www.voa-ncnn.org Open in urlscan Pro
104.130.32.213 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://r20.rs6.net/tn.jsp?f=001aVz9RWy6_55WsOB6JH28YwxSxL1VwKgfl6XPFs4m7EBs09tZucD0LwLOP6r2p_slEmIVNZeul5aaZgyBiiFz...
Effective URL:
https://www.voa-ncnn.org/shelter-from-the-storm-sacramento
Submission: On May 04 via api (May 4th 2021, 4:31:46 pm UTC) from US

Summary HTTP 80 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 22 IPs in 3 countries across 15 domains to perform 80 HTTP transactions. The main IP is 104.130.32.213, located in United States and belongs to RACKSPACE, US. The main domain is www.voa-ncnn.org.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 18th 2021. Valid for: a year.

This is the only time www.voa-ncnn.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	208.75.122.11 208.75.122.11	40444 (ASN-CC) (ASN-CC)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba7b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
10	104.130.32.213 104.130.32.213	27357 (RACKSPACE) (RACKSPACE)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
11	52.216.206.155 52.216.206.155	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
6	2600:9000:210... 2600:9000:2104:8600:3:c04e:c780:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:214... 2600:9000:214f:400:16:876:8540:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
12	65.9.84.53 65.9.84.53	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9d	15169 (GOOGLE) (GOOGLE)
1	52.184.193.103 52.184.193.103	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:9000:210... 2600:9000:2104:e000:c:a9b7:ddc0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	52.29.62.85 52.29.62.85	16509 (AMAZON-02) (AMAZON-02)
3	107.154.229.42 107.154.229.42	19551 (INCAPSULA) (INCAPSULA)
12	20.80.210.97 20.80.210.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.14.110 151.101.14.110	54113 (FASTLY) (FASTLY)
2	162.247.243.146 162.247.243.146	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
5	2600:9000:210... 2600:9000:2104:6a00:16:876:8540:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
80	22

3 208.75.122.11 (United States) 1 redirects

ASN40444 (ASN-CC, US)
PTR: rs6.net

r20.rs6.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba7b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

static.ctctcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.130.32.213 (United States)

ASN27357 (RACKSPACE, US)

www.voa-ncnn.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 52.216.206.155 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

voa-production.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2104:8600:3:c04e:c780:93a1 (United States)

ASN16509 (AMAZON-02, US)

ws.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:400:16:876:8540:93a1 (United States)

ASN16509 (AMAZON-02, US)

ss.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 65.9.84.53 (United States)

ASN16509 (AMAZON-02, US)

sky.blackbaudcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.184.193.103 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

host.nxt.blackbaud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2104:e000:c:a9b7:ddc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.sharethis.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.29.62.85 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-62-85.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 107.154.229.42 (United States)

ASN19551 (INCAPSULA, US)
PTR: 107.154.229.42.ip.incapdns.net

payments.blackbaud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 20.80.210.97 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

reg-pusa01.app.blackbaud.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.243.146 (United States)

ASN23467 (NEWRELIC-AS-1, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2104:6a00:16:876:8540:93a1 (United States)

ASN16509 (AMAZON-02, US)

sd.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	sharethis.com ws.sharethis.com ss.sharethis.com l.sharethis.com sd.sharethis.com	95 KB
12	blackbaud.net reg-pusa01.app.blackbaud.net	12 KB
12	blackbaudcdn.net sky.blackbaudcdn.net	1 MB
11	amazonaws.com voa-production.s3.amazonaws.com	609 KB
10	voa-ncnn.org www.voa-ncnn.org	220 KB
5	google-analytics.com www.google-analytics.com ssl.google-analytics.com	36 KB
4	blackbaud.com host.nxt.blackbaud.com payments.blackbaud.com	12 KB
3	rs6.net 1 redirects r20.rs6.net	5 KB
2	nr-data.net bam-cell.nr-data.net	1 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	83 KB
2	googletagmanager.com www.googletagmanager.com	68 KB
1	newrelic.com js-agent.newrelic.com	12 KB
1	consensu.org c.sharethis.mgr.consensu.org	1 KB
1	doubleclick.net stats.g.doubleclick.net	86 B
1	ctctcdn.com static.ctctcdn.com	2 KB
80	15

	Domain	Requested by
12	reg-pusa01.app.blackbaud.net	sky.blackbaudcdn.net
12	sky.blackbaudcdn.net	www.voa-ncnn.org host.nxt.blackbaud.com sky.blackbaudcdn.net
11	voa-production.s3.amazonaws.com	www.voa-ncnn.org
10	www.voa-ncnn.org	r20.rs6.net www.voa-ncnn.org
6	ws.sharethis.com	www.voa-ncnn.org ws.sharethis.com
5	sd.sharethis.com	ss.sharethis.com sd.sharethis.com
3	payments.blackbaud.com	host.nxt.blackbaud.com payments.blackbaud.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	r20.rs6.net	1 redirects r20.rs6.net
2	ssl.google-analytics.com	ss.sharethis.com
2	bam-cell.nr-data.net	js-agent.newrelic.com
2	maxcdn.bootstrapcdn.com	host.nxt.blackbaud.com maxcdn.bootstrapcdn.com
2	l.sharethis.com	ws.sharethis.com www.voa-ncnn.org
2	www.googletagmanager.com	www.voa-ncnn.org
1	js-agent.newrelic.com	www.voa-ncnn.org
1	c.sharethis.mgr.consensu.org	ws.sharethis.com
1	host.nxt.blackbaud.com	sky.blackbaudcdn.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	ss.sharethis.com	www.voa-ncnn.org
1	static.ctctcdn.com	r20.rs6.net
80	20

This site contains links to these domains. Also see Links.

Domain
secure3.convio.net
supportvoagsnn.volunteersofamerica.org
youtu.be
www.suncrestbank.com
epicbrokers.com
healthy.kaiserpermanente.org
crimealertsecurity.com
www.carf.org
www.voa.org
twitter.com
www.facebook.com
www.youtube.com
www.instagram.com

Subject Issuer	Validity	Valid
*.constantcontact.com GlobalSign RSA OV SSL CA 2018	`2021-02-08` - `2022-03-12`	a year	crt.sh
www.voa.org Sectigo RSA Domain Validation Secure Server CA	`2021-04-18` - `2022-04-18`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-01-11` - `2022-02-11`	a year	crt.sh
sharethis.com Amazon	`2020-08-17` - `2021-09-16`	a year	crt.sh
sky.blackbaudcdn.net GeoTrust TLS RSA CA G1	`2020-09-16` - `2021-09-16`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.nxt.blackbaud.com GeoTrust TLS RSA CA G1	`2020-02-25` - `2022-02-24`	2 years	crt.sh
sharethis.mgr.consensu.org Amazon	`2021-04-07` - `2022-05-06`	a year	crt.sh
payments.blackbaud.com GeoTrust TLS RSA CA G1	`2020-02-05` - `2022-04-03`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
*.app.blackbaud.net GeoTrust TLS RSA CA G1	`2021-02-11` - `2022-03-14`	a year	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-05-03` - `2022-04-10`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh

This page contains 4 frames:

Primary Page: https://www.voa-ncnn.org/shelter-from-the-storm-sacramento
Frame ID: 04782A1A4460C49A9DD50819A9841D8B
Requests: 47 HTTP requests in this frame

Frame: https://host.nxt.blackbaud.com/registration-form/?formId=28df90ac-46f2-48d1-89a5-08a11f0709fa&envId=p-QpGS3s27wkeV6N6tQZs_Ww
Frame ID: 09F40C042E03305ABBE04A0AFA507CE7
Requests: 26 HTTP requests in this frame

Frame: https://c.sharethis.mgr.consensu.org/portal-v2.html
Frame ID: E67F63F96C74361E5358ABE49892E78B
Requests: 1 HTTP requests in this frame

Frame: https://ws.sharethis.com/secure5x/index.html
Frame ID: 5FBF403207E11157FA3BADC9C7B3E51C
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://r20.rs6.net/tn.jsp?f=001aVz9RWy6_55WsOB6JH28YwxSxL1VwKgfl6XPFs4m7EBs09tZucD0LwLOP6r2p_sl... Page URL
http://r20.rs6.net/tn.jsp?f=001aVz9RWy6_55WsOB6JH28YwxSxL1VwKgfl6XPFs4m7EBs09tZucD0LwLOP6r2p_sl... HTTP 302
https://www.voa-ncnn.org/shelter-from-the-storm-sacramento Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
html //i

Page Statistics

80
Requests

98 %
HTTPS

55 %
IPv6

15
Domains

20
Subdomains

22
IPs

3
Countries

2603 kB
Transfer

5625 kB
Size

4
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://secure3.convio.net/voa/site/Donation2;jsessionid=00000000.app322b?df_id=16885&mfc_pref=T&16885.donation=form1&NONCE_TOKEN=A1486550B7A744B52F93478EBAE6DB01
Title: Donate

Search URL Search Domain Scan URL

URL: http://supportvoagsnn.volunteersofamerica.org/site/Donation2?df_id=16885&mfc_pref=T&16885.donation=form1
Title: Donate

Search URL Search Domain Scan URL

URL: https://youtu.be/iSXoY0N283w
Title:

Search URL Search Domain Scan URL

URL: https://www.suncrestbank.com/
Title: <img alt="Suncrest-Sponsor.jpg" src="https://voa-production.s3.amazonaws.com/dragonfly-uploads/2021/02/15/00/13/20/1c8e8850-f434-4fc4-9e3c-2fe2434cc5a9/Suncrest-Sponsor.jpg" />

Search URL Search Domain Scan URL

URL: https://epicbrokers.com/
Title: <img alt="Epic.jpg" src="https://voa-production.s3.amazonaws.com/dragonfly-uploads/2021/04/25/13/25/35/12748fd6-b4d9-4663-82eb-0efc79b0ef3c/Epic.jpg" />

Search URL Search Domain Scan URL

URL: https://healthy.kaiserpermanente.org/
Title: <img alt="Kaiser-Sponsor.jpg" src="https://voa-production.s3.amazonaws.com/dragonfly-uploads/2021/02/15/00/13/20/24a8c269-583a-46bb-b16c-4a5433db16d8/Kaiser-Sponsor.jpg" />

Search URL Search Domain Scan URL

URL: https://crimealertsecurity.com/
Title: <img alt="CAS.jpg" src="https://voa-production.s3.amazonaws.com/dragonfly-uploads/2021/04/09/10/10/20/03f6656f-e5c3-44ae-bd0d-b7101ee772e9/CAS.jpg" />

Search URL Search Domain Scan URL

URL: https://secure3.convio.net/voa/site/Donation2?df_id=16885&mfc_pref=T&16885.donation=form1
Title: Donate

Search URL Search Domain Scan URL

URL: http://supportvoagsnn.volunteersofamerica.org/site/Survey?ACTION_REQUIRED=URI_ACTION_USER_REQUESTS&SURVEY_ID=12920
Title: Get Our Newsletter

Search URL Search Domain Scan URL

URL: http://www.carf.org/home/
Title:

Search URL Search Domain Scan URL

URL: https://www.voa.org/
Title: National Office

Search URL Search Domain Scan URL

URL: https://twitter.com/VOAncnn
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/VOAncnn/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCcD2LIiBcCgaEetTvArNksA
Title: Youtube

Search URL Search Domain Scan URL

URL: https://www.instagram.com/voancnn/
Title: Instagram

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://r20.rs6.net/tn.jsp?f=001aVz9RWy6_55WsOB6JH28YwxSxL1VwKgfl6XPFs4m7EBs09tZucD0LwLOP6r2p_slEmIVNZeul5aaZgyBiiFz9K2azsCbIuledEAxCq4yQLIEgT1rBbzHTRzPnfphrUp-YSWEv_UtcfauJJMHEdZOctqEJcZi6FGokkSJW2ya34j1gp0NEzClAGgu-8PVXCgx&c=VyNQ-gR8lxJogMAE8RypoYd9GazPKNfZiJGH3RAytaxkWDDrIYIqRA==&ch=8Ao53vJ9MYHbv_P0ALIxAiUX6ni0MS0IYQMBW9CSTx7YXULo1I-X1A==&jrc=1 Page URL
http://r20.rs6.net/tn.jsp?f=001aVz9RWy6_55WsOB6JH28YwxSxL1VwKgfl6XPFs4m7EBs09tZucD0LwLOP6r2p_slEmIVNZeul5aaZgyBiiFz9K2azsCbIuledEAxCq4yQLIEgT1rBbzHTRzPnfphrUp-YSWEv_UtcfauJJMHEdZOctqEJcZi6FGokkSJW2ya34j1gp0NEzClAGgu-8PVXCgx&c=VyNQ-gR8lxJogMAE8RypoYd9GazPKNfZiJGH3RAytaxkWDDrIYIqRA==&ch=8Ao53vJ9MYHbv_P0ALIxAiUX6ni0MS0IYQMBW9CSTx7YXULo1I-X1A==&jrc=1&jrv=1 HTTP 302
https://www.voa-ncnn.org/shelter-from-the-storm-sacramento Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

80 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK tn.jsp Show response
r20.rs6.net/ 2 KB
3 KB 378ms
327ms Document
text/html 208.75.122.11
ASN-CC

General

Check archive.org

Show headers Download Go to

Full URL: http://r20.rs6.net/tn.jsp?f=001aVz9RWy6_55WsOB6JH28YwxSxL1VwKgfl6XPFs4m7EBs09tZucD0LwLOP6r2p_slEmIVNZeul5aaZgyBiiFz9K2azsCbIuledEAxCq4yQLIEgT1rBbzHTRzPnfphrUp-YSWEv_UtcfauJJMHEdZOctqEJcZi6FGokkSJW2ya34j1gp0NEzClAGgu-8PVXCgx&c=VyNQ-gR8lxJogMAE8RypoYd9GazPKNfZiJGH3RAytaxkWDDrIYIqRA==&ch=8Ao53vJ9MYHbv_P0ALIxAiUX6ni0MS0IYQMBW9CSTx7YXULo1I-X1A==&jrc=1
Protocol: HTTP/1.1
Server: 208.75.122.11 , United States, ASN40444 (ASN-CC, US),
Reverse DNS: rs6.net
Software: Apache /
Resource Hash: 486f7567d7824468fd91b25a6463ac0e02411c94216aa2c15c5be458284dd248

Request headers

Host: r20.rs6.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 16:31:24 GMT
Server: Apache
Content-Length: 2538
P3P: CP="CAO DSP TAIa OUR NOR UNI"
Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate, no-cache="Set-Cookie"
Pragma: no-cache
Connection: close
Content-Type: text/html;charset=ISO-8859-1

GET
H/1.1 200
OK dynamic-pages.css
r20.rs6.net/ 1 KB
2 KB 266ms
237ms Stylesheet
text/css 208.75.122.11
ASN-CC

General

Check archive.org

Show headers Download Go to

Full URL: http://r20.rs6.net/dynamic-pages.css
Requested by: Host: r20.rs6.net
URL: http://r20.rs6.net/tn.jsp?f=001aVz9RWy6_55WsOB6JH28YwxSxL1VwKgfl6XPFs4m7EBs09tZucD0LwLOP6r2p_slEmIVNZeul5aaZgyBiiFz9K2azsCbIuledEAxCq4yQLIEgT1rBbzHTRzPnfphrUp-YSWEv_UtcfauJJMHEdZOctqEJcZi6FGokkSJW2ya34j1gp0NEzClAGgu-8PVXCgx&c=VyNQ-gR8lxJogMAE8RypoYd9GazPKNfZiJGH3RAytaxkWDDrIYIqRA==&ch=8Ao53vJ9MYHbv_P0ALIxAiUX6ni0MS0IYQMBW9CSTx7YXULo1I-X1A==&jrc=1
Protocol: HTTP/1.1
Server: 208.75.122.11 , United States, ASN40444 (ASN-CC, US),
Reverse DNS: rs6.net
Software: Apache /
Resource Hash: e7c901afccd103c504e0ee88d5c150366f5a983e123e2bb31a1acc09a9015372

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: r20.rs6.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://r20.rs6.net/tn.jsp?f=001aVz9RWy6_55WsOB6JH28YwxSxL1VwKgfl6XPFs4m7EBs09tZucD0LwLOP6r2p_slEmIVNZeul5aaZgyBiiFz9K2azsCbIuledEAxCq4yQLIEgT1rBbzHTRzPnfphrUp-YSWEv_UtcfauJJMHEdZOctqEJcZi6FGokkSJW2ya34j1gp0NEzClAGgu-8PVXCgx&c=VyNQ-gR8lxJogMAE8RypoYd9GazPKNfZiJGH3RAytaxkWDDrIYIqRA==&ch=8Ao53vJ9MYHbv_P0ALIxAiUX6ni0MS0IYQMBW9CSTx7YXULo1I-X1A==&jrc=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://r20.rs6.net/tn.jsp?f=001aVz9RWy6_55WsOB6JH28YwxSxL1VwKgfl6XPFs4m7EBs09tZucD0LwLOP6r2p_slEmIVNZeul5aaZgyBiiFz9K2azsCbIuledEAxCq4yQLIEgT1rBbzHTRzPnfphrUp-YSWEv_UtcfauJJMHEdZOctqEJcZi6FGokkSJW2ya34j1gp0NEzClAGgu-8PVXCgx&c=VyNQ-gR8lxJogMAE8RypoYd9GazPKNfZiJGH3RAytaxkWDDrIYIqRA==&ch=8Ao53vJ9MYHbv_P0ALIxAiUX6ni0MS0IYQMBW9CSTx7YXULo1I-X1A==&jrc=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 May 2021 16:31:24 GMT
Server: Apache
P3P: CP="CAO DSP TAIa OUR NOR UNI"
Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate, no-cache="Set-Cookie"
Connection: close
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 1229

GET
H2 200 ctct_logo_full-color.svg
static.ctctcdn.com/lp/images/standard/logos/ 7 KB
2 KB 35ms
22ms Image
image/svg+xml 2a02:26f0:6c00::210:ba7b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ctctcdn.com/lp/images/standard/logos/ctct_logo_full-color.svg
Requested by: Host: r20.rs6.net
URL: http://r20.rs6.net/tn.jsp?f=001aVz9RWy6_55WsOB6JH28YwxSxL1VwKgfl6XPFs4m7EBs09tZucD0LwLOP6r2p_slEmIVNZeul5aaZgyBiiFz9K2azsCbIuledEAxCq4yQLIEgT1rBbzHTRzPnfphrUp-YSWEv_UtcfauJJMHEdZOctqEJcZi6FGokkSJW2ya34j1gp0NEzClAGgu-8PVXCgx&c=VyNQ-gR8lxJogMAE8RypoYd9GazPKNfZiJGH3RAytaxkWDDrIYIqRA==&ch=8Ao53vJ9MYHbv_P0ALIxAiUX6ni0MS0IYQMBW9CSTx7YXULo1I-X1A==&jrc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba7b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: 805cc28d05b3bbdf5780dd5c6107f422d6b3c4f16847dd1b92e187bdac997fe8

Request headers

Referer: http://r20.rs6.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:31:24 GMT
content-encoding: gzip
last-modified: Sun, 19 Jul 2020 19:08:32 GMT
server: Apache
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=22658379
accept-ranges: bytes
content-length: 2021
expires: Fri, 21 Jan 2022 22:31:03 GMT

GET
H/1.1

200
OK

Primary Request shelter-from-the-storm-sacramento Show response
www.voa-ncnn.org/
Redirect Chain

http://r20.rs6.net/tn.jsp?f=001aVz9RWy6_55WsOB6JH28YwxSxL1VwKgfl6XPFs4m7EBs09tZucD0LwLOP6r2p_slEmIVNZeul5aaZgyBiiFz9K2azsCbIuledEAxCq4yQLIEgT1rBbzHTRzPnfphrUp-YSWEv_UtcfauJJMHEdZOctqEJcZi6FGokkSJW2...
https://www.voa-ncnn.org/shelter-from-the-storm-sacramento

36 KB
13 KB

843ms
150ms

Document
text/html

104.130.32.213
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.voa-ncnn.org/shelter-from-the-storm-sacramento

Requested by

Host: r20.rs6.net
URL: http://r20.rs6.net/tn.jsp?f=001aVz9RWy6_55WsOB6JH28YwxSxL1VwKgfl6XPFs4m7EBs09tZucD0LwLOP6r2p_slEmIVNZeul5aaZgyBiiFz9K2azsCbIuledEAxCq4yQLIEgT1rBbzHTRzPnfphrUp-YSWEv_UtcfauJJMHEdZOctqEJcZi6FGokkSJW2ya34j1gp0NEzClAGgu-8PVXCgx&c=VyNQ-gR8lxJogMAE8RypoYd9GazPKNfZiJGH3RAytaxkWDDrIYIqRA==&ch=8Ao53vJ9MYHbv_P0ALIxAiUX6ni0MS0IYQMBW9CSTx7YXULo1I-X1A==&jrc=1

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_CBC

Server

104.130.32.213 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

Software

nginx + Phusion Passenger / Phusion Passenger

Resource Hash

27943b789d485d444429680603508b0a3daa419b08bb5ab95e9fd1cf4fde0b8b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: www.voa-ncnn.org
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://r20.rs6.net/tn.jsp?f=001aVz9RWy6_55WsOB6JH28YwxSxL1VwKgfl6XPFs4m7EBs09tZucD0LwLOP6r2p_slEmIVNZeul5aaZgyBiiFz9K2azsCbIuledEAxCq4yQLIEgT1rBbzHTRzPnfphrUp-YSWEv_UtcfauJJMHEdZOctqEJcZi6FGokkSJW2ya34j1gp0NEzClAGgu-8PVXCgx&c=VyNQ-gR8lxJogMAE8RypoYd9GazPKNfZiJGH3RAytaxkWDDrIYIqRA==&ch=8Ao53vJ9MYHbv_P0ALIxAiUX6ni0MS0IYQMBW9CSTx7YXULo1I-X1A==&jrc=1

Response headers

Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Status: 200 OK
Cache-Control: max-age=0, private, must-revalidate
Referrer-Policy: strict-origin-when-cross-origin
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=block
X-Request-Id: ec726d78-ae9a-4e38-9011-72edff9d0107
X-Download-Options: noopen
ETag: W/"27943b789d485d444429680603508b0a"
X-Frame-Options: SAMEORIGIN
X-Runtime: 0.013500
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests;
Date: Tue, 04 May 2021 16:31:25 GMT
X-Powered-By: Phusion Passenger
Server: nginx + Phusion Passenger
X-Node: app-2
Content-Encoding: gzip

Redirect headers

Date: Tue, 04 May 2021 16:31:24 GMT
Server: Apache
P3P: CP="CAO DSP TAIa OUR NOR UNI"
Referrer-Policy: no-referrer
Location: https://www.voa-ncnn.org/shelter-from-the-storm-sacramento
Content-Length: 0
Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate, no-cache="Set-Cookie"
Pragma: no-cache
Connection: close
Content-Type: text/html;charset=ISO-8859-1

GET
H/1.1 200
OK application_national_site-cd213440142b44b59db717d15675aac62d3c45d6b1e0345dede21895047aa11c.css
www.voa-ncnn.org/assets/ 122 KB
21 KB 216ms
128ms Stylesheet
text/css 104.130.32.213
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.voa-ncnn.org/assets/application_national_site-cd213440142b44b59db717d15675aac62d3c45d6b1e0345dede21895047aa11c.css
Requested by: Host: www.voa-ncnn.org
URL: https://www.voa-ncnn.org/shelter-from-the-storm-sacramento
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 104.130.32.213 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 57eebb5bd4478b5a24df37cf23fbbf18a0db0746d0fe342b62ac46bce7ef6a6a

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.voa-ncnn.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.voa-ncnn.org/shelter-from-the-storm-sacramento
Connection: keep-alive
Referer: https://www.voa-ncnn.org/shelter-from-the-storm-sacramento
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 16:31:26 GMT
Content-Encoding: gzip
Last-Modified: Sat, 01 May 2021 03:02:55 GMT
Server: nginx
Content-Type: text/css
Cache-Control: max-age=31536000 public
Connection: keep-alive
Content-Length: 21311
Expires: Wed, 04 May 2022 16:31:26 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 88 KB
35 KB 21ms
19ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-2523129-34

Requested by

Host: www.voa-ncnn.org
URL: https://www.voa-ncnn.org/shelter-from-the-storm-sacramento

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9be9b29bbd03241f32719bf225c93bc4ae6d0461b4b0c4a82e1b0906d76b341e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.voa-ncnn.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:31:25 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35861
x-xss-protection: 0
last-modified: Tue, 04 May 2021 15:30:39 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 04 May 2021 16:31:25 GMT

GET
H/1.1 200
OK logo-ca-nv__2__WEBSITE_HOME_PAGE.png
voa-production.s3.amazonaws.com/uploads/affiliate_site/logo_image_color/12/ 14 KB
15 KB 502ms
140ms Image
image/png 52.216.206.155
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://voa-production.s3.amazonaws.com/uploads/affiliate_site/logo_image_color/12/logo-ca-nv__2__WEBSITE_HOME_PAGE.png
Requested by: Host: www.voa-ncnn.org
URL: https://www.voa-ncnn.org/shelter-from-the-storm-sacramento
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.206.155 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0b8e05a518302910d51a9607398ad8ae90d62e4a44ed6696ec714227248d3852

Request headers

Referer: https://www.voa-ncnn.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 16:31:27 GMT
Last-Modified: Tue, 15 May 2018 23:24:54 GMT
Server: AmazonS3
x-amz-request-id: R4PDC44WH0MW4Z8X
ETag: "07c876ce2e5afcc396b57a15eb39d970"
Content-Type: image/png
Cache-Control: public, max-age=31536000
x-amz-meta-marker: processed at: 2018-05-15T19:24:53-04:00
Accept-Ranges: bytes
Content-Length: 14515
x-amz-id-2: SRMHLnn3+EM1GeGx5i+LpxuvEGpwYchQRi0oQEFufx2XCXzAaeLnMsMdu8nnEZ5j+q/COAEHKT4=

GET
H/1.1 200
OK sponsor.jpg
voa-production.s3.amazonaws.com/dragonfly-uploads/2020/09/14/16/42/31/8b77dcca-e890-443c-b692-c4e8cb34188b/ 94 KB
94 KB 337ms
135ms Image
image/jpeg 52.216.206.155
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://voa-production.s3.amazonaws.com/dragonfly-uploads/2020/09/14/16/42/31/8b77dcca-e890-443c-b692-c4e8cb34188b/sponsor.jpg
Requested by: Host: www.voa-ncnn.org
URL: https://www.voa-ncnn.org/shelter-from-the-storm-sacramento
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.206.155 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 1b953b81cd224857e5fe070752d075d1fdcb496c36110471116a814b7de5255d

Request headers

Referer: https://www.voa-ncnn.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 16:31:27 GMT
Last-Modified: Mon, 14 Sep 2020 20:42:32 GMT
Server: AmazonS3
x-amz-request-id: R4P74H9XHNWYE1QA
ETag: "a71baa25724ac2c2187e642049e25c30"
Content-Type: image/jpeg
x-amz-meta-json: {"name":"sponsor.jpg","mime_type":"image%2Fjpeg","model_class":"Rich%3A%3ARichFile","model_attachment":"image"}
Accept-Ranges: bytes
Content-Length: 96174
x-amz-id-2: KIdUKkKsNJS94ZftfhmAbZrr6exxJSklBBt7CzC9sZ326my+fR7W/PuxnUaOajLkGK46XoP8TWQ=

GET
H/1.1 200
OK kim-mobile.jpg
voa-production.s3.amazonaws.com/dragonfly-uploads/2021/02/03/16/45/49/0c0db640-2f85-4fe6-b82d-684cd4f52df8/ 40 KB
40 KB 506ms
151ms Image
image/jpeg 52.216.206.155
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://voa-production.s3.amazonaws.com/dragonfly-uploads/2021/02/03/16/45/49/0c0db640-2f85-4fe6-b82d-684cd4f52df8/kim-mobile.jpg
Requested by: Host: www.voa-ncnn.org
URL: https://www.voa-ncnn.org/shelter-from-the-storm-sacramento
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.206.155 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 752871c6388dd2ddfd063e9838204a6e349f3579eff0f49c0d810acbeed745b3

Request headers

Referer: https://www.voa-ncnn.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 16:31:27 GMT
Last-Modified: Wed, 03 Feb 2021 21:45:50 GMT
Server: AmazonS3
x-amz-request-id: R4PA21E6KF87K88F
ETag: "c4e03a8049cd8d2a927385b42b537b1d"
Content-Type: image/jpeg
x-amz-meta-json: {"name":"kim-mobile.jpg","mime_type":"image%2Fjpeg","model_class":"Rich%3A%3ARichFile","model_attachment":"image"}
Accept-Ranges: bytes
Content-Length: 40504
x-amz-id-2: UdEfTJD/rLI/6H/ee1ea4nsPxgD8sYYPKaUx1LIkW004LCNWW3rO+QpPkeNfMi6iHi4AqBEQm9Q=

GET
H/1.1 200
OK Annotation_202020-08-31_20150409.jpg
voa-production.s3.amazonaws.com/dragonfly-uploads/2020/10/13/13/02/07/337c81ef-eea3-48bc-a1e0-66880259d755/ 25 KB
25 KB 716ms
360ms Image
image/jpeg 52.216.206.155
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://voa-production.s3.amazonaws.com/dragonfly-uploads/2020/10/13/13/02/07/337c81ef-eea3-48bc-a1e0-66880259d755/Annotation_202020-08-31_20150409.jpg
Requested by: Host: www.voa-ncnn.org
URL: https://www.voa-ncnn.org/shelter-from-the-storm-sacramento
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.206.155 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: f5ef65668bb81b94b64846e5f7a430cca5c9652ff55643b575b536a520813ff6

Request headers

Referer: https://www.voa-ncnn.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 16:31:27 GMT
Last-Modified: Tue, 13 Oct 2020 17:02:09 GMT
Server: AmazonS3
x-amz-request-id: R4PCCSVM13ZXWH4K
ETag: "0890476e55dfc2668a005bda659c2740"
Content-Type: image/jpeg
x-amz-meta-json: {"name":"Annotation_202020-08-31_20150409.jpg","mime_type":"image%2Fjpeg","model_class":"Rich%3A%3ARichFile","model_attachment":"image"}
Accept-Ranges: bytes
Content-Length: 25354
x-amz-id-2: eVgGklNjf2PAPR+thPK/fUzx0QNdgK6LvKLtYzDnnFoLVUj3XDtrfHjr/ctVhqpwVFtl9GCYUIg=

GET
H3-29 200 gtm.js Show response
www.googletagmanager.com/ 84 KB
33 KB 42ms
40ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WQC9WZJ

Requested by

Host: www.voa-ncnn.org
URL: https://www.voa-ncnn.org/shelter-from-the-storm-sacramento

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e26b28313695edd24c9411644f5292028de994627a3f26eaf1ba71c86847d9ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.voa-ncnn.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:31:26 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33303
x-xss-protection: 0
last-modified: Tue, 04 May 2021 15:30:39 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 04 May 2021 16:31:26 GMT

GET
H/1.1 200
OK carf_with_large_boarder_T.png
voa-production.s3.amazonaws.com/uploads/footer/logo_1_image/12/ 10 KB
11 KB 498ms
143ms Image
image/png 52.216.206.155
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://voa-production.s3.amazonaws.com/uploads/footer/logo_1_image/12/carf_with_large_boarder_T.png
Requested by: Host: www.voa-ncnn.org
URL: https://www.voa-ncnn.org/shelter-from-the-storm-sacramento
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.206.155 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: f832f0384ddc0de352a7cdb3da1199df503723455655c86c4d50a8a771b53336

Request headers

Referer: https://www.voa-ncnn.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 16:31:27 GMT
Last-Modified: Wed, 16 May 2018 00:04:16 GMT
Server: AmazonS3
x-amz-request-id: R4P4HD95DYYE4T4N
ETag: "e9f826bd22191c1c58dd320d1cf868f0"
Content-Type: image/png
Cache-Control: public, max-age=31536000
x-amz-meta-marker: processed at: 2018-05-15T20:04:15-04:00
Accept-Ranges: bytes
Content-Length: 10569
x-amz-id-2: Sm3jYaYSCBuiNwXViWieKpIsU9fuDIySB+cgQEuuJu/l/1N+DAFMaajkwFzqjCDQU2VBSoA89Zo=

GET
H/1.1 200
OK Untitled-2-01.png
voa-production.s3.amazonaws.com/uploads/footer/logo_2_image/12/ 4 KB
4 KB 529ms
149ms Image
image/png 52.216.206.155
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://voa-production.s3.amazonaws.com/uploads/footer/logo_2_image/12/Untitled-2-01.png
Requested by: Host: www.voa-ncnn.org
URL: https://www.voa-ncnn.org/shelter-from-the-storm-sacramento
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.206.155 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 47380eb510ed3c176fd164e4aeab329aa3ca11ca9ac5cc1f66aa08dde105190d

Request headers

Referer: https://www.voa-ncnn.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 16:31:27 GMT
Content-Encoding
Last-Modified: Wed, 14 Aug 2019 15:04:29 GMT
Server: AmazonS3
x-amz-request-id: R4P5NH4A21C7GE8Q
ETag: "d4e5baeaf91ff9ca37ca69301fd1ddfe"
Content-Type: image/png
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Length: 3727
x-amz-id-2: W12bhelLrABDgIKdi2gUe2S/XMKGT/Yj28vEIjFISz7RTgH4QJOgYuzWuBtQ3tqvKLAXLk8UaRk=
Expires: Wed, 27 May 2020 02:57:29 GMT

GET
H/1.1 200
OK application-c093fa7bb346d3e4859e60eeeb7cbeaa514534ddafd7d238ce9cf4a35d1d934e.js Show response
www.voa-ncnn.org/assets/ 212 KB
72 KB 126ms
125ms Script
application/javascript 104.130.32.213
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.voa-ncnn.org/assets/application-c093fa7bb346d3e4859e60eeeb7cbeaa514534ddafd7d238ce9cf4a35d1d934e.js
Requested by: Host: www.voa-ncnn.org
URL: https://www.voa-ncnn.org/shelter-from-the-storm-sacramento
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 104.130.32.213 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: c093fa7bb346d3e4859e60eeeb7cbeaa514534ddafd7d238ce9cf4a35d1d934e

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.voa-ncnn.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.voa-ncnn.org/shelter-from-the-storm-sacramento
Connection: keep-alive
Referer: https://www.voa-ncnn.org/shelter-from-the-storm-sacramento
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 16:31:26 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Apr 2020 18:58:27 GMT
Server: nginx
Content-Type: application/javascript
Cache-Control: max-age=31536000 public
Connection: keep-alive
Content-Length: 73153
Expires: Wed, 04 May 2022 16:31:26 GMT

GET
H2 200 buttons.js Show response
ws.sharethis.com/button/ 59 KB
17 KB 48ms
15ms Script
application/javascript 2600:9000:2104:8600:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sharethis.com/button/buttons.js
Requested by: Host: www.voa-ncnn.org
URL: https://www.voa-ncnn.org/shelter-from-the-storm-sacramento
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:8600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 101952754cb8c2ae6e1b8b8cba16dc2a9b47e6e808bd563a8b87d0561daf7d85

Request headers

Referer: https://www.voa-ncnn.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 16:32:43 GMT
content-encoding: gzip
server: nginx/1.16.1
age: 259123
etag: W/"60256fd0-eabe"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 043fc2faaa02eeb59193e3fa300adb6b.cloudfront.net (CloudFront)
cache-control: max-age=259200
x-amz-cf-pop: AMS1-C1
x-robots-tag: noindex, nofollow
content-length: 16639
x-amz-cf-id: 8Jm8ymYWtdhqLDHD5F7iGbyr-ei9YcL1LBKUeEJ613d_upyfTr8uGA==
expires: Tue, 04 May 2021 16:32:43 GMT

GET
H2 200 loader.js Show response
ss.sharethis.com/ 19 KB
5 KB 36ms
8ms Script
application/javascript 2600:9000:214f:400:16:876:8540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ss.sharethis.com/loader.js
Requested by: Host: www.voa-ncnn.org
URL: https://www.voa-ncnn.org/shelter-from-the-storm-sacramento
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:400:16:876:8540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 65b86fc12f3832f3046d33dca119811267d118182b6e504d3862d8556e3cc71b

Request headers

Referer: https://www.voa-ncnn.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:29:38 GMT
content-encoding: gzip
last-modified: Tue, 20 Aug 2019 17:22:04 GMT
server: AmazonS3
age: 219
etag: W/"a637698b696964cb3a292f5482138425"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c90147ea5199ff7ce77981c8da4247c4.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA53-C1
x-robots-tag: noindex, nofollow
x-amz-cf-id: 6BzBC6LfLYkqCVu03zlmLjqrODYWa-WRnsEfvWWHo0EO1lKA-gpffQ==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-2523129-34

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.voa-ncnn.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 3051
date: Tue, 04 May 2021 15:40:35 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Tue, 04 May 2021 17:40:35 GMT

GET
H2 200 online_registrations_form_loader_v1.f8744b9a2e1826070a839886cbb55c9de563274d.js Show response
sky.blackbaudcdn.net/skyuxapps/registration-form/assets/ 27 KB
11 KB 190ms
75ms Script
application/javascript 65.9.84.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sky.blackbaudcdn.net/skyuxapps/registration-form/assets/online_registrations_form_loader_v1.f8744b9a2e1826070a839886cbb55c9de563274d.js

Requested by

Host: www.voa-ncnn.org
URL: https://www.voa-ncnn.org/shelter-from-the-storm-sacramento

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

57ee1efc5ca2451307b0203b26d40f9edc37f0981ed26ce00480da616cc91346

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.voa-ncnn.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 08:42:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7976965
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 281
strict-transport-security: max-age=3600; includeSubDomains
request-context: appId=cid-v1:97accf10-7710-4206-9726-3866ea91e9c5
access-control-allow-origin: *
server: istio-envoy
etag: "0x8D8BE47EC4CACDE"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 4ce5e5162c2d4fc9022ceb290f794ffe.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: bJWT1WwEwfdcqOOaSUazULJicuc2QsnhiI7zOnduGtxe3aNAWHIoRg==

GET
H/1.1 200
OK bg-promo-1-f2114dd0d453daabe6ef73deabd0b48a93d46983faf35c02628993daa02ca824.jpg
www.voa-ncnn.org/assets/structure/footer/ 6 KB
6 KB 119ms
118ms Image
image/jpeg 104.130.32.213
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.voa-ncnn.org/assets/structure/footer/bg-promo-1-f2114dd0d453daabe6ef73deabd0b48a93d46983faf35c02628993daa02ca824.jpg
Requested by: Host: www.voa-ncnn.org
URL: https://www.voa-ncnn.org/assets/application_national_site-cd213440142b44b59db717d15675aac62d3c45d6b1e0345dede21895047aa11c.css
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 104.130.32.213 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: f2114dd0d453daabe6ef73deabd0b48a93d46983faf35c02628993daa02ca824

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.voa-ncnn.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.voa-ncnn.org/assets/application_national_site-cd213440142b44b59db717d15675aac62d3c45d6b1e0345dede21895047aa11c.css
Connection: keep-alive
Referer: https://www.voa-ncnn.org/assets/application_national_site-cd213440142b44b59db717d15675aac62d3c45d6b1e0345dede21895047aa11c.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 16:31:26 GMT
Last-Modified: Tue, 17 Apr 2018 16:02:09 GMT
Server: nginx
Content-Type: image/jpeg
Cache-Control: max-age=31536000 public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5774
Expires: Wed, 04 May 2022 16:31:26 GMT

GET
H/1.1 200
OK bg-promo-2-2273b2774d4a6314b962b24ebc9ac70d90e66202a9108d4a7eadb09569fddb5e.jpg
www.voa-ncnn.org/assets/structure/footer/ 5 KB
5 KB 358ms
121ms Image
image/jpeg 104.130.32.213
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.voa-ncnn.org/assets/structure/footer/bg-promo-2-2273b2774d4a6314b962b24ebc9ac70d90e66202a9108d4a7eadb09569fddb5e.jpg
Requested by: Host: www.voa-ncnn.org
URL: https://www.voa-ncnn.org/assets/application_national_site-cd213440142b44b59db717d15675aac62d3c45d6b1e0345dede21895047aa11c.css
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 104.130.32.213 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 2273b2774d4a6314b962b24ebc9ac70d90e66202a9108d4a7eadb09569fddb5e

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.voa-ncnn.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.voa-ncnn.org/assets/application_national_site-cd213440142b44b59db717d15675aac62d3c45d6b1e0345dede21895047aa11c.css
Cookie: _ga=GA1.2.880714040.1620145886; _gid=GA1.2.249964200.1620145886; _gat_gtag_UA_2523129_34=1; _gat_UA-107004064-1=1
Connection: keep-alive
Referer: https://www.voa-ncnn.org/assets/application_national_site-cd213440142b44b59db717d15675aac62d3c45d6b1e0345dede21895047aa11c.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 16:31:26 GMT
Last-Modified: Tue, 17 Apr 2018 16:02:09 GMT
Server: nginx
Content-Type: image/jpeg
Cache-Control: max-age=31536000 public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4669
Expires: Wed, 04 May 2022 16:31:26 GMT

GET
H/1.1 200
OK bg-promo-3-007bcc256a31018c0e88df7652cf34379eef1d30ea76339ec898601655966c01.jpg
www.voa-ncnn.org/assets/structure/footer/ 5 KB
5 KB 117ms
116ms Image
image/jpeg 104.130.32.213
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.voa-ncnn.org/assets/structure/footer/bg-promo-3-007bcc256a31018c0e88df7652cf34379eef1d30ea76339ec898601655966c01.jpg
Requested by: Host: www.voa-ncnn.org
URL: https://www.voa-ncnn.org/assets/application_national_site-cd213440142b44b59db717d15675aac62d3c45d6b1e0345dede21895047aa11c.css
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 104.130.32.213 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 007bcc256a31018c0e88df7652cf34379eef1d30ea76339ec898601655966c01

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.voa-ncnn.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.voa-ncnn.org/assets/application_national_site-cd213440142b44b59db717d15675aac62d3c45d6b1e0345dede21895047aa11c.css
Connection: keep-alive
Referer: https://www.voa-ncnn.org/assets/application_national_site-cd213440142b44b59db717d15675aac62d3c45d6b1e0345dede21895047aa11c.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 16:31:26 GMT
Last-Modified: Tue, 17 Apr 2018 16:02:09 GMT
Server: nginx
Content-Type: image/jpeg
Cache-Control: max-age=31536000 public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4976
Expires: Wed, 04 May 2022 16:31:26 GMT

GET
H/1.1 200
OK sourcesanspro-semibold-webfont-4a1f91cb52a1a53c08a702dbbfc5235392dacb39cf4815faabcb44159f0a1c65.woff
www.voa-ncnn.org/assets/ 29 KB
29 KB 323ms
118ms Font
application/font-woff 104.130.32.213
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.voa-ncnn.org/assets/sourcesanspro-semibold-webfont-4a1f91cb52a1a53c08a702dbbfc5235392dacb39cf4815faabcb44159f0a1c65.woff
Requested by: Host: www.voa-ncnn.org
URL: https://www.voa-ncnn.org/assets/application_national_site-cd213440142b44b59db717d15675aac62d3c45d6b1e0345dede21895047aa11c.css
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 104.130.32.213 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 4a1f91cb52a1a53c08a702dbbfc5235392dacb39cf4815faabcb44159f0a1c65

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.voa-ncnn.org
Accept-Encoding: gzip, deflate, br
Host: www.voa-ncnn.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://www.voa-ncnn.org/assets/application_national_site-cd213440142b44b59db717d15675aac62d3c45d6b1e0345dede21895047aa11c.css
Connection: keep-alive
Origin: https://www.voa-ncnn.org
Referer: https://www.voa-ncnn.org/assets/application_national_site-cd213440142b44b59db717d15675aac62d3c45d6b1e0345dede21895047aa11c.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 16:31:26 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 Mar 2015 21:11:48 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/font-woff
Cache-Control: max-age=31536000 public
Connection: keep-alive
Expires: Wed, 04 May 2022 16:31:26 GMT

GET
H/1.1 200
OK sourcesanspro-regular-webfont-18e1f2d0175b4e4e85e92d340877f745d8786ba28953eaf5f620a54e47cc1740.woff
www.voa-ncnn.org/assets/ 29 KB
29 KB 561ms
121ms Font
application/font-woff 104.130.32.213
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.voa-ncnn.org/assets/sourcesanspro-regular-webfont-18e1f2d0175b4e4e85e92d340877f745d8786ba28953eaf5f620a54e47cc1740.woff
Requested by: Host: www.voa-ncnn.org
URL: https://www.voa-ncnn.org/assets/application_national_site-cd213440142b44b59db717d15675aac62d3c45d6b1e0345dede21895047aa11c.css
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 104.130.32.213 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 18e1f2d0175b4e4e85e92d340877f745d8786ba28953eaf5f620a54e47cc1740

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.voa-ncnn.org
Accept-Encoding: gzip, deflate, br
Host: www.voa-ncnn.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://www.voa-ncnn.org/assets/application_national_site-cd213440142b44b59db717d15675aac62d3c45d6b1e0345dede21895047aa11c.css
Connection: keep-alive
Origin: https://www.voa-ncnn.org
Referer: https://www.voa-ncnn.org/assets/application_national_site-cd213440142b44b59db717d15675aac62d3c45d6b1e0345dede21895047aa11c.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 16:31:26 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 Mar 2015 21:11:48 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/font-woff
Cache-Control: max-age=31536000 public
Connection: keep-alive
Expires: Wed, 04 May 2022 16:31:26 GMT

GET
H/1.1 200
OK CentraleSansCondensed-Medium-webfont-ce23f4f23e3b0a274ea2bf74a99a2f04966d86ece202a3941157c12de0ffcb30.woff
www.voa-ncnn.org/assets/ 36 KB
36 KB 562ms
122ms Font
application/font-woff 104.130.32.213
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.voa-ncnn.org/assets/CentraleSansCondensed-Medium-webfont-ce23f4f23e3b0a274ea2bf74a99a2f04966d86ece202a3941157c12de0ffcb30.woff
Requested by: Host: www.voa-ncnn.org
URL: https://www.voa-ncnn.org/assets/application_national_site-cd213440142b44b59db717d15675aac62d3c45d6b1e0345dede21895047aa11c.css
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 104.130.32.213 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: ce23f4f23e3b0a274ea2bf74a99a2f04966d86ece202a3941157c12de0ffcb30

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.voa-ncnn.org
Accept-Encoding: gzip, deflate, br
Host: www.voa-ncnn.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://www.voa-ncnn.org/assets/application_national_site-cd213440142b44b59db717d15675aac62d3c45d6b1e0345dede21895047aa11c.css
Connection: keep-alive
Origin: https://www.voa-ncnn.org
Referer: https://www.voa-ncnn.org/assets/application_national_site-cd213440142b44b59db717d15675aac62d3c45d6b1e0345dede21895047aa11c.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 16:31:26 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 Mar 2015 21:11:48 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/font-woff
Cache-Control: max-age=31536000 public
Connection: keep-alive
Expires: Wed, 04 May 2022 16:31:26 GMT

GET
H/1.1 200
OK Icons-258578c835a9f9ed0c5c9dcd8fbfdf35b5a6776e017d0a6b128ce21d391182f4.woff
www.voa-ncnn.org/assets/ 4 KB
3 KB 562ms
121ms Font
application/font-woff 104.130.32.213
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.voa-ncnn.org/assets/Icons-258578c835a9f9ed0c5c9dcd8fbfdf35b5a6776e017d0a6b128ce21d391182f4.woff
Requested by: Host: www.voa-ncnn.org
URL: https://www.voa-ncnn.org/assets/application_national_site-cd213440142b44b59db717d15675aac62d3c45d6b1e0345dede21895047aa11c.css
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 104.130.32.213 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 258578c835a9f9ed0c5c9dcd8fbfdf35b5a6776e017d0a6b128ce21d391182f4

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.voa-ncnn.org
Accept-Encoding: gzip, deflate, br
Host: www.voa-ncnn.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://www.voa-ncnn.org/assets/application_national_site-cd213440142b44b59db717d15675aac62d3c45d6b1e0345dede21895047aa11c.css
Connection: keep-alive
Origin: https://www.voa-ncnn.org
Referer: https://www.voa-ncnn.org/assets/application_national_site-cd213440142b44b59db717d15675aac62d3c45d6b1e0345dede21895047aa11c.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 16:31:26 GMT
Content-Encoding: gzip
Last-Modified: Wed, 04 Nov 2015 14:37:31 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/font-woff
Cache-Control: max-age=31536000 public
Connection: keep-alive
Expires: Wed, 04 May 2022 16:31:26 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
29 B 13ms
13ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1141577469&t=pageview&_s=1&dl=https%3A%2F%2Fwww.voa-ncnn.org%2Fshelter-from-the-storm-sacramento&ul=en-us&de=UTF-8&dt=Sacramento%20Shelter%20from%20the%20Storm%20Annual%20Event%20%7C%20Volunteers%20of%20America&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1132118027&gjid=892385636&cid=880714040.1620145886&tid=UA-2523129-34&_gid=249964200.1620145886&_r=1&gtm=2ou4l3&z=732036866

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.voa-ncnn.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 04 May 2021 16:31:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.voa-ncnn.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
31 B 13ms
13ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1141577469&t=pageview&_s=1&dl=https%3A%2F%2Fwww.voa-ncnn.org%2Fshelter-from-the-storm-sacramento&ul=en-us&de=UTF-8&dt=Sacramento%20Shelter%20from%20the%20Storm%20Annual%20Event%20%7C%20Volunteers%20of%20America&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAAC~&jid=855022709&gjid=626405069&cid=880714040.1620145886&tid=UA-107004064-1&_gid=249964200.1620145886&_r=1&gtm=2wg4l3WQC9WZJ&z=1182123643

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.voa-ncnn.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 04 May 2021 16:31:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.voa-ncnn.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
86 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-107004064-1&cid=880714040.1620145886&jid=855022709&gjid=626405069&_gid=249964200.1620145886&_u=aEDAAUABAAAAAC~&z=1574851476

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.voa-ncnn.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 04 May 2021 16:31:26 GMT
content-type: text/plain
access-control-allow-origin: https://www.voa-ncnn.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
host.nxt.blackbaud.com/registration-form/ Frame 09F4 8 KB
3 KB 623ms
143ms Document
text/html 52.184.193.103
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://host.nxt.blackbaud.com/registration-form/?formId=28df90ac-46f2-48d1-89a5-08a11f0709fa&envId=p-QpGS3s27wkeV6N6tQZs_Ww

Requested by

Host: sky.blackbaudcdn.net
URL: https://sky.blackbaudcdn.net/skyuxapps/registration-form/assets/online_registrations_form_loader_v1.f8744b9a2e1826070a839886cbb55c9de563274d.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.184.193.103 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ba636cc873090b24491f1ca0c7f4fff16063cdd3114b746d2213969ab71fba4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: host.nxt.blackbaud.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.voa-ncnn.org/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.voa-ncnn.org/

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: 0
Vary: Accept-Encoding
Request-Context: appId=cid-v1:384bd1e9-d5cd-4602-8610-6d580ed3e637
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-UA-Compatible: IE=edge
X-XSS-Protection: 1; mode=block
Date: Tue, 04 May 2021 16:31:27 GMT

GET
H2 200 async-buttons.js Show response
ws.sharethis.com/button/ 89 KB
19 KB 16ms
16ms Script
application/javascript 2600:9000:2104:8600:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sharethis.com/button/async-buttons.js
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/buttons.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:8600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: f3bc548fe0ec38e954e193e2048fcd89948a61e9b321e69476b807cfb530215b

Request headers

Referer: https://www.voa-ncnn.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 16:59:19 GMT
content-encoding: gzip
server: nginx/1.16.1
age: 84727
etag: W/"60257011-16245"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 043fc2faaa02eeb59193e3fa300adb6b.cloudfront.net (CloudFront)
cache-control: max-age=259200
x-amz-cf-pop: AMS1-C1
x-robots-tag: noindex, nofollow
content-length: 18815
x-amz-cf-id: faJ6vEZQ-g5FelG--55my2CeKOD9v_y0DH2M_83EjyTPEVbEjaDMUA==
expires: Thu, 06 May 2021 16:59:19 GMT

GET
H/1.1 200
OK hero-image-SFTS-2021-2.jpg
voa-production.s3.amazonaws.com/dragonfly-uploads/2021/03/16/16/40/09/41c8b816-65ba-4299-938b-6350e66939c8/ 278 KB
279 KB 141ms
138ms Image
image/jpeg 52.216.206.155
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://voa-production.s3.amazonaws.com/dragonfly-uploads/2021/03/16/16/40/09/41c8b816-65ba-4299-938b-6350e66939c8/hero-image-SFTS-2021-2.jpg
Requested by: Host: www.voa-ncnn.org
URL: https://www.voa-ncnn.org/shelter-from-the-storm-sacramento
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.206.155 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: f4ff787e21d9a10f9c896bfab57b785ae3d266cad91606ee7c6178488e426c43

Request headers

Referer: https://www.voa-ncnn.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 16:31:28 GMT
Last-Modified: Tue, 16 Mar 2021 20:40:10 GMT
Server: AmazonS3
x-amz-request-id: 57RS6Q1QTSH7GKA6
ETag: "62aa0a8f0f8c1549b884ff30a8659c3d"
Content-Type: image/jpeg
x-amz-meta-json: {"name":"hero-image-SFTS-2021-2.jpg","mime_type":"image%2Fjpeg","model_class":"Rich%3A%3ARichFile","model_attachment":"image"}
Accept-Ranges: bytes
Content-Length: 284851
x-amz-id-2: nHuCNCBsuftmIh0f1fSvLGfFONFKSBHANJYEc8hEtUa//PvIOKTKsCNZMkxjROvejFYP4xpPTPM=

GET
H/1.1 200
OK Suncrest-Sponsor.jpg
voa-production.s3.amazonaws.com/dragonfly-uploads/2021/02/09/16/21/30/2f82e6f7-bc2f-442b-9611-92ae6b5dc0f0/ 36 KB
37 KB 148ms
146ms Image
image/jpeg 52.216.206.155
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://voa-production.s3.amazonaws.com/dragonfly-uploads/2021/02/09/16/21/30/2f82e6f7-bc2f-442b-9611-92ae6b5dc0f0/Suncrest-Sponsor.jpg
Requested by: Host: www.voa-ncnn.org
URL: https://www.voa-ncnn.org/shelter-from-the-storm-sacramento
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.206.155 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 71dbd21bfca1306506c24c7dd439bc114c1b1b6074258bda2e6ae60c304b9d94

Request headers

Referer: https://www.voa-ncnn.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 16:31:28 GMT
Last-Modified: Tue, 09 Feb 2021 21:21:31 GMT
Server: AmazonS3
x-amz-request-id: 57RKT6KH0CCPNWSG
ETag: "0909c56c3978f1151b3cde5c11dda3d7"
Content-Type: image/jpeg
x-amz-meta-json: {"name":"Suncrest-Sponsor.jpg","mime_type":"image%2Fjpeg","model_class":"Rich%3A%3ARichFile","model_attachment":"image"}
Accept-Ranges: bytes
Content-Length: 37132
x-amz-id-2: 46vEYx4wgXo3seZUIUu+hvpQ3l+wuBrjw8sSyakFyb5Dhwc/F4alF+pdbNhXcdyCE/L1nmNIspY=

GET
H/1.1 200
OK Epic.jpg
voa-production.s3.amazonaws.com/dragonfly-uploads/2021/04/20/15/15/27/4125ffb3-3932-4a16-a714-0cbcad18e5c9/ 34 KB
34 KB 156ms
154ms Image
image/jpeg 52.216.206.155
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://voa-production.s3.amazonaws.com/dragonfly-uploads/2021/04/20/15/15/27/4125ffb3-3932-4a16-a714-0cbcad18e5c9/Epic.jpg
Requested by: Host: www.voa-ncnn.org
URL: https://www.voa-ncnn.org/shelter-from-the-storm-sacramento
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.206.155 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3aef77f05596ec7832230778b48f211dfaf8631a4f4595824d11b4e1270d09eb

Request headers

Referer: https://www.voa-ncnn.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 16:31:28 GMT
Last-Modified: Tue, 20 Apr 2021 19:15:28 GMT
Server: AmazonS3
x-amz-request-id: 57RPC9MR377NQ8TX
ETag: "620359ba3ce607c36330bd4d7df8c657"
Content-Type: image/jpeg
x-amz-meta-json: {"name":"Epic.jpg","mime_type":"image%2Fjpeg","model_class":"Rich%3A%3ARichFile","model_attachment":"image"}
Accept-Ranges: bytes
Content-Length: 34465
x-amz-id-2: njqT8gMX3eWAigmVMIzi//EUreTy6ItFlLICpijZ4WUHtblJE4GESF9ITrSJygSYk5y8mRV6yqo=

GET
H/1.1 200
OK Kaiser-Sponsor.jpg
voa-production.s3.amazonaws.com/dragonfly-uploads/2021/02/09/16/21/30/37d235a0-6228-4fc4-86e8-d9faf9ec6fac/ 35 KB
35 KB 139ms
137ms Image
image/jpeg 52.216.206.155
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://voa-production.s3.amazonaws.com/dragonfly-uploads/2021/02/09/16/21/30/37d235a0-6228-4fc4-86e8-d9faf9ec6fac/Kaiser-Sponsor.jpg
Requested by: Host: www.voa-ncnn.org
URL: https://www.voa-ncnn.org/shelter-from-the-storm-sacramento
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.206.155 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: aaeb468f5f6dc8129081ba86a9f26007d912f8e4dc1e9e52854d1bf85663086f

Request headers

Referer: https://www.voa-ncnn.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 16:31:28 GMT
Last-Modified: Tue, 09 Feb 2021 21:21:31 GMT
Server: AmazonS3
x-amz-request-id: 57RN4WWDAZXZS7H6
ETag: "a68b74d409b36d48c590bc401525b0b1"
Content-Type: image/jpeg
x-amz-meta-json: {"name":"Kaiser-Sponsor.jpg","mime_type":"image%2Fjpeg","model_class":"Rich%3A%3ARichFile","model_attachment":"image"}
Accept-Ranges: bytes
Content-Length: 35604
x-amz-id-2: Yb0ikoE4a9A3QycPd5AU6VYDHXsMp3bqe+5P6quU2r+iBWZ3OrupI6WHSu+XZzZvTcKwT/oBIUo=

GET
H/1.1 200
OK CAS.jpg
voa-production.s3.amazonaws.com/dragonfly-uploads/2021/04/08/14/03/09/2fd08cf1-983e-4b78-9662-eab382635c19/ 34 KB
35 KB 154ms
153ms Image
image/jpeg 52.216.206.155
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://voa-production.s3.amazonaws.com/dragonfly-uploads/2021/04/08/14/03/09/2fd08cf1-983e-4b78-9662-eab382635c19/CAS.jpg
Requested by: Host: www.voa-ncnn.org
URL: https://www.voa-ncnn.org/shelter-from-the-storm-sacramento
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.206.155 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: fbd2a269a6d68afc0c1ed564f2fe6e3dcba9583218039635a37ac80852b5f9d6

Request headers

Referer: https://www.voa-ncnn.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 16:31:28 GMT
Last-Modified: Thu, 08 Apr 2021 18:03:10 GMT
Server: AmazonS3
x-amz-request-id: 57RP4YJ34T2PCRSM
ETag: "679e790b8bbe4f4309217bdf85cb11b4"
Content-Type: image/jpeg
x-amz-meta-json: {"name":"CAS.jpg","mime_type":"image%2Fjpeg","model_class":"Rich%3A%3ARichFile","model_attachment":"image"}
Accept-Ranges: bytes
Content-Length: 35257
x-amz-id-2: 68QWkXrcFEF65bnFkivRUex3VEpk/qECPTjRHDFJI4EQ1EH9AoFGKZJc6mB4oRrLxql4wtQ8/2Q=

GET
H2 200 portal-v2.html Show response
c.sharethis.mgr.consensu.org/ Frame E67F 2 KB
1 KB 43ms
13ms Document
text/html 2600:9000:2104:e000:c:a9b7:ddc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.sharethis.mgr.consensu.org/portal-v2.html
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/buttons.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:e000:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ac84513c4c5ea7e4458e91c46e33ba71b56e19fabf93cc079ffcb01a975c2e3d

Request headers

:method: GET
:authority: c.sharethis.mgr.consensu.org
:scheme: https
:path: /portal-v2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.voa-ncnn.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.voa-ncnn.org/

Response headers

content-type: text/html; charset=utf-8
content-encoding: gzip
cache-control: max-age=3600, public
date: Tue, 04 May 2021 15:49:17 GMT
etag: W/"83a-K1Ex0xzH2LCxSyRnDnyZEg18N68"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 317b3418459e7cb903a13afaecea9340.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: ALnYCzwik6Wytr-yaD93S00FUNMzlZFYFiPlse2Nyzp1bifsButb4Q==
age: 2529

GET
H2 200 buttons-secure.css
ws.sharethis.com/button/css/ 23 KB
4 KB 14ms
13ms Stylesheet
text/css 2600:9000:2104:8600:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sharethis.com/button/css/buttons-secure.css
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:8600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05

Request headers

Referer: https://www.voa-ncnn.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 02:31:31 GMT
content-encoding: gzip
last-modified: Thu, 11 Feb 2021 17:57:38 GMT
server: nginx/1.16.1
age: 50395
etag: W/"60257012-5a76"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 043fc2faaa02eeb59193e3fa300adb6b.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-robots-tag: noindex, nofollow
content-length: 3851
x-amz-cf-id: nhD4eS2H45EbE7C8IEL8GRLuVY1s2dtQRZpwf1pXTWg1RVcT3x-p2g==

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
338 B 194ms
44ms XHR
text/plain 52.29.62.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1620145886937.21911&hostname=www.voa-ncnn.org&location=%2Fshelter-from-the-storm-sacramento&product=widget&fcmp=false&fcmpv2=false&publisher=ra-534475d30a89280f&bsamesite=true&consent_cookie_duration=96&consent_duration=96&gdpr_domain=.consensu.org&gdpr_method=cookie&url=https%3A%2F%2Fwww.voa-ncnn.org%2Fshelter-from-the-storm-sacramento&title=Sacramento%20Shelter%20from%20the%20Storm%20Annual%20Event%20%7C%20Volunteers%20of%20America&sop=false&description=
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/buttons.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.62.85 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-62-85.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.voa-ncnn.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 16:31:27 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://www.voa-ncnn.org
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 es6-promise.auto.min.34b3404aee23c330527201dc2c3b6e78a7655f51.js Show response
sky.blackbaudcdn.net/skyuxapps/host-assets/assets/ Frame 09F4 6 KB
3 KB 180ms
82ms Script
application/javascript 65.9.84.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sky.blackbaudcdn.net/skyuxapps/host-assets/assets/es6-promise.auto.min.34b3404aee23c330527201dc2c3b6e78a7655f51.js

Requested by

Host: host.nxt.blackbaud.com
URL: https://host.nxt.blackbaud.com/registration-form/?formId=28df90ac-46f2-48d1-89a5-08a11f0709fa&envId=p-QpGS3s27wkeV6N6tQZs_Ww

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

5f1addaf2e9f5922aed63d802f2b8afe01c543ed81a7be99ad1e9fdd05c8e3b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Origin: https://host.nxt.blackbaud.com
Referer: https://host.nxt.blackbaud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 08:21:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 807009
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 122
strict-transport-security: max-age=3600; includeSubDomains
request-context: appId=cid-v1:97accf10-7710-4206-9726-3866ea91e9c5
access-control-allow-origin: https://host.nxt.blackbaud.com
server: istio-envoy
etag: "0x8D8565881C6436D"
vary: Accept-Encoding,Origin
content-type: application/javascript
via: 1.1 f32f19f2f9b3c0c60a4ff31c809ed008.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: jix5kM25zexQT37pB9xyIOoXPnmx7P2KfNR5j99mWS-uaXNqWtlBfg==

GET
H2 200 notifications-client.global.min.js Show response
sky.blackbaudcdn.net/static/notifications-client/1.3.1/ Frame 09F4 90 KB
27 KB 166ms
68ms Script
application/javascript 65.9.84.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sky.blackbaudcdn.net/static/notifications-client/1.3.1/notifications-client.global.min.js

Requested by

Host: host.nxt.blackbaud.com
URL: https://host.nxt.blackbaud.com/registration-form/?formId=28df90ac-46f2-48d1-89a5-08a11f0709fa&envId=p-QpGS3s27wkeV6N6tQZs_Ww

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

f4b2319a1365489f99b5c83faed96e6f606ccff59bfd7ea05d4198b894ff010e

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Origin: https://host.nxt.blackbaud.com
Referer: https://host.nxt.blackbaud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 01:00:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2388650
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 24
strict-transport-security: max-age=3600; includeSubDomains
request-context: appId=cid-v1:97accf10-7710-4206-9726-3866ea91e9c5
access-control-allow-origin: https://host.nxt.blackbaud.com
server: istio-envoy
etag: "0x8D8E7CF77038C84"
vary: Accept-Encoding,Origin
content-type: application/javascript
via: 1.1 f32f19f2f9b3c0c60a4ff31c809ed008.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: z2vZUyuwNhOO-DQTOdwSMfVwP36QZsG6zc-5GA1aPpaIiPzE2XQ2TA==

GET
H2 200 auth-client.global.min.js Show response
sky.blackbaudcdn.net/static/auth-client/2.46.0/ Frame 09F4 50 KB
16 KB 165ms
68ms Script
application/javascript 65.9.84.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sky.blackbaudcdn.net/static/auth-client/2.46.0/auth-client.global.min.js

Requested by

Host: host.nxt.blackbaud.com
URL: https://host.nxt.blackbaud.com/registration-form/?formId=28df90ac-46f2-48d1-89a5-08a11f0709fa&envId=p-QpGS3s27wkeV6N6tQZs_Ww

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

25e20dffb43672a27b9d76318adfccd681ae29b79c9ef417b4881c1dc5343427

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Origin: https://host.nxt.blackbaud.com
Referer: https://host.nxt.blackbaud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 01:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 571229
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 28
strict-transport-security: max-age=3600; includeSubDomains
request-context: appId=cid-v1:97accf10-7710-4206-9726-3866ea91e9c5
access-control-allow-origin: https://host.nxt.blackbaud.com
server: istio-envoy
etag: "0x8D905D447D16089"
vary: Accept-Encoding,Origin
content-type: application/javascript
via: 1.1 f32f19f2f9b3c0c60a4ff31c809ed008.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: EJQxpfVaV3Y7Rks_ttnIXF9GpOTKv3TciIUX8t_C2fdcrN50yB7yyQ==

GET
H2 200 bbCheckoutLoadJS.js Show response
payments.blackbaud.com/checkout/ Frame 09F4 392 B
1 KB 430ms
312ms Script
application/javascript 107.154.229.42
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.blackbaud.com/checkout/bbCheckoutLoadJS.js

Requested by

Host: host.nxt.blackbaud.com
URL: https://host.nxt.blackbaud.com/registration-form/?formId=28df90ac-46f2-48d1-89a5-08a11f0709fa&envId=p-QpGS3s27wkeV6N6tQZs_Ww

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.229.42 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.229.42.ip.incapdns.net

Software

Microsoft-IIS/8.5 /

Resource Hash

568d593e2630341a0404c505cdb3c5387db9bb4c0320fb0f7fc22ecf06a493b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://host.nxt.blackbaud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:31:27 GMT
content-encoding: gzip
last-modified: Tue, 06 Apr 2021 22:09:45 GMT
server: Microsoft-IIS/8.5
etag: "2f68a8d312bd71:0"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-iinfo: 10-150879670-150879671 NNYN CT(92 89 0) RT(1620145886340 0) q(0 0 2 0) r(3 3) U5
cache-control: no-cache="set-cookie"
accept-ranges: bytes
x-cdn: Imperva

GET
H2 200 skyux.0c3ea721f2d4c61805c5.chunk.0ba655e3666dab9ad3e361c392a3717f.js Show response
sky.blackbaudcdn.net/skyuxapps/registration-form/ Frame 09F4 1 MB
676 KB 202ms
105ms Script
application/javascript 65.9.84.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sky.blackbaudcdn.net/skyuxapps/registration-form/skyux.0c3ea721f2d4c61805c5.chunk.0ba655e3666dab9ad3e361c392a3717f.js

Requested by

Host: host.nxt.blackbaud.com
URL: https://host.nxt.blackbaud.com/registration-form/?formId=28df90ac-46f2-48d1-89a5-08a11f0709fa&envId=p-QpGS3s27wkeV6N6tQZs_Ww

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

d73e09aa92bbd75b80a452306671221d0a7d7ab9f28d3b57fd0d57185978f3da

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Origin: https://host.nxt.blackbaud.com
Referer: https://host.nxt.blackbaud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 17:46:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3451484
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 107
strict-transport-security: max-age=3600; includeSubDomains
request-context: appId=cid-v1:97accf10-7710-4206-9726-3866ea91e9c5
access-control-allow-origin: https://host.nxt.blackbaud.com
server: istio-envoy
etag: "0x8D8EFB3EEB9C62E"
vary: Accept-Encoding,Origin
content-type: application/javascript
via: 1.1 f32f19f2f9b3c0c60a4ff31c809ed008.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: YGjwUNBan0R6yqL6EVfMZV_pT2Qrh6aY9ehNxwMFJImnT8PJM0gUGw==

GET
H2 200 polyfills.95f1be2cd5cc35fc911f.ce46e5d9047f2d29646a2071e116ef69.js Show response
sky.blackbaudcdn.net/skyuxapps/registration-form/ Frame 09F4 2 KB
1 KB 236ms
139ms Script
application/javascript 65.9.84.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sky.blackbaudcdn.net/skyuxapps/registration-form/polyfills.95f1be2cd5cc35fc911f.ce46e5d9047f2d29646a2071e116ef69.js

Requested by

Host: host.nxt.blackbaud.com
URL: https://host.nxt.blackbaud.com/registration-form/?formId=28df90ac-46f2-48d1-89a5-08a11f0709fa&envId=p-QpGS3s27wkeV6N6tQZs_Ww

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

2e8504a29812cf0cbbfe8a06f08ab2c778ea79fbf6391a1bf83a34abaf588158

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Origin: https://host.nxt.blackbaud.com
Referer: https://host.nxt.blackbaud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 06:40:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7552239
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 65
strict-transport-security: max-age=3600; includeSubDomains
request-context: appId=cid-v1:97accf10-7710-4206-9726-3866ea91e9c5
access-control-allow-origin: https://host.nxt.blackbaud.com
server: istio-envoy
etag: "0x8D8CA203EAFA438"
vary: Accept-Encoding,Origin
content-type: application/javascript
via: 1.1 f32f19f2f9b3c0c60a4ff31c809ed008.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: _Tbz_OqIw2T7zsP9gUyr_oEbo63URWH3yo2pqAYVaWoiR4bty5roJQ==

GET
H2 200 pollyfill.4a9ad95d9e7887d412ff.chunk.192e6c38bd87ec629c102b128f513f0b.js Show response
sky.blackbaudcdn.net/skyuxapps/registration-form/ Frame 09F4 133 KB
50 KB 270ms
177ms Script
application/javascript 65.9.84.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sky.blackbaudcdn.net/skyuxapps/registration-form/pollyfill.4a9ad95d9e7887d412ff.chunk.192e6c38bd87ec629c102b128f513f0b.js

Requested by

Host: host.nxt.blackbaud.com
URL: https://host.nxt.blackbaud.com/registration-form/?formId=28df90ac-46f2-48d1-89a5-08a11f0709fa&envId=p-QpGS3s27wkeV6N6tQZs_Ww

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

e67b198a24b4707079b5b2bf963004cacf6b9495843fbd0cab411a10db9f92ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Origin: https://host.nxt.blackbaud.com
Referer: https://host.nxt.blackbaud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:25:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5389576
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 76
strict-transport-security: max-age=3600; includeSubDomains
request-context: appId=cid-v1:97accf10-7710-4206-9726-3866ea91e9c5
access-control-allow-origin: https://host.nxt.blackbaud.com
server: istio-envoy
etag: "0x8D8D9BEDF572B60"
vary: Accept-Encoding,Origin
content-type: application/javascript
via: 1.1 f32f19f2f9b3c0c60a4ff31c809ed008.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: OnXukHT00JVl_cF_EvRbTbmOw96X1_-m9-SsFyGlJmGUkFNc70SlEw==

GET
H2 200 app.0fa567e2f9403d02b4ba.443a8715c648d485587a1b1c05cb527c.js Show response
sky.blackbaudcdn.net/skyuxapps/registration-form/ Frame 09F4 173 KB
45 KB 272ms
181ms Script
application/javascript 65.9.84.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sky.blackbaudcdn.net/skyuxapps/registration-form/app.0fa567e2f9403d02b4ba.443a8715c648d485587a1b1c05cb527c.js

Requested by

Host: host.nxt.blackbaud.com
URL: https://host.nxt.blackbaud.com/registration-form/?formId=28df90ac-46f2-48d1-89a5-08a11f0709fa&envId=p-QpGS3s27wkeV6N6tQZs_Ww

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

62f2f285a2b15f32ea7e75eae9ecfaf471990262b6ad55a3cdc6b094db37d334

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Origin: https://host.nxt.blackbaud.com
Referer: https://host.nxt.blackbaud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 17:46:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3451484
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 44
strict-transport-security: max-age=3600; includeSubDomains
request-context: appId=cid-v1:97accf10-7710-4206-9726-3866ea91e9c5
access-control-allow-origin: https://host.nxt.blackbaud.com
server: istio-envoy
etag: "0x8D8EFB3EEE9947B"
vary: Accept-Encoding,Origin
content-type: application/javascript
via: 1.1 f32f19f2f9b3c0c60a4ff31c809ed008.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: q5NhYjtJB6ZjpseD6d87u5lXtnND1TEWyZHad25wxqhgocB7gpC8nw==

GET
H2 200 vendor.ab5a054e590f1fa9b77e.chunk.a9977e8cd98d6fe8ef67ad8c4ba85ef2.js Show response
sky.blackbaudcdn.net/skyuxapps/registration-form/ Frame 09F4 2 MB
570 KB 261ms
169ms Script
application/javascript 65.9.84.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sky.blackbaudcdn.net/skyuxapps/registration-form/vendor.ab5a054e590f1fa9b77e.chunk.a9977e8cd98d6fe8ef67ad8c4ba85ef2.js

Requested by

Host: host.nxt.blackbaud.com
URL: https://host.nxt.blackbaud.com/registration-form/?formId=28df90ac-46f2-48d1-89a5-08a11f0709fa&envId=p-QpGS3s27wkeV6N6tQZs_Ww

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

18889c3a2c35990163ab1fbe90e1355f722525619e9656f6ab4653f09e2a848a

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Origin: https://host.nxt.blackbaud.com
Referer: https://host.nxt.blackbaud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 17:46:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3451484
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 78
strict-transport-security: max-age=3600; includeSubDomains
request-context: appId=cid-v1:97accf10-7710-4206-9726-3866ea91e9c5
access-control-allow-origin: https://host.nxt.blackbaud.com
server: istio-envoy
etag: "0x8D8EFB3EF22177B"
vary: Accept-Encoding,Origin
content-type: application/javascript
via: 1.1 f32f19f2f9b3c0c60a4ff31c809ed008.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: zr5f7u-csCzenbEEwo2KNWjv_HtkzvCIwL-5mdkTryB2WXAQb90_zQ==

GET
H/1.1 204
No Content pview
l.sharethis.com/ 0
315 B 44ms
44ms Image
text/plain 52.29.62.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1620145886937.21911&hostname=www.voa-ncnn.org&location=%2Fshelter-from-the-storm-sacramento&product=widget&fcmp=false&fcmpv2=false&publisher=ra-534475d30a89280f&bsamesite=true&consent_cookie_duration=96&consent_duration=96&gdpr_domain=.consensu.org&gdpr_method=cookie&url=https%3A%2F%2Fwww.voa-ncnn.org%2Fshelter-from-the-storm-sacramento&title=Sacramento%20Shelter%20from%20the%20Storm%20Annual%20Event%20%7C%20Volunteers%20of%20America&sop=false&description=&gdpr_domain=.consensu.org&gdpr_method=cookie&description=&img_pview=true
Requested by: Host: www.voa-ncnn.org
URL: https://www.voa-ncnn.org/shelter-from-the-storm-sacramento
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.62.85 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-62-85.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.voa-ncnn.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 16:31:27 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

OPTIONS
H2 204 28df90ac-46f2-48d1-89a5-08a11f0709fa
reg-pusa01.app.blackbaud.net/oregc/v1/environments/p-QpGS3s27wkeV6N6tQZs_Ww/forms/ Frame 0
0 395ms
131ms Preflight 20.80.210.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://reg-pusa01.app.blackbaud.net/oregc/v1/environments/p-QpGS3s27wkeV6N6tQZs_Ww/forms/28df90ac-46f2-48d1-89a5-08a11f0709fa?envid=p-QpGS3s27wkeV6N6tQZs_Ww

Protocol

Server

20.80.210.97 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://host.nxt.blackbaud.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 04 May 2021 16:31:27 GMT
vary: Origin
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://host.nxt.blackbaud.com
access-control-max-age: 14400
request-context: appId=cid-v1:e603cef7-dff5-49ad-8e0d-3e6d64094b0d
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 09F4 30 KB
7 KB 22ms
21ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: host.nxt.blackbaud.com
URL: https://host.nxt.blackbaud.com/registration-form/?formId=28df90ac-46f2-48d1-89a5-08a11f0709fa&envId=p-QpGS3s27wkeV6N6tQZs_Ww

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://host.nxt.blackbaud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:31:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723, 617, 617
age: 3699243
cdn-cachedat: 2021-03-11 11:57:51
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09d9d1723700001f25fdbfc000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 50f270cef956c80b14f61fa9ad96c573
cf-ray: 64a31e96bb861f25-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 skyux-icons.min.css
sky.blackbaudcdn.net/static/skyux-icons/4.0.0-beta.2/assets/css/ Frame 09F4 3 KB
1 KB 46ms
45ms Stylesheet
text/css 65.9.84.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sky.blackbaudcdn.net/static/skyux-icons/4.0.0-beta.2/assets/css/skyux-icons.min.css

Requested by

Host: host.nxt.blackbaud.com
URL: https://host.nxt.blackbaud.com/registration-form/?formId=28df90ac-46f2-48d1-89a5-08a11f0709fa&envId=p-QpGS3s27wkeV6N6tQZs_Ww

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

8cd2880f44ba1eeac73dae64cd24f1f0e79cf988dd1043747f67bc87e9e4c416

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://host.nxt.blackbaud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 16:52:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4750748
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 328
strict-transport-security: max-age=3600; includeSubDomains
request-context: appId=cid-v1:97accf10-7710-4206-9726-3866ea91e9c5
access-control-allow-origin: *
server: istio-envoy
etag: "0x8D8DDBAB45A6DAC"
vary: Accept-Encoding
content-type: text/css
via: 1.1 4ce5e5162c2d4fc9022ceb290f794ffe.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: 6ldhzXPFU-VQ_cGjD5Xz-Yw8_imFVj5QNfSUVAAmJwmr6yEsTTseBQ==

POST
H2 200 / Show response
reg-pusa01.app.blackbaud.net/oregc/mixpanel/groups/ Frame 09F4 1 B
469 B 473ms
182ms XHR
application/json 20.80.210.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://reg-pusa01.app.blackbaud.net/oregc/mixpanel/groups/?ip=1&_=1620145887859

Requested by

Host: sky.blackbaudcdn.net
URL: https://sky.blackbaudcdn.net/skyuxapps/registration-form/pollyfill.4a9ad95d9e7887d412ff.chunk.192e6c38bd87ec629c102b128f513f0b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

20.80.210.97 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://host.nxt.blackbaud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 04 May 2021 16:31:28 GMT
via: 1.1 google
x-content-type-options: nosniff
x-envoy-upstream-service-time: 49
strict-transport-security: max-age=604800; includeSubDomains, max-age=31536000; includeSubDomains
alt-svc: clear
content-length: 1
request-context: appId=cid-v1:e603cef7-dff5-49ad-8e0d-3e6d64094b0d
server: istio-envoy
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://host.nxt.blackbaud.com
vary: Origin,Origin
cache-control: no-store, no-cache
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With
access-control-expose-headers: X-MP-CE-Backoff

POST
H2 200 / Show response
reg-pusa01.app.blackbaud.net/oregc/mixpanel/groups/ Frame 09F4 1 B
55 B 473ms
182ms XHR
application/json 20.80.210.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://reg-pusa01.app.blackbaud.net/oregc/mixpanel/groups/?ip=1&_=1620145887862

Requested by

Host: sky.blackbaudcdn.net
URL: https://sky.blackbaudcdn.net/skyuxapps/registration-form/pollyfill.4a9ad95d9e7887d412ff.chunk.192e6c38bd87ec629c102b128f513f0b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

20.80.210.97 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://host.nxt.blackbaud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 04 May 2021 16:31:28 GMT
via: 1.1 google
x-content-type-options: nosniff
x-envoy-upstream-service-time: 50
strict-transport-security: max-age=604800; includeSubDomains, max-age=31536000; includeSubDomains
alt-svc: clear
content-length: 1
request-context: appId=cid-v1:e603cef7-dff5-49ad-8e0d-3e6d64094b0d
server: istio-envoy
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://host.nxt.blackbaud.com
vary: Origin,Origin
cache-control: no-store, no-cache
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With
access-control-expose-headers: X-MP-CE-Backoff

POST
H2 200 / Show response
reg-pusa01.app.blackbaud.net/oregc/mixpanel/groups/ Frame 09F4 1 B
54 B 473ms
183ms XHR
application/json 20.80.210.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://reg-pusa01.app.blackbaud.net/oregc/mixpanel/groups/?ip=1&_=1620145887864

Requested by

Host: sky.blackbaudcdn.net
URL: https://sky.blackbaudcdn.net/skyuxapps/registration-form/pollyfill.4a9ad95d9e7887d412ff.chunk.192e6c38bd87ec629c102b128f513f0b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

20.80.210.97 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://host.nxt.blackbaud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 04 May 2021 16:31:28 GMT
via: 1.1 google
x-content-type-options: nosniff
x-envoy-upstream-service-time: 52
strict-transport-security: max-age=604800; includeSubDomains, max-age=31536000; includeSubDomains
alt-svc: clear
content-length: 1
request-context: appId=cid-v1:e603cef7-dff5-49ad-8e0d-3e6d64094b0d
server: istio-envoy
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://host.nxt.blackbaud.com
vary: Origin,Origin
cache-control: no-store, no-cache
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With
access-control-expose-headers: X-MP-CE-Backoff

POST
H2 200 / Show response
reg-pusa01.app.blackbaud.net/oregc/mixpanel/groups/ Frame 09F4 1 B
51 B 471ms
183ms XHR
application/json 20.80.210.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://reg-pusa01.app.blackbaud.net/oregc/mixpanel/groups/?ip=1&_=1620145887865

Requested by

Host: sky.blackbaudcdn.net
URL: https://sky.blackbaudcdn.net/skyuxapps/registration-form/pollyfill.4a9ad95d9e7887d412ff.chunk.192e6c38bd87ec629c102b128f513f0b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

20.80.210.97 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://host.nxt.blackbaud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 04 May 2021 16:31:28 GMT
via: 1.1 google
x-content-type-options: nosniff
x-envoy-upstream-service-time: 50
strict-transport-security: max-age=604800; includeSubDomains, max-age=31536000; includeSubDomains
alt-svc: clear
content-length: 1
request-context: appId=cid-v1:e603cef7-dff5-49ad-8e0d-3e6d64094b0d
server: istio-envoy
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://host.nxt.blackbaud.com
vary: Origin,Origin
cache-control: no-store, no-cache
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With
access-control-expose-headers: X-MP-CE-Backoff

GET
H2 200 blackbaud-sans.woff
sky.blackbaudcdn.net/skyux-fonts/1.0.1/ Frame 09F4 37 KB
37 KB 45ms
44ms Font
application/font-woff 65.9.84.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sky.blackbaudcdn.net/skyux-fonts/1.0.1/blackbaud-sans.woff
Requested by: Host: host.nxt.blackbaud.com
URL: https://host.nxt.blackbaud.com/registration-form/?formId=28df90ac-46f2-48d1-89a5-08a11f0709fa&envId=p-QpGS3s27wkeV6N6tQZs_Ww
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b2a3af53e1bdca463891c6552648f98324e3d8adc9cba653190e656bce294a33

Request headers

Origin: https://host.nxt.blackbaud.com
Referer: https://host.nxt.blackbaud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 18:31:39 GMT
via: 1.1 f32f19f2f9b3c0c60a4ff31c809ed008.cloudfront.net (CloudFront)
vary: Origin
age: 8114389
x-cache: Hit from cloudfront
content-length: 37436
last-modified: Tue, 19 Sep 2017 14:25:13 GMT
server: AmazonS3
etag: "f214728606d42a6c3de933aea8a8d034"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public,max-age=31536000
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-amz-cf-id: R-B4g4yVmnH6a_n-_VxnNpBnmgO4in9hJjA21svAd52KEjhXizkExg==

GET
H2 200 28df90ac-46f2-48d1-89a5-08a11f0709fa Show response
reg-pusa01.app.blackbaud.net/oregc/v1/environments/p-QpGS3s27wkeV6N6tQZs_Ww/forms/ Frame 09F4 11 KB
12 KB 149ms
149ms XHR
application/json 20.80.210.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://reg-pusa01.app.blackbaud.net/oregc/v1/environments/p-QpGS3s27wkeV6N6tQZs_Ww/forms/28df90ac-46f2-48d1-89a5-08a11f0709fa?envid=p-QpGS3s27wkeV6N6tQZs_Ww

Requested by

Host: sky.blackbaudcdn.net
URL: https://sky.blackbaudcdn.net/skyuxapps/registration-form/pollyfill.4a9ad95d9e7887d412ff.chunk.192e6c38bd87ec629c102b128f513f0b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

20.80.210.97 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

f4a53a923205afc32149fbe9373b0309a7689744c719195ae68dfdc1020c5c16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://host.nxt.blackbaud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 04 May 2021 16:31:27 GMT
x-content-type-options: nosniff
server: istio-envoy
vary: Origin,Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://host.nxt.blackbaud.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 13
strict-transport-security: max-age=31536000; includeSubDomains
request-context: appId=cid-v1:e603cef7-dff5-49ad-8e0d-3e6d64094b0d

GET
H2 200 nr-1208.min.js Show response
js-agent.newrelic.com/ 31 KB
12 KB 139ms
45ms Script
application/javascript 151.101.14.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1208.min.js
Requested by: Host: www.voa-ncnn.org
URL: https://www.voa-ncnn.org/shelter-from-the-storm-sacramento
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4014ca31d3c8e768608a40ed160a405ae39836a5b2c43f256bee3bdf427dd67f

Request headers

Referer: https://www.voa-ncnn.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: RGJXhnJ2IqU3nLrOoxetOoKLCG4kx4sX
content-encoding: gzip
etag: "1a71e4208296f97b465116492f59124d"
x-amz-request-id: CMSGRJ4N9VF9C0V5
x-cache: HIT
content-length: 11777
x-amz-id-2: EMO+RPTB61PazlipYSboWywSY4kViWkXXcgB10qO5/hMrAKC4+usyWupDRt6ibMny/ocOi/Mfw8=
x-served-by: cache-fra19156-FRA
last-modified: Wed, 10 Mar 2021 16:24:28 GMT
server: AmazonS3
x-timer: S1620145888.052370,VS0,VE0
date: Tue, 04 May 2021 16:31:28 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 20276

GET
H3-29 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 09F4 75 KB
76 KB 19ms
19ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://host.nxt.blackbaud.com
Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:31:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 617, 617, 617
age: 990253
cdn-cachedat: 2021-04-23 07:11:16
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
cf-request-id: 09d9d172cb00001f35772d4000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 5fb19f96cc19ecea983cbd979273d375
accept-ranges: bytes
cf-ray: 64a31e97a9f61f35-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 skyux-icons.woff2
sky.blackbaudcdn.net/static/skyux-icons/4.0.0-beta.2/assets/font/ Frame 09F4 9 KB
10 KB 55ms
55ms Font
application/octet-stream 65.9.84.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sky.blackbaudcdn.net/static/skyux-icons/4.0.0-beta.2/assets/font/skyux-icons.woff2?56855530

Requested by

Host: sky.blackbaudcdn.net
URL: https://sky.blackbaudcdn.net/static/skyux-icons/4.0.0-beta.2/assets/css/skyux-icons.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

71e80663973bbe95b9f0677c51ca6074366892053463e4cce40b2149873eb74a

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Origin: https://host.nxt.blackbaud.com
Referer: https://sky.blackbaudcdn.net/static/skyux-icons/4.0.0-beta.2/assets/css/skyux-icons.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 05:10:23 GMT
via: 1.1 f32f19f2f9b3c0c60a4ff31c809ed008.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 1596064
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 144
strict-transport-security: max-age=3600; includeSubDomains
request-context: appId=cid-v1:97accf10-7710-4206-9726-3866ea91e9c5
server: istio-envoy
etag: "0x8D8DDBAB46B1393"
vary: Origin
content-type: application/octet-stream
access-control-allow-origin: https://host.nxt.blackbaud.com
cache-control: public,max-age=31536000
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: Wg0gVuz8evBRbjkeatrF4ZyAL_c4mGJLy1qGcIn_PB-jeuc0Kh9XHw==

GET
H/1.1 200
OK NRJS-a23288c67f637fe87b2 Show response
bam-cell.nr-data.net/1/ 57 B
646 B 722ms
656ms Script
text/javascript 162.247.243.146
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/NRJS-a23288c67f637fe87b2?a=485183654&v=1208.49599aa&to=J1hfTUdXWQ9TRkkVBQNSQhZGUFoU&rst=3345&ck=1&ref=https://www.voa-ncnn.org/shelter-from-the-storm-sacramento&ap=19&be=1115&fe=3198&dc=2208&perf=%7B%22timing%22:%7B%22of%22:1620145884733,%22n%22:0,%22f%22:260,%22dn%22:263,%22dne%22:480,%22c%22:480,%22s%22:508,%22ce%22:953,%22rq%22:954,%22rp%22:1104,%22rpe%22:1200,%22dl%22:1107,%22di%22:2208,%22ds%22:2208,%22de%22:2212,%22dc%22:3197,%22l%22:3197,%22le%22:3202%7D,%22navigation%22:%7B%7D%7D&fp=1652&fcp=1652&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1208.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.146 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1

Request headers

Referer: https://www.voa-ncnn.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 16:31:28 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: text/javascript;charset=ISO-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 64a31e990c691d1e-CPH
cf-request-id: 09d9d173a800001d1ed62fb000000001
Expires: Thu, 01 Jan 1970 00:00:00 GMT

OPTIONS
H2 204 check
reg-pusa01.app.blackbaud.net/oregc/v1/environments/p-QpGS3s27wkeV6N6tQZs_Ww/forms/28df90ac-46f2-48d1-89a5-08a11f0709fa/ Frame 0
0 131ms
131ms Preflight 20.80.210.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://reg-pusa01.app.blackbaud.net/oregc/v1/environments/p-QpGS3s27wkeV6N6tQZs_Ww/forms/28df90ac-46f2-48d1-89a5-08a11f0709fa/check?envid=p-QpGS3s27wkeV6N6tQZs_Ww

Protocol

Server

20.80.210.97 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://host.nxt.blackbaud.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 04 May 2021 16:31:27 GMT
vary: Origin
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://host.nxt.blackbaud.com
access-control-max-age: 14400
request-context: appId=cid-v1:e603cef7-dff5-49ad-8e0d-3e6d64094b0d
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy

OPTIONS
H2 204 p-QpGS3s27wkeV6N6tQZs_Ww
reg-pusa01.app.blackbaud.net/oregc/v1/payment/realm/ Frame 0
0 131ms
130ms Preflight 20.80.210.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://reg-pusa01.app.blackbaud.net/oregc/v1/payment/realm/p-QpGS3s27wkeV6N6tQZs_Ww?envid=p-QpGS3s27wkeV6N6tQZs_Ww

Protocol

Server

20.80.210.97 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://host.nxt.blackbaud.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 04 May 2021 16:31:28 GMT
vary: Origin
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://host.nxt.blackbaud.com
access-control-max-age: 14400
request-context: appId=cid-v1:e603cef7-dff5-49ad-8e0d-3e6d64094b0d
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy

POST
H2 200 / Show response
reg-pusa01.app.blackbaud.net/oregc/mixpanel/track/ Frame 09F4 1 B
54 B 175ms
174ms XHR
application/json 20.80.210.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://reg-pusa01.app.blackbaud.net/oregc/mixpanel/track/?ip=1&_=1620145888461

Requested by

Host: sky.blackbaudcdn.net
URL: https://sky.blackbaudcdn.net/skyuxapps/registration-form/pollyfill.4a9ad95d9e7887d412ff.chunk.192e6c38bd87ec629c102b128f513f0b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

20.80.210.97 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://host.nxt.blackbaud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 04 May 2021 16:31:28 GMT
via: 1.1 google
x-content-type-options: nosniff
x-envoy-upstream-service-time: 44
strict-transport-security: max-age=604800; includeSubDomains, max-age=31536000; includeSubDomains
alt-svc: clear
content-length: 1
request-context: appId=cid-v1:e603cef7-dff5-49ad-8e0d-3e6d64094b0d
server: istio-envoy
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://host.nxt.blackbaud.com
vary: Origin,Origin
cache-control: no-store, no-cache
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With
access-control-expose-headers: X-MP-CE-Backoff

POST
H2 200 / Show response
reg-pusa01.app.blackbaud.net/oregc/mixpanel/track/ Frame 09F4 1 B
51 B 177ms
177ms XHR
application/json 20.80.210.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://reg-pusa01.app.blackbaud.net/oregc/mixpanel/track/?ip=1&_=1620145888463

Requested by

Host: sky.blackbaudcdn.net
URL: https://sky.blackbaudcdn.net/skyuxapps/registration-form/pollyfill.4a9ad95d9e7887d412ff.chunk.192e6c38bd87ec629c102b128f513f0b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

20.80.210.97 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://host.nxt.blackbaud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 04 May 2021 16:31:28 GMT
via: 1.1 google
x-content-type-options: nosniff
x-envoy-upstream-service-time: 44
strict-transport-security: max-age=604800; includeSubDomains, max-age=31536000; includeSubDomains
alt-svc: clear
content-length: 1
request-context: appId=cid-v1:e603cef7-dff5-49ad-8e0d-3e6d64094b0d
server: istio-envoy
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://host.nxt.blackbaud.com
vary: Origin,Origin
cache-control: no-store, no-cache
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With
access-control-expose-headers: X-MP-CE-Backoff

GET
H2 200 check Show response
reg-pusa01.app.blackbaud.net/oregc/v1/environments/p-QpGS3s27wkeV6N6tQZs_Ww/forms/28df90ac-46f2-48d1-89a5-08a11f0709fa/ Frame 09F4 36 B
77 B 137ms
136ms XHR
application/json 20.80.210.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://reg-pusa01.app.blackbaud.net/oregc/v1/environments/p-QpGS3s27wkeV6N6tQZs_Ww/forms/28df90ac-46f2-48d1-89a5-08a11f0709fa/check?envid=p-QpGS3s27wkeV6N6tQZs_Ww

Requested by

Host: sky.blackbaudcdn.net
URL: https://sky.blackbaudcdn.net/skyuxapps/registration-form/pollyfill.4a9ad95d9e7887d412ff.chunk.192e6c38bd87ec629c102b128f513f0b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

20.80.210.97 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

764d2ed102726938c5c330203ad65a5539a257138b386a09f6d1c70257cff164

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://host.nxt.blackbaud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 04 May 2021 16:31:27 GMT
x-content-type-options: nosniff
server: istio-envoy
vary: Origin,Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://host.nxt.blackbaud.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 6
strict-transport-security: max-age=31536000; includeSubDomains
request-context: appId=cid-v1:e603cef7-dff5-49ad-8e0d-3e6d64094b0d

GET
H2 200 p-QpGS3s27wkeV6N6tQZs_Ww Show response
reg-pusa01.app.blackbaud.net/oregc/v1/payment/realm/ Frame 09F4 38 B
81 B 136ms
136ms XHR
application/json 20.80.210.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://reg-pusa01.app.blackbaud.net/oregc/v1/payment/realm/p-QpGS3s27wkeV6N6tQZs_Ww?envid=p-QpGS3s27wkeV6N6tQZs_Ww

Requested by

Host: sky.blackbaudcdn.net
URL: https://sky.blackbaudcdn.net/skyuxapps/registration-form/pollyfill.4a9ad95d9e7887d412ff.chunk.192e6c38bd87ec629c102b128f513f0b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

20.80.210.97 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

714fafdc7a424fd7711bb9b26e7ee4a109243d7cb2712864a1eba573c8d50bbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://host.nxt.blackbaud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 04 May 2021 16:31:28 GMT
x-content-type-options: nosniff
server: istio-envoy
vary: Origin,Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://host.nxt.blackbaud.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 6
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 38
request-context: appId=cid-v1:e603cef7-dff5-49ad-8e0d-3e6d64094b0d

GET
H2 200 bbCheckout.2.0.js Show response
payments.blackbaud.com/Checkout/ Frame 09F4 17 KB
6 KB 131ms
130ms Script
application/javascript 107.154.229.42
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.blackbaud.com/Checkout/bbCheckout.2.0.js

Requested by

Host: payments.blackbaud.com
URL: https://payments.blackbaud.com/checkout/bbCheckoutLoadJS.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.229.42 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.229.42.ip.incapdns.net

Software

Microsoft-IIS/8.5 /

Resource Hash

89048de3b8f25ea18c43bea72c493dad304fc102ec2a640894511366f5393d33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://host.nxt.blackbaud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:31:28 GMT
content-encoding: gzip
last-modified: Wed, 28 Apr 2021 03:41:13 GMT
server: Microsoft-IIS/8.5
etag: "8052dd55e03bd71:0"
vary: Accept-Encoding
content-type: application/javascript
x-iinfo: 10-150880049-150879671 PNNN RT(1620145887867 0) q(0 0 0 0) r(1 1) U5
cache-control: no-cache="set-cookie"
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-length: 5820
x-cdn: Imperva

GET
H2 200 bbCheckout.2.0.css
payments.blackbaud.com/Checkout/ Frame 09F4 2 KB
738 B 132ms
131ms Stylesheet
text/css 107.154.229.42
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.blackbaud.com/Checkout/bbCheckout.2.0.css

Requested by

Host: payments.blackbaud.com
URL: https://payments.blackbaud.com/Checkout/bbCheckout.2.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.229.42 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.229.42.ip.incapdns.net

Software

Microsoft-IIS/8.5 /

Resource Hash

f12882f398b40fb23906ef09b0e2ddaeabbc9e0d0b1fd8d712b7c8a10808edae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://host.nxt.blackbaud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:31:28 GMT
content-encoding: gzip
last-modified: Tue, 06 Apr 2021 22:09:45 GMT
server: Microsoft-IIS/8.5
etag: "2fce838d312bd71:0"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
x-iinfo: 10-150880081-150879671 PNYN RT(1620145888007 0) q(0 0 0 -1) r(0 0) U5
accept-ranges: bytes
x-cdn: Imperva

GET
H2 200 index.html Show response
ws.sharethis.com/secure5x/ Frame 5FBF 14 KB
4 KB 14ms
13ms Document
text/html 2600:9000:2104:8600:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sharethis.com/secure5x/index.html
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:8600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 8beb64042187cc51fd691d55ff0221b6e9abf5ac8abe9dd494797d694f8b49b5

Request headers

:method: GET
:authority: ws.sharethis.com
:scheme: https
:path: /secure5x/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.voa-ncnn.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.voa-ncnn.org/

Response headers

content-type: text/html
content-length: 4082
content-encoding: gzip
last-modified: Thu, 11 Feb 2021 17:57:38 GMT
server: nginx/1.16.1
x-robots-tag: noindex, nofollow
date: Tue, 04 May 2021 02:32:56 GMT
etag: W/"60257012-390f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 043fc2faaa02eeb59193e3fa300adb6b.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: Z6_yxhY8fGQHKm6yzFJx9Lov2RQ_Z3IDjBUvIxLMVGwYO4uRpTNEqA==
age: 50312

GET
H2 200 stcommon.1f60705adac788a51a8240cf535237b0.js Show response
ws.sharethis.com/secure5x/js/ Frame 5FBF 16 KB
6 KB 15ms
14ms Script
application/javascript 2600:9000:2104:8600:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sharethis.com/secure5x/js/stcommon.1f60705adac788a51a8240cf535237b0.js
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/secure5x/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:8600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 2d200d90966b8380a648972d71130785371751cf24bb7398f2854be23afb4a65

Request headers

Referer: https://ws.sharethis.com/secure5x/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 12:49:20 GMT
content-encoding: gzip
server: nginx/1.16.1
age: 4592528
etag: W/"60257012-40f6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 043fc2faaa02eeb59193e3fa300adb6b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: AMS1-C1
x-robots-tag: noindex, nofollow
content-length: 5630
x-amz-cf-id: lXSDEPbO873Vz5OmUm-SsAdOYDMsjJIPDEPETcsFkHaGCE-VqZ4VmA==
expires: Sat, 12 Mar 2022 12:49:20 GMT

GET
H2 200 st.5583d3f0facb4d4a55d1a93224fb446d.js Show response
ws.sharethis.com/secure5x/js/ Frame 5FBF 132 KB
32 KB 15ms
14ms Script
application/javascript 2600:9000:2104:8600:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sharethis.com/secure5x/js/st.5583d3f0facb4d4a55d1a93224fb446d.js
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/secure5x/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:8600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: c6d530197393988cfa840fdfe6f2cad81353a523398e861c0521b52f03b1b43b

Request headers

Referer: https://ws.sharethis.com/secure5x/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 19:07:07 GMT
content-encoding: gzip
server: nginx/1.16.1
age: 7075461
etag: W/"60257012-20eab"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 043fc2faaa02eeb59193e3fa300adb6b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: AMS1-C1
x-robots-tag: noindex, nofollow
x-amz-cf-id: DweBNNIf4P3TJPABbm0e42doOS61-DCUvXfBoiVSrOoSryKqvADwKg==
expires: Fri, 11 Feb 2022 19:07:07 GMT

GET
H2 200 hoverbuttons.ab4b82703a55102eddefc01bb815f2ec.css
sd.sharethis.com/disc/css/ 3 KB
1 KB 59ms
17ms Stylesheet
text/css 2600:9000:2104:6a00:16:876:8540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sd.sharethis.com/disc/css/hoverbuttons.ab4b82703a55102eddefc01bb815f2ec.css
Requested by: Host: ss.sharethis.com
URL: https://ss.sharethis.com/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:6a00:16:876:8540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c733d9703260b1f2950bfe375cc83064458fd0350c0b8987122e5441b756452c

Request headers

Referer: https://www.voa-ncnn.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:31:01 GMT
content-encoding: gzip
last-modified: Tue, 20 Aug 2019 17:18:30 GMT
server: AmazonS3
age: 55
etag: W/"ab4b82703a55102eddefc01bb815f2ec"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: AMS1-C1
x-robots-tag: noindex, nofollow
x-amz-cf-id: Cwhm9qhlPtkulS5P9o12w9ctTkRbJu95upQS-SZzFE2z5RxWiA2Rjg==

GET
H2 200 hoverbuttons.035267d71d894482eb413e5bea488ff5.js Show response
sd.sharethis.com/disc/js/ 8 KB
3 KB 71ms
29ms Script
application/javascript 2600:9000:2104:6a00:16:876:8540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sd.sharethis.com/disc/js/hoverbuttons.035267d71d894482eb413e5bea488ff5.js
Requested by: Host: ss.sharethis.com
URL: https://ss.sharethis.com/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:6a00:16:876:8540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca7adfed58ae7c5d3a514891f855a8316e7e7f5d65cd903d8c96bc6ef1bc2239

Request headers

Referer: https://www.voa-ncnn.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:31:01 GMT
content-encoding: gzip
last-modified: Tue, 20 Aug 2019 17:21:16 GMT
server: AmazonS3
age: 540
etag: W/"035267d71d894482eb413e5bea488ff5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: AMS1-C1
x-robots-tag: noindex, nofollow
x-amz-cf-id: UdJfjrD4dmfNV131miRDgPbr_rj8cBDzuR_xkYWgPrM-XlTG-RW18g==

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: ss.sharethis.com
URL: https://ss.sharethis.com/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.voa-ncnn.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 1037
date: Tue, 04 May 2021 16:14:15 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Tue, 04 May 2021 18:14:15 GMT

GET
H2 200 mini_Top_Cap.png
sd.sharethis.com/disc/images/ 1 KB
1 KB 15ms
14ms Image
image/png 2600:9000:2104:6a00:16:876:8540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sd.sharethis.com/disc/images/mini_Top_Cap.png
Requested by: Host: sd.sharethis.com
URL: https://sd.sharethis.com/disc/css/hoverbuttons.ab4b82703a55102eddefc01bb815f2ec.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:6a00:16:876:8540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e29c399006c5c6e726eafd64d6c42dd91ca2b621ed55f13b81263512beadbfb

Request headers

Referer: https://sd.sharethis.com/disc/css/hoverbuttons.ab4b82703a55102eddefc01bb815f2ec.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:27:04 GMT
via: 1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
last-modified: Tue, 20 Aug 2019 17:20:12 GMT
server: AmazonS3
age: 721
etag: "3c02395a29d645dfa785a7c7bbff28c6"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=31536000
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 1035
x-amz-cf-id: D5vdJBwDwAkEHaWAX__OHlH9QgxRAh0TKxSwWdvNW1qWuru_iCURyw==

GET
H2 200 mini_BG.png
sd.sharethis.com/disc/images/ 952 B
1 KB 15ms
14ms Image
image/png 2600:9000:2104:6a00:16:876:8540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sd.sharethis.com/disc/images/mini_BG.png
Requested by: Host: sd.sharethis.com
URL: https://sd.sharethis.com/disc/css/hoverbuttons.ab4b82703a55102eddefc01bb815f2ec.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:6a00:16:876:8540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3ca5cbea5f371c49060f5cf45fdeaec7a84efb59c59e39ee2573aa0692e6291c

Request headers

Referer: https://sd.sharethis.com/disc/css/hoverbuttons.ab4b82703a55102eddefc01bb815f2ec.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:27:04 GMT
via: 1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
last-modified: Tue, 20 Aug 2019 17:20:07 GMT
server: AmazonS3
age: 811
etag: "e07cd92ddc599b79b31648fe5de2e702"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=31536000
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 952
x-amz-cf-id: h51ZpNRr1yFsKHEmR2OxTPu_kJVvtfM_5i57EZlwFGS-hAvN84yi3Q==

GET
H2 200 mini_Bottom_Cap.png
sd.sharethis.com/disc/images/ 1 KB
1 KB 19ms
18ms Image
image/png 2600:9000:2104:6a00:16:876:8540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sd.sharethis.com/disc/images/mini_Bottom_Cap.png
Requested by: Host: sd.sharethis.com
URL: https://sd.sharethis.com/disc/css/hoverbuttons.ab4b82703a55102eddefc01bb815f2ec.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:6a00:16:876:8540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f2c4ead1e1cf71139dc4895e4cf3a4fd2f9c9e386e844765bd7a8591949ac68d

Request headers

Referer: https://sd.sharethis.com/disc/css/hoverbuttons.ab4b82703a55102eddefc01bb815f2ec.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:27:04 GMT
via: 1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
last-modified: Tue, 20 Aug 2019 17:20:09 GMT
server: AmazonS3
age: 707
etag: "f103c1bf9b9c26e07f47abbe0936408c"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=31536000
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 1084
x-amz-cf-id: x-1n6DpthgJEFPEQVlCfQCysGLaCXcAZITR--81hkrFCKZqDv9Zn3w==

GET
H3-29 200 __utm.gif
ssl.google-analytics.com/ 35 B
55 B 16ms
11ms Image
image/gif 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=1&utmn=602823719&utmhn=www.voa-ncnn.org&utmt=event&utme=5(HoveringButtons%20-%20Load*www.voa-ncnn.org)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Sacramento%20Shelter%20from%20the%20Storm%20Annual%20Event%20%7C%20Volunteers%20of%20America&utmhid=1141577469&utmr=-&utmp=%2Fshelter-from-the-storm-sacramento&utmht=1620145892045&utmac=UA-1645146-14&utmcc=__utma%3D235776646.1222724000.1620145892.1620145892.1620145892.1%3B%2B__utmz%3D235776646.1620145892.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=QAAAAAAAACAAAAAAAAAAAAAE~

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.voa-ncnn.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 21:08:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 69767
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK NRJS-a23288c67f637fe87b2 Show response
bam-cell.nr-data.net/events/1/ 24 B
492 B 640ms
640ms XHR
image/gif 162.247.243.146
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/events/1/NRJS-a23288c67f637fe87b2?a=485183654&v=1208.49599aa&to=J1hfTUdXWQ9TRkkVBQNSQhZGUFoU&rst=13346&ck=1&ref=https://www.voa-ncnn.org/shelter-from-the-storm-sacramento
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1208.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.146 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://www.voa-ncnn.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain

Response headers

Date: Tue, 04 May 2021 16:31:38 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.voa-ncnn.org
Access-Control-Allow-Credentials: true
Connection: keep-alive
CF-Ray: 64a31ed72f231d1e-CPH
Content-Length: 24
cf-request-id: 09d9d19a7500001d1e3a3f6000000001

Verdicts & Comments Add Verdict or Comment

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.blackbaud.com/	1969-12-31 23:59:59	Name: incap_ses_473_1263131 Value: 83FDUHH3CmSPETqjVG+QBt52kWAAAAAAgsrVR8+PkbyLtinSyX4C9g==
.blackbaud.com/	1970-01-20 02:47:46	Name: visid_incap_1263131 Value: s1rFKJr7THi6cs1MuEQRpN52kWAAAAAAQUIPAAAAAABEu3+fizrWbGURiBxwtYmV
.blackbaud.com/	1969-12-31 23:59:59	Name: nlbi_1263131 Value: QNYSEvEnLjps/E45rnEjIQAAAAASvYQvTutTLDAEkPKyEhoc
.voa-ncnn.org/	1970-01-20 00:38:49	Name: __unam Value: 3685666-179383856db-1f6e1920-1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam-cell.nr-data.net
c.sharethis.mgr.consensu.org
host.nxt.blackbaud.com
js-agent.newrelic.com
l.sharethis.com
maxcdn.bootstrapcdn.com
payments.blackbaud.com
r20.rs6.net
reg-pusa01.app.blackbaud.net
sd.sharethis.com
sky.blackbaudcdn.net
ss.sharethis.com
ssl.google-analytics.com
static.ctctcdn.com
stats.g.doubleclick.net
voa-production.s3.amazonaws.com
ws.sharethis.com
www.google-analytics.com
www.googletagmanager.com
www.voa-ncnn.org
104.130.32.213
107.154.229.42
151.101.14.110
162.247.243.146
20.80.210.97
208.75.122.11
2600:9000:2104:6a00:16:876:8540:93a1
2600:9000:2104:8600:3:c04e:c780:93a1
2600:9000:2104:e000:c:a9b7:ddc0:93a1
2600:9000:214f:400:16:876:8540:93a1
2606:4700::6812:acf
2a00:1450:4001:808::200e
2a00:1450:4001:80f::2008
2a00:1450:4001:811::2008
2a00:1450:4001:828::200e
2a00:1450:4001:82b::2008
2a00:1450:400c:c04::9d
2a02:26f0:6c00::210:ba7b
52.184.193.103
52.216.206.155
52.29.62.85
65.9.84.53
007bcc256a31018c0e88df7652cf34379eef1d30ea76339ec898601655966c01
0b8e05a518302910d51a9607398ad8ae90d62e4a44ed6696ec714227248d3852
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
101952754cb8c2ae6e1b8b8cba16dc2a9b47e6e808bd563a8b87d0561daf7d85
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
18889c3a2c35990163ab1fbe90e1355f722525619e9656f6ab4653f09e2a848a
18e1f2d0175b4e4e85e92d340877f745d8786ba28953eaf5f620a54e47cc1740
1b953b81cd224857e5fe070752d075d1fdcb496c36110471116a814b7de5255d
2273b2774d4a6314b962b24ebc9ac70d90e66202a9108d4a7eadb09569fddb5e
258578c835a9f9ed0c5c9dcd8fbfdf35b5a6776e017d0a6b128ce21d391182f4
25e20dffb43672a27b9d76318adfccd681ae29b79c9ef417b4881c1dc5343427
27943b789d485d444429680603508b0a3daa419b08bb5ab95e9fd1cf4fde0b8b
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2d200d90966b8380a648972d71130785371751cf24bb7398f2854be23afb4a65
2e29c399006c5c6e726eafd64d6c42dd91ca2b621ed55f13b81263512beadbfb
2e8504a29812cf0cbbfe8a06f08ab2c778ea79fbf6391a1bf83a34abaf588158
3aef77f05596ec7832230778b48f211dfaf8631a4f4595824d11b4e1270d09eb
3ca5cbea5f371c49060f5cf45fdeaec7a84efb59c59e39ee2573aa0692e6291c
4014ca31d3c8e768608a40ed160a405ae39836a5b2c43f256bee3bdf427dd67f
47380eb510ed3c176fd164e4aeab329aa3ca11ca9ac5cc1f66aa08dde105190d
486f7567d7824468fd91b25a6463ac0e02411c94216aa2c15c5be458284dd248
4a1f91cb52a1a53c08a702dbbfc5235392dacb39cf4815faabcb44159f0a1c65
568d593e2630341a0404c505cdb3c5387db9bb4c0320fb0f7fc22ecf06a493b9
57ee1efc5ca2451307b0203b26d40f9edc37f0981ed26ce00480da616cc91346
57eebb5bd4478b5a24df37cf23fbbf18a0db0746d0fe342b62ac46bce7ef6a6a
5f1addaf2e9f5922aed63d802f2b8afe01c543ed81a7be99ad1e9fdd05c8e3b6
62f2f285a2b15f32ea7e75eae9ecfaf471990262b6ad55a3cdc6b094db37d334
65b86fc12f3832f3046d33dca119811267d118182b6e504d3862d8556e3cc71b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
714fafdc7a424fd7711bb9b26e7ee4a109243d7cb2712864a1eba573c8d50bbc
71dbd21bfca1306506c24c7dd439bc114c1b1b6074258bda2e6ae60c304b9d94
71e80663973bbe95b9f0677c51ca6074366892053463e4cce40b2149873eb74a
752871c6388dd2ddfd063e9838204a6e349f3579eff0f49c0d810acbeed745b3
764d2ed102726938c5c330203ad65a5539a257138b386a09f6d1c70257cff164
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
805cc28d05b3bbdf5780dd5c6107f422d6b3c4f16847dd1b92e187bdac997fe8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89048de3b8f25ea18c43bea72c493dad304fc102ec2a640894511366f5393d33
8beb64042187cc51fd691d55ff0221b6e9abf5ac8abe9dd494797d694f8b49b5
8cd2880f44ba1eeac73dae64cd24f1f0e79cf988dd1043747f67bc87e9e4c416
95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05
9be9b29bbd03241f32719bf225c93bc4ae6d0461b4b0c4a82e1b0906d76b341e
aaeb468f5f6dc8129081ba86a9f26007d912f8e4dc1e9e52854d1bf85663086f
ac84513c4c5ea7e4458e91c46e33ba71b56e19fabf93cc079ffcb01a975c2e3d
b2a3af53e1bdca463891c6552648f98324e3d8adc9cba653190e656bce294a33
ba636cc873090b24491f1ca0c7f4fff16063cdd3114b746d2213969ab71fba4d
c093fa7bb346d3e4859e60eeeb7cbeaa514534ddafd7d238ce9cf4a35d1d934e
c6d530197393988cfa840fdfe6f2cad81353a523398e861c0521b52f03b1b43b
c733d9703260b1f2950bfe375cc83064458fd0350c0b8987122e5441b756452c
ca7adfed58ae7c5d3a514891f855a8316e7e7f5d65cd903d8c96bc6ef1bc2239
ce23f4f23e3b0a274ea2bf74a99a2f04966d86ece202a3941157c12de0ffcb30
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1
d73e09aa92bbd75b80a452306671221d0a7d7ab9f28d3b57fd0d57185978f3da
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e26b28313695edd24c9411644f5292028de994627a3f26eaf1ba71c86847d9ce
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e67b198a24b4707079b5b2bf963004cacf6b9495843fbd0cab411a10db9f92ee
e7c901afccd103c504e0ee88d5c150366f5a983e123e2bb31a1acc09a9015372
f12882f398b40fb23906ef09b0e2ddaeabbc9e0d0b1fd8d712b7c8a10808edae
f2114dd0d453daabe6ef73deabd0b48a93d46983faf35c02628993daa02ca824
f2c4ead1e1cf71139dc4895e4cf3a4fd2f9c9e386e844765bd7a8591949ac68d
f3bc548fe0ec38e954e193e2048fcd89948a61e9b321e69476b807cfb530215b
f4a53a923205afc32149fbe9373b0309a7689744c719195ae68dfdc1020c5c16
f4b2319a1365489f99b5c83faed96e6f606ccff59bfd7ea05d4198b894ff010e
f4ff787e21d9a10f9c896bfab57b785ae3d266cad91606ee7c6178488e426c43
f5ef65668bb81b94b64846e5f7a430cca5c9652ff55643b575b536a520813ff6
f832f0384ddc0de352a7cdb3da1199df503723455655c86c4d50a8a771b53336
fbd2a269a6d68afc0c1ed564f2fe6e3dcba9583218039635a37ac80852b5f9d6

www.voa-ncnn.org Open in urlscan Pro 104.130.32.213 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

80 Requests

98 %HTTPS

55 %IPv6

15 Domains

20 Subdomains

22 IPs

3 Countries

2603 kBTransfer

5625 kBSize

4 Cookies

15 Outgoing links

Page URL History

Redirected requests

80 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.voa-ncnn.org Open in urlscan Pro
104.130.32.213 Public Scan

Screenshot
Live screenshot

Full Image

80
Requests

98 %
HTTPS

55 %
IPv6

15
Domains

20
Subdomains

22
IPs

3
Countries

2603 kB
Transfer

5625 kB
Size

4
Cookies

80 HTTP transactions
0 data transactions