gpm.convera.com Open in urlscan Pro
3.221.40.81  Public Scan

4 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request Americas%20Charities%20FAQ Show response gpm.convera.com/R/	12 KB 6 KB	334ms 124ms	Document text/html	3.221.40.81 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://gpm.convera.com/R/Americas%20Charities%20FAQ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.221.40.81 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-221-40-81.compute-1.amazonaws.com Software Microsoft-IIS/10.0 / C1 CMS ASP.NET Resource Hash a98bc344e3c34ee630bc0cad9876bdc15df5dedd37959a2227bcac3b16358d9c Security Headers Name Value Content-Security-Policy frame-ancestors 'self' *.westernunion.com *.wu.com *.cua.com.au *.beyondbank.com.au *.creditunionsa.com.au *.cusa-cw-uat.da.net.au *.csa001.beta.fusion.com.au *.humebank.com.au *.peopleschoicecu.com.au *.peopleschoice.com.au X-Frame-Options SAMEORIGIN X-Xss-Protection 1 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers access-control-allow-headers Content-Type access-control-allow-methods GET, POST access-control-allow-origin * cache-control no-cache content-encoding gzip content-length 4771 content-security-policy frame-ancestors 'self' *.westernunion.com *.wu.com *.cua.com.au *.beyondbank.com.au *.creditunionsa.com.au *.cusa-cw-uat.da.net.au *.csa001.beta.fusion.com.au *.humebank.com.au *.peopleschoicecu.com.au *.peopleschoice.com.au content-type text/html; charset=utf-8 date Fri, 06 Sep 2024 15:41:08 GMT expires -1 pragma no-cache server Microsoft-IIS/10.0 vary Accept-Encoding x-aspnet-version 4.0.30319 x-frame-options SAMEORIGIN x-powered-by C1 CMS ASP.NET x-ua-compatible IE=edge,chrome=1 x-xss-protection 1
GET H2	200	gpm.css gpm.convera.com/Frontend/Styles/suWUBS/	553 KB 69 KB	186ms 185ms	Stylesheet text/css	3.221.40.81 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://gpm.convera.com/Frontend/Styles/suWUBS/gpm.css?v=20220127 Requested by Host: gpm.convera.com URL: https://gpm.convera.com/R/Americas%20Charities%20FAQ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.221.40.81 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-221-40-81.compute-1.amazonaws.com Software Microsoft-IIS/10.0 / C1 CMS, ASP.NET Resource Hash 4fddfae8526c8726c74fbe10ba1024f7f7cf62546e74e73e0b8417071f9fd5cc Security Headers Name Value Content-Security-Policy frame-ancestors 'self' *.westernunion.com *.wu.com *.cua.com.au *.beyondbank.com.au *.creditunionsa.com.au *.cusa-cw-uat.da.net.au *.csa001.beta.fusion.com.au *.humebank.com.au *.peopleschoicecu.com.au *.peopleschoice.com.au X-Frame-Options SAMEORIGIN X-Xss-Protection 1 Request headers Referer https://gpm.convera.com/R/Americas%20Charities%20FAQ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 06 Sep 2024 15:41:08 GMT content-encoding gzip content-security-policy frame-ancestors 'self' *.westernunion.com *.wu.com *.cua.com.au *.beyondbank.com.au *.creditunionsa.com.au *.cusa-cw-uat.da.net.au *.csa001.beta.fusion.com.au *.humebank.com.au *.peopleschoicecu.com.au *.peopleschoice.com.au x-powered-by C1 CMS, ASP.NET content-length 69942 x-xss-protection 1 x-ua-compatible IE=edge,chrome=1 last-modified Wed, 27 Mar 2024 09:35:04 GMT server Microsoft-IIS/10.0 etag "0d4cc2a80da1:0" vary Accept-Encoding x-frame-options SAMEORIGIN content-type text/css access-control-allow-origin * access-control-allow-methods GET, POST cache-control max-age=2592000 accept-ranges bytes access-control-allow-headers Content-Type
GET H2	200	Convera_LogoMint_Gray.png gpm.convera.com/Frontend/Images/suWUBS/	27 KB 28 KB	93ms 92ms	Image image/png	3.221.40.81 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://gpm.convera.com/Frontend/Images/suWUBS/Convera_LogoMint_Gray.png Requested by Host: gpm.convera.com URL: https://gpm.convera.com/R/Americas%20Charities%20FAQ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.221.40.81 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-221-40-81.compute-1.amazonaws.com Software Microsoft-IIS/10.0 / C1 CMS, ASP.NET Resource Hash 9b283152b1660a5682a671decd9a46ae65a8a363c4a33e0a4039c863aaa3e65d Security Headers Name Value Content-Security-Policy frame-ancestors 'self' *.westernunion.com *.wu.com *.cua.com.au *.beyondbank.com.au *.creditunionsa.com.au *.cusa-cw-uat.da.net.au *.csa001.beta.fusion.com.au *.humebank.com.au *.peopleschoicecu.com.au *.peopleschoice.com.au X-Frame-Options SAMEORIGIN X-Xss-Protection 1 Request headers Referer https://gpm.convera.com/R/Americas%20Charities%20FAQ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 06 Sep 2024 15:41:08 GMT content-security-policy frame-ancestors 'self' *.westernunion.com *.wu.com *.cua.com.au *.beyondbank.com.au *.creditunionsa.com.au *.cusa-cw-uat.da.net.au *.csa001.beta.fusion.com.au *.humebank.com.au *.peopleschoicecu.com.au *.peopleschoice.com.au x-powered-by C1 CMS, ASP.NET content-length 28090 x-xss-protection 1 x-ua-compatible IE=edge,chrome=1 last-modified Wed, 27 Mar 2024 09:35:04 GMT server Microsoft-IIS/10.0 etag "0d4cc2a80da1:0" x-frame-options SAMEORIGIN access-control-allow-methods GET, POST content-type image/png access-control-allow-origin * cache-control max-age=2592000 accept-ranges bytes access-control-allow-headers Content-Type
GET H2	200	America's%20Charities_Primary%20Logo_From%20Tucker.jpg gpm.convera.com/media/86f3e26e-583e-4875-8da7-83b749c3139f/vUqhmQ/	27 KB 28 KB	277ms 276ms	Image image/jpeg	3.221.40.81 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://gpm.convera.com/media/86f3e26e-583e-4875-8da7-83b749c3139f/vUqhmQ/America's%20Charities_Primary%20Logo_From%20Tucker.jpg Requested by Host: gpm.convera.com URL: https://gpm.convera.com/R/Americas%20Charities%20FAQ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.221.40.81 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-221-40-81.compute-1.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 2a96d255eb086856582991d19db0e496ec69be938f26801b9a6313bdc9b169b2 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' *.westernunion.com *.wu.com *.cua.com.au *.beyondbank.com.au *.creditunionsa.com.au *.cusa-cw-uat.da.net.au *.csa001.beta.fusion.com.au *.humebank.com.au *.peopleschoicecu.com.au *.peopleschoice.com.au X-Frame-Options SAMEORIGIN X-Xss-Protection 1 Request headers Referer https://gpm.convera.com/R/Americas%20Charities%20FAQ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 06 Sep 2024 15:41:08 GMT content-security-policy frame-ancestors 'self' *.westernunion.com *.wu.com *.cua.com.au *.beyondbank.com.au *.creditunionsa.com.au *.cusa-cw-uat.da.net.au *.csa001.beta.fusion.com.au *.humebank.com.au *.peopleschoicecu.com.au *.peopleschoice.com.au x-aspnet-version 4.0.30319 x-powered-by ASP.NET content-disposition inline;filename="America's Charities_Primary Logo_From Tucker.jpg" content-length 27593 x-xss-protection 1 x-ua-compatible IE=edge,chrome=1 last-modified Tue, 20 Oct 2020 18:32:58 GMT server Microsoft-IIS/10.0 x-frame-options SAMEORIGIN access-control-allow-methods GET, POST content-type image/jpeg access-control-allow-origin * cache-control public accept-ranges bytes access-control-allow-headers Content-Type expires Sun, 06 Oct 2024 15:41:12 GMT
GET H2	200	sample%20check.jpg gpm.convera.com/media/28ae9ffe-8f25-4c05-8481-3b6e673d08fb/OtmZcw/	9 KB 10 KB	94ms 93ms	Image image/jpeg	3.221.40.81 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://gpm.convera.com/media/28ae9ffe-8f25-4c05-8481-3b6e673d08fb/OtmZcw/sample%20check.jpg Requested by Host: gpm.convera.com URL: https://gpm.convera.com/R/Americas%20Charities%20FAQ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.221.40.81 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-221-40-81.compute-1.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 659880e4dfe0bf53e9fdf9267dd9e35f3bd8635da3d86cfd2a6a65f396fbf02f Security Headers Name Value Content-Security-Policy frame-ancestors 'self' *.westernunion.com *.wu.com *.cua.com.au *.beyondbank.com.au *.creditunionsa.com.au *.cusa-cw-uat.da.net.au *.csa001.beta.fusion.com.au *.humebank.com.au *.peopleschoicecu.com.au *.peopleschoice.com.au X-Frame-Options SAMEORIGIN X-Xss-Protection 1 Request headers Referer https://gpm.convera.com/R/Americas%20Charities%20FAQ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 06 Sep 2024 15:41:08 GMT content-security-policy frame-ancestors 'self' *.westernunion.com *.wu.com *.cua.com.au *.beyondbank.com.au *.creditunionsa.com.au *.cusa-cw-uat.da.net.au *.csa001.beta.fusion.com.au *.humebank.com.au *.peopleschoicecu.com.au *.peopleschoice.com.au x-aspnet-version 4.0.30319 x-powered-by ASP.NET content-disposition inline;filename="sample check.jpg" content-length 8883 x-xss-protection 1 x-ua-compatible IE=edge,chrome=1 last-modified Mon, 17 Aug 2020 17:46:33 GMT server Microsoft-IIS/10.0 x-frame-options SAMEORIGIN access-control-allow-methods GET, POST content-type image/jpeg access-control-allow-origin * cache-control public accept-ranges bytes access-control-allow-headers Content-Type expires Sun, 06 Oct 2024 15:41:12 GMT
GET H2	200	vendor.suWUBS.min.js Show response gpm.convera.com/Frontend/Scripts/suWUBS/	448 KB 132 KB	95ms 94ms	Script application/javascript	3.221.40.81 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://gpm.convera.com/Frontend/Scripts/suWUBS/vendor.suWUBS.min.js?v=20220127 Requested by Host: gpm.convera.com URL: https://gpm.convera.com/R/Americas%20Charities%20FAQ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.221.40.81 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-221-40-81.compute-1.amazonaws.com Software Microsoft-IIS/10.0 / C1 CMS, ASP.NET Resource Hash bb7aad41afce8acca27481e31de9ff1295d7301626b40ea309ea3606c7303ec4 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' *.westernunion.com *.wu.com *.cua.com.au *.beyondbank.com.au *.creditunionsa.com.au *.cusa-cw-uat.da.net.au *.csa001.beta.fusion.com.au *.humebank.com.au *.peopleschoicecu.com.au *.peopleschoice.com.au X-Frame-Options SAMEORIGIN X-Xss-Protection 1 Request headers Referer https://gpm.convera.com/R/Americas%20Charities%20FAQ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 06 Sep 2024 15:41:08 GMT content-encoding gzip content-security-policy frame-ancestors 'self' *.westernunion.com *.wu.com *.cua.com.au *.beyondbank.com.au *.creditunionsa.com.au *.cusa-cw-uat.da.net.au *.csa001.beta.fusion.com.au *.humebank.com.au *.peopleschoicecu.com.au *.peopleschoice.com.au x-powered-by C1 CMS, ASP.NET content-length 133763 x-xss-protection 1 x-ua-compatible IE=edge,chrome=1 last-modified Wed, 27 Mar 2024 09:35:04 GMT server Microsoft-IIS/10.0 etag "0d4cc2a80da1:0" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript access-control-allow-origin * access-control-allow-methods GET, POST cache-control max-age=2592000 accept-ranges bytes access-control-allow-headers Content-Type
GET H2	200	gpm.suWUBS.min.js Show response gpm.convera.com/Frontend/Scripts/suWUBS/	109 KB 19 KB	95ms 95ms	Script application/javascript	3.221.40.81 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://gpm.convera.com/Frontend/Scripts/suWUBS/gpm.suWUBS.min.js?v=20220127 Requested by Host: gpm.convera.com URL: https://gpm.convera.com/R/Americas%20Charities%20FAQ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.221.40.81 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-221-40-81.compute-1.amazonaws.com Software Microsoft-IIS/10.0 / C1 CMS, ASP.NET Resource Hash 67757cfa6e6859509687ef58786b0987060af03cbd887a29172eb086b69a9f66 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' *.westernunion.com *.wu.com *.cua.com.au *.beyondbank.com.au *.creditunionsa.com.au *.cusa-cw-uat.da.net.au *.csa001.beta.fusion.com.au *.humebank.com.au *.peopleschoicecu.com.au *.peopleschoice.com.au X-Frame-Options SAMEORIGIN X-Xss-Protection 1 Request headers Referer https://gpm.convera.com/R/Americas%20Charities%20FAQ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 06 Sep 2024 15:41:08 GMT content-encoding gzip content-security-policy frame-ancestors 'self' *.westernunion.com *.wu.com *.cua.com.au *.beyondbank.com.au *.creditunionsa.com.au *.cusa-cw-uat.da.net.au *.csa001.beta.fusion.com.au *.humebank.com.au *.peopleschoicecu.com.au *.peopleschoice.com.au x-powered-by C1 CMS, ASP.NET content-length 18068 x-xss-protection 1 x-ua-compatible IE=edge,chrome=1 last-modified Sat, 10 Aug 2024 03:10:02 GMT server Microsoft-IIS/10.0 etag "0615dcad2eada1:0" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript access-control-allow-origin * access-control-allow-methods GET, POST cache-control max-age=2592000 accept-ranges bytes access-control-allow-headers Content-Type
GET H2	200	en.js Show response gpm.convera.com/Frontend/Scripts/suWUBS/select2/i18n/	846 B 1 KB	94ms 93ms	Script application/javascript	3.221.40.81 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://gpm.convera.com/Frontend/Scripts/suWUBS/select2/i18n/en.js?v=20220127 Requested by Host: gpm.convera.com URL: https://gpm.convera.com/R/Americas%20Charities%20FAQ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.221.40.81 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-221-40-81.compute-1.amazonaws.com Software Microsoft-IIS/10.0 / C1 CMS, ASP.NET Resource Hash b8adb8821390d2c42e12b7ff6d021ff742c297b87074eca1c7d2da03fc6bc101 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' *.westernunion.com *.wu.com *.cua.com.au *.beyondbank.com.au *.creditunionsa.com.au *.cusa-cw-uat.da.net.au *.csa001.beta.fusion.com.au *.humebank.com.au *.peopleschoicecu.com.au *.peopleschoice.com.au X-Frame-Options SAMEORIGIN X-Xss-Protection 1 Request headers Referer https://gpm.convera.com/R/Americas%20Charities%20FAQ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 06 Sep 2024 15:41:08 GMT content-encoding gzip content-security-policy frame-ancestors 'self' *.westernunion.com *.wu.com *.cua.com.au *.beyondbank.com.au *.creditunionsa.com.au *.cusa-cw-uat.da.net.au *.csa001.beta.fusion.com.au *.humebank.com.au *.peopleschoicecu.com.au *.peopleschoice.com.au x-powered-by C1 CMS, ASP.NET content-length 583 x-xss-protection 1 x-ua-compatible IE=edge,chrome=1 last-modified Wed, 27 Mar 2024 09:35:04 GMT server Microsoft-IIS/10.0 etag "0d4cc2a80da1:0" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript access-control-allow-origin * access-control-allow-methods GET, POST cache-control max-age=2592000 accept-ranges bytes access-control-allow-headers Content-Type
GET H2	200	OtAutoBlock.js Show response cdn.cookielaw.org/consent/9810e38c-7df8-45dc-b1da-26c4316b113f/	11 KB 3 KB	52ms 33ms	Script application/x-javascript	2606:4700::6812:572a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/9810e38c-7df8-45dc-b1da-26c4316b113f/OtAutoBlock.js Requested by Host: gpm.convera.com URL: https://gpm.convera.com/R/Americas%20Charities%20FAQ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 949efb5e7e0985ea13da07bf54980130a3f6a79c480121e08377c66fb65f3eb2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://gpm.convera.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 06 Sep 2024 15:41:08 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT strict-transport-security max-age=31536000; includeSubDomains; preload age 45564 content-md5 K+iBuCXoUS4FLGMzcHLSUA== content-length 2903 x-ms-lease-status unlocked last-modified Wed, 08 Nov 2023 15:14:20 GMT server cloudflare etag 0x8DBE06D62164F98 vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id 328a339f-201e-0054-0596-e77900000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 8bef8fc22a141da8-FRA expires Sat, 07 Sep 2024 15:41:08 GMT
GET H2	200	otSDKStub.js Show response cdn.cookielaw.org/scripttemplates/	21 KB 7 KB	41ms 22ms	Script application/javascript	2606:4700::6812:572a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Requested by Host: gpm.convera.com URL: https://gpm.convera.com/R/Americas%20Charities%20FAQ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 50377d1d3e7dcb2c8298feb8d2505099df1957e3700a358b993b4cf443fd36e8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://gpm.convera.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 06 Sep 2024 15:41:08 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 p+39a+/XEcZfNKybQjgXjA== age 28675 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 6882 x-ms-lease-status unlocked last-modified Thu, 05 Sep 2024 06:33:12 GMT server cloudflare etag 0x8DCCD749DA8FD23 vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id 771b698c-901e-00ec-41c4-ff9bf3000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 8bef8fc22a0e1da8-FRA expires Sat, 07 Sep 2024 07:43:13 GMT
GET H2	200	Scripts757602046 Show response gpm.convera.com/Bundles/	0 865 B	94ms 93ms	Script text/plain	3.221.40.81 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://gpm.convera.com/Bundles/Scripts757602046?v= Requested by Host: gpm.convera.com URL: https://gpm.convera.com/R/Americas%20Charities%20FAQ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.221.40.81 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-221-40-81.compute-1.amazonaws.com Software Microsoft-IIS/10.0 / C1 CMS, ASP.NET Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' *.westernunion.com *.wu.com *.cua.com.au *.beyondbank.com.au *.creditunionsa.com.au *.cusa-cw-uat.da.net.au *.csa001.beta.fusion.com.au *.humebank.com.au *.peopleschoicecu.com.au *.peopleschoice.com.au X-Frame-Options SAMEORIGIN X-Xss-Protection 1 Request headers Referer https://gpm.convera.com/R/Americas%20Charities%20FAQ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 06 Sep 2024 15:41:08 GMT content-security-policy frame-ancestors 'self' *.westernunion.com *.wu.com *.cua.com.au *.beyondbank.com.au *.creditunionsa.com.au *.cusa-cw-uat.da.net.au *.csa001.beta.fusion.com.au *.humebank.com.au *.peopleschoicecu.com.au *.peopleschoice.com.au x-aspnet-version 4.0.30319 x-powered-by C1 CMS, ASP.NET content-length 0 x-xss-protection 1 x-ua-compatible IE=edge,chrome=1 last-modified Fri, 06 Sep 2024 15:41:12 GMT server Microsoft-IIS/10.0 vary User-Agent x-frame-options SAMEORIGIN access-control-allow-methods GET, POST access-control-allow-origin * cache-control public access-control-allow-headers Content-Type expires Sat, 06 Sep 2025 15:41:12 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	214 KB 77 KB	53ms 22ms	Script application/javascript	2a00:1450:4001:810::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-WZHS96W Requested by Host: gpm.convera.com URL: https://gpm.convera.com/R/Americas%20Charities%20FAQ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash f1aaf02c0a690befb451491dace8f2563dce9d5ac5a66bc1d49c9e7c0c3b8963 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://gpm.convera.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 06 Sep 2024 15:41:08 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 78440 x-xss-protection 0 last-modified Fri, 06 Sep 2024 15:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 06 Sep 2024 15:41:08 GMT
GET H2	200	Montserrat-Regular.ttf gpm.convera.com/Frontend/Styles/Fonts/	194 KB 195 KB	165ms 165ms	Font application/octet-stream	3.221.40.81 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://gpm.convera.com/Frontend/Styles/Fonts/Montserrat-Regular.ttf Requested by Host: gpm.convera.com URL: https://gpm.convera.com/Frontend/Styles/suWUBS/gpm.css?v=20220127 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.221.40.81 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-221-40-81.compute-1.amazonaws.com Software Microsoft-IIS/10.0 / C1 CMS, ASP.NET Resource Hash 949efd65ba9a02a120d693ba6606767d990ee821c30fb59a1cb9a95d2c7882ff Security Headers Name Value Content-Security-Policy frame-ancestors 'self' *.westernunion.com *.wu.com *.cua.com.au *.beyondbank.com.au *.creditunionsa.com.au *.cusa-cw-uat.da.net.au *.csa001.beta.fusion.com.au *.humebank.com.au *.peopleschoicecu.com.au *.peopleschoice.com.au X-Frame-Options SAMEORIGIN X-Xss-Protection 1 Request headers Referer https://gpm.convera.com/Frontend/Styles/suWUBS/gpm.css?v=20220127 Origin https://gpm.convera.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 06 Sep 2024 15:41:08 GMT content-security-policy frame-ancestors 'self' *.westernunion.com *.wu.com *.cua.com.au *.beyondbank.com.au *.creditunionsa.com.au *.cusa-cw-uat.da.net.au *.csa001.beta.fusion.com.au *.humebank.com.au *.peopleschoicecu.com.au *.peopleschoice.com.au x-powered-by C1 CMS, ASP.NET content-length 198552 x-xss-protection 1 x-ua-compatible IE=edge,chrome=1 last-modified Wed, 27 Mar 2024 09:35:04 GMT server Microsoft-IIS/10.0 etag "0d4cc2a80da1:0" x-frame-options SAMEORIGIN access-control-allow-methods GET, POST content-type application/octet-stream access-control-allow-origin * cache-control max-age=2592000 accept-ranges bytes access-control-allow-headers Content-Type
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	35ms 8ms	Script text/javascript	2a00:1450:4001:82a::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WZHS96W Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://gpm.convera.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Fri, 06 Sep 2024 14:40:40 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 3628 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Fri, 06 Sep 2024 16:40:40 GMT
GET H2	200	9810e38c-7df8-45dc-b1da-26c4316b113f.json Show response cdn.cookielaw.org/consent/9810e38c-7df8-45dc-b1da-26c4316b113f/	5 KB 2 KB	76ms 60ms	XHR application/x-javascript	2606:4700::6812:572a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/9810e38c-7df8-45dc-b1da-26c4316b113f/9810e38c-7df8-45dc-b1da-26c4316b113f.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2f59e936b6251492ccc85366342c5c6ec4dbd87c70121648511d577eccfdb2b9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://gpm.convera.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 06 Sep 2024 15:41:09 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT strict-transport-security max-age=31536000; includeSubDomains; preload age 27078 content-md5 JnW/SYgwM0yLiKoFCSnxBQ== content-length 1738 x-ms-lease-status unlocked last-modified Wed, 08 Nov 2023 15:14:18 GMT server cloudflare etag 0x8DBE06D610B224F vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id 7eb1ef33-801e-00f8-0a6a-cd5897000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 8bef8fc30a5e18f7-FRA expires Sat, 07 Sep 2024 15:41:09 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	15 B 221 B	18ms 17ms	XHR text/plain	2a00:1450:4001:82a::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=969573333&t=pageview&_s=1&dl=https%3A%2F%2Fgpm.convera.com%2FR%2FAmericas%2520Charities%2520FAQ&ul=de-de&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1836012667&gjid=804411126&cid=902028261.1725637269&tid=UA-172738354-1&_gid=1726519472.1725637269&_r=1&_slc=1&gtm=45He4940n81WZHS96Wza200&cd1=&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&npa=1&z=1366841902 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash b2b5284dd910574c0f75a7043a773eb39b742c35df688db9c50dea878ba046ee Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://gpm.convera.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 06 Sep 2024 15:41:08 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://gpm.convera.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	266 KB 93 KB	31ms 30ms	Script application/javascript	2a00:1450:4001:810::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-PS4PT9K8MV&cx=c&_slc=1 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash d72e2abdc998e60c49b508bbde1c34bfca9128e2cfc2b75357c1c459a048244e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://gpm.convera.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 06 Sep 2024 15:41:08 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 95597 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Fri, 06 Sep 2024 15:41:08 GMT
GET H2	200	location Show response geolocation.onetrust.com/cookieconsentpub/v1/geo/	59 B 295 B	102ms 83ms	XHR application/json	2606:4700:4400::6812:2089 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept application/json Referer https://gpm.convera.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 06 Sep 2024 15:41:09 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip server cloudflare vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type application/json access-control-allow-origin * cf-ray 8bef8fc389291987-FRA access-control-allow-headers Content-Type
POST H2	204	collect region1.analytics.google.com/g/	0 0	46ms 15ms	Fetch text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-PS4PT9K8MV&gtm=45je4940v9124841404za200&_p=1725637268796&_gaz=1&gcd=13l3lPl2l3l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&ul=de-de&sr=1600x1200&cid=902028261.1725637269&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fgpm.convera.com%2FR%2FAmericas%2520Charities%2520FAQ&sid=1725637269&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=885 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-PS4PT9K8MV&cx=c&_slc=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers Referer https://gpm.convera.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers pragma no-cache date Fri, 06 Sep 2024 15:41:09 GMT server Golfe2 content-type text/plain access-control-allow-origin https://gpm.convera.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 254 B	65ms 19ms	Ping text/plain	2a00:1450:400c:c1d::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-PS4PT9K8MV&cid=902028261.1725637269&gtm=45je4940v9124841404za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l3l1&npa=1&frm=0&tag_exp=0 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-PS4PT9K8MV&cx=c&_slc=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c1d::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://gpm.convera.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers pragma no-cache date Fri, 06 Sep 2024 15:41:09 GMT server Golfe2 content-type text/plain access-control-allow-origin https://gpm.convera.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.de/ads/	42 B 63 B	79ms 53ms	Image image/gif	142.250.181.195 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-PS4PT9K8MV&cid=902028261.1725637269&gtm=45je4940v9124841404za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l3l1&npa=1&frm=0&tag_exp=0&tag_exp=0&z=820691899 Requested by Host: gpm.convera.com URL: https://gpm.convera.com/R/Americas%20Charities%20FAQ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.195 , United States, ASN15169 (GOOGLE, US), Reverse DNS ham02s21-in-f3.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://gpm.convera.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers pragma no-cache date Fri, 06 Sep 2024 15:41:09 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	otBannerSdk.js Show response cdn.cookielaw.org/scripttemplates/202310.1.0/	426 KB 103 KB	21ms 21ms	Script application/javascript	2606:4700::6812:572a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202310.1.0/otBannerSdk.js Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 73a06c573972e722098bc092e40704ba5cb155c01e567bd43c96ff1a804d1864 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://gpm.convera.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 06 Sep 2024 15:41:09 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 Xh+Ieh7lLU8HPaSHz/pGXg== age 72427 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 104837 x-ms-lease-status unlocked last-modified Tue, 16 Jul 2024 19:23:05 GMT server cloudflare etag 0x8DCA5CCB77D673B vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id 8c734761-901e-00a8-57b6-d7479f000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 8bef8fc40c421da8-FRA
GET H2	200	en.json Show response cdn.cookielaw.org/consent/9810e38c-7df8-45dc-b1da-26c4316b113f/d37a8cd6-83a5-4055-b6b3-e0180c4d1a75/	70 KB 15 KB	35ms 34ms	Fetch application/x-javascript	2606:4700::6812:572a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/9810e38c-7df8-45dc-b1da-26c4316b113f/d37a8cd6-83a5-4055-b6b3-e0180c4d1a75/en.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202310.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f3be796f2f77a9a6c5970a70b6b555a918a6d45eacd18f438db50aa0ddb05ee1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://gpm.convera.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 06 Sep 2024 15:41:09 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT strict-transport-security max-age=31536000; includeSubDomains; preload age 23976 content-md5 LcW8bOqlt+p8AXvuT7tJIw== content-length 15248 x-ms-lease-status unlocked last-modified Wed, 08 Nov 2023 15:14:34 GMT server cloudflare etag 0x8DBE06D6A6311DC vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id b613142c-b01e-00f0-5c27-f543e4000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 8bef8fc45bd518f7-FRA expires Sat, 07 Sep 2024 15:41:09 GMT
GET H2	200	favicon.ico gpm.convera.com/Frontend/Images/suWUBS/	15 KB 16 KB	93ms 93ms	Other image/x-icon	3.221.40.81 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://gpm.convera.com/Frontend/Images/suWUBS/favicon.ico Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.221.40.81 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-221-40-81.compute-1.amazonaws.com Software Microsoft-IIS/10.0 / C1 CMS, ASP.NET Resource Hash c86b98263af68bcc94ad37632c5c331b69e83f75121405d70aa7c39a2896cd56 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' *.westernunion.com *.wu.com *.cua.com.au *.beyondbank.com.au *.creditunionsa.com.au *.cusa-cw-uat.da.net.au *.csa001.beta.fusion.com.au *.humebank.com.au *.peopleschoicecu.com.au *.peopleschoice.com.au X-Frame-Options SAMEORIGIN X-Xss-Protection 1 Request headers Referer https://gpm.convera.com/R/Americas%20Charities%20FAQ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 06 Sep 2024 15:41:09 GMT content-security-policy frame-ancestors 'self' *.westernunion.com *.wu.com *.cua.com.au *.beyondbank.com.au *.creditunionsa.com.au *.cusa-cw-uat.da.net.au *.csa001.beta.fusion.com.au *.humebank.com.au *.peopleschoicecu.com.au *.peopleschoice.com.au x-powered-by C1 CMS, ASP.NET content-length 15086 x-xss-protection 1 x-ua-compatible IE=edge,chrome=1 last-modified Wed, 27 Mar 2024 09:35:04 GMT server Microsoft-IIS/10.0 etag "0d4cc2a80da1:0" x-frame-options SAMEORIGIN access-control-allow-methods GET, POST content-type image/x-icon access-control-allow-origin * cache-control max-age=2592000 accept-ranges bytes access-control-allow-headers Content-Type
GET H2	200	otCenterRounded.json Show response cdn.cookielaw.org/scripttemplates/202310.1.0/assets/	9 KB 3 KB	24ms 23ms	Fetch application/json	2606:4700::6812:572a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202310.1.0/assets/otCenterRounded.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202310.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 09b627933e01faa4979dc5661f7e616c7db1c12ea1984ca0549bdb253d24da9b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://gpm.convera.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 06 Sep 2024 15:41:09 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 3T1TMWPbU8mWHoOqxC6vfg== age 84689 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 2626 x-ms-lease-status unlocked last-modified Tue, 16 Jul 2024 19:22:58 GMT server cloudflare etag 0x8DCA5CCB3C3F2F4 vary Accept-Encoding content-type application/json access-control-allow-origin * x-ms-request-id dc918d3b-301e-002d-77e8-d7104a000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 8bef8fc4ac3518f7-FRA
GET H2	200	otPcCenter.json Show response cdn.cookielaw.org/scripttemplates/202310.1.0/assets/v2/	62 KB 13 KB	31ms 31ms	Fetch application/json	2606:4700::6812:572a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202310.1.0/assets/v2/otPcCenter.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202310.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0b0a210e89ac35b54a9b4ccb0336ea91c561e6dc5f8bda49574da98d40799c6e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://gpm.convera.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 06 Sep 2024 15:41:09 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 L6Qc7ED7ZmRzON0wDs6JUA== age 84689 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 12708 x-ms-lease-status unlocked last-modified Tue, 16 Jul 2024 19:23:00 GMT server cloudflare etag 0x8DCA5CCB49FC735 vary Accept-Encoding content-type application/json access-control-allow-origin * x-ms-request-id faab0a32-001e-0025-18c1-d70b39000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 8bef8fc4ac3a18f7-FRA
GET H2	200	otCookieSettingsButton.json Show response cdn.cookielaw.org/scripttemplates/202310.1.0/assets/	5 KB 2 KB	25ms 25ms	Fetch application/json	2606:4700::6812:572a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202310.1.0/assets/otCookieSettingsButton.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202310.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 509f2e49500fbaeb5d7e1959071f2922b693d0135080e2871e124ec8bdd08bb2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://gpm.convera.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 06 Sep 2024 15:41:09 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 7N9F5RrmGvrqNCLak3gQHA== age 84689 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 1766 x-ms-lease-status unlocked last-modified Tue, 16 Jul 2024 19:22:59 GMT server cloudflare etag 0x8DCA5CCB45A80A0 vary Accept-Encoding content-type application/json access-control-allow-origin * x-ms-request-id e9ce1a4d-001e-000c-667b-d87d7b000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 8bef8fc4ac3d18f7-FRA
GET H2	200	otCommonStyles.css Show response cdn.cookielaw.org/scripttemplates/202310.1.0/assets/	21 KB 4 KB	28ms 28ms	Fetch text/css	2606:4700::6812:572a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202310.1.0/assets/otCommonStyles.css Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202310.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://gpm.convera.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 06 Sep 2024 15:41:09 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding gzip content-md5 c7xAZ9MSGAobGaTYg/Qtag== age 84689 x-ms-lease-status unlocked last-modified Tue, 16 Jul 2024 19:23:10 GMT server cloudflare vary Accept-Encoding content-type text/css access-control-allow-origin * x-ms-request-id 76fb3d80-001e-00ad-6970-d8b3e0000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 cf-ray 8bef8fc4ac4018f7-FRA
GET H2	200	ot_guard_logo.svg Show response cdn.cookielaw.org/logos/static/	497 B 504 B	35ms 35ms	Fetch image/svg+xml	2606:4700::6812:572a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202310.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://gpm.convera.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 06 Sep 2024 15:41:09 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding gzip content-md5 tXyZydHjxQshFMbbBT1/8A== age 23976 x-ms-lease-status unlocked last-modified Thu, 05 Sep 2024 06:33:13 GMT server cloudflare vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id 3a83c2fe-601e-003e-51f7-ff25ab000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 cf-ray 8bef8fc4fc9818f7-FRA
GET H2	200	logo-dark@2x.png cdn.cookielaw.org/logos/c605ae6f-7e1d-4c58-b524-99c2677f9cfa/c9742bc8-c580-42f4-a6ab-d95885d4f0fe/d69804cd-a073-4170-af16-edbffa51a1c9/	8 KB 9 KB	24ms 24ms	Image image/png	2606:4700::6812:572a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cookielaw.org/logos/c605ae6f-7e1d-4c58-b524-99c2677f9cfa/c9742bc8-c580-42f4-a6ab-d95885d4f0fe/d69804cd-a073-4170-af16-edbffa51a1c9/logo-dark@2x.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f83dd1bd2680f7bce9b7bb9795ead9456eebe799d61d3c62a525827cb5f96dc3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://gpm.convera.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 06 Sep 2024 15:41:09 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-md5 MmZFYnkpk4MFl1FWlCu0lA== age 84680 content-length 8651 x-ms-lease-status unlocked last-modified Thu, 07 Apr 2022 12:40:54 GMT server cloudflare etag 0x8DA1893DB35CC8B vary Accept-Encoding content-type image/png access-control-allow-origin * x-ms-request-id 24d4f8c7-901e-002d-3f08-7c8af0000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 8bef8fc50d6e1da8-FRA
GET H2	200	powered_by_logo.svg cdn.cookielaw.org/logos/static/	5 KB 2 KB	23ms 22ms	Image image/svg+xml	2606:4700::6812:572a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cookielaw.org/logos/static/powered_by_logo.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://gpm.convera.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 06 Sep 2024 15:41:09 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding gzip content-md5 Y+c301RBZNK39PvKQWrIBw== age 55280 x-ms-lease-status unlocked last-modified Thu, 05 Sep 2024 06:33:14 GMT server cloudflare vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id f2de5db3-801e-001d-04ce-ff4a60000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 cf-ray 8bef8fc50d6f1da8-FRA

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| webpackJsonp function| $ function| jQuery function| Inputmask object| LibraryCommonHelpers object| LibraryCompositeHelpers function| goBack function| OptanonWrapper object| gaplugins object| gaGlobal object| gaData object| gpm object| otStubData object| Optanon object| OneTrust function| gtag string| OnetrustActiveGroups string| OptanonActiveGroups

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			gpm.convera.com/	1970-01-21 03:39:52	Name: WUBS Value: "2FrqniRAuyiqlqsOZuTtb419wen+KEllmtDZT+yfmKEbANr+o89u2+JV5a3+zt/YQ9DCDXjprZeCTaqPK970saOCrgs0XWkBKr2RrOOEaCwLJCatGGqmYH8VPaxM0xd4E8DUmdqG/4hHKQItx7coLiDZukaVIemJASZZoLFcWX/NsDS6lQhBV5S47cKv1wMCP1CCrZ5F8iWzXHHwVGVXl5JNXm5zYM2+OdMLDADa4ZUVAE1SFes7Ov2rqXxLCXeV2GCRkM5KvQL+1tzyS4Ve30Hhq0wdjq5fProJvUNQqRGMD5Q+++upzREucw4UdiE8oRFIvOTT8FlLr1FOnKVVX7g1b2tCCp0SGKgELmursBVVsQTwBox1OirHmZJAS1oIbf+Wa/aka0D+Zd4hFIAOCS6gv8OXqaq6g0ElJGl6G34p4QCFs2FGY1QkQS/LrVwkou7IM4/XDqBiE0cAZ66PBRbf1UiFGvafT9UEcT8v3II="
			.convera.com/	1970-01-21 08:56:37	Name: _ga Value: GA1.2.902028261.1725637269
			.convera.com/	1970-01-20 23:22:03	Name: _gid Value: GA1.2.1726519472.1725637269
			.convera.com/	1970-01-20 23:20:37	Name: _gat_UA-172738354-1 Value: 1
			.convera.com/	1970-01-21 08:56:37	Name: _ga_PS4PT9K8MV Value: GS1.2.1725637269.1.0.1725637269.60.0.0
			gpm.convera.com/	1970-01-20 23:30:42	Name: AWSALB Value: XSx0zlQWe553F4nNjzex+nsAXtawxBwFZFEJNjT4V4VPo/eErrZvrCI3nzasceHbclaSFDkEU4Zgq1Vo50aWSWmsJxcQrR6qY8jZPlgnSiQqwqX3f01+JRij+QFR
			gpm.convera.com/	1970-01-20 23:30:42	Name: AWSALBCORS Value: XSx0zlQWe553F4nNjzex+nsAXtawxBwFZFEJNjT4V4VPo/eErrZvrCI3nzasceHbclaSFDkEU4Zgq1Vo50aWSWmsJxcQrR6qY8jZPlgnSiQqwqX3f01+JRij+QFR
			.convera.com/	1970-01-21 08:06:13	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Fri+Sep+06+2024+17%3A41%3A09+GMT%2B0200+(Mitteleurop%C3%A4ische+Sommerzeit)&version=202310.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=548f53cc-c914-4039-98f1-f458522d77fc&interactionCount=0&landingPath=https%3A%2F%2Fgpm.convera.com%2FR%2FAmericas%2520Charities%2520FAQ&groups=C0002%3A0%2CC0003%3A0%2CC0001%3A1%2CC0004%3A0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' *.westernunion.com *.wu.com *.cua.com.au *.beyondbank.com.au *.creditunionsa.com.au *.cusa-cw-uat.da.net.au *.csa001.beta.fusion.com.au *.humebank.com.au *.peopleschoicecu.com.au *.peopleschoice.com.au
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.cookielaw.org
geolocation.onetrust.com
gpm.convera.com
region1.analytics.google.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.de
www.googletagmanager.com
142.250.181.195
2001:4860:4802:34::36
2606:4700:4400::6812:2089
2606:4700::6812:572a
2a00:1450:4001:810::2008
2a00:1450:4001:82a::200e
2a00:1450:400c:c1d::9d
3.221.40.81
09b627933e01faa4979dc5661f7e616c7db1c12ea1984ca0549bdb253d24da9b
0b0a210e89ac35b54a9b4ccb0336ea91c561e6dc5f8bda49574da98d40799c6e
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
2a96d255eb086856582991d19db0e496ec69be938f26801b9a6313bdc9b169b2
2f59e936b6251492ccc85366342c5c6ec4dbd87c70121648511d577eccfdb2b9
4fddfae8526c8726c74fbe10ba1024f7f7cf62546e74e73e0b8417071f9fd5cc
50377d1d3e7dcb2c8298feb8d2505099df1957e3700a358b993b4cf443fd36e8
509f2e49500fbaeb5d7e1959071f2922b693d0135080e2871e124ec8bdd08bb2
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
659880e4dfe0bf53e9fdf9267dd9e35f3bd8635da3d86cfd2a6a65f396fbf02f
67757cfa6e6859509687ef58786b0987060af03cbd887a29172eb086b69a9f66
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
73a06c573972e722098bc092e40704ba5cb155c01e567bd43c96ff1a804d1864
949efb5e7e0985ea13da07bf54980130a3f6a79c480121e08377c66fb65f3eb2
949efd65ba9a02a120d693ba6606767d990ee821c30fb59a1cb9a95d2c7882ff
9b283152b1660a5682a671decd9a46ae65a8a363c4a33e0a4039c863aaa3e65d
a98bc344e3c34ee630bc0cad9876bdc15df5dedd37959a2227bcac3b16358d9c
b2b5284dd910574c0f75a7043a773eb39b742c35df688db9c50dea878ba046ee
b8adb8821390d2c42e12b7ff6d021ff742c297b87074eca1c7d2da03fc6bc101
bb7aad41afce8acca27481e31de9ff1295d7301626b40ea309ea3606c7303ec4
c86b98263af68bcc94ad37632c5c331b69e83f75121405d70aa7c39a2896cd56
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
d72e2abdc998e60c49b508bbde1c34bfca9128e2cfc2b75357c1c459a048244e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1aaf02c0a690befb451491dace8f2563dce9d5ac5a66bc1d49c9e7c0c3b8963
f3be796f2f77a9a6c5970a70b6b555a918a6d45eacd18f438db50aa0ddb05ee1
f83dd1bd2680f7bce9b7bb9795ead9456eebe799d61d3c62a525827cb5f96dc3