urlscan.io logo urlscan.io
SecurityTrails logo

thenounproject.com Open in urlscan Pro
52.206.246.128  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://click.pstmrk.it/3ts/thenounproject.com%2Faccounts%2Fsignup%2F/WfUb/uUavAQ/AQ/31eea3ea-1463-4ad6-b278-57726d4f7f9...
Effective URL: https://thenounproject.com/accounts/signup/
Submission: On August 14 via manual from NZ — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 4 countries across 14 domains to perform 42 HTTP transactions. The main IP is 52.206.246.128, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is thenounproject.com. The Cisco Umbrella rank of the primary domain is 42353.
TLS certificate: Issued by Amazon RSA 2048 M02 on February 23rd 2023. Valid for: a year.
This is the only time thenounproject.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    52.48.233.137 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-233-137.eu-west-1.compute.amazonaws.com
click.pstmrk.it
2    52.206.246.128 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-246-128.compute-1.amazonaws.com
thenounproject.com
4    2600:9000:225e:cc00:4:19b0:ef00:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.production.thenounproject.com
3    99.86.4.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-122.fra6.r.cloudfront.net
js.stripe.com
2    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    35.188.42.15 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 15.42.188.35.bc.googleusercontent.com
sentry.io
6    104.16.169.131 (None, )

ASN13335 (CLOUDFLARENET, US)
js.hcaptcha.com
newassets.hcaptcha.com
hcaptcha.com
3    2a00:1450:4001:811::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
6    151.101.129.21 (United States)

ASN54113 (FASTLY, US)
www.paypal.com
1    13.32.121.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-58.fra60.r.cloudfront.net
public.profitwell.com
3    54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com
q.stripe.com
2    2600:9000:2057:aa00:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)
m.stripe.network
2    192.229.221.25 (United States)

ASN15133 (EDGECAST, US)
www.paypalobjects.com
2    151.101.65.35 (United States)

ASN54113 (FASTLY, US)
t.paypal.com
1    44.241.244.122 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-241-244-122.us-west-2.compute.amazonaws.com
m.stripe.com
2    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.gstatic.com
1    2a00:1450:4001:82a::2011 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
csp.withgoogle.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
8 paypal.com
www.paypal.com — Cisco Umbrella Rank: 2617
t.paypal.com — Cisco Umbrella Rank: 3265
89 KB
7 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1730
q.stripe.com — Cisco Umbrella Rank: 15822
m.stripe.com — Cisco Umbrella Rank: 1612
135 KB
6 hcaptcha.com
js.hcaptcha.com — Cisco Umbrella Rank: 13203
newassets.hcaptcha.com — Cisco Umbrella Rank: 11906
hcaptcha.com — Cisco Umbrella Rank: 8485
269 KB
6 thenounproject.com
thenounproject.com — Cisco Umbrella Rank: 42353
static.production.thenounproject.com — Cisco Umbrella Rank: 628368
885 KB
3 google.com
accounts.google.com — Cisco Umbrella Rank: 51
78 KB
2 gstatic.com
ssl.gstatic.com
38 KB
2 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2388
34 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1845
18 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 65
146 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2069
256 B
1 withgoogle.com
csp.withgoogle.com — Cisco Umbrella Rank: 969
1 profitwell.com
public.profitwell.com — Cisco Umbrella Rank: 10310
9 KB
1 sentry.io
sentry.io — Cisco Umbrella Rank: 200
515 B
1 pstmrk.it
click.pstmrk.it — Cisco Umbrella Rank: 51522
101 B
42 14
Domain Requested by
6 www.paypal.com static.production.thenounproject.com
www.paypal.com
www.paypalobjects.com
4 newassets.hcaptcha.com js.hcaptcha.com
newassets.hcaptcha.com
4 static.production.thenounproject.com thenounproject.com
static.production.thenounproject.com
3 q.stripe.com thenounproject.com
3 accounts.google.com static.production.thenounproject.com
accounts.google.com
3 js.stripe.com thenounproject.com
js.stripe.com
2 ssl.gstatic.com accounts.google.com
2 t.paypal.com thenounproject.com
2 www.paypalobjects.com www.paypal.com
www.paypalobjects.com
2 m.stripe.network js.stripe.com
m.stripe.network
2 www.googletagmanager.com thenounproject.com
www.googletagmanager.com
2 thenounproject.com static.production.thenounproject.com
1 region1.google-analytics.com www.googletagmanager.com
1 csp.withgoogle.com thenounproject.com
1 m.stripe.com m.stripe.network
1 hcaptcha.com newassets.hcaptcha.com
1 public.profitwell.com thenounproject.com
1 js.hcaptcha.com static.production.thenounproject.com
1 sentry.io static.production.thenounproject.com
1 click.pstmrk.it 1 redirects
42 20
Subject Issuer Validity Valid
thenounproject.com
Amazon RSA 2048 M02		 2023-02-23 -
2024-03-23		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2023-07-31 -
2023-11-30		 4 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-06 -
2024-07-06		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-15 -
2024-04-14		 a year crt.sh
accounts.google.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2023-07-21 -
2024-08-20		 a year crt.sh
*.profitwell.com
Amazon RSA 2048 M02		 2023-06-03 -
2024-07-01		 a year crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-08-01 -
2023-11-02		 3 months crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2022-10-19 -
2023-11-19		 a year crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-07-31 -
2023-10-26		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
*.appspot.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://thenounproject.com/accounts/signup/
Frame ID: 8A13AA9BD0FD5E386A89294C39337848
Requests: 21 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: 6C08FA28784ECA032369C58FBE7C13EB
Requests: 4 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/d442197/static/hcaptcha.html
Frame ID: 1F7A6D6CD9BA4BB10125629BEDEB1181
Requests: 2 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/d442197/static/hcaptcha.html
Frame ID: D48961DD958C3902390B38FA29A140EA
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: BBC9ADF2D97D782BF31F152876BF9309
Requests: 4 HTTP requests in this frame

Frame: https://accounts.google.com/gsi/button?type=standard&size=large&theme=outline&shape=rectangular&logo_alignment=center&width=400&text=signup_with&client_id=132923386426-5om6319mngoembiedhkbnp0imeqf8tdl.apps.googleusercontent.com&iframe_id=gsi_177135_121316&as=pv8a7%2BF5T0C4R%2BrBizZBrw
Frame ID: 07F7695BEDEBE21954905AFDB9989426
Requests: 4 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: 23D063354201474720A5953D8D9258AE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Noun Project

Page URL History Show full URLs

  1. https://click.pstmrk.it/3ts/thenounproject.com%2Faccounts%2Fsignup%2F/WfUb/uUavAQ/AQ/31eea3ea-1463-4... HTTP 302
    https://thenounproject.com/accounts/signup/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client
Overall confidence: 100%
Detected patterns
  • paypalobjects\.com
Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • public\.profitwell\.com/js/profitwell\.js

Page Statistics

42
Requests

100 %
HTTPS

39 %
IPv6

14
Domains

20
Subdomains

18
IPs

4
Countries

1701 kB
Transfer

5569 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://click.pstmrk.it/3ts/thenounproject.com%2Faccounts%2Fsignup%2F/WfUb/uUavAQ/AQ/31eea3ea-1463-4ad6-b278-57726d4f7f9e/1/QmPyZlMc4R HTTP 302
    https://thenounproject.com/accounts/signup/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
thenounproject.com/accounts/signup/
Redirect Chain
  • https://click.pstmrk.it/3ts/thenounproject.com%2Faccounts%2Fsignup%2F/WfUb/uUavAQ/AQ/31eea3ea-1463-4ad6-b278-57726d4f7f9e/1/QmPyZlMc4R
  • https://thenounproject.com/accounts/signup/
4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://thenounproject.com/accounts/signup/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.246.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-246-128.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
0f8680c3c051b60205dc31bf23dbe073df9859aae108571997090d7133dbcad4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

content-language
it
content-length
4089
content-type
text/html; charset=utf-8
cross-origin-opener-policy
unsafe-none
date
Mon, 14 Aug 2023 01:22:56 GMT
referrer-policy
same-origin
server
nginx/1.22.1
vary
Accept-Language, Cookie, origin
x-content-type-options
nosniff
x-frame-options
DENY

Redirect headers

content-length
0
content-type
application/octet-stream
date
Mon, 14 Aug 2023 01:22:55 GMT
location
https://thenounproject.com/accounts/signup/
server
awselb/2.0
photos.602fd1d109393e540225.css
static.production.thenounproject.com/assets/bundles/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.production.thenounproject.com/assets/bundles/photos.602fd1d109393e540225.css
Requested by
Host: thenounproject.com
URL: https://thenounproject.com/accounts/signup/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:cc00:4:19b0:ef00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8c6bc6daa7f122286777f02b1529b5752bfe81a1c6c02d34d8f0e0cfb239943f

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
QcnakirIaeKcaDe5z2KtkPOZGwu39hYk
content-encoding
gzip
via
1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
date
Mon, 14 Aug 2023 01:20:57 GMT
last-modified
Thu, 10 Aug 2023 23:08:56 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
497
x-amz-server-side-encryption
AES256
etag
W/"661ef6d31ff4264acb93980244b423e0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
_c-eaDR-E_FsSuwGYxWwxNuasBme0uRdDCaRjoRU-qeBTONWVINryA==
/
js.stripe.com/v3/ 		526 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: thenounproject.com
URL: https://thenounproject.com/accounts/signup/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-122.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
76985e019b5dd6751898d24357243dceb50389ed6c0d64dfcf050ca7fdaef668
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 14 Aug 2023 01:22:44 GMT
via
1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
16
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 11 Aug 2023 20:33:48 GMT
server
Cloudfront
etag
W/"bb53fbcee76a16ff1bbf079f83420d59"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
YRimGv6E41fiYXw9NwR7LfQ3jUlJzoUXdjCtHmEGuxSEI5t90oGczg==
photos-602fd1d109393e540225.js
static.production.thenounproject.com/assets/bundles/ 		3 MB
819 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.production.thenounproject.com/assets/bundles/photos-602fd1d109393e540225.js
Requested by
Host: thenounproject.com
URL: https://thenounproject.com/accounts/signup/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:cc00:4:19b0:ef00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b279ea61d3cf1f3c7d911eb746114cbaff7109901e3fcd8f5f4192ac94a9aa94

Request headers

Referer
Origin
https://thenounproject.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
MwgTiSlFV0iB12LOkw2RfxcS3z6X_zdp
content-encoding
gzip
via
1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
date
Mon, 14 Aug 2023 00:44:25 GMT
x-amz-cf-pop
FRA60-P4
age
3321
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 10 Aug 2023 23:08:55 GMT
server
AmazonS3
etag
W/"445ff5b6b43a6ef20e1ec1e5e2be525a"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
zuOBqkr9JHXMkxkRAng-OcSdVt-7yVfetRrZyo9tSzDi8iYzNtpejA==
gtm.js
www.googletagmanager.com/ 		179 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NQTTSGH
Requested by
Host: thenounproject.com
URL: https://thenounproject.com/accounts/signup/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bc47dfb324fe6ad6e9d62f07c1f402ba3165c91d19489da731394b28e93daf47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 01:22:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66055
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 14 Aug 2023 01:22:56 GMT
/
sentry.io/api/50173/envelope/ 		2 B
515 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sentry.io/api/50173/envelope/?sentry_key=d142ad6e0a7a4f60ac757fab3f4c5216&sentry_version=7&sentry_client=sentry.javascript.react%2F7.16.0
Requested by
Host: static.production.thenounproject.com
URL: https://static.production.thenounproject.com/assets/bundles/photos-602fd1d109393e540225.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.42.15 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
15.42.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://thenounproject.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 14 Aug 2023 01:22:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
Server
nginx
vary
origin,access-control-request-method,access-control-request-headers
Content-Type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
2
Connection
keep-alive
Content-Length
2
/
thenounproject.com/graphql/ 		521 B
904 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://thenounproject.com/graphql/
Requested by
Host: static.production.thenounproject.com
URL: https://static.production.thenounproject.com/assets/bundles/photos-602fd1d109393e540225.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.246.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-246-128.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
9f3f2656a6efddcf2a79cfa33b91b18abfba8851a770ff4843018c7ad491f2a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept
*/*
Referer
https://thenounproject.com/accounts/signup/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type
application/json

Response headers

date
Mon, 14 Aug 2023 01:22:56 GMT
x-content-type-options
nosniff
referrer-policy
same-origin
server
nginx/1.22.1
cross-origin-opener-policy
unsafe-none
vary
Cookie, Accept-Language, origin
x-frame-options
DENY
content-type
application/json
content-language
it
access-control-allow-credentials
true
content-length
521
api.js
js.hcaptcha.com/1/ 		313 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hcaptcha.com/1/api.js?render=explicit
Requested by
Host: static.production.thenounproject.com
URL: https://static.production.thenounproject.com/assets/bundles/photos-602fd1d109393e540225.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80c62b154eb4119852adcb132c5c66e9e6ba7d0cbe27406bc6dd7888ff2459fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 01:22:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 ce7dde22578153f9696a56814908bd80.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-content-type-options
nosniff
x-amz-version-id
jmLZoolSh4x_UX_gEYtNJunl2sdUN6Te
age
0
x-amz-cf-pop
FCO50-P4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 10 Aug 2023 11:28:25 GMT
server
cloudflare
etag
W/"b0953d4ee080a0777bbb7714a17f0d2d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=120
cf-ray
7f6563c1ad2bbb14-MXP
x-amz-cf-id
OGy-M6vtyXXhlktPi2BFH3APkKVbIxIp714bhCvwDHlEsby3qeyFAw==
3fe395dbd0b4dc5922ed3b2c7d32ce93.woff2
static.production.thenounproject.com/assets/bundles/ 		28 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.production.thenounproject.com/assets/bundles/3fe395dbd0b4dc5922ed3b2c7d32ce93.woff2
Requested by
Host: static.production.thenounproject.com
URL: https://static.production.thenounproject.com/assets/bundles/photos.602fd1d109393e540225.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:cc00:4:19b0:ef00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b889c3ba20d61a1dbf81230dcb46989cb433fe33926fbc2da19db0be3279581f

Request headers

Referer
https://static.production.thenounproject.com/assets/bundles/photos.602fd1d109393e540225.css
Origin
https://thenounproject.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
YZe9hvkUtPfdAEah.cU8VhVhzQRcDgyy
date
Mon, 14 Aug 2023 00:52:58 GMT
via
1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
3331
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
28856
last-modified
Fri, 11 Aug 2023 21:01:48 GMT
server
AmazonS3
etag
"3fe395dbd0b4dc5922ed3b2c7d32ce93"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
n0Ace9WpsWpT0GVKRMWUqWWgtAeJox_TakFX97x18DjeM8HzOKdEZQ==
44c2f9f50bc940ff401524eb81134771.woff2
static.production.thenounproject.com/assets/bundles/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.production.thenounproject.com/assets/bundles/44c2f9f50bc940ff401524eb81134771.woff2
Requested by
Host: static.production.thenounproject.com
URL: https://static.production.thenounproject.com/assets/bundles/photos.602fd1d109393e540225.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:cc00:4:19b0:ef00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4b24e609596861691a03c1db0ccca39dcdde3e780a58b0546e4cc25a923b3e40

Request headers

Referer
https://static.production.thenounproject.com/assets/bundles/photos.602fd1d109393e540225.css
Origin
https://thenounproject.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
kpSekw2I5ePEt7V8UflJeG6rMfsNuiJs
date
Mon, 14 Aug 2023 00:45:11 GMT
via
1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
2266
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
28360
last-modified
Fri, 11 Aug 2023 21:01:48 GMT
server
AmazonS3
etag
"44c2f9f50bc940ff401524eb81134771"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
MsWUL303dgWGV2YH9BuDm8PmAnjMdyPDZuApCe3RpVpVZtHDEZcyTQ==
client
accounts.google.com/gsi/ 		193 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: static.production.thenounproject.com
URL: https://static.production.thenounproject.com/assets/bundles/photos-602fd1d109393e540225.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bb85a18379d41b7782883552ae2736cf345df480cdf12423cece89fa7d29ec89
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-r_5S1kDiQHdDlCt2DTpiHA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 01:22:56 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-r_5S1kDiQHdDlCt2DTpiHA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Mon, 14 Aug 2023 01:22:56 GMT
js
www.paypal.com/sdk/ 		273 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?vault=true&intent=subscription&client-id=AUSoRgkBaSAUlK8T5Ozoj1tBsA8X9F7DkdxTRPLidEugtKfzrFANVQew8kDLL8it_OkGmk9lRzYTVgWM
Requested by
Host: static.production.thenounproject.com
URL: https://static.production.thenounproject.com/assets/bundles/photos-602fd1d109393e540225.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3e4f92fd59398cf1ab8039a68fa691fa3b2bf08b157868eb48ec7c4b54b22214
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-YVCQHjfiG4ozDRSZ5q2EEqkQDXPBq63R0Zpu2Nkry3JSJzVn' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-YVCQHjfiG4ozDRSZ5q2EEqkQDXPBq63R0Zpu2Nkry3JSJzVn' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-YVCQHjfiG4ozDRSZ5q2EEqkQDXPBq63R0Zpu2Nkry3JSJzVn' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-YVCQHjfiG4ozDRSZ5q2EEqkQDXPBq63R0Zpu2Nkry3JSJzVn' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 14 Aug 2023 01:22:56 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
2539
x-cache
HIT, HIT
p3p
true
paypal-debug-id
f7640133d4f0f
server-timing
"traceparent;desc="00-0000000000000000000f7640133d4f0f-b230714e6cc756c1-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
76509
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230045-FRA, cache-mxp6944-MXP
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f7640133d4f0f-b98ef58620954ac9-01
x-timer
S1691976177.909753,VS0,VE2
etag
W/"12add-WNyOFvkJRJ7IvGf2Q6CBGvmv6SM"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600, s-maxage=10800
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
1, 1
m-outer-93afeeb17bc37e711759584dbfc50d47.html
js.stripe.com/v3/ Frame 6C08 		200 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-122.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
3055
alt-svc
h3=":443"; ma=86400
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Mon, 14 Aug 2023 00:32:06 GMT
etag
"93afeeb17bc37e711759584dbfc50d47"
last-modified
Fri, 21 Jul 2023 22:17:59 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
x-amz-cf-id
ONprINsgfV4jDYh8CGBi_ghXNr6m4iaCHQTa1Ssm-Ow5wxv8HsZR-g==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
profitwell.js
public.profitwell.com/js/ 		35 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://public.profitwell.com/js/profitwell.js?auth=6ae75a5f021e743505e173a0723fa085
Requested by
Host: thenounproject.com
URL: https://thenounproject.com/accounts/signup/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-58.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
94793e651d33131640f21098c7a9ee7155892c1a0be754c80e8e38c3ec5a81d2

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 06:16:58 GMT
content-encoding
gzip
via
1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
x-amz-version-id
Wa8rEL0sgfJJ468C6RWZ8GSg57cuV9EE
last-modified
Tue, 28 Jun 2022 18:43:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
68760
etag
W/"f3710cf44008e9509cf9d74fde8cff1f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
public,max-age=86400
x-amz-cf-id
_8bcyJPqI041EUIBg5i7-k8QvUbOmYCNFoaF4KIMIgEONYaYvcX8vA==
js
www.googletagmanager.com/gtag/ 		233 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-TEXVFE05D4&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQTTSGH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4878e022d893f19fdc7f90241eeaa35766440320c6dcc40d345d86839b8f9098
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 01:22:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
82678
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 14 Aug 2023 01:22:57 GMT
m-outer-8cb24ab2d649fd36a488d04d8c457933.js
js.stripe.com/v3/fingerprinted/js/ Frame 6C08 		631 B
997 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
99.86.4.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-122.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
date
Mon, 14 Aug 2023 00:53:42 GMT
x-content-type-options
nosniff
via
1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
age
1758
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
631
last-modified
Tue, 08 Aug 2023 20:02:35 GMT
server
Cloudfront
etag
"f8f6a4584135f737b26927596ce6e0a7"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
w35i6fWKMCGgroQqiBGqI7lwtu_-eR2a22fRqhoG4tFkpyyvDAxlMg==
pptm.js
www.paypal.com/tagmanager/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=thenounproject.com&t=xo&v=5.0.390&source=payments_sdk&client_id=AUSoRgkBaSAUlK8T5Ozoj1tBsA8X9F7DkdxTRPLidEugtKfzrFANVQew8kDLL8it_OkGmk9lRzYTVgWM&vault=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?vault=true&intent=subscription&client-id=AUSoRgkBaSAUlK8T5Ozoj1tBsA8X9F7DkdxTRPLidEugtKfzrFANVQew8kDLL8it_OkGmk9lRzYTVgWM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5672183af31b4f19deb1de9dacf293b14512ab2a4760c760aaa0eee21e84020c
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-gIeVIx0PfAL76ncVWWTZZRqQHqqYzdOyX8uhnxvX7ggtJsOE' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-gIeVIx0PfAL76ncVWWTZZRqQHqqYzdOyX8uhnxvX7ggtJsOE' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 14 Aug 2023 01:22:57 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
67031
x-cache
HIT, HIT
paypal-debug-id
f6589192f9dba
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
4740
x-xss-protection
1; mode=block
x-served-by
cache-fra-etou8220083-FRA, cache-mxp6944-MXP
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f6589192f9dba-45fd8d1a3adf8dec-01
x-timer
S1691976177.025508,VS0,VE2
etag
W/"354d-BibWTZIIBsoKThKou7/ooeA1I5A"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=3600
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
21, 1
hcaptcha.html
newassets.hcaptcha.com/captcha/v1/d442197/static/ Frame 1F7A 		2 KB
996 B 		Document
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/d442197/static/hcaptcha.html
Requested by
Host: js.hcaptcha.com
URL: https://js.hcaptcha.com/1/api.js?render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9a8e12b34b1b412636649fbcc62d5583171940890ba1ac9d1fc915fa158ddfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

access-control-allow-origin
*
age
1057
alt-svc
h3=":443"; ma=86400
cache-control
max-age=1209600
cf-cache-status
HIT
cf-ray
7f6563c28df1bb14-MXP
content-encoding
br
content-type
text/html
cross-origin-embedder-policy
credentialless
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 01:22:57 GMT
last-modified
Thu, 10 Aug 2023 11:28:24 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 d21c7dc6bfb9c2f00dc62b8a7281a898.cloudfront.net (CloudFront)
x-amz-cf-id
bcL8TzyG8aGn_AK8szl90akDdqH8xEtWEecH1QN3hv5utX6_mc1_WQ==
x-amz-cf-pop
MXP63-P1
x-amz-server-side-encryption
AES256
x-amz-version-id
sKHknVtlOcC4oR0gn8KqcKxckt0kT8Tc
x-cache
Hit from cloudfront
x-content-type-options
nosniff
hcaptcha.html
newassets.hcaptcha.com/captcha/v1/d442197/static/ Frame D489 		2 KB
762 B 		Document
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/d442197/static/hcaptcha.html
Requested by
Host: js.hcaptcha.com
URL: https://js.hcaptcha.com/1/api.js?render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9a8e12b34b1b412636649fbcc62d5583171940890ba1ac9d1fc915fa158ddfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

access-control-allow-origin
*
age
1057
alt-svc
h3=":443"; ma=86400
cache-control
max-age=1209600
cf-cache-status
HIT
cf-ray
7f6563c29df2bb14-MXP
content-encoding
br
content-type
text/html
cross-origin-embedder-policy
credentialless
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 01:22:57 GMT
last-modified
Thu, 10 Aug 2023 11:28:24 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 d21c7dc6bfb9c2f00dc62b8a7281a898.cloudfront.net (CloudFront)
x-amz-cf-id
bcL8TzyG8aGn_AK8szl90akDdqH8xEtWEecH1QN3hv5utX6_mc1_WQ==
x-amz-cf-pop
MXP63-P1
x-amz-server-side-encryption
AES256
x-amz-version-id
sKHknVtlOcC4oR0gn8KqcKxckt0kT8Tc
x-cache
Hit from cloudfront
x-content-type-options
nosniff
csp-report
q.stripe.com/ Frame 6C08 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: thenounproject.com
URL: https://thenounproject.com/accounts/signup/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 14 Aug 2023 01:22:57 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1691976177514290
x-envoy-upstream-service-time
3
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1691976177513563
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 6C08 		0
718 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: thenounproject.com
URL: https://thenounproject.com/accounts/signup/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 14 Aug 2023 01:22:57 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1691976177514146
x-envoy-upstream-service-time
0
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1691976177513824
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
inner.html
m.stripe.network/ Frame BBC9 		930 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:aa00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

accept-ranges
bytes
age
39
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Mon, 14 Aug 2023 01:22:19 GMT
etag
"06bfcd88af438673a8bf9b845a11aa6e"
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
x-amz-cf-id
Yl6yqUYoUl56wyuuF6mOAo6zcJUFegWruMSy8Yai5PZiZFzLGhmokw==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
muse.js
www.paypalobjects.com/muse/ 		57 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/muse.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?id=thenounproject.com&t=xo&v=5.0.390&source=payments_sdk&client_id=AUSoRgkBaSAUlK8T5Ozoj1tBsA8X9F7DkdxTRPLidEugtKfzrFANVQew8kDLL8it_OkGmk9lRzYTVgWM&vault=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C79) /
Resource Hash
580e275dac7ac3bf7017eef59006d8dd9215477cb364a2a3e08ed948e8cca67d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 01:22:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
bbd7ba172f920
dc
ccg11-origin-www-1.paypal.com
content-length
16778
last-modified
Fri, 28 Jul 2023 20:04:26 GMT
server
ECAcc (mil/6C79)
traceparent
00-0000000000000000000bbd7ba172f920-9aa26375a95f8729-01
etag
"64c41f4a-e443+gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Mon, 14 Aug 2023 02:22:57 GMT
ts
t.paypal.com/ 		42 B
837 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3A3GLJ67SV6GFAU-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3A3GLJ67SV6GFAU-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=a7f5d04f-b2fc-4666-b105-33335df39c96&fltp=analytics&mrid=3GLJ67SV6GFAU&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=Noun%20Project&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1691976177064&g=-120&completeurl=https%3A%2F%2Fthenounproject.com%2Faccounts%2Fsignup%2F
Requested by
Host: thenounproject.com
URL: https://thenounproject.com/accounts/signup/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Mon, 14 Aug 2023 01:22:57 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
c896d2ed400b3
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-fra-etou8220053-FRA, cache-mxp6961-MXP
pragma
no-cache
correlation-id
c896d2ed400b3
traceparent
00-0000000000000000000c896d2ed400b3-6fd8437d26338bf8-01
x-timer
S1691976177.137942,VS0,VE173
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 14 Aug 2023 01:22:57 GMT
hcaptcha.js
newassets.hcaptcha.com/captcha/v1/d442197/ Frame 1F7A 		313 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/d442197/hcaptcha.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/d442197/static/hcaptcha.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80c62b154eb4119852adcb132c5c66e9e6ba7d0cbe27406bc6dd7888ff2459fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newassets.hcaptcha.com/captcha/v1/d442197/static/hcaptcha.html
Origin
https://newassets.hcaptcha.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 01:22:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 ce7dde22578153f9696a56814908bd80.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-content-type-options
nosniff
x-amz-version-id
jmLZoolSh4x_UX_gEYtNJunl2sdUN6Te
age
1056
x-amz-cf-pop
FCO50-P4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 10 Aug 2023 11:28:25 GMT
server
cloudflare
etag
W/"b0953d4ee080a0777bbb7714a17f0d2d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
cf-ray
7f6563c30e3dbb14-MXP
x-amz-cf-id
OGy-M6vtyXXhlktPi2BFH3APkKVbIxIp714bhCvwDHlEsby3qeyFAw==
hcaptcha.js
newassets.hcaptcha.com/captcha/v1/d442197/ Frame D489 		313 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/d442197/hcaptcha.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/d442197/static/hcaptcha.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80c62b154eb4119852adcb132c5c66e9e6ba7d0cbe27406bc6dd7888ff2459fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newassets.hcaptcha.com/captcha/v1/d442197/static/hcaptcha.html
Origin
https://newassets.hcaptcha.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 01:22:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 ce7dde22578153f9696a56814908bd80.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-content-type-options
nosniff
x-amz-version-id
jmLZoolSh4x_UX_gEYtNJunl2sdUN6Te
age
1056
x-amz-cf-pop
FCO50-P4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 10 Aug 2023 11:28:25 GMT
server
cloudflare
etag
W/"b0953d4ee080a0777bbb7714a17f0d2d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
cf-ray
7f6563c30e49bb14-MXP
x-amz-cf-id
OGy-M6vtyXXhlktPi2BFH3APkKVbIxIp714bhCvwDHlEsby3qeyFAw==
style
accounts.google.com/gsi/ 		533 B
608 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/style
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-NrjEkfc4FEs7SUfxQtoDvg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 01:22:57 GMT
content-security-policy
script-src 'report-sample' 'nonce-NrjEkfc4FEs7SUfxQtoDvg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
text/css; charset=utf-8
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Mon, 14 Aug 2023 01:22:57 GMT
button
accounts.google.com/gsi/ Frame 07F7 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/button?type=standard&size=large&theme=outline&shape=rectangular&logo_alignment=center&width=400&text=signup_with&client_id=132923386426-5om6319mngoembiedhkbnp0imeqf8tdl.apps.googleusercontent.com&iframe_id=gsi_177135_121316&as=pv8a7%2BF5T0C4R%2BrBizZBrw
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
99f85f2317a7f4b892ac29d3399a28a62ab0e7ed90e639b21060de8163b294e9
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http script-src 'report-sample' 'nonce-G6cfLX76GqTaZ54qsOYhMg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http script-src 'report-sample' 'nonce-G6cfLX76GqTaZ54qsOYhMg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 01:22:57 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
index.html
www.paypalobjects.com/muse/analytics/ Frame 23D0 		57 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/analytics/index.html
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6CD8) /
Resource Hash
c6d3cc0c060a6aad1026adf6df80cea5635475894996f1ec36226220a2ba78b9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

accept-ranges
bytes
cache-control
s-maxage=31536000, public,max-age=3600
content-encoding
gzip
content-length
17116
content-type
text/html
date
Mon, 14 Aug 2023 01:22:57 GMT
dc
ccg11-origin-www-1.paypal.com
etag
W/"64c41f4a-e3d2"
expires
Mon, 14 Aug 2023 02:22:57 GMT
last-modified
Fri, 28 Jul 2023 20:04:26 GMT
paypal-debug-id
9b79f7846214d
server
ECAcc (mil/6CD8)
strict-transport-security
max-age=63072000; includeSubDomains; preload
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
traceparent
00-00000000000000000009b79f7846214d-334cd115132768ae-01
vary
Accept-Encoding
x-cache
HIT
x-content-type-options
nosniff
truncated
/ Frame D489 		798 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/png
checksiteconfig
hcaptcha.com/ Frame D489 		682 B
886 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hcaptcha.com/checksiteconfig?v=d442197&host=thenounproject.com&sitekey=62dde236-a409-46da-a7ea-ad1c8175391f&sc=1&swa=1&spst=0
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/d442197/hcaptcha.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8088eb9b19cd36ad7f38ccdaa9d784cf541c223e65aecf643fc9177442a0067c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://newassets.hcaptcha.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 14 Aug 2023 01:22:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
br
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://newassets.hcaptcha.com
access-control-allow-credentials
true
cf-ray
7f6563c3beb1bb14-MXP
access-control-allow-headers
Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
cf-chl-bypass
2
alt-svc
h3=":443"; ma=86400
csp-report
q.stripe.com/ Frame BBC9 		0
491 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: thenounproject.com
URL: https://thenounproject.com/accounts/signup/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 14 Aug 2023 01:22:57 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1691976177514462
x-envoy-upstream-service-time
4
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1691976177513803
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
expires
0
out-4.5.43.js
m.stripe.network/ Frame BBC9 		87 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.43.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:aa00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 14 Aug 2023 01:18:59 GMT
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
via
1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
etag
W/"69cb7809b5011312e716f29b3d19dce6"
age
238
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
x-amz-cf-id
c3hvR3cN4iaPHKKA_VhsQ59vERmJQzkGdOG7CuyKMbvuwSOjdUdeIA==
ts
t.paypal.com/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3A3GLJ67SV6GFAU-1&page=muse%3Aoffer%3A%3A%3A3GLJ67SV6GFAU-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=a7f5d04f-b2fc-4666-b105-33335df39c96&es=visitorInfoFlowStarted&mrid=3GLJ67SV6GFAU&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Noun%20Project&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1691976177243&g=-120&completeurl=https%3A%2F%2Fthenounproject.com%2Faccounts%2Fsignup%2F
Requested by
Host: thenounproject.com
URL: https://thenounproject.com/accounts/signup/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Mon, 14 Aug 2023 01:22:57 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
32194ca10f959
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-fra-eddf8230065-FRA, cache-mxp6961-MXP
pragma
no-cache
correlation-id
32194ca10f959
traceparent
00-000000000000000000032194ca10f959-07eecd90ba6d2935-01
x-timer
S1691976177.251902,VS0,VE171
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 14 Aug 2023 01:22:57 GMT
graphql
www.paypal.com/targeting/ Frame 23D0 		435 B
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/targeting/graphql
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
32eb93605acfc31891bb956fd26c62d02208ebed9ed661fc487de6001f3c4bdd
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-0YaB7bDhzKkYbWwXuVuyzMKlBPaKOkPHF5ADxS6sihufISGi' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypalobjects.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-0YaB7bDhzKkYbWwXuVuyzMKlBPaKOkPHF5ADxS6sihufISGi' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Mon, 14 Aug 2023 01:22:57 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
paypal-debug-id
f710524a52c36
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230033-FRA, cache-mxp6944-MXP
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f710524a52c36-87ab8846db2cf4de-01
x-timer
S1691976177.491809,VS0,VE265
etag
W/"1b3-Sh+fcuXyAU0GOdJ5je+EfRPREpQ"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.paypalobjects.com
access-control-expose-headers
Paypal-Debug-Id
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0
graphql
www.paypal.com/targeting/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/targeting/graphql
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.paypalobjects.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.paypalobjects.com
access-control-expose-headers
Paypal-Debug-Id
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Mon, 14 Aug 2023 01:22:57 GMT
dc
ccg11-origin-www-1.paypal.com
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f710524a51fb0
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f710524a51fb0-8064483076836710-01
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-served-by
cache-fra-eddf8230103-FRA, cache-mxp6979-MXP
x-timer
S1691976177.288475,VS0,VE186
6
m.stripe.com/ Frame BBC9 		156 B
670 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.241.244.122 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-244-122.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
32cbe76a9f500cb6ee1892ccc1a89a118a31743c99d847a49acdc1d1a9d4a449
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
green
date
Mon, 14 Aug 2023 01:22:57 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1691976177803443
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1691976177803091
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
m=credential_button_library
ssl.gstatic.com/_/gsi/_/ss/k=gsi.gsi.SmVeKl_K980.L.W.O/am=AOI/d=1/rs=AF0KOtWTdZPWIRQ8Aw5QqqLloIx-0oid4g/ Frame 07F7 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ssl.gstatic.com/_/gsi/_/ss/k=gsi.gsi.SmVeKl_K980.L.W.O/am=AOI/d=1/rs=AF0KOtWTdZPWIRQ8Aw5QqqLloIx-0oid4g/m=credential_button_library
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/button?type=standard&size=large&theme=outline&shape=rectangular&logo_alignment=center&width=400&text=signup_with&client_id=132923386426-5om6319mngoembiedhkbnp0imeqf8tdl.apps.googleusercontent.com&iframe_id=gsi_177135_121316&as=pv8a7%2BF5T0C4R%2BrBizZBrw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ffd9148502527101428184082d3f169369aa4ba51720bd2eef686fc06571bfd
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/csi-web-eng
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/csi-web-eng
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 08 Aug 2023 06:04:42 GMT
age
501495
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1753
x-xss-protection
0
last-modified
Mon, 12 Jun 2023 21:16:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="csi-web-eng"
vary
Accept-Encoding
report-to
{"group":"csi-web-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/csi-web-eng"}]}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Aug 2024 06:04:42 GMT
m=credential_button_library
ssl.gstatic.com/_/gsi/_/js/k=gsi.gsi.it.EYndidQWIMA.O/am=AOI/d=1/rs=AF0KOtXF6qztZs_YZ5IFcUIWTjegR0yC9A/ Frame 07F7 		98 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.gstatic.com/_/gsi/_/js/k=gsi.gsi.it.EYndidQWIMA.O/am=AOI/d=1/rs=AF0KOtXF6qztZs_YZ5IFcUIWTjegR0yC9A/m=credential_button_library
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/button?type=standard&size=large&theme=outline&shape=rectangular&logo_alignment=center&width=400&text=signup_with&client_id=132923386426-5om6319mngoembiedhkbnp0imeqf8tdl.apps.googleusercontent.com&iframe_id=gsi_177135_121316&as=pv8a7%2BF5T0C4R%2BrBizZBrw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a785493853407b22ea3e758c3c16257d99057cb3090b1166e654038183b9edca
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/csi-web-eng
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/csi-web-eng
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 08 Aug 2023 04:02:05 GMT
age
508852
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36540
x-xss-protection
0
last-modified
Fri, 28 Jul 2023 21:18:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="csi-web-eng"
vary
Accept-Encoding
report-to
{"group":"csi-web-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/csi-web-eng"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Aug 2024 04:02:05 GMT
identity-sign-in-google-http
csp.withgoogle.com/csp/ Frame 07F7 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/identity-sign-in-google-http
Requested by
Host: thenounproject.com
URL: https://thenounproject.com/accounts/signup/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/csp-report

Response headers
logger
www.paypal.com/xoplatform/logger/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://thenounproject.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://thenounproject.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-length
0
date
Mon, 14 Aug 2023 01:22:57 GMT
dc
ccg11-origin-www-1.paypal.com
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f5197753a5430
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f5197753a5430-134c0c5a7648eebc-01
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-content-type-options
nosniff
x-served-by
cache-fra-etou8220069-FRA, cache-mxp6979-MXP
x-timer
S1691976178.567502,VS0,VE201
logger
www.paypal.com/xoplatform/logger/api/ 		1016 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Requested by
Host: static.production.thenounproject.com
URL: https://static.production.thenounproject.com/assets/bundles/photos-602fd1d109393e540225.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ab7bc0eaff5bda87f1a3df74aff57dd403dc8fab48c778668f2e0ecf418885b0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type
application/json

Response headers

date
Mon, 14 Aug 2023 01:22:58 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cache
MISS, MISS
paypal-debug-id
f519775300b92
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-fra-eddf8230096-FRA, cache-mxp6979-MXP
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f519775300b92-a8625bcccfdae4c2-01
x-timer
S1691976178.786750,VS0,VE236
etag
W/"3f8-UmPA5mNmF6bJtr+jv9yMjHV8D0A"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://thenounproject.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
none
x-cache-hits
0, 0
collect
region1.google-analytics.com/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-TEXVFE05D4&gtm=45je3890&_p=150294706&gcs=G111&cid=868361030.1691976178&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1691976177&sct=1&seg=0&dl=https%3A%2F%2Fthenounproject.com%2Faccounts%2Fsignup%2F&dt=Noun%20Project&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TEXVFE05D4&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 01:22:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://thenounproject.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| dataLayer object| webpackChunkStripeJSouter function| noop function| Stripe object| _nounConfig string| csrfCookieName object| webpackJsonp object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| __SENTRY__ function| _ function| ga number| 2f1acc6c3a606b082e5eef5e54414ffb function| captchaSetLoaded function| _nounAfterAuth function| _nounCancelAuth object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data function| gtag object| data object| user object| userDataScript undefined| btn function| profitwell object| __post_robot_11_0_0___uid_xhdjztfvckwctpnzfdtjewaimciqtp object| paypal object| __zoid_10_3_1___uid_xhdjztfvckwctpnzfdtjewaimciqtp object| Raven object| hcaptcha object| grecaptcha object| paypalDDL string| PaypalOffersObject function| ppq function| onYouTubeIframeAPIReady object| default_gsi object| google object| __G_ID_CLIENT__ object| closure_lm_264807 object| __post_robot_10_0_46__ object| PAYPAL object| gaGlobal

15 Cookies

Domain/Path Name / Value
.thenounproject.com/ Name: csrftoken
Value: G951Ujy40zE2ZALP4xfnqrYqSYLpxY1x
.paypal.com/ Name: ts_c
Value: vr%3Df1a396bb1890a6240277269cf805f957%26vt%3Df1a396bb1890a6240277269cf805f956
.thenounproject.com/ Name: _ga
Value: GA1.1.868361030.1691976178
.thenounproject.com/ Name: _ga_TEXVFE05D4
Value: GS1.1.1691976177.1.0.1691976177.0.0.0
.paypal.com/ Name: LANG
Value: it_IT%3BIT
.paypal.com/ Name: enforce_policy
Value: gdpr_v2.1
.paypal.com/ Name: x-pp-s
Value: eyJ0IjoiMTY5MTk3NjE3NzY2NyIsImwiOiIwIiwibSI6IjAifQ
.paypal.com/ Name: tsrce
Value: targetingnodeweb
www.paypal.com/ Name: nsid
Value: s%3AoqMMmD6bKpUpradqct04ovUwazorex3h.4OhKO3QUAwqN5GCxb8hZMiYZEr9DtKjXo%2BXyhhKsw9U
.paypal.com/ Name: l7_az
Value: dcg02.phx
.paypal.com/ Name: ts
Value: vreXpYrS%3D1786670577%26vteXpYrS%3D1691977977%26vr%3Df1a396bb1890a6240277269cf805f957%26vt%3Df1a396bb1890a6240277269cf805f956%26vtyp%3D
.paypalobjects.com/ Name: paypal-offers--cust
Value: null:null:null
m.stripe.com/ Name: m
Value: 839a5e62-d991-4649-92b5-77accacc49eab3b7bc
.thenounproject.com/ Name: __stripe_mid
Value: a630a03e-040c-47ef-8634-761d517d9cf35269e7
.thenounproject.com/ Name: __stripe_sid
Value: 4f027dd8-6d5b-4632-89c0-496f8ae4905ec344f3

3 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
network error URL: https://accounts.google.com/gsi/button?type=standard&size=large&theme=outline&shape=rectangular&logo_alignment=center&width=400&text=signup_with&client_id=132923386426-5om6319mngoembiedhkbnp0imeqf8tdl.apps.googleusercontent.com&iframe_id=gsi_177135_121316&as=pv8a7%2BF5T0C4R%2BrBizZBrw
Message:
Failed to load resource: the server responded with a status of 400 ()
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
click.pstmrk.it
csp.withgoogle.com
hcaptcha.com
js.hcaptcha.com
js.stripe.com
m.stripe.com
m.stripe.network
newassets.hcaptcha.com
public.profitwell.com
q.stripe.com
region1.google-analytics.com
sentry.io
ssl.gstatic.com
static.production.thenounproject.com
t.paypal.com
thenounproject.com
www.googletagmanager.com
www.paypal.com
www.paypalobjects.com
104.16.169.131
13.32.121.58
151.101.129.21
151.101.65.35
192.229.221.25
2001:4860:4802:34::36
2600:9000:2057:aa00:19:7d10:bd80:93a1
2600:9000:225e:cc00:4:19b0:ef00:93a1
2a00:1450:4001:800::2003
2a00:1450:4001:80e::2008
2a00:1450:4001:811::200d
2a00:1450:4001:82a::2011
35.188.42.15
44.241.244.122
52.206.246.128
52.48.233.137
54.187.159.182
99.86.4.122
0f8680c3c051b60205dc31bf23dbe073df9859aae108571997090d7133dbcad4
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
32cbe76a9f500cb6ee1892ccc1a89a118a31743c99d847a49acdc1d1a9d4a449
32eb93605acfc31891bb956fd26c62d02208ebed9ed661fc487de6001f3c4bdd
3e4f92fd59398cf1ab8039a68fa691fa3b2bf08b157868eb48ec7c4b54b22214
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4878e022d893f19fdc7f90241eeaa35766440320c6dcc40d345d86839b8f9098
4b24e609596861691a03c1db0ccca39dcdde3e780a58b0546e4cc25a923b3e40
5672183af31b4f19deb1de9dacf293b14512ab2a4760c760aaa0eee21e84020c
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7
580e275dac7ac3bf7017eef59006d8dd9215477cb364a2a3e08ed948e8cca67d
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
76985e019b5dd6751898d24357243dceb50389ed6c0d64dfcf050ca7fdaef668
8088eb9b19cd36ad7f38ccdaa9d784cf541c223e65aecf643fc9177442a0067c
80c62b154eb4119852adcb132c5c66e9e6ba7d0cbe27406bc6dd7888ff2459fa
8c6bc6daa7f122286777f02b1529b5752bfe81a1c6c02d34d8f0e0cfb239943f
94793e651d33131640f21098c7a9ee7155892c1a0be754c80e8e38c3ec5a81d2
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
99f85f2317a7f4b892ac29d3399a28a62ab0e7ed90e639b21060de8163b294e9
9f3f2656a6efddcf2a79cfa33b91b18abfba8851a770ff4843018c7ad491f2a3
9ffd9148502527101428184082d3f169369aa4ba51720bd2eef686fc06571bfd
a785493853407b22ea3e758c3c16257d99057cb3090b1166e654038183b9edca
ab7bc0eaff5bda87f1a3df74aff57dd403dc8fab48c778668f2e0ecf418885b0
b279ea61d3cf1f3c7d911eb746114cbaff7109901e3fcd8f5f4192ac94a9aa94
b889c3ba20d61a1dbf81230dcb46989cb433fe33926fbc2da19db0be3279581f
bb85a18379d41b7782883552ae2736cf345df480cdf12423cece89fa7d29ec89
bc47dfb324fe6ad6e9d62f07c1f402ba3165c91d19489da731394b28e93daf47
c6d3cc0c060a6aad1026adf6df80cea5635475894996f1ec36226220a2ba78b9
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f9a8e12b34b1b412636649fbcc62d5583171940890ba1ac9d1fc915fa158ddfb