mail.uchicago.cancelcorona.org Open in urlscan Pro
162.241.216.110 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://mail.uchicago.cancelcorona.org/
Submission: On December 07 via api (December 7th 2022, 8:53:10 pm UTC) from JP — Scanned from JP

Summary HTTP 50 Redirects Behaviour Indicators

Summary

This website contacted 16 IPs in 3 countries across 12 domains to perform 50 HTTP transactions. The main IP is 162.241.216.110, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is mail.uchicago.cancelcorona.org.
TLS certificate: Issued by R3 on October 7th 2022. Valid for: 3 months.

This is the only time mail.uchicago.cancelcorona.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	162.241.216.110 162.241.216.110	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1	2404:6800:400... 2404:6800:4004:824::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2404:6800:400... 2404:6800:4004:825::200a	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4004:826::2008	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4004:812::2003	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f00... 2a03:2880:f00f:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1 1	2600:9000:206... 2600:9000:2066:4a00:1f:bb5e:f880:93a1	16509 (AMAZON-02) (AMAZON-02)
12	76.76.21.93 76.76.21.93	16509 (AMAZON-02) (AMAZON-02)
1	2404:6800:400... 2404:6800:4004:81c::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f10... 2a03:2880:f10f:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2404:6800:400... 2404:6800:4004:80b::200a	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4004:821::2004	15169 (GOOGLE) (GOOGLE)
2	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700:303... 2606:4700:3030::6815:41c3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2404:6800:400... 2404:6800:4004:827::2003	15169 (GOOGLE) (GOOGLE)
50	16

9 162.241.216.110 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: box5398.bluehost.com

mail.uchicago.cancelcorona.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:824::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:825::200a (Australia)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:826::2008 (Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:812::2003 (Australia)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f00f:8:face:b00c:0:1 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2066:4a00:1f:bb5e:f880:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

app.givemomentum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 76.76.21.93 (United States)

ASN16509 (AMAZON-02, US)

portal.givemomentum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:81c::200e (Australia)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f10f:83:face:b00c:0:25de (Tokyo, Japan)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:80b::200a (Australia)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:821::2004 (Australia)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o359384.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::6815:41c3 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.lr-in-prod.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:827::2003 (Australia)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	givemomentum.com 1 redirects app.givemomentum.com portal.givemomentum.com	337 KB
9	cancelcorona.org mail.uchicago.cancelcorona.org	56 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	411 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 51 ajax.googleapis.com — Cisco Umbrella Rank: 361 maps.googleapis.com — Cisco Umbrella Rank: 411	87 KB
3	google.com www.google.com — Cisco Umbrella Rank: 2	23 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 152	132 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 65	206 KB
2	sentry.io o359384.ingest.sentry.io	341 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 116	203 B
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 876	35 KB
1	lr-in-prod.com cdn.lr-in-prod.com — Cisco Umbrella Rank: 12417 r.lr-in-prod.com Failed	159 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 38	357 B
50	12

	Domain	Requested by
12	portal.givemomentum.com	ajax.googleapis.com portal.givemomentum.com
9	mail.uchicago.cancelcorona.org	mail.uchicago.cancelcorona.org
3	www.gstatic.com	www.google.com
3	www.google.com	portal.givemomentum.com www.gstatic.com www.google.com
3	connect.facebook.net	www.googletagmanager.com connect.facebook.net
3	fonts.gstatic.com	fonts.googleapis.com
3	www.googletagmanager.com	mail.uchicago.cancelcorona.org www.googletagmanager.com portal.givemomentum.com
2	o359384.ingest.sentry.io	portal.givemomentum.com
2	maps.googleapis.com	portal.givemomentum.com
2	www.facebook.com	mail.uchicago.cancelcorona.org
2	maxcdn.bootstrapcdn.com	mail.uchicago.cancelcorona.org
1	cdn.lr-in-prod.com	portal.givemomentum.com
1	www.google-analytics.com	www.googletagmanager.com
1	app.givemomentum.com	1 redirects
1	ajax.googleapis.com	mail.uchicago.cancelcorona.org
1	fonts.googleapis.com	mail.uchicago.cancelcorona.org
0	r.lr-in-prod.com Failed	portal.givemomentum.com
50	17

This site contains no links.

Subject Issuer	Validity	Valid
mail.cancelcorona.org R3	`2022-10-07` - `2023-01-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-09-16` - `2022-12-15`	3 months	crt.sh
portal.givemomentum.com R3	`2022-11-13` - `2023-02-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.ingest.sentry.io R3	`2022-10-19` - `2023-01-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://mail.uchicago.cancelcorona.org/
Frame ID: 5D85AC7E3550ACBD2B6FC1784C053E9C
Requests: 24 HTTP requests in this frame

Frame: https://portal.givemomentum.com/donor/login
Frame ID: 24E86D736FEA684549AA690FE7996F78
Requests: 22 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdvLUAbAAAAADRLKguOGYzNQudvwrC0LB4lYIZX&co=aHR0cHM6Ly9wb3J0YWwuZ2l2ZW1vbWVudHVtLmNvbTo0NDM.&hl=en&v=kIwrVVm2NtNiYWIMfmAv61AP&size=invisible&cb=ar3okpaaqbgx
Frame ID: 840C8452775D7702F4D2DB594AD01696
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Donate to support Kids in Concert

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

50
Requests

96 %
HTTPS

81 %
IPv6

12
Domains

17
Subdomains

16
IPs

3
Countries

1447 kB
Transfer

4808 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://app.givemomentum.com/logout HTTP 301
https://portal.givemomentum.com/donor/login

50 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
mail.uchicago.cancelcorona.org/ 11 KB
4 KB 539ms
196ms Document
text/html 162.241.216.110
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.uchicago.cancelcorona.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.216.110 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5398.bluehost.com
Software: Apache /
Resource Hash: e13c504919980dd7fed4544d8298c7e03ad3b3ebc8a96fda876bc8fee7804d3d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 4065
content-type: text/html; charset=UTF-8
date: Wed, 07 Dec 2022 20:53:04 GMT
expires: Mon, 29 Oct 1923 20:30:00 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Tue, 29 Jun 2021 18:00:07 GMT
pragma: no-cache
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 1
x-nginx-cache: WordPress
x-server-cache: false

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
927 B 84ms
41ms Stylesheet
text/css 2404:6800:4004:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:wght@400;600;700;900&display=swap

Requested by

Host: mail.uchicago.cancelcorona.org
URL: https://mail.uchicago.cancelcorona.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

52519e8c754d4fd14b9ea19ff3f3e758ad1978858827881984e7da06a285ef97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://mail.uchicago.cancelcorona.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 07 Dec 2022 20:53:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 20:53:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Dec 2022 20:53:04 GMT

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/ 141 KB
21 KB 182ms
165ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css

Requested by

Host: mail.uchicago.cancelcorona.org
URL: https://mail.uchicago.cancelcorona.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mail.uchicago.cancelcorona.org/
Origin: https://mail.uchicago.cancelcorona.org
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:53:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
cdn-edgestorageid: 1000
cdn-cachedat: 09/28/2022 08:50:49
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: W/"450fc463b8b1a349df717056fbb3e078"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 5f84be8b978c2ead3e051d5a52b291a8
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 77602611fed6f5ab-NRT
cdn-requestpullsuccess: True

GET
H2 200 rangeslider.css
mail.uchicago.cancelcorona.org/css/ 2 KB
835 B 139ms
134ms Stylesheet
text/css 162.241.216.110
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.uchicago.cancelcorona.org/css/rangeslider.css
Requested by: Host: mail.uchicago.cancelcorona.org
URL: https://mail.uchicago.cancelcorona.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.216.110 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5398.bluehost.com
Software: Apache /
Resource Hash: b2ef000259ac2226eaa741ce05f76209cc75fa9c1427f47153a352425bb9b88a

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://mail.uchicago.cancelcorona.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:53:05 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Fri, 25 Jun 2021 18:56:42 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 1
content-type: text/css
cache-control: max-age=10368000
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 713
expires: max-age=A10368000, public

GET
H2 200 style.css
mail.uchicago.cancelcorona.org/css/ 8 KB
3 KB 140ms
136ms Stylesheet
text/css 162.241.216.110
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.uchicago.cancelcorona.org/css/style.css
Requested by: Host: mail.uchicago.cancelcorona.org
URL: https://mail.uchicago.cancelcorona.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.216.110 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5398.bluehost.com
Software: Apache /
Resource Hash: 4b7984c844f98be5ae669dbed2c2dd0483a021dcdf7b8a9ac833caecf7b02f24

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://mail.uchicago.cancelcorona.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:53:05 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Fri, 25 Jun 2021 18:59:05 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 1
content-type: text/css
cache-control: max-age=10368000
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 2644
expires: max-age=A10368000, public

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 86 KB
31 KB 48ms
2ms Script
text/javascript 2404:6800:4004:825::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: mail.uchicago.cancelcorona.org
URL: https://mail.uchicago.cancelcorona.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://mail.uchicago.cancelcorona.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 11:08:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 121456
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30774
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Dec 2023 11:08:48 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ 48 KB
14 KB 168ms
153ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js

Requested by

Host: mail.uchicago.cancelcorona.org
URL: https://mail.uchicago.cancelcorona.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mail.uchicago.cancelcorona.org/
Origin: https://mail.uchicago.cancelcorona.org
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:53:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
cdn-edgestorageid: 1001
cdn-cachedat: 10/01/2022 01:42:47
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: W/"14d449eb8876fa55e1ef3c2cc52b0c17"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 23f87f6e212160344cd0f6cccf0b567e
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 77602611fed7f5ab-NRT
cdn-requestpullsuccess: True

GET
H2 200 logo.png
mail.uchicago.cancelcorona.org/img/ 9 KB
9 KB 140ms
138ms Image
image/png 162.241.216.110
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mail.uchicago.cancelcorona.org/img/logo.png
Requested by: Host: mail.uchicago.cancelcorona.org
URL: https://mail.uchicago.cancelcorona.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.216.110 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5398.bluehost.com
Software: Apache /
Resource Hash: 19635776065c892b050cb2764ed02e894125625c006797469417d7450001aba4

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://mail.uchicago.cancelcorona.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:53:05 GMT
x-nginx-cache: WordPress
last-modified: Fri, 25 Jun 2021 19:09:21 GMT
server: Apache
x-endurance-cache-level: 1
content-type: image/png
cache-control: max-age=10368000
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 8823
expires: max-age=A10368000, public

GET
H2 200 back.svg
mail.uchicago.cancelcorona.org/img/ 688 B
485 B 142ms
140ms Image
image/svg+xml 162.241.216.110
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mail.uchicago.cancelcorona.org/img/back.svg
Requested by: Host: mail.uchicago.cancelcorona.org
URL: https://mail.uchicago.cancelcorona.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.216.110 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5398.bluehost.com
Software: Apache /
Resource Hash: 6526958889737349471164bff336ac65d85e7058e8e7c6b03d860b123459a9ec

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://mail.uchicago.cancelcorona.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:53:05 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Fri, 25 Jun 2021 18:56:42 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 1
content-type: image/svg+xml
cache-control: max-age=10368000
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 436
expires: max-age=A10368000, public

GET
H2 200 rule_img.png
mail.uchicago.cancelcorona.org/img/ 30 KB
30 KB 141ms
140ms Image
image/png 162.241.216.110
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mail.uchicago.cancelcorona.org/img/rule_img.png
Requested by: Host: mail.uchicago.cancelcorona.org
URL: https://mail.uchicago.cancelcorona.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.216.110 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5398.bluehost.com
Software: Apache /
Resource Hash: 2a4108849b0efea3bcf329b2a4882746bfb291960e19612f14d1cce816a751f6

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://mail.uchicago.cancelcorona.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:53:05 GMT
x-nginx-cache: WordPress
last-modified: Tue, 29 Jun 2021 18:06:24 GMT
server: Apache
x-endurance-cache-level: 1
content-type: image/png
cache-control: max-age=10368000
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 30257
expires: max-age=A10368000, public

GET
H2 200 iframeResizer.min.js Show response
mail.uchicago.cancelcorona.org/js/ 13 KB
6 KB 139ms
138ms Script
application/javascript 162.241.216.110
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.uchicago.cancelcorona.org/js/iframeResizer.min.js
Requested by: Host: mail.uchicago.cancelcorona.org
URL: https://mail.uchicago.cancelcorona.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.216.110 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5398.bluehost.com
Software: Apache /
Resource Hash: 1805b14279760e2a9338b71f40649c45fe37dbc3839bb573a9737cdd495e9752

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://mail.uchicago.cancelcorona.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:53:05 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Fri, 14 May 2021 12:43:52 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 1
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 6236
expires: max-age=A10368000, public

GET
H2 200 rangeslider.js Show response
mail.uchicago.cancelcorona.org/js/ 2 KB
637 B 142ms
141ms Script
application/javascript 162.241.216.110
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.uchicago.cancelcorona.org/js/rangeslider.js
Requested by: Host: mail.uchicago.cancelcorona.org
URL: https://mail.uchicago.cancelcorona.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.216.110 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5398.bluehost.com
Software: Apache /
Resource Hash: 7095a61863112602c72032a52746441d33e65822b4371627b4ec945ee09d82a2

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://mail.uchicago.cancelcorona.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:53:05 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Fri, 14 May 2021 12:43:52 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 1
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 601
expires: max-age=A10368000, public

GET
H2 200 scripts.js Show response
mail.uchicago.cancelcorona.org/js/ 8 KB
3 KB 142ms
140ms Script
application/javascript 162.241.216.110
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.uchicago.cancelcorona.org/js/scripts.js
Requested by: Host: mail.uchicago.cancelcorona.org
URL: https://mail.uchicago.cancelcorona.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.216.110 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5398.bluehost.com
Software: Apache /
Resource Hash: e0c5457ea7c73dbe296d2842eb1d98a049bcba1c5321d433b52d15aba3cd876b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://mail.uchicago.cancelcorona.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:53:05 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Fri, 25 Jun 2021 20:55:18 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 1
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 2900
expires: max-age=A10368000, public

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 159 KB
57 KB 86ms
46ms Script
application/javascript 2404:6800:4004:826::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MJG27LV

Requested by

Host: mail.uchicago.cancelcorona.org
URL: https://mail.uchicago.cancelcorona.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

33112d51cc8c48c711f045c80dafb20621cccd35a2d94445b07e62778ef6262b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://mail.uchicago.cancelcorona.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:53:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57722
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 07 Dec 2022 20:53:05 GMT

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 22 KB
23 KB 52ms
3ms Font
font/woff2 2404:6800:4004:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@400;600;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:812::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mail.uchicago.cancelcorona.org
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 13:36:03 GMT
x-content-type-options: nosniff
age: 371822
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22504
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:04:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Dec 2023 13:36:03 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 58ms
9ms Font
font/woff2 2404:6800:4004:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@400;600;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:812::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mail.uchicago.cancelcorona.org
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 12:26:38 GMT
x-content-type-options: nosniff
age: 116787
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Dec 2023 12:26:38 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 54ms
6ms Font
font/woff2 2404:6800:4004:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@400;600;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:812::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mail.uchicago.cancelcorona.org
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 17:17:39 GMT
x-content-type-options: nosniff
age: 99326
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Dec 2023 17:17:39 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
28 KB 14ms
4ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJG27LV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://mail.uchicago.cancelcorona.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 07 Dec 2022 20:53:05 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27340
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: N8qquvADqKWDRuMv03/mHVsoTPZkA/XKa/9Mhmz+kFgHd0idJYUY90YmCFZQp1ShrxfuwsRMtKl1Jv0hy5/ImA==
x-fb-trip-id: 382461245
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 213 KB
75 KB 46ms
46ms Script
application/javascript 2404:6800:4004:826::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-J8WE6LD32W&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJG27LV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f0c8b45dcc1e06288276d0010976e2b783b3482361487f6998ce13f004172001

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://mail.uchicago.cancelcorona.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:53:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76233
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 07 Dec 2022 20:53:05 GMT

GET
H2

200

https://app.givemomentum.com/logout
https://portal.givemomentum.com/donor/login

48 KB
13 KB

43ms
9ms

Document
text/html

76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.givemomentum.com/donor/login

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

8b52853d866c91237ff4203d33e674424fe13b6d04dcae97a46244087557c172

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://mail.uchicago.cancelcorona.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

access-control-allow-origin: *
age: 907697
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="login"
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 07 Dec 2022 20:53:05 GMT
etag: W/"6bfec282d0b38316def7940083dbdf32"
server: Vercel
strict-transport-security: max-age=63072000
x-matched-path: /donor/login
x-vercel-cache: HIT
x-vercel-id: hnd1:hnd1::vdh9q-1670446385625-5aecd6f93c57

Redirect headers

content-length: 0
date: Wed, 07 Dec 2022 20:53:06 GMT
location: https://portal.givemomentum.com/donor/login
server: AmazonS3
via: 1.1 f8f2086aac99a2256f40536f86c26314.cloudfront.net (CloudFront)
x-amz-cf-id: KNrEn6iZ_fwFSOIdr5WKoZ2dS3fOP3QgymJ87KSCx7wIcCl0owSdcA==
x-amz-cf-pop: NRT12-C5
x-cache: Miss from cloudfront

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 3ms
2ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.89

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://mail.uchicago.cancelcorona.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 07 Dec 2022 20:53:05 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20722
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 736zHAartvNMuGPJovIYpW2XFQNkGKtQ1B8Fzqrq7vEokPJnfPtE+b9Wh34TqPz3DScnnDBQIqQ8Qj9nE++Wig==
x-fb-trip-id: 382461245
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 247886083608392 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 153ms
152ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/247886083608392?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9efafe9c8f82bb58c11b82348daadf43701a2490d362a1958209e3cefd3cb910

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://mail.uchicago.cancelcorona.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 07 Dec 2022 20:53:05 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: zHDdFsAPxvgGKBlFAnjMcT2VF+ZcUdtr4c/LIWhYQDvNVIkzPqGF4a6394eeDj+jgqfZlvrM6zoZsgZmSNAHmA==
x-fb-trip-id: 382461245
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
357 B 80ms
40ms Ping
text/plain 2404:6800:4004:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-J8WE6LD32W&gtm=2oebu0&_p=691987517&cid=1099342804.1670446385&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1670446385&sct=1&seg=0&dl=https%3A%2F%2Fmail.uchicago.cancelcorona.org%2F&dt=Donate%20to%20support%20Kids%20in%20Concert&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J8WE6LD32W&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:81c::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://mail.uchicago.cancelcorona.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 20:53:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mail.uchicago.cancelcorona.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 20ms
4ms Image
text/plain 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=247886083608392&ev=PageView&dl=https%3A%2F%2Fmail.uchicago.cancelcorona.org%2F&rl=&if=false&ts=1670446385602&sw=1600&sh=1200&v=2.9.89&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1670446385600.871873974&it=1670446385318&coo=false&tm=1&rqm=GET

Requested by

Host: mail.uchicago.cancelcorona.org
URL: https://mail.uchicago.cancelcorona.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://mail.uchicago.cancelcorona.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 07 Dec 2022 20:53:05 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ Frame 24E8 167 KB
55 KB 180ms
71ms Script
text/javascript 2404:6800:4004:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyDLNTDosmww5knN4ECckx_ZTVgkgcWDTa8&libraries=places

Requested by

Host: portal.givemomentum.com
URL: https://portal.givemomentum.com/donor/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80b::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

065d144935811605d4250ec0d75fefa902c728b865037c951dcfe799af2fb149

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://portal.givemomentum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:53:05 GMT
content-encoding: gzip
server: mafe
vary: Accept-Language
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=22
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55766
x-xss-protection: 0
expires: Wed, 07 Dec 2022 21:23:05 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ Frame 24E8 884 B
999 B 84ms
43ms Script
text/javascript 2404:6800:4004:821::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LdvLUAbAAAAADRLKguOGYzNQudvwrC0LB4lYIZX

Requested by

Host: portal.givemomentum.com
URL: https://portal.givemomentum.com/donor/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2d9cfaf1ca6990755cf21362942063c6c32d6d900485ec618b3d02b85d258877

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://portal.givemomentum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:53:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 586
x-xss-protection: 1; mode=block
expires: Wed, 07 Dec 2022 20:53:05 GMT

GET
H2 200 webpack-0b8f7f38d16324d7.js Show response
portal.givemomentum.com/_next/static/chunks/ Frame 24E8 2 KB
1 KB 8ms
6ms Script
application/javascript 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.givemomentum.com/_next/static/chunks/webpack-0b8f7f38d16324d7.js

Requested by

Host: portal.givemomentum.com
URL: https://portal.givemomentum.com/donor/login

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

2bfd1fd57b77dfa21253e2d08ba7554df59932110de951c9aa412d24274e88cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://portal.givemomentum.com/donor/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:53:05 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: hnd1:hnd1::vdh9q-1670446385645-b13ceedd5b8a
age: 692078
x-matched-path: /_next/static/chunks/webpack-0b8f7f38d16324d7.js
etag: W/"ae4e224ffc0960f46bd031dd16aa92e3"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="webpack-0b8f7f38d16324d7.js"

GET
H2 200 framework-cabfe003b0a86d38.js Show response
portal.givemomentum.com/_next/static/chunks/ Frame 24E8 146 KB
48 KB 19ms
17ms Script
application/javascript 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.givemomentum.com/_next/static/chunks/framework-cabfe003b0a86d38.js

Requested by

Host: portal.givemomentum.com
URL: https://portal.givemomentum.com/donor/login

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

35e2ddec91857b22ded3113551d97fd421b82ba1b50a7a925705c1a6ba0c8b80

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://portal.givemomentum.com/donor/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:53:05 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: hnd1:hnd1::hwxtl-1670446385645-1490af08a23c
age: 692078
x-matched-path: /_next/static/chunks/framework-cabfe003b0a86d38.js
etag: W/"d8073c5d30196f8bf6c367c606d42e8b"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="framework-cabfe003b0a86d38.js"

GET
H2 200 main-e37e4064798cf226.js Show response
portal.givemomentum.com/_next/static/chunks/ Frame 24E8 95 KB
29 KB 13ms
11ms Script
application/javascript 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.givemomentum.com/_next/static/chunks/main-e37e4064798cf226.js

Requested by

Host: portal.givemomentum.com
URL: https://portal.givemomentum.com/donor/login

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

dd031118fb985376149734182faafcc9d870d582db4ecf795a6bcf9a5f8e151d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://portal.givemomentum.com/donor/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:53:05 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: hnd1:hnd1::whhzx-1670446385645-1d8b1d4ea7ef
age: 692077
x-matched-path: /_next/static/chunks/main-e37e4064798cf226.js
etag: W/"61318295ab007f950d9bb1c5ac6c3ab4"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="main-e37e4064798cf226.js"

GET
H2 200 _app-6469a7bdcded1ce0.js Show response
portal.givemomentum.com/_next/static/chunks/pages/ Frame 24E8 641 KB
200 KB 11ms
9ms Script
application/javascript 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.givemomentum.com/_next/static/chunks/pages/_app-6469a7bdcded1ce0.js

Requested by

Host: portal.givemomentum.com
URL: https://portal.givemomentum.com/donor/login

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

e725af93e85d5a995f48b535242e9070a5fd670b0a17bb3f8c83514f02eff557

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://portal.givemomentum.com/donor/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:53:05 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: hnd1:hnd1::vdh9q-1670446385645-5860c40491e4
age: 692077
x-matched-path: /_next/static/chunks/pages/_app-6469a7bdcded1ce0.js
etag: W/"e0fc89cf7897bd4f08064ef0ab19cccf"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="_app-6469a7bdcded1ce0.js"

GET
H2 200 566-018d65e7940f097a.js Show response
portal.givemomentum.com/_next/static/chunks/ Frame 24E8 41 KB
14 KB 17ms
16ms Script
application/javascript 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.givemomentum.com/_next/static/chunks/566-018d65e7940f097a.js

Requested by

Host: portal.givemomentum.com
URL: https://portal.givemomentum.com/donor/login

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

afb211d1a3a383f31e4e18a5502bb48ea2df5068c9d2aeb9b67b7d2e7162e0f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://portal.givemomentum.com/donor/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:53:05 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: hnd1:hnd1::bxfnq-1670446385646-5221a0c5b423
age: 692078
x-matched-path: /_next/static/chunks/566-018d65e7940f097a.js
etag: W/"b8580279d36015276c020d2056a7a6f3"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="566-018d65e7940f097a.js"

GET
H2 200 549-69d2631162225ec4.js Show response
portal.givemomentum.com/_next/static/chunks/ Frame 24E8 71 KB
23 KB 14ms
13ms Script
application/javascript 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.givemomentum.com/_next/static/chunks/549-69d2631162225ec4.js

Requested by

Host: portal.givemomentum.com
URL: https://portal.givemomentum.com/donor/login

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

8d6b349a3532e784c20d8b7d31eb762b602f9b4d57aba13543341c6d96ddc39e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://portal.givemomentum.com/donor/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:53:05 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: hnd1:hnd1::2vjlt-1670446385646-918c1ee2cb50
age: 692077
x-matched-path: /_next/static/chunks/549-69d2631162225ec4.js
etag: W/"0d161ed724923851b8b083cc2b872c3a"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="549-69d2631162225ec4.js"

GET
H2 200 812-add7003fd20a992f.js Show response
portal.givemomentum.com/_next/static/chunks/ Frame 24E8 10 KB
5 KB 18ms
17ms Script
application/javascript 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.givemomentum.com/_next/static/chunks/812-add7003fd20a992f.js

Requested by

Host: portal.givemomentum.com
URL: https://portal.givemomentum.com/donor/login

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

86c0364d4585d7539515ebd3e6077c75d069682bc14bbdbc3c809bcc4c7571b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://portal.givemomentum.com/donor/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:53:05 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: hnd1:hnd1::hwxtl-1670446385646-482837e5f36b
age: 692078
x-matched-path: /_next/static/chunks/812-add7003fd20a992f.js
etag: W/"564f96df6974a6d3bc18ed1787605fee"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="812-add7003fd20a992f.js"

GET
H2 200 login-b8c3eeae317c7dc5.js Show response
portal.givemomentum.com/_next/static/chunks/pages/donor/ Frame 24E8 5 KB
3 KB 673ms
672ms Script
application/javascript 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.givemomentum.com/_next/static/chunks/pages/donor/login-b8c3eeae317c7dc5.js

Requested by

Host: portal.givemomentum.com
URL: https://portal.givemomentum.com/donor/login

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

25e5db39090c89a75606fd84e716f70222412c9aba7e1799e030372d728feae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://portal.givemomentum.com/donor/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:53:06 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: hnd1:hnd1::hwxtl-1670446385645-44eec9f1e7c0
age: 0
x-matched-path: /_next/static/chunks/pages/donor/login-b8c3eeae317c7dc5.js
etag: W/"e163f752fd9e123c0d73eb6aec788228"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="login-b8c3eeae317c7dc5.js"

GET
H2 200 _buildManifest.js Show response
portal.givemomentum.com/_next/static/HFYmqmMRpp_19mvyGFUGu/ Frame 24E8 3 KB
1 KB 13ms
12ms Script
application/javascript 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.givemomentum.com/_next/static/HFYmqmMRpp_19mvyGFUGu/_buildManifest.js

Requested by

Host: portal.givemomentum.com
URL: https://portal.givemomentum.com/donor/login

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

9a69b940b8bb80f3243fc969399985db23316013c85cc23a97f7a846b4c76843

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://portal.givemomentum.com/donor/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:53:05 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: hnd1:hnd1::bxfnq-1670446385646-62f8e0da4134
age: 692078
x-matched-path: /_next/static/HFYmqmMRpp_19mvyGFUGu/_buildManifest.js
etag: W/"2b1256634db5c1d2cc706a3fb8ff9213"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="_buildManifest.js"

GET
H2 200 _ssgManifest.js Show response
portal.givemomentum.com/_next/static/HFYmqmMRpp_19mvyGFUGu/ Frame 24E8 77 B
255 B 10ms
9ms Script
application/javascript 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.givemomentum.com/_next/static/HFYmqmMRpp_19mvyGFUGu/_ssgManifest.js

Requested by

Host: portal.givemomentum.com
URL: https://portal.givemomentum.com/donor/login

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://portal.givemomentum.com/donor/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:53:05 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: hnd1:hnd1::gpsgh-1670446385646-0b05b7894fa9
age: 692078
x-matched-path: /_next/static/HFYmqmMRpp_19mvyGFUGu/_ssgManifest.js
etag: "b6652df95db52feb4daf4eca35380933"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="_ssgManifest.js"
accept-ranges: bytes
content-length: 77

GET
H2 200 _middlewareManifest.js Show response
portal.givemomentum.com/_next/static/HFYmqmMRpp_19mvyGFUGu/ Frame 24E8 92 B
276 B 16ms
15ms Script
application/javascript 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.givemomentum.com/_next/static/HFYmqmMRpp_19mvyGFUGu/_middlewareManifest.js

Requested by

Host: portal.givemomentum.com
URL: https://portal.givemomentum.com/donor/login

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://portal.givemomentum.com/donor/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:53:05 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: hnd1:hnd1::gpsgh-1670446385646-6177370057e7
age: 692077
x-matched-path: /_next/static/HFYmqmMRpp_19mvyGFUGu/_middlewareManifest.js
etag: "7c3f7e060745668041278118c0bb3d6d"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="_middlewareManifest.js"
accept-ranges: bytes
content-length: 92

POST
H2 200 / Show response
o359384.ingest.sentry.io/api/6094206/envelope/ Frame 24E8 2 B
282 B 17ms
5ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o359384.ingest.sentry.io/api/6094206/envelope/?sentry_key=260b8c5bc9ff47b79748e6703d65ef02&sentry_version=7

Requested by

Host: portal.givemomentum.com
URL: https://portal.givemomentum.com/_next/static/chunks/pages/_app-6469a7bdcded1ce0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://portal.givemomentum.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 07 Dec 2022 20:53:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://portal.givemomentum.com
access-control-expose-headers: x-sentry-rate-limits, retry-after, x-sentry-error
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H2 200 logger-1.min.js Show response
cdn.lr-in-prod.com/ Frame 24E8 782 KB
159 KB 38ms
25ms Script
text/javascript 2606:4700:3030::6815:41c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.lr-in-prod.com/logger-1.min.js

Requested by

Host: portal.givemomentum.com
URL: https://portal.givemomentum.com/_next/static/chunks/pages/_app-6469a7bdcded1ce0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:41c3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1cca0a7b08fbd87b3911ac379406b6ad18ac57bbf46b0268786b0a298b098d2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://portal.givemomentum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:53:05 GMT
strict-transport-security: max-age=31556926
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 169
x-cache: MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-nrt-rjtf7700043-NRT
last-modified: Wed, 07 Dec 2022 20:01:03 GMT
server: cloudflare
x-timer: S1670443363.603189,VS0,VE686
etag: W/"ccf30f132cebabe10acae3fd10d5213222184ac604b6f058a3941fdfcc0b364e"
vary: x-fh-requested-host, accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TwSDPs0jbwFkrBDh3wq2JqvT2nwcDdwcMis8MRcJ9Ps3wUFVRmDVbZq06c%2FThXIjH%2F3TUhGJB2vkJxCFFwEIxPIHBFo1rzCS3g%2FcFILj6t0Wn%2BDjse%2FKAlQjhoxAJO6WFkY7RTXU1z%2F3P8gXZdOTv6o%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 776026169e387828-NRT
x-cache-hits: 0

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/kIwrVVm2NtNiYWIMfmAv61AP/ Frame 24E8 401 KB
160 KB 46ms
2ms Script
text/javascript 2404:6800:4004:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/kIwrVVm2NtNiYWIMfmAv61AP/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LdvLUAbAAAAADRLKguOGYzNQudvwrC0LB4lYIZX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

898a71b3a61190c5887818d4aa4180e55a098fb37a2a1866305d6b6db2b95fe0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portal.givemomentum.com/
Origin: https://portal.givemomentum.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 17:12:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 186059
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 163011
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 05:04:05 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Dec 2023 17:12:06 GMT

GET
BLOB 200
OK 59fbe2d5-906a-43f6-9819-41133386cfdd
https://portal.givemomentum.com/ Frame 24E8 427 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://portal.givemomentum.com/59fbe2d5-906a-43f6-9819-41133386cfdd
Requested by: Host: portal.givemomentum.com
URL: https://portal.givemomentum.com/donor/login
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 91843f2033380b223be3d780181d7e0390c4824ccd505530efaab7048d6b0753

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Length: 436774

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 840C 42 KB
22 KB 91ms
54ms Document
text/html 2404:6800:4004:821::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdvLUAbAAAAADRLKguOGYzNQudvwrC0LB4lYIZX&co=aHR0cHM6Ly9wb3J0YWwuZ2l2ZW1vbWVudHVtLmNvbTo0NDM.&hl=en&v=kIwrVVm2NtNiYWIMfmAv61AP&size=invisible&cb=ar3okpaaqbgx

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/kIwrVVm2NtNiYWIMfmAv61AP/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3576734f3c1800a6d2bf8658533bb0ede5fe14d139f4a5500a557afa3343473a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wLkR5PZ74SibxuZ8Na2wvw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://portal.givemomentum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22189
content-security-policy: script-src 'report-sample' 'nonce-wLkR5PZ74SibxuZ8Na2wvw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 20:53:05 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ Frame 24E8 3 B
45 B 73ms
37ms XHR
application/json 2404:6800:4004:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: portal.givemomentum.com
URL: https://portal.givemomentum.com/_next/static/chunks/pages/_app-6469a7bdcded1ce0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://portal.givemomentum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:53:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://portal.givemomentum.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23
x-xss-protection: 0

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/kIwrVVm2NtNiYWIMfmAv61AP/ Frame 840C 52 KB
24 KB 46ms
5ms Stylesheet
text/css 2404:6800:4004:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/kIwrVVm2NtNiYWIMfmAv61AP/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdvLUAbAAAAADRLKguOGYzNQudvwrC0LB4lYIZX&co=aHR0cHM6Ly9wb3J0YWwuZ2l2ZW1vbWVudHVtLmNvbTo0NDM.&hl=en&v=kIwrVVm2NtNiYWIMfmAv61AP&size=invisible&cb=ar3okpaaqbgx

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 17:27:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 185137
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 05:04:05 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Dec 2023 17:27:28 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/kIwrVVm2NtNiYWIMfmAv61AP/ Frame 840C 401 KB
159 KB 44ms
4ms Script
text/javascript 2404:6800:4004:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/kIwrVVm2NtNiYWIMfmAv61AP/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

898a71b3a61190c5887818d4aa4180e55a098fb37a2a1866305d6b6db2b95fe0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 17:12:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 186059
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 163011
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 05:04:05 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Dec 2023 17:12:06 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 840C 102 B
134 B 39ms
38ms Other
text/javascript 2404:6800:4004:821::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=kIwrVVm2NtNiYWIMfmAv61AP

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

05bdb8d0c12909e4b814e86a3b249c9c75f340b31a79cddc68e2ac9af7b74a7c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdvLUAbAAAAADRLKguOGYzNQudvwrC0LB4lYIZX&co=aHR0cHM6Ly9wb3J0YWwuZ2l2ZW1vbWVudHVtLmNvbTo0NDM.&hl=en&v=kIwrVVm2NtNiYWIMfmAv61AP&size=invisible&cb=ar3okpaaqbgx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:53:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Wed, 07 Dec 2022 20:53:06 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 24E8 215 KB
75 KB 48ms
48ms Script
application/javascript 2404:6800:4004:826::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NZ8M2B9L5X

Requested by

Host: portal.givemomentum.com
URL: https://portal.givemomentum.com/_next/static/chunks/pages/_app-6469a7bdcded1ce0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

62a35dd8c1926d45d5a0b538d9edd73046975e84a560abaea0a7567a06e1c678

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://portal.givemomentum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:53:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76839
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 07 Dec 2022 20:53:06 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 12ms
4ms Image
text/plain 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=247886083608392&ev=Microdata&dl=https%3A%2F%2Fmail.uchicago.cancelcorona.org%2F&rl=&if=false&ts=1670446387126&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Donate%20to%20support%20Kids%20in%20Concert%22%2C%22meta%3Adescription%22%3A%22Kids%20in%20Concert%20creates%20compassionate%20citizens%20of%20the%20world%20through%20the%20healing%20and%20developmental%20power%20of%20music%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1670446385600.871873974&it=1670446385318&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://mail.uchicago.cancelcorona.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 07 Dec 2022 20:53:07 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

POST
H3 200 / Show response
o359384.ingest.sentry.io/api/6094206/envelope/ Frame 24E8 41 B
59 B 11ms
6ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o359384.ingest.sentry.io/api/6094206/envelope/?sentry_key=260b8c5bc9ff47b79748e6703d65ef02&sentry_version=7

Requested by

Host: portal.givemomentum.com
URL: https://portal.givemomentum.com/_next/static/chunks/pages/_app-6469a7bdcded1ce0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

9a3de9219a0000d29a96e9ec48f8c534afc83cec6b004a7f37d6f08569a59951

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://portal.givemomentum.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 07 Dec 2022 20:53:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://portal.givemomentum.com
access-control-expose-headers: retry-after, x-sentry-rate-limits, x-sentry-error
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41

POST i
r.lr-in-prod.com/ Frame 24E8 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: r.lr-in-prod.com
URL: https://r.lr-in-prod.com/i?a=alcw3f%2Fportal-ux06u&r=5-8fd246a5-609d-49de-b318-2301c08dbbe3&t=07342a9d-a5c1-4068-9cbf-5a0797ca7712&s=0&rs=0%2Cu&u=d5859c99-0866-4781-b3c4-10c23f0b0799

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.cancelcorona.org/	1970-01-20 17:36:46	Name: _ga_J8WE6LD32W Value: GS1.1.1670446385.1.0.1670446385.0.0.0
.cancelcorona.org/	1970-01-20 17:36:46	Name: _ga Value: GA1.1.1099342804.1670446385
.cancelcorona.org/	1970-01-20 10:10:22	Name: _fbp Value: fb.1.1670446385600.871873974

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
app.givemomentum.com
cdn.lr-in-prod.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
mail.uchicago.cancelcorona.org
maps.googleapis.com
maxcdn.bootstrapcdn.com
o359384.ingest.sentry.io
portal.givemomentum.com
r.lr-in-prod.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
r.lr-in-prod.com
162.241.216.110
2404:6800:4004:80b::200a
2404:6800:4004:812::2003
2404:6800:4004:81c::200e
2404:6800:4004:821::2004
2404:6800:4004:824::200a
2404:6800:4004:825::200a
2404:6800:4004:826::2008
2404:6800:4004:827::2003
2600:9000:2066:4a00:1f:bb5e:f880:93a1
2606:4700:3030::6815:41c3
2606:4700::6812:acf
2a03:2880:f00f:8:face:b00c:0:1
2a03:2880:f10f:83:face:b00c:0:25de
34.120.195.249
76.76.21.93
05bdb8d0c12909e4b814e86a3b249c9c75f340b31a79cddc68e2ac9af7b74a7c
065d144935811605d4250ec0d75fefa902c728b865037c951dcfe799af2fb149
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
1805b14279760e2a9338b71f40649c45fe37dbc3839bb573a9737cdd495e9752
19635776065c892b050cb2764ed02e894125625c006797469417d7450001aba4
1cca0a7b08fbd87b3911ac379406b6ad18ac57bbf46b0268786b0a298b098d2b
25e5db39090c89a75606fd84e716f70222412c9aba7e1799e030372d728feae0
2a4108849b0efea3bcf329b2a4882746bfb291960e19612f14d1cce816a751f6
2bfd1fd57b77dfa21253e2d08ba7554df59932110de951c9aa412d24274e88cb
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
2d9cfaf1ca6990755cf21362942063c6c32d6d900485ec618b3d02b85d258877
33112d51cc8c48c711f045c80dafb20621cccd35a2d94445b07e62778ef6262b
3576734f3c1800a6d2bf8658533bb0ede5fe14d139f4a5500a557afa3343473a
35e2ddec91857b22ded3113551d97fd421b82ba1b50a7a925705c1a6ba0c8b80
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
4b7984c844f98be5ae669dbed2c2dd0483a021dcdf7b8a9ac833caecf7b02f24
52519e8c754d4fd14b9ea19ff3f3e758ad1978858827881984e7da06a285ef97
62a35dd8c1926d45d5a0b538d9edd73046975e84a560abaea0a7567a06e1c678
6526958889737349471164bff336ac65d85e7058e8e7c6b03d860b123459a9ec
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
7095a61863112602c72032a52746441d33e65822b4371627b4ec945ee09d82a2
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
86c0364d4585d7539515ebd3e6077c75d069682bc14bbdbc3c809bcc4c7571b8
898a71b3a61190c5887818d4aa4180e55a098fb37a2a1866305d6b6db2b95fe0
8b52853d866c91237ff4203d33e674424fe13b6d04dcae97a46244087557c172
8d6b349a3532e784c20d8b7d31eb762b602f9b4d57aba13543341c6d96ddc39e
91843f2033380b223be3d780181d7e0390c4824ccd505530efaab7048d6b0753
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9a3de9219a0000d29a96e9ec48f8c534afc83cec6b004a7f37d6f08569a59951
9a69b940b8bb80f3243fc969399985db23316013c85cc23a97f7a846b4c76843
9efafe9c8f82bb58c11b82348daadf43701a2490d362a1958209e3cefd3cb910
afb211d1a3a383f31e4e18a5502bb48ea2df5068c9d2aeb9b67b7d2e7162e0f3
b2ef000259ac2226eaa741ce05f76209cc75fa9c1427f47153a352425bb9b88a
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b
dd031118fb985376149734182faafcc9d870d582db4ecf795a6bcf9a5f8e151d
de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a
e0c5457ea7c73dbe296d2842eb1d98a049bcba1c5321d433b52d15aba3cd876b
e13c504919980dd7fed4544d8298c7e03ad3b3ebc8a96fda876bc8fee7804d3d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e725af93e85d5a995f48b535242e9070a5fd670b0a17bb3f8c83514f02eff557
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
f0c8b45dcc1e06288276d0010976e2b783b3482361487f6998ce13f004172001

mail.uchicago.cancelcorona.org Open in urlscan Pro 162.241.216.110 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

50 Requests

96 %HTTPS

81 %IPv6

12 Domains

17 Subdomains

16 IPs

3 Countries

1447 kBTransfer

4808 kBSize

3 Cookies

0 Outgoing links

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

mail.uchicago.cancelcorona.org Open in urlscan Pro
162.241.216.110 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

96 %
HTTPS

81 %
IPv6

12
Domains

17
Subdomains

16
IPs

3
Countries

1447 kB
Transfer

4808 kB
Size

3
Cookies

50 HTTP transactions
0 data transactions