urlscan.io logo urlscan.io
SecurityTrails logo

visit.org Open in urlscan Pro
2606:4700:30::6818:6399  Public Scan

Go To Rescan Add Verdict Report
URL: https://visit.org/experience/a-coat-drive-to-warm-hearts
Submission: On November 12 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 5 countries across 14 domains to perform 38 HTTP transactions. The main IP is 2606:4700:30::6818:6399, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is visit.org.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on September 10th 2019. Valid for: 6 months.
This is the only time visit.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 2606:4700:30:... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:300... 13335 (CLOUDFLAR...)
9 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f01... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 151.101.14.110 54113 (FASTLY)
1 1 52.222.174.81 16509 (AMAZON-02)
5 13.225.78.57 16509 (AMAZON-02)
1 162.247.242.19 23467 (NEWRELIC-...)
1 13.224.196.15 16509 (AMAZON-02)
38 14
7    2606:4700:30::6818:6399 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
visit.org
4    2a00:1450:4001:814::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
maps.googleapis.com
1    2606:4700:300a::6813:c697 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdnjs.cloudflare.com
9    2a02:26f0:6c00:196::523 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
res-5.cloudinary.com
res-4.cloudinary.com
res-1.cloudinary.com
res-2.cloudinary.com
res-3.cloudinary.com
3    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    2a00:1450:4001:817::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.youtube.com
3    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
staticxx.facebook.com
1    2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
1    2a00:1450:4001:814::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
s.ytimg.com
1    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
1    151.101.14.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
js-agent.newrelic.com
1    52.222.174.81 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-174-81.fra54.r.cloudfront.net
widget.intercom.io
5    13.225.78.57 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-225-78-57.fra2.r.cloudfront.net
js.intercomcdn.com
1    162.247.242.19 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1 - New Relic, US)
PTR: bam-7.nr-data.net
bam.nr-data.net
1    13.224.196.15 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-224-196-15.fra2.r.cloudfront.net
api-iam.intercom.io
Domain Requested by
7 visit.org visit.org
5 js.intercomcdn.com js.intercomcdn.com
4 maps.googleapis.com visit.org
maps.googleapis.com
3 www.google-analytics.com 1 redirects visit.org
www.google-analytics.com
3 res-4.cloudinary.com visit.org
2 connect.facebook.net visit.org
connect.facebook.net
2 res-2.cloudinary.com visit.org
2 res-5.cloudinary.com visit.org
1 api-iam.intercom.io js.intercomcdn.com
1 bam.nr-data.net js-agent.newrelic.com
1 widget.intercom.io 1 redirects
1 js-agent.newrelic.com visit.org
1 staticxx.facebook.com connect.facebook.net
1 stats.g.doubleclick.net visit.org
1 s.ytimg.com www.youtube.com
1 fonts.googleapis.com visit.org
1 www.youtube.com visit.org
1 res-3.cloudinary.com visit.org
1 res-1.cloudinary.com visit.org
1 cdnjs.cloudflare.com visit.org
38 20
Subject Issuer Validity Valid
sni237414.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-09-10 -
2020-03-18		 6 months crt.sh
*.googleapis.com
GTS CA 1O1		 2019-10-16 -
2020-01-08		 3 months crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-08-10 -
2020-02-16		 6 months crt.sh
*.cloudinary.com
Go Daddy Secure Certificate Authority - G2		 2017-01-18 -
2020-01-17		 3 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-10-16 -
2020-01-08		 3 months crt.sh
*.google.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-09-22 -
2019-12-20		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2019-10-16 -
2020-01-08		 3 months crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-04-10 -
2020-03-21		 a year crt.sh
*.intercomcdn.com
Amazon		 2019-04-27 -
2020-05-27		 a year crt.sh
*.nr-data.net
GeoTrust RSA CA 2018		 2018-01-11 -
2020-03-17		 2 years crt.sh
*.intercom.com
Amazon		 2019-06-11 -
2020-07-11		 a year crt.sh

This page contains 4 frames:

Primary Page: https://visit.org/experience/a-coat-drive-to-warm-hearts
Frame ID: 7E9B6EAFE0EDAAB618A7789111F5F3FF
Requests: 32 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: D5EE0544655C380A1334362842966990
Requests: 1 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame.fbe53618.js
Frame ID: 725373E946B9A4910AC8942EC202055D
Requests: 4 HTTP requests in this frame

Frame: https://js.intercomcdn.com/fonts/proximanova-regular.a7942249.woff
Frame ID: 09B999983D93F3DFAFCBA87F73674339
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 50%
Detected patterns
  • meta csrf-param /^authenticity_token$/i
Overall confidence: 100%
Detected patterns
  • script /\/\/maps\.googleapis\.com\/maps\/api\/js/i
Overall confidence: 50%
Detected patterns
  • meta csrf-param /^authenticity_token$/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
  • script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Page Statistics

38
Requests

100 %
HTTPS

67 %
IPv6

14
Domains

20
Subdomains

14
IPs

5
Countries

1515 kB
Transfer

4405 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=684204281&t=pageview&_s=1&dl=https%3A%2F%2Fvisit.org%2Fexperience%2Fa-coat-drive-to-warm-hearts&ul=en-us&de=UTF-8&dt=A%20Coat%20Drive%20to%20Warm%20Hearts%20%7C%20Visit.org&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGBAAEIR~&jid=141286206&gjid=494939514&cid=1711182888.1573575267&uid=&tid=UA-59713279-1&_gid=837897856.1573575267&_r=1&cd3=not%20signed%20in&cd8=corporate&cd1=corporates%3A%3Atours&cd2=experience&cd4=corporates%3A%3Atours%23experience&cd10=A%20Coat%20Drive%20to%20Warm%20Hearts%20-%20ID%3A1321&z=2080209200 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-59713279-1&cid=1711182888.1573575267&jid=141286206&_gid=837897856.1573575267&gjid=494939514&_v=j79&z=2080209200
Request Chain 27
  • https://widget.intercom.io/widget/esck2fur HTTP 302
  • https://js.intercomcdn.com/shim.latest.js

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request a-coat-drive-to-warm-hearts
visit.org/experience/ 		20 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://visit.org/experience/a-coat-drive-to-warm-hearts
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6818:6399 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca594d9af5133b61ea2109b12ccd99c8e9b0034e8484649053e96a00cba1472a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
visit.org
:scheme
https
:path
/experience/a-coat-drive-to-warm-hearts
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
navigate
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1

Response headers

status
200
date
Tue, 12 Nov 2019 16:14:26 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d180a2fe450d0256a14ac0857c4d36c401573575265; expires=Wed, 11-Nov-20 16:14:25 GMT; path=/; domain=.visit.org; HttpOnly _visit_session=ZWcxUm80Wk5DYll2RmYzQnpBQ3UzcG4xeUh5OVJMZGZyNml0eUZPNVM3M2Fjam9UdkQrYnRvNmZROUNacWM1b1BMSDdiSG9VRnBoSVB5TE5uWkQwUEdUb1lGQmJJSmh4OGs2Sk5WNVhyS2cxMUpud290aG9wbFFJV05KUWtSb3l4RGFaaTNOMWVqdXBnYWtGb1UvRGlxWHNMakZrNHZycERudVRDY2F1ZEoyZWVONm1NY2FabWdGQ1pnR1hmZnlQSnAxUVRvQ2dGWm5mejFnK01MUTRENVVNcmJKdm1aczdJSUZzeDRGbDhvND0tLVpQNld1TEdsckpzeVkrM0doRHYvVVE9PQ%3D%3D--1094cb3de19058b67383dda7e83919b5965f4a65; path=/; secure; HttpOnly
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
cache-control
max-age=0, private, must-revalidate
x-request-id
eaff21d8-9e92-4e9f-86be-9eccdac64ebb
x-runtime
0.721120
vary
Accept-Encoding
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 vegur
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5349cc83fadb8c8c-VIE
content-encoding
br
application-80b2d806f3feea27ada90ecadd91f65703d14bd3e4029c4ab092db2d2cdeebb2.js
visit.org/assets/ 		1 MB
339 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://visit.org/assets/application-80b2d806f3feea27ada90ecadd91f65703d14bd3e4029c4ab092db2d2cdeebb2.js
Requested by
Host: visit.org
URL: https://visit.org/experience/a-coat-drive-to-warm-hearts
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6818:6399 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
80b2d806f3feea27ada90ecadd91f65703d14bd3e4029c4ab092db2d2cdeebb2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://visit.org/experience/a-coat-drive-to-warm-hearts
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray
5349cc8a88988c8c-VIE
date
Tue, 12 Nov 2019 16:14:26 GMT
via
1.1 vegur
cf-cache-status
HIT
last-modified
Mon, 11 Nov 2019 11:33:49 GMT
server
cloudflare
age
917
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=2678400
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
br
js
maps.googleapis.com/maps/api/ 		118 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyC0YO52akJkT1f1giMdEDen5pa3ANbftlM&libraries=places
Requested by
Host: visit.org
URL: https://visit.org/experience/a-coat-drive-to-warm-hearts
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
mafe /
Resource Hash
1d6935ab0551df9e18d83d3faaa2060f96b2d6dff2690998c7fec16efbe48bf0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://visit.org/experience/a-coat-drive-to-warm-hearts
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 12 Nov 2019 16:14:26 GMT
content-encoding
gzip
vary
Accept-Language
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, max-age=1800
server-timing
gfet4t7; dur=21
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
38949
x-xss-protection
0
expires
Tue, 12 Nov 2019 16:44:26 GMT
application-395ebcbce9ec74c9141ed1a4ed792e12107b15578ecff2539641173351638dc8.css
visit.org/assets/ 		957 KB
127 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://visit.org/assets/application-395ebcbce9ec74c9141ed1a4ed792e12107b15578ecff2539641173351638dc8.css
Requested by
Host: visit.org
URL: https://visit.org/experience/a-coat-drive-to-warm-hearts
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6818:6399 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cec77ce84e5106b69fe8a9f46dcccc1021e7006d969b7dc042f05cccc5b5004
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://visit.org/experience/a-coat-drive-to-warm-hearts
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray
5349cc8a88978c8c-VIE
date
Tue, 12 Nov 2019 16:14:26 GMT
via
1.1 vegur
cf-cache-status
HIT
last-modified
Mon, 11 Nov 2019 11:33:49 GMT
server
cloudflare
age
917
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=2678400
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
br
simple-line-icons.css
cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.4.1/css/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.4.1/css/simple-line-icons.css
Requested by
Host: visit.org
URL: https://visit.org/experience/a-coat-drive-to-warm-hearts
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:300a::6813:c697 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab9f855e542893de23c7b7e4897eb91066c9dbbfeaa1b1fa73a826867833b4b1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://visit.org/experience/a-coat-drive-to-warm-hearts
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 12 Nov 2019 16:14:26 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
18209179
status
200
alt-svc
h3-23=":443"; ma=86400
served-in-seconds
0.004
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:25:36 GMT
server
cloudflare
etag
W/"5afd4a90-329e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
5349cc8a8b46cbc8-VIE
expires
Sun, 01 Nov 2020 16:14:26 GMT
g7sairmsytmuzmbe50t5
res-5.cloudinary.com/production-visit-org/image/upload/c_thumb,f_auto,h_1300,w_2600/ 		247 KB
248 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res-5.cloudinary.com/production-visit-org/image/upload/c_thumb,f_auto,h_1300,w_2600/g7sairmsytmuzmbe50t5
Requested by
Host: visit.org
URL: https://visit.org/experience/a-coat-drive-to-warm-hearts
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:196::523 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
6b837018a9a0b274244afa67d0a7a702c8bf3555a39d42f9b288925ec90e46a0
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://visit.org/experience/a-coat-drive-to-warm-hearts
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 12 Nov 2019 16:14:27 GMT
vary
Accept,User-Agent
status
200
content-disposition
inline; filename="g7sairmsytmuzmbe50t5.webp"
server-timing
akam;dur=6;start=2019-11-12T16:14:27.104Z;total=6;desc=hit,rtt;dur=4,cloudinary;dur=72;start=2019-11-12T16:04:26.651Z
content-length
252776
last-modified
Tue, 27 Nov 2018 03:08:25 GMT
server
Cloudinary
etag
"c87cd56dbec203d75bceb78217f2683e"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range,Server-Timing,Vary,X-Cld-Error
cache-control
private, no-transform, immutable, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
noun_world-28c131c12b3a4ab6c81984fee03021de2cb25a1b37f0cadc1cf13a703e5b31c6.svg
visit.org/assets/corporates/ 		46 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visit.org/assets/corporates/noun_world-28c131c12b3a4ab6c81984fee03021de2cb25a1b37f0cadc1cf13a703e5b31c6.svg
Requested by
Host: visit.org
URL: https://visit.org/experience/a-coat-drive-to-warm-hearts
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6818:6399 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
28c131c12b3a4ab6c81984fee03021de2cb25a1b37f0cadc1cf13a703e5b31c6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://visit.org/experience/a-coat-drive-to-warm-hearts
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray
5349cc8b89588c8c-VIE
date
Tue, 12 Nov 2019 16:14:27 GMT
via
1.1 vegur
cf-cache-status
HIT
last-modified
Mon, 16 Sep 2019 14:30:44 GMT
server
cloudflare
age
918
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
public, max-age=2678400
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
br
zq8u09xxzx2cgocvmw9w
res-4.cloudinary.com/production-visit-org/image/upload/c_thumb,f_auto,h_195,q_auto,w_195/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res-4.cloudinary.com/production-visit-org/image/upload/c_thumb,f_auto,h_195,q_auto,w_195/zq8u09xxzx2cgocvmw9w
Requested by
Host: visit.org
URL: https://visit.org/experience/a-coat-drive-to-warm-hearts
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:196::523 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
b6ad0355e8db8854ab7f4a12de4c4edeac0d02cdd7e62333842a9e30b7518f35
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://visit.org/experience/a-coat-drive-to-warm-hearts
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 12 Nov 2019 16:14:27 GMT
vary
Accept,User-Agent,Save-Data
status
200
content-disposition
inline; filename="zq8u09xxzx2cgocvmw9w.webp"
server-timing
akam;dur=11;start=2019-11-12T16:14:27.129Z;total=11;desc=hit,rtt;dur=5,cloudinary;dur=110;start=2019-11-12T16:04:26.661Z
content-length
12108
last-modified
Tue, 18 Jun 2019 16:54:36 GMT
server
Cloudinary
etag
"c97d13002284b799c04948df67ddb6cc"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range,Server-Timing,Vary,X-Cld-Error
cache-control
private, no-transform, immutable, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
th6lhhujzx6i4k0n6y5b
res-1.cloudinary.com/production-visit-org/image/upload/c_thumb,f_auto,h_195,q_auto,w_195/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res-1.cloudinary.com/production-visit-org/image/upload/c_thumb,f_auto,h_195,q_auto,w_195/th6lhhujzx6i4k0n6y5b
Requested by
Host: visit.org
URL: https://visit.org/experience/a-coat-drive-to-warm-hearts
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:196::523 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
7c64675286c29f988806bcd17d64de4a63f8b5bd8dd1b5b6e2c52a6b8b79e909
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://visit.org/experience/a-coat-drive-to-warm-hearts
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 12 Nov 2019 16:14:27 GMT
vary
Accept,User-Agent,Save-Data
status
200
content-disposition
inline; filename="th6lhhujzx6i4k0n6y5b.webp"
server-timing
akam;dur=11;start=2019-11-12T16:14:27.148Z;total=11;desc=hit,rtt;dur=4,cloudinary;dur=94;start=2019-11-12T16:04:26.656Z
content-length
12922
last-modified
Tue, 18 Jun 2019 16:54:36 GMT
server
Cloudinary
etag
"ecc2c72dfe9c5d4eab35b8c60334ec56"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range,Server-Timing,Vary,X-Cld-Error
cache-control
private, no-transform, immutable, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
potzseow2pwggwgnlrl7
res-2.cloudinary.com/production-visit-org/image/upload/c_thumb,f_auto,h_195,q_auto,w_195/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res-2.cloudinary.com/production-visit-org/image/upload/c_thumb,f_auto,h_195,q_auto,w_195/potzseow2pwggwgnlrl7
Requested by
Host: visit.org
URL: https://visit.org/experience/a-coat-drive-to-warm-hearts
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:196::523 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
64f60920f820ca5c2b2649321996050917d302581257017a7fe14187347b90fe
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://visit.org/experience/a-coat-drive-to-warm-hearts
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 12 Nov 2019 16:14:27 GMT
vary
Accept,User-Agent,Save-Data
status
200
content-disposition
inline; filename="potzseow2pwggwgnlrl7.webp"
server-timing
akam;dur=16;start=2019-11-12T16:14:27.155Z;total=16;desc=hit,rtt;dur=5,cloudinary;dur=252;start=2019-11-12T16:04:26.677Z
content-length
10808
last-modified
Tue, 18 Jun 2019 16:54:36 GMT
server
Cloudinary
etag
"9fb82c5f40967952ddcda7c05e4ebefa"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range,Server-Timing,Vary,X-Cld-Error
cache-control
private, no-transform, immutable, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
fsmqx9rcyrd8chjnqxhk
res-3.cloudinary.com/production-visit-org/image/upload/c_thumb,f_auto,h_195,q_auto,w_195/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res-3.cloudinary.com/production-visit-org/image/upload/c_thumb,f_auto,h_195,q_auto,w_195/fsmqx9rcyrd8chjnqxhk
Requested by
Host: visit.org
URL: https://visit.org/experience/a-coat-drive-to-warm-hearts
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:196::523 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
ef9c1fedab1bc9120bdb93245e7f366ac5671df60da4e6a0c279d96cf4017f43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://visit.org/experience/a-coat-drive-to-warm-hearts
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 12 Nov 2019 16:14:27 GMT
vary
Accept,User-Agent,Save-Data
status
200
content-disposition
inline; filename="fsmqx9rcyrd8chjnqxhk.webp"
server-timing
akam;dur=5;start=2019-11-12T16:14:27.179Z;total=5;desc=hit,rtt;dur=5,cloudinary;dur=55;start=2019-11-12T16:04:26.666Z
content-length
9798
last-modified
Tue, 18 Jun 2019 16:54:36 GMT
server
Cloudinary
etag
"07c02230a3d0d49358ee05f90a6d8123"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range,Server-Timing,Vary,X-Cld-Error
cache-control
private, no-transform, immutable, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
ciukwyyzslfn0zhjfmmy
res-4.cloudinary.com/production-visit-org/image/upload/c_thumb,f_auto,h_195,q_auto,w_195/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res-4.cloudinary.com/production-visit-org/image/upload/c_thumb,f_auto,h_195,q_auto,w_195/ciukwyyzslfn0zhjfmmy
Requested by
Host: visit.org
URL: https://visit.org/experience/a-coat-drive-to-warm-hearts
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:196::523 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
3042e54784a9cb206e3d29256ad88c701c0cc2e8e0d1c192725c7d564cbedd82
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://visit.org/experience/a-coat-drive-to-warm-hearts
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 12 Nov 2019 16:14:27 GMT
last-modified
Tue, 18 Jun 2019 16:54:36 GMT
server
Cloudinary
status
200
etag
"3d99f4b7f4552db29fc048804649e29e"
vary
Accept,User-Agent,Save-Data
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range,Server-Timing,Vary,X-Cld-Error
cache-control
private, no-transform, immutable, max-age=2592000
server-timing
akam;dur=10;start=2019-11-12T16:14:27.134Z;total=10;desc=hit,rtt;dur=5,cloudinary;dur=81;start=2019-11-12T16:04:26.660Z
strict-transport-security
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
content-length
14535
lvgg4m7qzfotawtdaqlj
res-2.cloudinary.com/production-visit-org/image/upload/c_thumb,f_auto,h_195,q_auto,w_195/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res-2.cloudinary.com/production-visit-org/image/upload/c_thumb,f_auto,h_195,q_auto,w_195/lvgg4m7qzfotawtdaqlj
Requested by
Host: visit.org
URL: https://visit.org/experience/a-coat-drive-to-warm-hearts
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:196::523 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
0e3b61d40183cb294ab0f58628b1ab85fda381105224786567e5104d2d01a506
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://visit.org/experience/a-coat-drive-to-warm-hearts
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 12 Nov 2019 16:14:27 GMT
vary
Accept,User-Agent,Save-Data
status
200
content-disposition
inline; filename="lvgg4m7qzfotawtdaqlj.webp"
server-timing
akam;dur=12;start=2019-11-12T16:14:27.171Z;total=12;desc=hit,rtt;dur=5,cloudinary;dur=76;start=2019-11-12T16:04:26.670Z
content-length
11434
last-modified
Tue, 18 Jun 2019 16:54:36 GMT
server
Cloudinary
etag
"5752da605165e37282c73d1c510b70d0"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range,Server-Timing,Vary,X-Cld-Error
cache-control
private, no-transform, immutable, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
vnhwyxapvp6pglbdvteh
res-5.cloudinary.com/production-visit-org/image/upload/c_thumb,f_auto,h_195,q_auto,w_195/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res-5.cloudinary.com/production-visit-org/image/upload/c_thumb,f_auto,h_195,q_auto,w_195/vnhwyxapvp6pglbdvteh
Requested by
Host: visit.org
URL: https://visit.org/experience/a-coat-drive-to-warm-hearts
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:196::523 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
dcf41717e3535b02b3319be4acfb3903037935d642f1ca84680890a9d7a3c911
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://visit.org/experience/a-coat-drive-to-warm-hearts
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 12 Nov 2019 16:14:27 GMT
vary
Accept,User-Agent,Save-Data
status
200
content-disposition
inline; filename="vnhwyxapvp6pglbdvteh.webp"
server-timing
akam;dur=8;start=2019-11-12T16:14:27.125Z;total=8;desc=hit,rtt;dur=5,cloudinary;dur=86;start=2019-11-12T16:04:26.653Z
content-length
10262
last-modified
Tue, 18 Jun 2019 16:54:36 GMT
server
Cloudinary
etag
"61addba8653a95d01db6f21550ec9e9d"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range,Server-Timing,Vary,X-Cld-Error
cache-control
private, no-transform, immutable, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
xjfr59g50l918olmudmj
res-4.cloudinary.com/production-visit-org/image/upload/c_thumb,f_auto,h_195,q_auto,w_195/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res-4.cloudinary.com/production-visit-org/image/upload/c_thumb,f_auto,h_195,q_auto,w_195/xjfr59g50l918olmudmj
Requested by
Host: visit.org
URL: https://visit.org/experience/a-coat-drive-to-warm-hearts
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:196::523 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
bb738ee1780861290f18cc7b515e81c0632d8297ce66b8b4f6b209ec7cc9c338
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://visit.org/experience/a-coat-drive-to-warm-hearts
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 12 Nov 2019 16:14:27 GMT
vary
Accept,User-Agent,Save-Data
status
200
content-disposition
inline; filename="xjfr59g50l918olmudmj.webp"
server-timing
akam;dur=12;start=2019-11-12T16:14:27.140Z;total=12;desc=hit,rtt;dur=5,cloudinary;dur=58;start=2019-11-12T16:04:26.692Z
content-length
10622
last-modified
Tue, 18 Jun 2019 16:54:36 GMT
server
Cloudinary
etag
"68aa2f870ffcb399c926ce2e8a08ba4b"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range,Server-Timing,Vary,X-Cld-Error
cache-control
private, no-transform, immutable, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: visit.org
URL: https://visit.org/experience/a-coat-drive-to-warm-hearts
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://visit.org/experience/a-coat-drive-to-warm-hearts
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
6050
date
Tue, 12 Nov 2019 14:33:37 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Tue, 12 Nov 2019 16:33:37 GMT
Roboto-Regular-79e851404657dac2106b3d22ad256d47824a9a5765458edb72c9102a45816d95.ttf
visit.org/assets/ 		168 KB
168 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://visit.org/assets/Roboto-Regular-79e851404657dac2106b3d22ad256d47824a9a5765458edb72c9102a45816d95.ttf
Requested by
Host: visit.org
URL: https://visit.org/experience/a-coat-drive-to-warm-hearts
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6818:6399 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
79e851404657dac2106b3d22ad256d47824a9a5765458edb72c9102a45816d95
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Sec-Fetch-Mode
cors
Referer
https://visit.org/assets/application-395ebcbce9ec74c9141ed1a4ed792e12107b15578ecff2539641173351638dc8.css
Origin
https://visit.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 12 Nov 2019 16:14:27 GMT
via
1.1 vegur
cf-cache-status
HIT
last-modified
Wed, 31 Jan 2018 17:29:28 GMT
server
cloudflare
age
918
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
status
200
cache-control
public, max-age=2678400
strict-transport-security
max-age=15552000; includeSubDomains
cf-ray
5349cc8bb97f8c8c-VIE
arrow_right_gallery-77571179cd87ce233ab6eb85c9b670d01b81833a6114998b4f9a8af0ef9137fe.svg
visit.org/assets/corporates/ 		2 KB
819 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visit.org/assets/corporates/arrow_right_gallery-77571179cd87ce233ab6eb85c9b670d01b81833a6114998b4f9a8af0ef9137fe.svg
Requested by
Host: visit.org
URL: https://visit.org/experience/a-coat-drive-to-warm-hearts
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6818:6399 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
77571179cd87ce233ab6eb85c9b670d01b81833a6114998b4f9a8af0ef9137fe
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://visit.org/assets/application-395ebcbce9ec74c9141ed1a4ed792e12107b15578ecff2539641173351638dc8.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray
5349cc8bb9808c8c-VIE
date
Tue, 12 Nov 2019 16:14:27 GMT
via
1.1 vegur
cf-cache-status
HIT
last-modified
Mon, 15 Jul 2019 15:26:00 GMT
server
cloudflare
age
918
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
public, max-age=2678400
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
br
visit-f72613af3ddb813cf5686196a2e8fec28885ad770d0d930f4c7ab7291fcf1d28.ttf
visit.org/assets/ 		6 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://visit.org/assets/visit-f72613af3ddb813cf5686196a2e8fec28885ad770d0d930f4c7ab7291fcf1d28.ttf?5wj3ix
Requested by
Host: visit.org
URL: https://visit.org/experience/a-coat-drive-to-warm-hearts
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6818:6399 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f72613af3ddb813cf5686196a2e8fec28885ad770d0d930f4c7ab7291fcf1d28
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Sec-Fetch-Mode
cors
Referer
https://visit.org/assets/application-395ebcbce9ec74c9141ed1a4ed792e12107b15578ecff2539641173351638dc8.css
Origin
https://visit.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 12 Nov 2019 16:14:27 GMT
via
1.1 vegur
cf-cache-status
HIT
last-modified
Tue, 15 Oct 2019 19:55:57 GMT
server
cloudflare
age
870
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
status
200
cache-control
public, max-age=2678400
strict-transport-security
max-age=15552000; includeSubDomains
cf-ray
5349cc8bb9828c8c-VIE
iframe_api
www.youtube.com/ 		859 B
931 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api?v=3.2.10
Requested by
Host: visit.org
URL: https://visit.org/assets/application-80b2d806f3feea27ada90ecadd91f65703d14bd3e4029c4ab092db2d2cdeebb2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
46636d8106a55c20c57d84c69f60293f58f3bb4d9d174720e510450c01aa9df0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://visit.org/experience/a-coat-drive-to-warm-hearts
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 12 Nov 2019 16:14:27 GMT
x-content-type-options
nosniff
server
YouTube Frontend Proxy
content-type
application/javascript
status
200
cache-control
no-cache
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
859
x-xss-protection
0
expires
Tue, 27 Apr 1971 19:44:06 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: visit.org
URL: https://visit.org/assets/application-80b2d806f3feea27ada90ecadd91f65703d14bd3e4029c4ab092db2d2cdeebb2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
a0897ceaa403cc998e1c4b314e42d821359d551dae13529c40707c5e57db075f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://visit.org/experience/a-coat-drive-to-warm-hearts
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
jqokSbAvvdzwekwL5Y2QDw==
status
200
alt-svc
h3-23=":443"; ma=3600
content-length
1780
etag
"9ba3340809e76922bd385807568f2658"
x-fb-debug
+sUO/AlP8y94oh4GFPQCimLS/0GcF5L19Mrz2r02kPGko3aQzfqEvVUny8RkDx8AMST3Ao/b9TneLTz+sXmXVQ==
x-fb-trip-id
2080452462
x-fb-content-md5
e610bc969baef59074ab8dd976963ac3
x-frame-options
DENY
date
Tue, 12 Nov 2019 16:14:27 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 12 Nov 2019 16:27:26 GMT
css
fonts.googleapis.com/ 		7 KB
777 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600
Requested by
Host: visit.org
URL: https://visit.org/assets/application-80b2d806f3feea27ada90ecadd91f65703d14bd3e4029c4ab092db2d2cdeebb2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
5d8220f375e41c32dbe4e81b623256ab218a055f5bf30841a99de37e6a88e8aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://visit.org/experience/a-coat-drive-to-warm-hearts
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 12 Nov 2019 16:14:27 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Tue, 12 Nov 2019 16:14:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Tue, 12 Nov 2019 16:14:27 GMT
ecommerce.js
www.google-analytics.com/plugins/ua/ 		1 KB
892 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ecommerce.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://visit.org/experience/a-coat-drive-to-warm-hearts
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 12 Nov 2019 15:48:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
1540
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
738
x-xss-protection
0
expires
Tue, 12 Nov 2019 16:48:47 GMT
www-widgetapi.js
s.ytimg.com/yts/jsbin/www-widgetapi-vflUFVyEP/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ytimg.com/yts/jsbin/www-widgetapi-vflUFVyEP/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api?v=3.2.10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b631fccbe48b26dccef2b6eedeed2d6fb9020daf34dbc8010e587e280b6f498e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://visit.org/experience/a-coat-drive-to-warm-hearts
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 11 Nov 2019 09:46:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
109696
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
8680
x-xss-protection
0
last-modified
Sun, 10 Nov 2019 20:44:03 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=691200
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Tue, 19 Nov 2019 09:46:11 GMT
sdk.js
connect.facebook.net/en_US/ 		194 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=0227a4562bd25428cb5ac58f9f9dc202&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
691189eb3638c37a747d105e272b62df0393c2d7e6e3a67736e281234bd7aa9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Sec-Fetch-Mode
cors
Referer
https://visit.org/experience/a-coat-drive-to-warm-hearts
Origin
https://visit.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
yzKSLqAmogWyXMb3voPxSg==
status
200
alt-svc
h3-23=":443"; ma=3600
content-length
59548
etag
"bea588b3ef8a09c0c43a10b5bce0e516"
x-fb-debug
wM2HWHfI6Jx9km0nzdKAoIYQwZSjwzdQxRsVb0V/S3xVGZdOJ2uuM/FJDLbdi6a8z7DZA6sC64X4oonreCLCOA==
x-fb-trip-id
420120009
x-fb-content-md5
83bf6e1a537625560bdd61a93cb28892
x-frame-options
DENY
date
Tue, 12 Nov 2019 16:14:27 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Wed, 11 Nov 2020 13:53:20 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=684204281&t=pageview&_s=1&dl=https%3A%2F%2Fvisit.org%2Fexperience%2Fa-coat-drive-to-warm-hearts&ul=en-us&de=UTF-8&dt=A%20Coat%20Drive%20to%20...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-59713279-1&cid=1711182888.1573575267&jid=141286206&_gid=837897856.1573575267&gjid=494939514&_v=j79&z=2080209200
35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-59713279-1&cid=1711182888.1573575267&jid=141286206&_gid=837897856.1573575267&gjid=494939514&_v=j79&z=2080209200
Requested by
Host: visit.org
URL: https://visit.org/experience/a-coat-drive-to-warm-hearts
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://visit.org/experience/a-coat-drive-to-warm-hearts
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 12 Nov 2019 16:14:27 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Nov 2019 16:14:27 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
302
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-59713279-1&cid=1711182888.1573575267&jid=141286206&_gid=837897856.1573575267&gjid=494939514&_v=j79&z=2080209200
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
417
expires
Fri, 01 Jan 1990 00:00:00 GMT
xd_arbiter.php
staticxx.facebook.com/connect/ Frame D5EE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=0227a4562bd25428cb5ac58f9f9dc202&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
staticxx.facebook.com
:scheme
https
:path
/connect/xd_arbiter.php?version=44
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://visit.org/experience/a-coat-drive-to-warm-hearts
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://visit.org/experience/a-coat-drive-to-warm-hearts

Response headers

status
200
content-type
text/html; charset=utf-8
expires
Tue, 10 Nov 2020 21:26:22 GMT
strict-transport-security
max-age=15552000; preload
content-encoding
gzip
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cache-control
public,max-age=31536000,immutable
x-fb-debug
CyNGkcCoR21veJ7Y5GylQfON0pYOPxhXBgzrl6zifLIuE0tFcAxB1Eijck6+83K6ggwttOSx22HXQmQkDakqWg==
content-length
12385
x-fb-trip-id
2080452462
date
Tue, 12 Nov 2019 16:14:27 GMT
alt-svc
h3-23=":443"; ma=3600
nr-1130.min.js
js-agent.newrelic.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1130.min.js
Requested by
Host: visit.org
URL: https://visit.org/experience/a-coat-drive-to-warm-hearts
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.110 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0e78b8cde09dbe0fc473f87bc77ec30ccc56780398d8676cf93c4aaec432257f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://visit.org/experience/a-coat-drive-to-warm-hearts
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 12 Nov 2019 16:14:27 GMT
content-encoding
gzip
x-amz-request-id
8174A4BD27442C39
x-cache
HIT
status
200
content-length
9407
x-amz-id-2
okRb4AqloAZZ3+qaWnpqMQYC7hkPpbr/Yrluzst01SO9f1ckk5T9tspUtBHMBazVI7CvXAVZCdo=
x-served-by
cache-fra19170-FRA
last-modified
Tue, 09 Jul 2019 23:52:06 GMT
server
AmazonS3
x-timer
S1573575267.460748,VS0,VE0
etag
"73f8857196b9ef7fd3b302cbc557b8ac"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
4269
shim.latest.js
js.intercomcdn.com/
Redirect Chain
  • https://widget.intercom.io/widget/esck2fur
  • https://js.intercomcdn.com/shim.latest.js
7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/shim.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.78.57 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-225-78-57.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1d3a1fe48fcc8da5933c2da89f43de0c7f9fbd0bcd8fdc6413ada9edd03a074a

Request headers

Referer
https://visit.org/experience/a-coat-drive-to-warm-hearts
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 12 Nov 2019 16:12:31 GMT
content-encoding
gzip
age
117
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
content-length
2783
last-modified
Mon, 11 Nov 2019 15:42:21 GMT
server
AmazonS3
etag
"d14bc07f86b03eb1af8ad239e136f1d3"
content-type
application/javascript; charset=UTF-8
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
cache-control
max-age=300, s-maxage=300, public
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
LFE_KbDlFXgYmc_dEs7X7uhu29wPmCQtdcRNEdOtLr_d-e1qi9MNlA==

Redirect headers

date
Thu, 26 Sep 2019 11:31:14 GMT
via
1.1 e4a44efc4b3241dc23019df63a1f645c.cloudfront.net (CloudFront)
server
AmazonS3
age
29
status
302
x-cache
Hit from cloudfront
location
https://js.intercomcdn.com/shim.latest.js
x-amz-cf-pop
FRA54
content-length
0
x-amz-cf-id
Hlq3kSaug-7JK_G-q0updHBte72WBmQBfTJR3j51_xpF59e5K7izeA==
98ae95bbed
bam.nr-data.net/1/ 		57 B
261 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/98ae95bbed?a=25096931&v=1130.54e767a&to=dwsKQUMKWwhSRhpQV0YUC0dQEVIXGEBaRkpHSwFNQQBFDVJaVlY%3D&rst=1671&ref=https://visit.org/experience/a-coat-drive-to-warm-hearts&qt=4&ap=720&be=1136&fe=1562&dc=1392&perf=%7B%22timing%22:%7B%22of%22:1573575265820,%22n%22:0,%22f%22:0,%22dn%22:2,%22dne%22:28,%22c%22:28,%22s%22:40,%22ce%22:92,%22rq%22:93,%22rp%22:1130,%22rpe%22:1130,%22dl%22:1132,%22di%22:1341,%22ds%22:1391,%22de%22:1416,%22dc%22:1562,%22l%22:1562,%22le%22:1563%7D,%22navigation%22:%7B%7D%7D&fp=1362&fcp=1362&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1130.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.19 San Francisco, United States, ASN23467 (NEWRELIC-AS-1 - New Relic, US),
Reverse DNS
bam-7.nr-data.net
Software
/
Resource Hash
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://visit.org/experience/a-coat-drive-to-warm-hearts
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
57
Content-Type
text/javascript;charset=ISO-8859-1
frame.fbe53618.js
js.intercomcdn.com/ Frame 7253 		283 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame.fbe53618.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/shim.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.78.57 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-225-78-57.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7305bd63ee54c95d841af17c9e5c869ee675bace988d252acc905a60b0aef804

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 12 Nov 2019 15:43:11 GMT
content-encoding
gzip
age
1918
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
content-length
79138
last-modified
Mon, 11 Nov 2019 15:35:09 GMT
server
AmazonS3
etag
"67f5352d0a45b29a758d157f1c971bef"
content-type
application/javascript; charset=UTF-8
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
zqN4rBDofx-PxbFIlpl02PAsT_Mg6o7LOvJbJXQA370WuRNq4fE_fA==
vendor.5a384999.js
js.intercomcdn.com/ Frame 7253 		578 KB
177 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor.5a384999.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/shim.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.78.57 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-225-78-57.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
630c25dfc9ace36780fef6866464dfa213765a3dca02494fa31e7f1749845689

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 12 Nov 2019 15:08:21 GMT
content-encoding
gzip
age
3972
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
content-length
180413
last-modified
Thu, 07 Nov 2019 22:59:43 GMT
server
AmazonS3
etag
"829c5a6decb923954ed0d8b54e8f8f27"
content-type
application/javascript; charset=UTF-8
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
02AG3tZ-iQSiOxJR8vwyRnnYc_kp34-Z0sOwdetT0XmhAwWxWtn6nw==
ping
api-iam.intercom.io/messenger/web/ Frame 7253 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame.fbe53618.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.196.15 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-224-196-15.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
217ecfd3f6003d089060fb3b9026a5bc7970bc213015ef9a724f2db3e170159a
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 12 Nov 2019 16:14:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
status
200, 200 OK
strict-transport-security
max-age=31556952; includeSubDomains; preload
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-request-id
000p4gbpqhsahth4kksg
x-runtime
0.221351
access-control-allow-origin
https://visit.org
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"217ecfd3f6003d089060fb3b9026a5bc"
x-ratelimit-remaining
1998
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
via
1.1 d8328954e51c0912a8419c1a67cea1dc.cloudfront.net (CloudFront)
x-intercom-version
ac038b0e43a0991d348297ba841d3d38062c6ef5
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-ratelimit-reset
1573575300
x-ratelimit-limit
2000
access-control-allow-headers
Content-Type
x-amz-cf-id
-dUK_UfPQBpVAyMLe0hCS9UPC6ytcKpS7UlvTDqXrqU4QkxTPipyXg==
common.js
maps.googleapis.com/maps-api-v3/api/js/38/11/ 		76 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/38/11/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyC0YO52akJkT1f1giMdEDen5pa3ANbftlM&libraries=places
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
3f077f1d99bf23dfc22940a2a3da28dc36346b3546d81fa3f327a0c1f5cd5b50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://visit.org/experience/a-coat-drive-to-warm-hearts
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 12 Nov 2019 12:43:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 04 Nov 2019 22:32:04 GMT
server
sffe
age
12651
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
28564
x-xss-protection
0
expires
Wed, 11 Nov 2020 12:43:41 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/38/11/ 		143 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/38/11/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyC0YO52akJkT1f1giMdEDen5pa3ANbftlM&libraries=places
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
f882c69e09c6e7abccce9f4383d1c96fc4fdfed5a8dfdaebba34236e645c9d12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://visit.org/experience/a-coat-drive-to-warm-hearts
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 12 Nov 2019 12:43:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 04 Nov 2019 22:32:04 GMT
server
sffe
age
12654
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
53979
x-xss-protection
0
expires
Wed, 11 Nov 2020 12:43:38 GMT
AuthenticationService.Authenticate
maps.googleapis.com/maps/api/js/ 		62 B
155 B 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fvisit.org%2Fexperience%2Fa-coat-drive-to-warm-hearts&4sAIzaSyC0YO52akJkT1f1giMdEDen5pa3ANbftlM&callback=_xdc_._dftiom&key=AIzaSyC0YO52akJkT1f1giMdEDen5pa3ANbftlM&token=78127
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/38/11/common.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
mafe /
Resource Hash
f57abe4285dcae2f9982b3c4ddc1f76bbbaf5ec393ae4f408e91530fc9e8e0f5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://visit.org/experience/a-coat-drive-to-warm-hearts
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Nov 2019 16:14:32 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment
server-timing
gfet4t7; dur=31
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
63
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
launcher-discovery.c0a2bd52.js
js.intercomcdn.com/ Frame 7253 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/launcher-discovery.c0a2bd52.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame.fbe53618.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.78.57 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-225-78-57.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bee9409fd8a2fe0b116edf9026afe06f3407b506f5ba91eef7c4362406dda121

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 11 Nov 2019 21:20:02 GMT
content-encoding
gzip
age
3016
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
content-length
3522
last-modified
Thu, 07 Nov 2019 22:59:43 GMT
server
AmazonS3
etag
"21ddb14cb8a73a4aefce8bfb9add1057"
content-type
application/javascript; charset=UTF-8
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
0fEEqrpmGfqF6UPAeDhjyXpah5GmC7AVYujLT3c2x37l5N3jw-d-5Q==
proximanova-regular.a7942249.woff
js.intercomcdn.com/fonts/ Frame 09B9 		28 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/fonts/proximanova-regular.a7942249.woff
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/launcher-discovery.c0a2bd52.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.78.57 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-225-78-57.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ad1e595d26035487333f48604244ddab94b13bec3e2f4545f13d8dd8a3ecba20

Request headers

Sec-Fetch-Mode
cors
Referer
https://visit.org/experience/a-coat-drive-to-warm-hearts
Origin
https://visit.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 12 Nov 2019 15:59:41 GMT
via
1.1 03d509e8374e9f42668961b5e0201349.cloudfront.net (CloudFront)
vary
Origin
age
894
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
content-length
28960
last-modified
Mon, 11 Nov 2019 15:35:09 GMT
server
AmazonS3
etag
"a7942249ca925ef356c0f2b1dab17ef3"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
vFlobG6CgZrqn76MhnyMFJ9P0SVa2gli6_FSsPPG3_oSrkNSHLVHLA==

Verdicts & Comments Add Verdict or Comment

100 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| NREUM object| newrelic function| __nr_require string| GoogleAnalyticsObject function| ga object| gon object| intercomSettings function| Intercom function| $d function| onYouTubeIframeAPIReady function| iOSversion function| isTouchSupported function| uncamel function| setUnit function| setFilter function| kvLookup function| getColor function| setDy function| getRandomInt function| cutHex function| humanFriendlyNumber function| formatNumber function| getStyle function| onCreateElementNsReady function| extend function| onInstall function| onActivate function| onFetch object| addeventatc boolean| ate_touch_capable function| _typeof boolean| windowIsDefined function| draw function| custom object| EasyAutocomplete object| ytp function| getYTPVideoID string| nAgt function| getOS undefined| nameOffset number| verOffset number| ix undefined| start undefined| end object| DateFormat undefined| ie string| CACHE_VERSION string| CACHE_NAME function| $ function| jQuery object| jQuery112407540584675913573 object| Turbolinks function| Cookies object| NProgress function| _ object| ClientSideValidations object| blueimp function| Color function| Chart function| addeventReady function| Slider object| braintree function| ClipboardJS object| cloudinary function| Waypoint function| JustGage function| ouibounce function| eve function| Raphael function| Typed function| page_size object| CobrandedToursFilter object| DashboardToursFilter object| ImagesGallery object| ImagesGalleries object| google object| module$contents$MapsEvent_MapsEvent object| module$contents$mapsapi$overlay$OverlayView_OverlayView object| opt function| setupMapFilters undefined| world_map function| initWorldMap function| setMapMarkers object| hdx object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| YT object| YTConfig function| onYTReady object| FB object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter undefined| __INTERCOM_BUNDLE_LOAD_TIME__ object| _xdc_

5 Cookies

Domain/Path Name / Value
.visit.org/ Name: _gat
Value: 1
.visit.org/ Name: _ga
Value: GA1.2.1711182888.1573575267
visit.org/ Name: _visit_session
Value: ZWcxUm80Wk5DYll2RmYzQnpBQ3UzcG4xeUh5OVJMZGZyNml0eUZPNVM3M2Fjam9UdkQrYnRvNmZROUNacWM1b1BMSDdiSG9VRnBoSVB5TE5uWkQwUEdUb1lGQmJJSmh4OGs2Sk5WNVhyS2cxMUpud290aG9wbFFJV05KUWtSb3l4RGFaaTNOMWVqdXBnYWtGb1UvRGlxWHNMakZrNHZycERudVRDY2F1ZEoyZWVONm1NY2FabWdGQ1pnR1hmZnlQSnAxUVRvQ2dGWm5mejFnK01MUTRENVVNcmJKdm1aczdJSUZzeDRGbDhvND0tLVpQNld1TEdsckpzeVkrM0doRHYvVVE9PQ%3D%3D--1094cb3de19058b67383dda7e83919b5965f4a65
.visit.org/ Name: _gid
Value: GA1.2.837897856.1573575267
.visit.org/ Name: __cfduid
Value: d180a2fe450d0256a14ac0857c4d36c401573575265

1 Console Messages

Source Level URL
Text
console-api log URL: https://visit.org/assets/application-80b2d806f3feea27ada90ecadd91f65703d14bd3e4029c4ab092db2d2cdeebb2.js(Line 10)
Message:
[Companion] Service worker registered!

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-iam.intercom.io
bam.nr-data.net
cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
js-agent.newrelic.com
js.intercomcdn.com
maps.googleapis.com
res-1.cloudinary.com
res-2.cloudinary.com
res-3.cloudinary.com
res-4.cloudinary.com
res-5.cloudinary.com
s.ytimg.com
staticxx.facebook.com
stats.g.doubleclick.net
visit.org
widget.intercom.io
www.google-analytics.com
www.youtube.com
13.224.196.15
13.225.78.57
151.101.14.110
162.247.242.19
2606:4700:300a::6813:c697
2606:4700:30::6818:6399
2a00:1450:4001:808::200e
2a00:1450:4001:814::200a
2a00:1450:4001:814::200e
2a00:1450:4001:817::200e
2a00:1450:4001:820::200a
2a00:1450:400c:c00::9d
2a02:26f0:6c00:196::523
2a03:2880:f01c:8012:face:b00c:0:3
52.222.174.81
0e3b61d40183cb294ab0f58628b1ab85fda381105224786567e5104d2d01a506
0e78b8cde09dbe0fc473f87bc77ec30ccc56780398d8676cf93c4aaec432257f
1d3a1fe48fcc8da5933c2da89f43de0c7f9fbd0bcd8fdc6413ada9edd03a074a
1d6935ab0551df9e18d83d3faaa2060f96b2d6dff2690998c7fec16efbe48bf0
217ecfd3f6003d089060fb3b9026a5bc7970bc213015ef9a724f2db3e170159a
28c131c12b3a4ab6c81984fee03021de2cb25a1b37f0cadc1cf13a703e5b31c6
3042e54784a9cb206e3d29256ad88c701c0cc2e8e0d1c192725c7d564cbedd82
3f077f1d99bf23dfc22940a2a3da28dc36346b3546d81fa3f327a0c1f5cd5b50
46636d8106a55c20c57d84c69f60293f58f3bb4d9d174720e510450c01aa9df0
5d8220f375e41c32dbe4e81b623256ab218a055f5bf30841a99de37e6a88e8aa
630c25dfc9ace36780fef6866464dfa213765a3dca02494fa31e7f1749845689
64f60920f820ca5c2b2649321996050917d302581257017a7fe14187347b90fe
691189eb3638c37a747d105e272b62df0393c2d7e6e3a67736e281234bd7aa9e
6b837018a9a0b274244afa67d0a7a702c8bf3555a39d42f9b288925ec90e46a0
7305bd63ee54c95d841af17c9e5c869ee675bace988d252acc905a60b0aef804
77571179cd87ce233ab6eb85c9b670d01b81833a6114998b4f9a8af0ef9137fe
79e851404657dac2106b3d22ad256d47824a9a5765458edb72c9102a45816d95
7c64675286c29f988806bcd17d64de4a63f8b5bd8dd1b5b6e2c52a6b8b79e909
80b2d806f3feea27ada90ecadd91f65703d14bd3e4029c4ab092db2d2cdeebb2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
9cec77ce84e5106b69fe8a9f46dcccc1021e7006d969b7dc042f05cccc5b5004
a0897ceaa403cc998e1c4b314e42d821359d551dae13529c40707c5e57db075f
ab9f855e542893de23c7b7e4897eb91066c9dbbfeaa1b1fa73a826867833b4b1
ad1e595d26035487333f48604244ddab94b13bec3e2f4545f13d8dd8a3ecba20
b631fccbe48b26dccef2b6eedeed2d6fb9020daf34dbc8010e587e280b6f498e
b6ad0355e8db8854ab7f4a12de4c4edeac0d02cdd7e62333842a9e30b7518f35
bb738ee1780861290f18cc7b515e81c0632d8297ce66b8b4f6b209ec7cc9c338
bee9409fd8a2fe0b116edf9026afe06f3407b506f5ba91eef7c4362406dda121
ca594d9af5133b61ea2109b12ccd99c8e9b0034e8484649053e96a00cba1472a
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dcf41717e3535b02b3319be4acfb3903037935d642f1ca84680890a9d7a3c911
ef9c1fedab1bc9120bdb93245e7f366ac5671df60da4e6a0c279d96cf4017f43
f57abe4285dcae2f9982b3c4ddc1f76bbbaf5ec393ae4f408e91530fc9e8e0f5
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23
f72613af3ddb813cf5686196a2e8fec28885ad770d0d930f4c7ab7291fcf1d28
f882c69e09c6e7abccce9f4383d1c96fc4fdfed5a8dfdaebba34236e645c9d12