 2018-02-15 -
2020-02-18		 2 years crt.sh
*.googleapis.com
Google Internet Authority G3		 2018-09-25 -
2018-12-18		 3 months crt.sh
*.google-analytics.com
Google Internet Authority G3		 2018-09-25 -
2018-12-18		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2017-12-15 -
2019-03-22		 a year crt.sh
*.google.com
Google Internet Authority G3		 2018-09-25 -
2018-12-18		 3 months crt.sh
*.twimg.com
DigiCert SHA2 High Assurance Server CA		 2017-12-02 -
2018-12-05		 a year crt.sh

This page contains 5 frames:

Primary Page: https://www.sleepout.org/index.cfm?fuseaction=cms.home
Frame ID: 01E72265FC74AD90AF6D15B797BAB2A4
Requests: 24 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.1dcb9052029dec42394397b936b6c31a.html?origin=https%3A%2F%2Fwww.sleepout.org&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
Frame ID: 4ABD9953D89BC919B73245CFCFF2868C
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/trnHszv6jVd.js?version=42
Frame ID: 2DCAE30908BFC59644D829CF8A4EF3CE
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: CB907A43B7D4A5D461500B6A258BB9F0
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/trnHszv6jVd.js?version=42
Frame ID: 4E35EA0DB1D4F76D3F10431A3A3FF3E5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://click.donordrive.com/track/click/30041712/www.sleepout.org?p=eyJzIjoiNlY5MDQzRkhYUmFOWmRlZnRHWEh4... HTTP 302
    https://www.sleepout.org/index.cfm?fuseaction=cms.home Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • env /^google_tag_manager$/i
Overall confidence: 100%
Detected patterns
  • script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

28
Requests

100 %
HTTPS

67 %
IPv6

9
Domains

13
Subdomains

9
IPs

2
Countries

454 kB
Transfer

1146 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://click.donordrive.com/track/click/30041712/www.sleepout.org?p=eyJzIjoiNlY5MDQzRkhYUmFOWmRlZnRHWEh4cVNvd1BJIiwidiI6MSwicCI6IntcInVcIjozMDA0MTcxMixcInZcIjoxLFwidXJsXCI6XCJodHRwczpcXFwvXFxcL3d3dy5zbGVlcG91dC5vcmdcXFwvaW5kZXguY2ZtP2Z1c2VhY3Rpb249Y21zLmhvbWVcIixcImlkXCI6XCI2ZjEzZThjOGM3YWE0Yzc1YmVlOWRhZjkzMmM5N2E4MVwiLFwidXJsX2lkc1wiOltcIjk0MTk3MDRiZmZlNTkxZTk2YTk3YjVlZDNmOTE4ZGI4ZjQyNjZlOTBcIl19In0 HTTP 302
    https://www.sleepout.org/index.cfm?fuseaction=cms.home Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25
  • https://syndication.twitter.com/i/jot HTTP 302
  • https://platform.twitter.com/jot.html
Request Chain 26
  • https://www.facebook.com/connect/ping?client_id=439722313103409&domain=www.sleepout.org&origin=1&redirect_uri=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FtrnHszv6jVd.js%3Fversion%3D42%23cb%3Df235fc8309aa708%26domain%3Dwww.sleepout.org%26origin%3Dhttps%253A%252F%252Fwww.sleepout.org%252Fff0d532dd828ac%26relation%3Dparent&response_type=token%2Csigned_request&sdk=joey&version=v2.4 HTTP 302
  • https://staticxx.facebook.com/connect/xd_arbiter/r/trnHszv6jVd.js?version=42

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set index.cfm
www.sleepout.org/
Redirect Chain
  • http://click.donordrive.com/track/click/30041712/www.sleepout.org?p=eyJzIjoiNlY5MDQzRkhYUmFOWmRlZnRHWEh4cVNvd1BJIiwidiI6MSwicCI6IntcInVcIjozMDA0MTcxMixcInZcIjoxLFwidXJsXCI6XCJodHRwczpcXFwvXFxcL3d3d...
  • https://www.sleepout.org/index.cfm?fuseaction=cms.home
17 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.sleepout.org/index.cfm?fuseaction=cms.home
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.154.105.165 , United States, ASN3356 (LEVEL3 - Level 3 Parent, LLC, US),
Reverse DNS
Software
/
Resource Hash
53b46e05b9ed9dd10801607fc3bf7896c251cbcca6a1a04dd152e90ca43b14af

Request headers

Host
www.sleepout.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
text/html;charset=UTF-8
Content-Language
en-US
Set-Cookie
CFID=8826555; Path=/; Secure; HttpOnly CFTOKEN=8a114ca36164c5c8-147B3B40-C127-F3DD-A5B19EF3A57A6215; Path=/; Secure; HttpOnly PUBLICAPPLANGUAGE=DEFAULT%3Ben%5FUS; Path=/ COOKIETEST=1; Path=/ sto-id=AGABGOAK; Path=/
X-UA-Compatible
IE=Edge
Date
Fri, 12 Oct 2018 13:23:58 GMT
Transfer-Encoding
chunked
Content-Encoding
gzip
Vary
Accept-encoding

Redirect headers

Server
nginx/1.12.2
Date
Fri, 12 Oct 2018 13:23:59 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Set-Cookie
PHPSESSID=65390863b7ead18d4579879efbd6e651; expires=Fri, 12-Oct-2018 23:23:59 GMT; path=/; secure; HttpOnly PHPSESSID=65390863b7ead18d4579879efbd6e651; expires=Fri, 12-Oct-2018 23:23:59 GMT; path=/; secure; httponly
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Location
https://www.sleepout.org/index.cfm?fuseaction=cms.home
Content-Encoding
gzip
Vary
Accept-Encoding
dd-public.min.css
assets.donordrive.com/resources/css/ 		193 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.donordrive.com/resources/css/dd-public.min.css?v=201810080001
Requested by
Host: www.sleepout.org
URL: https://www.sleepout.org/index.cfm?fuseaction=cms.home
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.202.205 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-202-205.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9b64104960e7c12b5616100e9ac04366a4612ae148098068ddbd4b4083f9243b

Request headers

Referer
https://www.sleepout.org/index.cfm?fuseaction=cms.home
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 08 Oct 2018 20:05:44 GMT
content-encoding
gzip
last-modified
Mon, 08 Oct 2018 19:57:59 GMT
server
AmazonS3
age
28
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
status
200
x-amz-cf-id
VZDhYED4o90-jTOTyFCB1acQ1vzUPPW9ycbwNmmjC96QZcEQ3Bi8yg==
via
1.1 7239cddab402255f71ebf4fa62183992.cloudfront.net (CloudFront)
master.min.css
assets.donordrive.com/themes/boilerplate/css/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.donordrive.com/themes/boilerplate/css/master.min.css?v=201810080001
Requested by
Host: www.sleepout.org
URL: https://www.sleepout.org/index.cfm?fuseaction=cms.home
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.202.205 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-202-205.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fa639fe6dbace4f02125808361febc2e69fff35d7a2d1b44b45f2070a032eb9d

Request headers

Referer
https://www.sleepout.org/index.cfm?fuseaction=cms.home
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 08 Oct 2018 20:05:46 GMT
content-encoding
gzip
last-modified
Mon, 06 Aug 2018 15:32:02 GMT
server
AmazonS3
age
28
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
status
200
cache-control
1800
x-amz-cf-id
uYlQZYMj-qN_Ql9sxH9TyvSwcz88_Zgk0ho5HX7ZqlIz1gPr2-PY-A==
via
1.1 7239cddab402255f71ebf4fa62183992.cloudfront.net (CloudFront)
master.min.css
assets.donordrive.com/themes/sleepout/css/ 		27 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.donordrive.com/themes/sleepout/css/master.min.css?v=201810080001
Requested by
Host: www.sleepout.org
URL: https://www.sleepout.org/index.cfm?fuseaction=cms.home
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.202.205 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-202-205.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2ad3aac873a8733092fbfaf4c860bcdf9786ab5cb7203680b6420424a874fbc1

Request headers

Referer
https://www.sleepout.org/index.cfm?fuseaction=cms.home
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 08 Oct 2018 21:16:41 GMT
content-encoding
gzip
last-modified
Fri, 14 Sep 2018 15:21:30 GMT
server
AmazonS3
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/css
status
200
cache-control
1800
x-amz-cf-id
peCUzzd8LRQGRzkfRA8e3C5rqfFW04uND3hCVz2n8j5bf4Yjqq8s4Q==
via
1.1 7239cddab402255f71ebf4fa62183992.cloudfront.net (CloudFront)
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: www.sleepout.org
URL: https://www.sleepout.org/index.cfm?fuseaction=cms.home
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81a::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.sleepout.org/index.cfm?fuseaction=cms.home
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 07 Oct 2018 20:44:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
405589
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
30399
x-xss-protection
1; mode=block
last-modified
Thu, 25 Jan 2018 15:33:24 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 07 Oct 2019 20:44:11 GMT
jquery-migrate-3.0.1.min.js
assets.donordrive.com/resources/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.donordrive.com/resources/js/jquery-migrate-3.0.1.min.js?v=201810080001
Requested by
Host: www.sleepout.org
URL: https://www.sleepout.org/index.cfm?fuseaction=cms.home
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.202.205 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-202-205.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3e5606a0a254e0c87a339d40975fff730cff57442ccd98580ac5cd37f412678

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.sleepout.org/index.cfm?fuseaction=cms.home
Origin
https://www.sleepout.org

Response headers

date
Mon, 08 Oct 2018 21:16:41 GMT
content-encoding
gzip
last-modified
Thu, 16 Aug 2018 14:54:28 GMT
server
AmazonS3
status
200
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
3000
x-cache
RefreshHit from cloudfront
x-amz-cf-id
lU1flVcm96_ev83ToPwqXPei8_MZzyoCLKH-wXjVo1tKyjZPqEHYBg==
via
1.1 e89c67951b2bc58773e3664c08702f34.cloudfront.net (CloudFront)
dd.min.js
assets.donordrive.com/resources/js/ 		96 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.donordrive.com/resources/js/dd.min.js?v=201810080001
Requested by
Host: www.sleepout.org
URL: https://www.sleepout.org/index.cfm?fuseaction=cms.home
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.202.205 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-202-205.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e8fb64ba5327e765bd74b85ae4f6e876af3e74b6893cd1d6a3e7ec7d6dd1a260

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.sleepout.org/index.cfm?fuseaction=cms.home
Origin
https://www.sleepout.org

Response headers

date
Mon, 08 Oct 2018 21:16:41 GMT
content-encoding
gzip
last-modified
Thu, 16 Aug 2018 14:54:28 GMT
server
AmazonS3
status
200
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
3000
x-cache
RefreshHit from cloudfront
x-amz-cf-id
5vhzIG4nKJ-2S9zE7yg3zZyKCEClhU5-MNbMT5_bki7Gm7WGdCoyfg==
via
1.1 e89c67951b2bc58773e3664c08702f34.cloudfront.net (CloudFront)
donordrive.widget.js
assets.donordrive.com/resources/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.donordrive.com/resources/js/donordrive.widget.js?v=201810080001
Requested by
Host: www.sleepout.org
URL: https://www.sleepout.org/index.cfm?fuseaction=cms.home
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.202.205 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-202-205.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d27e9f596f8015ff0cb0bea1ebd06bef5660640003add55fd758850772db14e7

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.sleepout.org/index.cfm?fuseaction=cms.home
Origin
https://www.sleepout.org

Response headers

date
Tue, 09 Oct 2018 16:50:04 GMT
content-encoding
gzip
last-modified
Tue, 09 Oct 2018 13:30:45 GMT
server
AmazonS3
status
200
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
3000
x-cache
RefreshHit from cloudfront
x-amz-cf-id
PwnaFbuW2XRZymt6YvLkRuI9TC4EkK36jJKhr2Kqp6qkhtwU7-4A1A==
via
1.1 e89c67951b2bc58773e3664c08702f34.cloudfront.net (CloudFront)
donordrive.api.js
assets.donordrive.com/resources/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.donordrive.com/resources/js/donordrive.api.js?v=201810080001
Requested by
Host: www.sleepout.org
URL: https://www.sleepout.org/index.cfm?fuseaction=cms.home
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.202.205 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-202-205.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b3bfcb5fc9a400deb7515fae33e012623206fd40f09bf5aa409d67f45d1b94b8

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.sleepout.org/index.cfm?fuseaction=cms.home
Origin
https://www.sleepout.org

Response headers

date
Tue, 09 Oct 2018 16:50:04 GMT
content-encoding
gzip
last-modified
Tue, 09 Oct 2018 13:30:45 GMT
server
AmazonS3
status
200
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
3000
x-cache
RefreshHit from cloudfront
x-amz-cf-id
23QhN0Oo1yXQqxbHtNM83pBJdxkRecClBz8UKk9Bb6162kuTBkHubw==
via
1.1 e89c67951b2bc58773e3664c08702f34.cloudfront.net (CloudFront)
css
fonts.googleapis.com/ 		5 KB
771 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700
Requested by
Host: www.sleepout.org
URL: https://www.sleepout.org/index.cfm?fuseaction=cms.home
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
b3dd58a587d33c5200140cee13c1332ac4d7f59b2551d3a8b841738616e54eee
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.sleepout.org/index.cfm?fuseaction=cms.home
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
last-modified
Fri, 12 Oct 2018 13:24:00 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Fri, 12 Oct 2018 13:24:00 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
x-xss-protection
1; mode=block
expires
Fri, 12 Oct 2018 13:24:00 GMT
js
www.googletagmanager.com/gtag/ 		81 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-9263599-14
Requested by
Host: www.sleepout.org
URL: https://www.sleepout.org/index.cfm?fuseaction=cms.home
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:825::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
29f623dbef2a33bd4345d7cc98cbe1dd4bf2c2d422ee46f0078ef5faf298ce10
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.sleepout.org/index.cfm?fuseaction=cms.home
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 12 Oct 2018 13:24:00 GMT
content-encoding
gzip
server
Google Tag Manager (scaffolding)
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
29603
x-xss-protection
1; mode=block
expires
Fri, 12 Oct 2018 13:24:00 GMT
logo.jpg
assets.donordrive.com/sleepout/images/ 		71 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.donordrive.com/sleepout/images/logo.jpg
Requested by
Host: www.sleepout.org
URL: https://www.sleepout.org/index.cfm?fuseaction=cms.home
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.202.205 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-202-205.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fd03d46c3f8089c57afdea09b6cc536a85fdbce19287fcbd77ede4367e0586ea

Request headers

Referer
https://www.sleepout.org/index.cfm?fuseaction=cms.home
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 12 Oct 2018 13:24:01 GMT
via
1.1 7239cddab402255f71ebf4fa62183992.cloudfront.net (CloudFront)
last-modified
Fri, 12 Jan 2018 17:15:58 GMT
server
AmazonS3
etag
"2ddece177abb63a81254867832532901"
x-cache
Miss from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=1800
accept-ranges
bytes
content-length
73122
x-amz-cf-id
smlA3ao5mZ4U8FQmE-t-vcamX2cCvcoEqcRDGOyxyjSSBAB2Ofc_dg==
dd-logo-light.svg
assets.donordrive.com/themes/resources/img/brand/ 		10 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.donordrive.com/themes/resources/img/brand/dd-logo-light.svg?v=201810080001
Requested by
Host: www.sleepout.org
URL: https://www.sleepout.org/index.cfm?fuseaction=cms.home
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.202.205 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-202-205.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f4401f65be9f6f2c111a9c74d416b5c0dd3fca273220ee82577b37fc4f0bff1c

Request headers

Referer
https://www.sleepout.org/index.cfm?fuseaction=cms.home
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 08 Oct 2018 20:05:44 GMT
content-encoding
gzip
last-modified
Wed, 28 Feb 2018 20:01:00 GMT
server
AmazonS3
age
24
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
status
200
cache-control
1800
x-amz-cf-id
5DXdB1NprA7Cv7CRO4RP2xtKRJ2EbV1jwwsORNrrQj3GJ9JoKNHbFA==
via
1.1 7239cddab402255f71ebf4fa62183992.cloudfront.net (CloudFront)
gtm.js
www.googletagmanager.com/ 		62 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-558HBMX
Requested by
Host: www.sleepout.org
URL: https://www.sleepout.org/index.cfm?fuseaction=cms.home
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:825::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
d6bfcc7039af8e3509ddc78e8d5e13c61982b0474cb5c7b97f917e56bf77680e
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.sleepout.org/index.cfm?fuseaction=cms.home
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 12 Oct 2018 13:24:00 GMT
content-encoding
gzip
server
Google Tag Manager (scaffolding)
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
22449
x-xss-protection
1; mode=block
expires
Fri, 12 Oct 2018 13:24:00 GMT
print.min.css
assets.donordrive.com/themes/sleepout/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.donordrive.com/themes/sleepout/css/print.min.css?v=201810080001
Requested by
Host: www.sleepout.org
URL: https://www.sleepout.org/index.cfm?fuseaction=cms.home
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.202.205 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-202-205.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
14e5e1e541fb08c8f2a7ad4cc97ed607afc84e0d812774216f0f956442762d1b

Request headers

Referer
https://www.sleepout.org/index.cfm?fuseaction=cms.home
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 08 Oct 2018 21:16:41 GMT
content-encoding
gzip
last-modified
Thu, 09 Nov 2017 15:57:57 GMT
server
AmazonS3
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/css
status
200
cache-control
1800
x-amz-cf-id
7IVrNikc32aDuWg9ORUyvOgFDNfFTfbpfiG1st8BIAREPv_h1QPRjA==
via
1.1 7239cddab402255f71ebf4fa62183992.cloudfront.net (CloudFront)
sdk.js
connect.facebook.net/en_US/ 		200 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
3c4e7c940a17aec7f805138ff699d64fd1cf15aad07dd8844b7bdc5dad945498
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.sleepout.org/index.cfm?fuseaction=cms.home
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
MeCr5+8ZMK1SjUdXLZ6MYQ==
status
200
content-length
62570
x-xss-protection
0
x-fb-debug
yB/h2s9zsJbr6j++G6hCztRjVe4fvGBzvie1TTmVwH/GAMPMbHS81IuO+yvLcjLZhLTWGIIsFuWeuoBd4DkGfQ==
x-fb-content-md5
c83f938802debdc9b9ca8e2279c34339
x-frame-options
DENY
date
Fri, 12 Oct 2018 13:24:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"1fdb57c8623f2decc1dfdeba2e8e245d"
timing-allow-origin
*
expires
Fri, 12 Oct 2018 13:26:48 GMT
logo-white.png
assets.donordrive.com/themes/sleepout/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.donordrive.com/themes/sleepout/img/logo-white.png
Requested by
Host: www.sleepout.org
URL: https://www.sleepout.org/index.cfm?fuseaction=cms.home
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.202.205 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-202-205.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
91d9464200203849a50a570c3b064cfd10a69d6e23f679988522ec43f3c9af93

Request headers

Referer
https://assets.donordrive.com/themes/sleepout/css/master.min.css?v=201810080001
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 05 Jul 2018 10:37:34 GMT
via
1.1 7239cddab402255f71ebf4fa62183992.cloudfront.net (CloudFront)
last-modified
Thu, 09 Nov 2017 15:57:57 GMT
server
AmazonS3
etag
"d99f68d33f8dab13e0eaa591679d38d3"
x-cache
RefreshHit from cloudfront
content-type
image/png
status
200
cache-control
1800
accept-ranges
bytes
content-length
7973
x-amz-cf-id
xUujoiTjToMQINgYDyJNOJTchfLuZGJO8ASmATVmzBaVY-826YiVAQ==
logo.jpg
assets.donordrive.com/themes/sleepout/img/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.donordrive.com/themes/sleepout/img/logo.jpg
Requested by
Host: www.sleepout.org
URL: https://www.sleepout.org/index.cfm?fuseaction=cms.home
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.202.205 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-202-205.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ca566d98f89d72952f45486f4b3a3bb741789281437bd0c0c6b20e9245c5e80f

Request headers

Referer
https://assets.donordrive.com/themes/sleepout/css/master.min.css?v=201810080001
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 05 Jul 2018 10:37:34 GMT
via
1.1 7239cddab402255f71ebf4fa62183992.cloudfront.net (CloudFront)
last-modified
Thu, 09 Nov 2017 15:57:57 GMT
server
AmazonS3
etag
"2ace0ff796585575e51bf2466ad58d4a"
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
status
200
cache-control
1800
accept-ranges
bytes
content-length
32964
x-amz-cf-id
3qAurTcnEdeaa5AXH0UqOBje_d7sPz7qpBZYzKarUuL0gCeNMfMkGw==
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v15/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
Requested by
Host: www.sleepout.org
URL: https://www.sleepout.org/index.cfm?fuseaction=cms.home
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
fe32c9921874b35b87acb0a3b558784ca7b9fed91ed34c1d2a68b6566c9d09be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,700
Origin
https://www.sleepout.org

Response headers

date
Tue, 02 Oct 2018 06:22:32 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 21:49:39 GMT
server
sffe
age
889288
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
8800
x-xss-protection
1; mode=block
expires
Wed, 02 Oct 2019 06:22:32 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v15/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: www.sleepout.org
URL: https://www.sleepout.org/index.cfm?fuseaction=cms.home
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,700
Origin
https://www.sleepout.org

Response headers

date
Tue, 02 Oct 2018 06:22:27 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 21:49:46 GMT
server
sffe
age
889293
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
8892
x-xss-protection
1; mode=block
expires
Wed, 02 Oct 2019 06:22:27 GMT
fontawesome-webfont.woff
assets.donordrive.com/resources/font/ 		43 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.donordrive.com/resources/font/fontawesome-webfont.woff?v=3.2.1
Requested by
Host: www.sleepout.org
URL: https://www.sleepout.org/index.cfm?fuseaction=cms.home
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.202.205 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-202-205.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
18e6b5ff511b90edf098e62ac45ed9d6673a3eee10165d0de4164d4d02a3a77f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://assets.donordrive.com/resources/css/dd-public.min.css?v=201810080001
Origin
https://www.sleepout.org

Response headers

date
Wed, 18 Jul 2018 18:06:02 GMT
via
1.1 e89c67951b2bc58773e3664c08702f34.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache
RefreshHit from cloudfront
status
200
content-length
43572
last-modified
Mon, 29 Feb 2016 15:55:47 GMT
server
AmazonS3
etag
"b683029bafe0305ac2234038a03e1541"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
x-amz-cf-id
WerXSscb108WCy_324CWb802zhtVL7wZiozurdLtkY1QWByhxMyRTA==
analytics.js
www.google-analytics.com/ 		42 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-9263599-14
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:825::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
316fe2ef7b6caac81936e79571e2e0b742200f1c5b0e02d6bdeeb375eb419026
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sleepout.org/index.cfm?fuseaction=cms.home
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 01 Oct 2018 17:56:18 GMT
server
Golfe2
age
3697
date
Fri, 12 Oct 2018 12:22:23 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
17285
expires
Fri, 12 Oct 2018 14:22:23 GMT
widgets.js
platform.twitter.com/ 		118 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/418C) /
Resource Hash
f0bbf9dddb32bee0c700eaeae0d822c35be8c24d15ee43fb8cbfdd06ab0b5b11

Request headers

Referer
https://www.sleepout.org/index.cfm?fuseaction=cms.home
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 12 Oct 2018 13:24:00 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 Oct 2018 18:31:49 GMT
Server
ECS (fcn/418C)
Etag
"3524e6fe37d1f506b52edd4e14c19f48+gzip"
Vary
Accept-Encoding
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control
public, max-age=1800
Content-Type
application/javascript; charset=utf-8
Content-Length
35358
collect
www.google-analytics.com/r/ 		35 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j70&a=2060578577&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sleepout.org%2Findex.cfm%3Ffuseaction%3Dcms.home&ul=en-us&de=UTF-8&dt=The%20Movement&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=1464729587&gjid=443585131&cid=703303699.1539350641&tid=UA-9263599-14&_gid=351685317.1539350641&_r=1&gtm=ua1&z=1943209652
Requested by
Host: www.sleepout.org
URL: https://www.sleepout.org/index.cfm?fuseaction=cms.home
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:825::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sleepout.org/index.cfm?fuseaction=cms.home
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Oct 2018 13:24:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
widget_iframe.1dcb9052029dec42394397b936b6c31a.html
platform.twitter.com/widgets/ Frame 4ABD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.1dcb9052029dec42394397b936b6c31a.html?origin=https%3A%2F%2Fwww.sleepout.org&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/4195) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://www.sleepout.org/index.cfm?fuseaction=cms.home
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.sleepout.org/index.cfm?fuseaction=cms.home

Response headers

Content-Encoding
gzip
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Fri, 12 Oct 2018 13:24:00 GMT
Etag
"e3ed684480c273645854c25215f7a43c+gzip"
Last-Modified
Thu, 11 Oct 2018 18:31:05 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/4195)
Vary
Accept-Encoding
X-Cache
HIT
Content-Length
5879
trnHszv6jVd.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame 2DCA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://staticxx.facebook.com/connect/xd_arbiter/r/trnHszv6jVd.js?version=42
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
staticxx.facebook.com
:scheme
https
:path
/connect/xd_arbiter/r/trnHszv6jVd.js?version=42
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://www.sleepout.org/index.cfm?fuseaction=cms.home
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.sleepout.org/index.cfm?fuseaction=cms.home

Response headers

status
200
expires
Thu, 10 Oct 2019 17:17:18 GMT
cache-control
public,max-age=31536000,immutable
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
x-xss-protection
0
expect-ct
max-age=86400, report-uri="http://reports.fb.com/expectct/"
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset=utf-8
x-content-type-options
nosniff
vary
Accept-Encoding
content-encoding
gzip
x-fb-debug
EHeMw9G9Jy1tlxvhrBdUEuph0QoA7l+5urt3boVV1AZI1Y34pXBEeEvgFNYBnciQyxA/B2ITCWp4YHAmVIxiVg==
content-length
14168
date
Fri, 12 Oct 2018 13:24:00 GMT
jot.html
platform.twitter.com/ Frame CB90
Redirect Chain
  • https://syndication.twitter.com/i/jot
  • https://platform.twitter.com/jot.html
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/jot.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/418D) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
Origin
null
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Accept-Ranges
bytes
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Fri, 12 Oct 2018 13:24:01 GMT
Etag
"d9592a6c704736fa4da218d4357976dd"
Last-Modified
Thu, 11 Oct 2018 18:31:49 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/418D)
X-Cache
HIT
Content-Length
80

Redirect headers

status
302 302 Found
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length
0
content-type
text/html;charset=utf-8
date
Fri, 12 Oct 2018 13:24:00 GMT
expires
Tue, 31 Mar 1981 05:00:00 GMT
last-modified
Fri, 12 Oct 2018 13:24:00 GMT
location
https://platform.twitter.com/jot.html
pragma
no-cache
server
tsa_b
strict-transport-security
max-age=631138519
x-connection-hash
c3e03b6e6a5d992a7c35443206adc540
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-response-time
92
x-transaction
0020230a0078e20a
x-tsa-request-body-time
1
x-twitter-response-tags
BouncerCompliant
x-xss-protection
0
trnHszv6jVd.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame 4E35
Redirect Chain
  • https://www.facebook.com/connect/ping?client_id=439722313103409&domain=www.sleepout.org&origin=1&redirect_uri=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FtrnHszv6jVd.js%3Fversi...
  • https://staticxx.facebook.com/connect/xd_arbiter/r/trnHszv6jVd.js?version=42
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://staticxx.facebook.com/connect/xd_arbiter/r/trnHszv6jVd.js?version=42
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
staticxx.facebook.com
:scheme
https
:path
/connect/xd_arbiter/r/trnHszv6jVd.js?version=42
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://www.sleepout.org/index.cfm?fuseaction=cms.home
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.sleepout.org/index.cfm?fuseaction=cms.home

Response headers

status
200
expires
Thu, 10 Oct 2019 17:17:18 GMT
cache-control
public,max-age=31536000,immutable
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
x-xss-protection
0
expect-ct
max-age=86400, report-uri="http://reports.fb.com/expectct/"
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset=utf-8
x-content-type-options
nosniff
vary
Accept-Encoding
content-encoding
gzip
x-fb-debug
EHeMw9G9Jy1tlxvhrBdUEuph0QoA7l+5urt3boVV1AZI1Y34pXBEeEvgFNYBnciQyxA/B2ITCWp4YHAmVIxiVg==
content-length
14168
date
Fri, 12 Oct 2018 13:24:01 GMT

Redirect headers

status
302
x-xss-protection
0
pragma
no-cache
location
https://staticxx.facebook.com/connect/xd_arbiter/r/trnHszv6jVd.js?version=42#cb=f235fc8309aa708&domain=www.sleepout.org&origin=https%3A%2F%2Fwww.sleepout.org%2Fff0d532dd828ac&relation=parent&error=unknown_user
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
cache-control
private, no-cache, no-store, must-revalidate
expect-ct
max-age=86400, report-uri="http://reports.fb.com/expectct/"
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-type
text/html; charset="utf-8"
x-fb-debug
RKpfRYIcGaF/kl4gfvNe8bv4spBa48gfe4NV4TPKqEHWHJ32KEPfHmel59P3yUVMx8AFLmwOfxqOFqyZ+sMHow==
date
Fri, 12 Oct 2018 13:24:01 GMT
content-length
0

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dataLayer object| google_tag_manager function| $ function| jQuery object| FormValidator object| NotificationOptions undefined| NotificationTimeoutHandle object| Notification string| dp_dateFormat function| fbAsyncInit object| ddWidgetOptions object| DonorDrive function| doDataUpdateCheck function| gtag boolean| test undefined| searchPrompt string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| sa object| gaGlobal object| gaData function| __twttrll object| twttr object| __twttr object| FB

8 Cookies

Domain/Path Name / Value
.sleepout.org/ Name: _gid
Value: GA1.2.351685317.1539350641
www.sleepout.org/ Name: PUBLICAPPLANGUAGE
Value: DEFAULT%3Ben%5FUS
.sleepout.org/ Name: _gat_gtag_UA_9263599_14
Value: 1
.sleepout.org/ Name: _ga
Value: GA1.2.703303699.1539350641
www.sleepout.org/ Name: COOKIETEST
Value: 1
www.sleepout.org/ Name: CFTOKEN
Value: 8a114ca36164c5c8-147B3B40-C127-F3DD-A5B19EF3A57A6215
www.sleepout.org/ Name: sto-id
Value: AGABGOAK
www.sleepout.org/ Name: CFID
Value: 8826555

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
assets.donordrive.com
click.donordrive.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
platform.twitter.com
staticxx.facebook.com
syndication.twitter.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.sleepout.org
199.16.156.52
2606:2800:234:46c:e8b:1e2f:2bd:694
2a00:1450:4001:81a::200a
2a00:1450:4001:825::2003
2a00:1450:4001:825::2008
2a00:1450:4001:825::200a
2a00:1450:4001:825::200e
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
52.213.164.114
54.230.202.205
64.154.105.165
14e5e1e541fb08c8f2a7ad4cc97ed607afc84e0d812774216f0f956442762d1b
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
18e6b5ff511b90edf098e62ac45ed9d6673a3eee10165d0de4164d4d02a3a77f
29f623dbef2a33bd4345d7cc98cbe1dd4bf2c2d422ee46f0078ef5faf298ce10
2ad3aac873a8733092fbfaf4c860bcdf9786ab5cb7203680b6420424a874fbc1
316fe2ef7b6caac81936e79571e2e0b742200f1c5b0e02d6bdeeb375eb419026
3c4e7c940a17aec7f805138ff699d64fd1cf15aad07dd8844b7bdc5dad945498
53b46e05b9ed9dd10801607fc3bf7896c251cbcca6a1a04dd152e90ca43b14af
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167
91d9464200203849a50a570c3b064cfd10a69d6e23f679988522ec43f3c9af93
9b64104960e7c12b5616100e9ac04366a4612ae148098068ddbd4b4083f9243b
b3bfcb5fc9a400deb7515fae33e012623206fd40f09bf5aa409d67f45d1b94b8
b3dd58a587d33c5200140cee13c1332ac4d7f59b2551d3a8b841738616e54eee
ca566d98f89d72952f45486f4b3a3bb741789281437bd0c0c6b20e9245c5e80f
d27e9f596f8015ff0cb0bea1ebd06bef5660640003add55fd758850772db14e7
d6bfcc7039af8e3509ddc78e8d5e13c61982b0474cb5c7b97f917e56bf77680e
e3e5606a0a254e0c87a339d40975fff730cff57442ccd98580ac5cd37f412678
e8fb64ba5327e765bd74b85ae4f6e876af3e74b6893cd1d6a3e7ec7d6dd1a260
f0bbf9dddb32bee0c700eaeae0d822c35be8c24d15ee43fb8cbfdd06ab0b5b11
f4401f65be9f6f2c111a9c74d416b5c0dd3fca273220ee82577b37fc4f0bff1c
fa639fe6dbace4f02125808361febc2e69fff35d7a2d1b44b45f2070a032eb9d
fd03d46c3f8089c57afdea09b6cc536a85fdbce19287fcbd77ede4367e0586ea
fe32c9921874b35b87acb0a3b558784ca7b9fed91ed34c1d2a68b6566c9d09be