r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7352
Expires: Fri, 02 Dec 2022 05:04:31 GMT
Date: Fri, 02 Dec 2022 03:01:59 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0c748388899e8a8d3680355da2ea5020
903c620cd137613daafb0da0508c37b2f4a67212
39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3059
Cache-Control: max-age=116412
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 03:01:59 GMT
Etag: "63888270-1d7"
Expires: Sat, 03 Dec 2022 11:22:11 GMT
Last-Modified: Thu, 01 Dec 2022 10:31:12 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
es.easterseals.com/site/Donation2;jsessionid=00000000.app20110a?df_id=20503&20503.donation=form1&s_src=jtk1009-fr-nd&utm_medium=email&utm_source=engage&utm_campaign=GT_2022&autologin=true&PREFILL_AMOUNT=$15.00&NONCE_TOKEN=53A1F99C3330064137419EA66C0CF320
74.123.152.171302 302 0 B URL HTTP/1.1 es.easterseals.com/site/Donation2;jsessionid=00000000.app20110a?df_id=20503&20503.donation=form1&s_src=jtk1009-fr-nd&utm_medium=email&utm_source=engage&utm_campaign=GT_2022&autologin=true&PREFILL_AMOUNT=$15.00&NONCE_TOKEN=53A1F99C3330064137419EA66C0CF320
IP 74.123.152.171:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /site/Donation2;jsessionid=00000000.app20110a?df_id=20503&20503.donation=form1&s_src=jtk1009-fr-nd&utm_medium=email&utm_source=engage&utm_campaign=GT_2022&autologin=true&PREFILL_AMOUNT=$15.00&NONCE_TOKEN=53A1F99C3330064137419EA66C0CF320 HTTP/1.1
Host: es.easterseals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 302
Date: Fri, 02 Dec 2022 03:01:59 GMT
Server: Apache
X-Content-Type-Options: nosniff
Cache-Control: no-store
Pragma: no-cache
Set-Cookie: JSESSIONID=5CF9BC2D975AF7D5674AF8F8F5BF2FBE.app20110a; Path=/; HttpOnly
JSESSIONID=5CF9BC2D975AF7D5674AF8F8F5BF2FBE.app20110a; Domain=easterseals.com; Path=/
JSESSIONID=5CF9BC2D975AF7D5674AF8F8F5BF2FBE.app20110a;Path=/site/CRConsAPI; Secure; SameSite=None
JSESSIONID=5CF9BC2D975AF7D5674AF8F8F5BF2FBE.app20110a;Path=/site/CrmRest; Secure; SameSite=None
JSESSIONID=5CF9BC2D975AF7D5674AF8F8F5BF2FBE.app20110a;Path=/site/AnonymousLogin; Secure; SameSite=None
JSESSIONID=5CF9BC2D975AF7D5674AF8F8F5BF2FBE.app20110a;Path=/site/CRDonationAPI; Secure; SameSite=None
Location: https://secure.easterseals.com/site/Donation2;jsessionid=00000000.app20110a?df_id=20503&20503.donation=form1&s_src=jtk1009-fr-nd&utm_medium=email&utm_source=engage&utm_campaign=GT_2022&autologin=true&PREFILL_AMOUNT=$15.00&NONCE_TOKEN=0F55D009A148667D6E510B3C37BA6957
Content-Length: 0
Keep-Alive: timeout=15, max=452
Connection: Keep-Alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 02 Dec 2022 02:18:10 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2629
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5270
Expires: Fri, 02 Dec 2022 04:29:49 GMT
Date: Fri, 02 Dec 2022 03:01:59 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: FtR0sW7XZ5GnRuvJVJ7rabTQ9+wwCI1MGaRxG2GFxU0l66NhhMRct4uSM/YNL62YZyU422vdekg=
x-amz-request-id: BSXTCV3WJ9VV6KYC
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 02 Dec 2022 02:45:55 GMT
age: 964
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 03:01:59 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 97c478e7018a2febf7d91b72919bd04c
6bb8460aba75a47b4a6f0b0a7490442b7ebc8961
110104ed77d228dbcc4c68cda9cf5c40de652627864e26c6d0bf02a6d09b17b6
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=118356
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 03:02:00 GMT
Etag: "638895fc-1d7"
Expires: Sat, 03 Dec 2022 11:54:36 GMT
Last-Modified: Thu, 01 Dec 2022 11:54:36 GMT
Server: nginx
Content-Length: 471
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 02 Dec 2022 02:08:57 GMT
cache-control: public,max-age=3600
age: 3183
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1f88399f3fdd89dbb9ca1229cb67143a
325c9dbfd932cf9a6fb9fab2dd8e27083f55a9a3
831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3049
Cache-Control: max-age=111338
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 03:02:00 GMT
Etag: "63886ea9-1d7"
Expires: Sat, 03 Dec 2022 09:57:38 GMT
Last-Modified: Thu, 01 Dec 2022 09:06:49 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.163.114.208101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.163.114.208:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: VZtvREqy7Xg4ph9JXL0gpw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: n+vvFxSzthEVjAh9AWjETQknk1E=
secure.easterseals.com/site/Donation2;jsessionid=00000000.app20110a?df_id=20503&20503.donation=form1&s_src=jtk1009-fr-nd&utm_medium=email&utm_source=engage&utm_campaign=GT_2022&autologin=true&PREFILL_AMOUNT=$15.00&NONCE_TOKEN=0F55D009A148667D6E510B3C37BA6957
74.123.152.171200 200 22 kB URL HTTP/1.1 secure.easterseals.com/site/Donation2;jsessionid=00000000.app20110a?df_id=20503&20503.donation=form1&s_src=jtk1009-fr-nd&utm_medium=email&utm_source=engage&utm_campaign=GT_2022&autologin=true&PREFILL_AMOUNT=$15.00&NONCE_TOKEN=0F55D009A148667D6E510B3C37BA6957
IP 74.123.152.171:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (626)
Hash d71c06b7c6980bafdef034a9d7a7da6e
d7196405b76d84e49b330d45d68e2817fad946d8
88577d234a7ea8d6a2a8d79d3de150135e8e12c45d3c32e66fef7a0a06b48b16
GET /site/Donation2;jsessionid=00000000.app20110a?df_id=20503&20503.donation=form1&s_src=jtk1009-fr-nd&utm_medium=email&utm_source=engage&utm_campaign=GT_2022&autologin=true&PREFILL_AMOUNT=$15.00&NONCE_TOKEN=0F55D009A148667D6E510B3C37BA6957 HTTP/1.1
Host: secure.easterseals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 200
Date: Fri, 02 Dec 2022 03:02:00 GMT
Server: Apache
X-Content-Type-Options: nosniff
Cache-Control: no-cache, no-store
Pragma: no-cache
Set-Cookie: JSESSIONID=5CF9BC2D975AF7D5674AF8F8F5BF2FBE.app20110a; Path=/site/
JSESSIONID=5CF9BC2D975AF7D5674AF8F8F5BF2FBE.app20110a;Path=/site/CRConsAPI; Secure; SameSite=None
JSESSIONID=5CF9BC2D975AF7D5674AF8F8F5BF2FBE.app20110a;Path=/site/CrmRest; Secure; SameSite=None
JSESSIONID=5CF9BC2D975AF7D5674AF8F8F5BF2FBE.app20110a;Path=/site/AnonymousLogin; Secure; SameSite=None
JSESSIONID=5CF9BC2D975AF7D5674AF8F8F5BF2FBE.app20110a;Path=/site/CRDonationAPI; Secure; SameSite=None
Content-Security-Policy: frame-ancestors 'self' *.facebook.com *.salesforce.com *.convio.net *.google.com *.force.com facebook.com salesforce.com convio.net google.com force.com *.easterseals.com easterseals.com; report-uri https://secure.easterseals.com/site/XFrameViolation
X-Frame-Options: allow-from 'self' *.facebook.com *.salesforce.com *.convio.net *.google.com *.force.com facebook.com salesforce.com convio.net google.com force.com *.easterseals.com easterseals.com
Keep-Alive: timeout=15, max=388
Connection: Keep-Alive
Content-Type: text/html;charset=ISO-8859-1
Content-Encoding: gzip
Transfer-Encoding: chunked
cdnjs.cloudflare.com/ajax/libs/jquery/1.6.4/jquery.min.js
104.17.24.14200 OK 28 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/1.6.4/jquery.min.js
IP 104.17.24.14:0
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash 1d2c2c443a3656b516a1e750e0efb9c3
a4329d00112a7d5e59c23880814fae27c1dfa483
208f134fedaa5c43cf372717f24b1df7d52525e012e507720b4c4f8d34f1bbfc
GET /ajax/libs/jquery/1.6.4/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 03:02:00 GMT
content-type: application/javascript; charset=utf-8
content-length: 28382
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-16615"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 25516150
expires: Wed, 22 Nov 2023 03:02:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TVavdSAu6zDfCGlbD6mZFVDzyM2oSJkfY8%2BzOdPWYdfIoV8Phfo33BpaqEUQejcWhwVNaq7Ph5y8cSoLh41EsefeBUSVgd0tlIQyPT5VCDnzIy7BiVJqYJcXMyotHvmEw7RIjVcH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7730d23e3f20b509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdns.gigya.com/JS/gigya.js?services=socialize&APIKey=
23.38.201.5200 OK 57 B URL HTTP/1.1 cdns.gigya.com/JS/gigya.js?services=socialize&APIKey=
IP 23.38.201.5:0
File type ASCII text, with no line terminators
Hash 115452c7c52631db1f89978fe04f71d9
f5a6da4a3ebdd5087bd79df914a5a010faa75e32
f3999fd5a3e9b65cc99358ca6142a4b98a6e8c3aacb6473a47733c981b538d56
GET /JS/gigya.js?services=socialize&APIKey= HTTP/1.1
Host: cdns.gigya.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 57
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Vary: Accept-Encoding
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
x-soa: true, Gator
x-server: us1d-nomad-g47
x-callid: b078948d839148a988132deee5c1c62d
x-robots-tag: none
Cache-Control: public, max-age=900, s-maxage=3600
Expires: Fri, 02 Dec 2022 03:17:00 GMT
Date: Fri, 02 Dec 2022 03:02:00 GMT
Connection: keep-alive
secure.easterseals.com/yui3/yui/yui-min.js
74.123.152.171200 OK 6.4 kB URL HTTP/1.1 secure.easterseals.com/yui3/yui/yui-min.js
IP 74.123.152.171:0
File type ASCII text, with very long lines (6015)
Hash c0c48d57a5e70c1fde91a0471f5cc5de
8286cd80b65a64f87ffda65622325b2c2a59a2e5
4289fdf32abf858b3bdde0c0cc0b2c07328132d75dfabcbfd40fda57f9d0c340
GET /yui3/yui/yui-min.js HTTP/1.1
Host: secure.easterseals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/site/Donation2;jsessionid=00000000.app20110a?df_id=20503&20503.donation=form1&s_src=jtk1009-fr-nd&utm_medium=email&utm_source=engage&utm_campaign=GT_2022&autologin=true&PREFILL_AMOUNT=$15.00&NONCE_TOKEN=0F55D009A148667D6E510B3C37BA6957
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 1
Date: Fri, 02 Dec 2022 03:02:00 GMT
Cache-Control: private
Connection: Keep-Alive
Via: NS-CACHE-10.0: 21
ETag: "3baa-487aa3880d540"
Server: Apache
Last-Modified: Fri, 28 May 2010 16:44:29 GMT
Accept-Ranges: bytes
ntCoent-Length: 15274
Keep-Alive: timeout=15, max=371
Content-Type: application/x-javascript
Content-Encoding: gzip
Content-Length: 6402
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3519a58310eefa01756f0440e2acd7dd
50153382830684a6abb653dc7b4e41d7c7e386b5
5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 03:02:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.godaddy.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash 2d7ce7b4f097af7189ad06c9daf59be2
6820d21bcc70038cde729bebad15442b01b946f4
40cb982f1d72057f9c1fbc944c17e592ba0483ca2414fd2e057dbc48c5162283
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 02 Dec 2022 03:02:00 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 01 Dec 2022 20:52:40 GMT
Expires: Fri, 02 Dec 2022 20:52:40 GMT
ETag: "6820d21bcc70038cde729bebad15442b01b946f4"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash 2d7ce7b4f097af7189ad06c9daf59be2
6820d21bcc70038cde729bebad15442b01b946f4
40cb982f1d72057f9c1fbc944c17e592ba0483ca2414fd2e057dbc48c5162283
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 02 Dec 2022 03:02:00 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 01 Dec 2022 20:52:40 GMT
Expires: Fri, 02 Dec 2022 20:52:40 GMT
ETag: "6820d21bcc70038cde729bebad15442b01b946f4"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 05917f7542a781275c12d43562be1507
1ea730e7e2b5a84fb0341ef9a64b141a4dd469b3
2f24492a077b583bd9dfe049c16c60b219d950712879f187ff2160214df9bd0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 03:02:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.godaddy.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash 2d7ce7b4f097af7189ad06c9daf59be2
6820d21bcc70038cde729bebad15442b01b946f4
40cb982f1d72057f9c1fbc944c17e592ba0483ca2414fd2e057dbc48c5162283
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 02 Dec 2022 03:02:00 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 01 Dec 2022 20:52:40 GMT
Expires: Fri, 02 Dec 2022 20:52:40 GMT
ETag: "6820d21bcc70038cde729bebad15442b01b946f4"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
www.xverify.com/css/ui_tooltip_style.css
54.230.111.10200 OK 1.2 kB URL HTTP/2 www.xverify.com/css/ui_tooltip_style.css
IP 54.230.111.10:0
File type ASCII text, with CRLF line terminators
Hash d1abccfc0beb7f369f9b6e84c745212c
e13fa8d21e68e44d0c1df70f206d5795e311014d
8750d023fe706b2e1fe15df1b7d9ffbdae37d38f1de8078015782e43aee2cd68
GET /css/ui_tooltip_style.css HTTP/1.1
Host: www.xverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
content-length: 1246
date: Fri, 02 Dec 2022 03:02:00 GMT
server: Apache/2.4.18 (Ubuntu)
last-modified: Wed, 02 Feb 2022 16:47:54 GMT
accept-ranges: bytes
content-encoding: gzip
etag: "245d-5d70bc773ca69-gzip"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: uSFns2DAMYf7GowiUG1upa0tN2XrHVIVxaXTWL8VzAfsoEH-0_gbiw==
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash 2d7ce7b4f097af7189ad06c9daf59be2
6820d21bcc70038cde729bebad15442b01b946f4
40cb982f1d72057f9c1fbc944c17e592ba0483ca2414fd2e057dbc48c5162283
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 02 Dec 2022 03:02:00 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 01 Dec 2022 20:52:40 GMT
Expires: Fri, 02 Dec 2022 20:52:40 GMT
ETag: "6820d21bcc70038cde729bebad15442b01b946f4"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash 2d7ce7b4f097af7189ad06c9daf59be2
6820d21bcc70038cde729bebad15442b01b946f4
40cb982f1d72057f9c1fbc944c17e592ba0483ca2414fd2e057dbc48c5162283
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 02 Dec 2022 03:02:00 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 01 Dec 2022 20:52:40 GMT
Expires: Fri, 02 Dec 2022 20:52:40 GMT
ETag: "6820d21bcc70038cde729bebad15442b01b946f4"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
secure.easterseals.com/css/themes/alphacube.css
74.123.152.171200 OK 748 B URL HTTP/1.1 secure.easterseals.com/css/themes/alphacube.css
IP 74.123.152.171:0
Hash 2826be28aa8a76f086ad3beddf8381db
a60cc7dc66ef2dba4b178fc816c3920da959f274
59926fb5c85b5156338fdc0fe62891815d459a1103e8b6602349ba9db448b9a5
GET /css/themes/alphacube.css HTTP/1.1
Host: secure.easterseals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/site/Donation2;jsessionid=00000000.app20110a?df_id=20503&20503.donation=form1&s_src=jtk1009-fr-nd&utm_medium=email&utm_source=engage&utm_campaign=GT_2022&autologin=true&PREFILL_AMOUNT=$15.00&NONCE_TOKEN=0F55D009A148667D6E510B3C37BA6957
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 1
Date: Fri, 02 Dec 2022 03:02:00 GMT
Cache-Control: private
Connection: Keep-Alive
Via: NS-CACHE-10.0: 21
ETag: "a58-437292d1e7440"
Server: Apache
Last-Modified: Wed, 08 Aug 2007 05:11:37 GMT
Accept-Ranges: bytes
Cteonnt-Length: 2648
Keep-Alive: timeout=15, max=306
Content-Type: text/css
Content-Encoding: gzip
Content-Length: 748
www.xverify.com/sharedjs/jquery.xverify.plugin.js
54.230.111.10200 OK 18 kB URL HTTP/2 www.xverify.com/sharedjs/jquery.xverify.plugin.js
IP 54.230.111.10:0
File type ASCII text, with CRLF line terminators
Hash 8068a31c5c7f87a86b4138f3b6a8f271
7b280af60e64c96bbc0f3d0c8168f23e160e8120
9d63a0fda07c0aa5e983945d939a57d6b1bf921faf1963f6f507ee5df72d6ae7
GET /sharedjs/jquery.xverify.plugin.js HTTP/1.1
Host: www.xverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 18261
date: Fri, 02 Dec 2022 03:02:00 GMT
server: Apache/2.4.18 (Ubuntu)
last-modified: Wed, 02 Feb 2022 16:47:54 GMT
accept-ranges: bytes
content-encoding: gzip
etag: "26c27-5d70bc77a3300-gzip"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: iNXNZabNyIVsl8NFqUZWyOdTumio8pq-Xs7Kl8txzWMmC5eA7fyuNw==
X-Firefox-Spdy: h2
www.xverify.com/css/jquery-ui.min.css
54.230.111.10200 OK 7.5 kB URL HTTP/2 www.xverify.com/css/jquery-ui.min.css
IP 54.230.111.10:0
File type ASCII text, with very long lines (28367)
Hash d42aa1300c58fc2d62be426160261fbc
0c8467bb9d8d5003ce3098377176e5aeaa77b2f4
dda5ce4f903f5bd348b96bad425d7c03dadb87841c70478c86bf08d1c4023dc9
GET /css/jquery-ui.min.css HTTP/1.1
Host: www.xverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xverify.com/css/ui_tooltip_style.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 7547
date: Fri, 02 Dec 2022 03:01:57 GMT
server: Apache/2.4.18 (Ubuntu)
last-modified: Wed, 02 Feb 2022 16:47:54 GMT
accept-ranges: bytes
content-encoding: gzip
etag: "75d3-5d70bc773ca69-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: s5fXu4dLuNx5RP0AxGUl5vaZxWXyp58iqNXsfO9JHJmMeEKct4j43g==
age: 3
X-Firefox-Spdy: h2
www.xverify.com/js/clients/easterseals/client.js
54.230.111.10302 Found 326 B URL HTTP/2 www.xverify.com/js/clients/easterseals/client.js
IP 54.230.111.10:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash cce38da216037850f1fe31e00c194b36
b67b61384e4bda073ae28a8dba9eadc5d8f21fce
1d49eb51dc4e0bda575c36efbce0d5674a5e9147027803729f0e90dd6f7a681a
GET /js/clients/easterseals/client.js HTTP/1.1
Host: www.xverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=iso-8859-1
content-length: 326
location: https://xv-javascript.s3.amazonaws.com/easterseals/client.js
date: Fri, 02 Dec 2022 03:02:00 GMT
server: Apache/2.4.18 (Ubuntu)
x-cache: Miss from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: GjJEcNSBQnXNtZ3559DO6Qh7u8FKXV4enZsi8DHUetWMlkJDNXRqxw==
X-Firefox-Spdy: h2
www.xverify.com/sharedjs/jquery-1.11.1.min.js
54.230.111.10200 OK 33 kB URL HTTP/2 www.xverify.com/sharedjs/jquery-1.11.1.min.js
IP 54.230.111.10:0
File type ASCII text, with very long lines (32086)
Hash 77c96b81bc26956680cd7813d2d4efd9
2f35ac87d37734bb8216c87f56079036109aeaa1
bf48f792ab036db71babef1dbea45dceff0b04212a7278ed08b6c997115352ad
GET /sharedjs/jquery-1.11.1.min.js HTTP/1.1
Host: www.xverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 33225
date: Fri, 02 Dec 2022 03:02:01 GMT
server: Apache/2.4.18 (Ubuntu)
last-modified: Wed, 02 Feb 2022 16:47:54 GMT
accept-ranges: bytes
content-encoding: gzip
etag: "1762a-5d70bc77a2360-gzip"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: SufIEvUOTEgsQmoVTBg-tW1pdLHrTIP4V8FzTj3TRwgr25Yy0wGloA==
X-Firefox-Spdy: h2
secure.easterseals.com/css/UserGlobalStyle.css
74.123.152.171200 OK 13 kB URL HTTP/1.1 secure.easterseals.com/css/UserGlobalStyle.css
IP 74.123.152.171:0
Hash 6c6bc35aad80f377e19c224d34165487
7a38dd21b415a851de2ae0b96607f875a8aa087e
9f53da808497f9f25df0665991f134f7eb171d8c137c86203ae9ec52ade7f8c4
GET /css/UserGlobalStyle.css HTTP/1.1
Host: secure.easterseals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/site/Donation2;jsessionid=00000000.app20110a?df_id=20503&20503.donation=form1&s_src=jtk1009-fr-nd&utm_medium=email&utm_source=engage&utm_campaign=GT_2022&autologin=true&PREFILL_AMOUNT=$15.00&NONCE_TOKEN=0F55D009A148667D6E510B3C37BA6957
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 1
Date: Fri, 02 Dec 2022 03:02:01 GMT
Cache-Control: private
Connection: Keep-Alive
Via: NS-CACHE-10.0: 21
ETag: "c091-5de203c3d0651"
Server: Apache
Last-Modified: Tue, 03 May 2022 19:08:34 GMT
Accept-Ranges: bytes
ntCoent-Length: 49297
Keep-Alive: timeout=15, max=255
Content-Type: text/css
Content-Encoding: gzip
Content-Length: 12711
secure.easterseals.com/js/convio/modules.js?version=2.9
74.123.152.171200 OK 2.7 kB URL HTTP/1.1 secure.easterseals.com/js/convio/modules.js?version=2.9
IP 74.123.152.171:0
File type ASCII text, with very long lines (15208)
Hash e5b266e4a166affda11f141279240817
62b17f6f589e1b8aa15f6b6c0d0aae4aebd727f1
a17576ff30a8a610c0c1d3eee9f6756385857de2bffd75aa718902661132362c
GET /js/convio/modules.js?version=2.9 HTTP/1.1
Host: secure.easterseals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/site/Donation2;jsessionid=00000000.app20110a?df_id=20503&20503.donation=form1&s_src=jtk1009-fr-nd&utm_medium=email&utm_source=engage&utm_campaign=GT_2022&autologin=true&PREFILL_AMOUNT=$15.00&NONCE_TOKEN=0F55D009A148667D6E510B3C37BA6957
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 1
Date: Fri, 02 Dec 2022 03:02:01 GMT
Cache-Control: private
Connection: Keep-Alive
Via: NS-CACHE-10.0: 21
ETag: "3bb8-5bc0f0f5e1a7d"
Server: Apache
Last-Modified: Wed, 24 Feb 2021 06:22:31 GMT
Accept-Ranges: bytes
ntCoent-Length: 15288
Keep-Alive: timeout=15, max=433
Content-Type: application/x-javascript
Content-Encoding: gzip
Content-Length: 2729
secure.easterseals.com/js/utils.js
74.123.152.171200 OK 9.9 kB URL HTTP/1.1 secure.easterseals.com/js/utils.js
IP 74.123.152.171:0
File type ASCII text, with very long lines (742)
Hash cc9922571b60406b01c047c58df2bd95
9a7ee4b82b438c042f786616f777c680f7af6d2b
b81f470884fef5a6a2f4064e9699dee279d3636b6ca95b5898f294d2ce5481b8
GET /js/utils.js HTTP/1.1
Host: secure.easterseals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/site/Donation2;jsessionid=00000000.app20110a?df_id=20503&20503.donation=form1&s_src=jtk1009-fr-nd&utm_medium=email&utm_source=engage&utm_campaign=GT_2022&autologin=true&PREFILL_AMOUNT=$15.00&NONCE_TOKEN=0F55D009A148667D6E510B3C37BA6957
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 1
Date: Fri, 02 Dec 2022 03:02:01 GMT
Cache-Control: private
Connection: Keep-Alive
Via: NS-CACHE-10.0: 21
ETag: "7f46-540ec45dc6941"
Server: Apache
Last-Modified: Thu, 10 Nov 2016 06:13:32 GMT
Accept-Ranges: bytes
ntCoent-Length: 32582
Keep-Alive: timeout=15, max=380
Content-Type: application/x-javascript
Content-Encoding: gzip
Content-Length: 9855
secure.easterseals.com/js/convio/detect_ie_version.js
74.123.152.171200 OK 386 B URL HTTP/1.1 secure.easterseals.com/js/convio/detect_ie_version.js
IP 74.123.152.171:0
Hash af5f74a0e6a384f104c023239bfb47eb
3ef9f704029ea5713f40c0d950149787328968f6
42c90e66a54c7324d9af713c5e42ada840d38858247cf97939cc4d0b323bad47
GET /js/convio/detect_ie_version.js HTTP/1.1
Host: secure.easterseals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/site/Donation2;jsessionid=00000000.app20110a?df_id=20503&20503.donation=form1&s_src=jtk1009-fr-nd&utm_medium=email&utm_source=engage&utm_campaign=GT_2022&autologin=true&PREFILL_AMOUNT=$15.00&NONCE_TOKEN=0F55D009A148667D6E510B3C37BA6957
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 1
Date: Fri, 02 Dec 2022 03:02:01 GMT
Cache-Control: private
Connection: Keep-Alive
Via: NS-CACHE-10.0: 21
ETag: "302-598cfb007cb71"
Server: Apache
Last-Modified: Tue, 03 Dec 2019 17:04:22 GMT
Accept-Ranges: bytes
Cteonnt-Length: 770
Keep-Alive: timeout=15, max=16
Content-Type: application/x-javascript
Content-Encoding: gzip
Content-Length: 386
secure.easterseals.com/js/obs_comp_rollup.js
74.123.152.171200 OK 2.5 kB URL HTTP/1.1 secure.easterseals.com/js/obs_comp_rollup.js
IP 74.123.152.171:0
File type ASCII text, with very long lines (468)
Hash ab049dcc5cc722b3ff57d4ccaedee382
3a512b318aac6003ff72c961a5f9d719addba37a
c55f0cb4e06ba990df106ffa19da9f5088999f16220da678d1c1a1f95acc25da
GET /js/obs_comp_rollup.js HTTP/1.1
Host: secure.easterseals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/site/Donation2;jsessionid=00000000.app20110a?df_id=20503&20503.donation=form1&s_src=jtk1009-fr-nd&utm_medium=email&utm_source=engage&utm_campaign=GT_2022&autologin=true&PREFILL_AMOUNT=$15.00&NONCE_TOKEN=0F55D009A148667D6E510B3C37BA6957
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 1
Date: Fri, 02 Dec 2022 03:02:01 GMT
Cache-Control: private
Connection: Keep-Alive
Via: NS-CACHE-10.0: 21
ETag: "2936-4b99ae2bd46c0"
Server: Apache
Last-Modified: Thu, 23 Feb 2012 05:26:27 GMT
Accept-Ranges: bytes
ntCoent-Length: 10550
Keep-Alive: timeout=15, max=189
Content-Type: application/x-javascript
Content-Encoding: gzip
Content-Length: 2548
secure.easterseals.com/css/themes/default.css
74.123.152.171200 OK 1.3 kB URL HTTP/1.1 secure.easterseals.com/css/themes/default.css
IP 74.123.152.171:0
Hash 9ebf44ea98377b5a08aa678397cf29b4
b1d90aa8d66f837c2d49612e12909c2442072e9d
23eda782ab1145be0e8c7550de846527132897a978bcd3054a76321adad6e236
GET /css/themes/default.css HTTP/1.1
Host: secure.easterseals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/site/Donation2;jsessionid=00000000.app20110a?df_id=20503&20503.donation=form1&s_src=jtk1009-fr-nd&utm_medium=email&utm_source=engage&utm_campaign=GT_2022&autologin=true&PREFILL_AMOUNT=$15.00&NONCE_TOKEN=0F55D009A148667D6E510B3C37BA6957
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 1
Date: Fri, 02 Dec 2022 03:02:01 GMT
Cache-Control: private
Connection: Keep-Alive
Via: NS-CACHE-10.0: 21
ETag: "11df-4e3f587c267c0"
Server: Apache
Last-Modified: Thu, 15 Aug 2013 05:13:11 GMT
Accept-Ranges: bytes
ntCoent-Length: 4575
Keep-Alive: timeout=15, max=439
Content-Type: text/css
Content-Encoding: gzip
Content-Length: 1256
secure.easterseals.com/css/responsive/ResponsiveBase.css
74.123.152.171200 OK 3.1 kB URL HTTP/1.1 secure.easterseals.com/css/responsive/ResponsiveBase.css
IP 74.123.152.171:0
Hash b296b3d61ba5207e42a8c2fafcf2f4c0
f2376029b4bb22f753a0f0afcb88d92d274e7d5f
0df2ea36c708a54b2c358e5efe7bdace5d272d5360eeea3c9846632d2abb161e
GET /css/responsive/ResponsiveBase.css HTTP/1.1
Host: secure.easterseals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/site/Donation2;jsessionid=00000000.app20110a?df_id=20503&20503.donation=form1&s_src=jtk1009-fr-nd&utm_medium=email&utm_source=engage&utm_campaign=GT_2022&autologin=true&PREFILL_AMOUNT=$15.00&NONCE_TOKEN=0F55D009A148667D6E510B3C37BA6957
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 1
Date: Fri, 02 Dec 2022 03:02:01 GMT
Cache-Control: private
Connection: Keep-Alive
Via: NS-CACHE-10.0: 21
ETag: "3ddc-5e604804d500d"
Server: Apache
Last-Modified: Fri, 12 Aug 2022 05:24:50 GMT
Accept-Ranges: bytes
ntCoent-Length: 15836
Keep-Alive: timeout=15, max=342
Content-Type: text/css
Content-Encoding: gzip
Content-Length: 3120
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c1c6a8027fd78e6bd0b48a1875c7ad2f
cb69dcf37270e7346d5bd529474d0e01a8fa1cb4
75bcbf6a0e82757ada2b9f66dc1b7454b547b645cbb67e75733d514e3570b227
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 03:02:01 GMT
Server: ECS (amb/6B79)
Content-Length: 471
secure.easterseals.com/css/responsive/DonFormResponsive.css
74.123.152.171200 OK 5.7 kB URL HTTP/1.1 secure.easterseals.com/css/responsive/DonFormResponsive.css
IP 74.123.152.171:0
Hash 66a2bcd1c7e8ab5bbd1d793b580f330b
b33e3f0b7e422a2ab3ffe207c242f9bfd3bc031d
5cfc4f7503f70de7aaca5cda87e2f4d723c33901c8e3061ea1f426ed5441e4d2
GET /css/responsive/DonFormResponsive.css HTTP/1.1
Host: secure.easterseals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/site/Donation2;jsessionid=00000000.app20110a?df_id=20503&20503.donation=form1&s_src=jtk1009-fr-nd&utm_medium=email&utm_source=engage&utm_campaign=GT_2022&autologin=true&PREFILL_AMOUNT=$15.00&NONCE_TOKEN=0F55D009A148667D6E510B3C37BA6957
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 1
Date: Fri, 02 Dec 2022 03:02:01 GMT
Cache-Control: private
Connection: Keep-Alive
Via: NS-CACHE-10.0: 21
ETag: "841c-5af5050947dd4"
Server: Apache
Last-Modified: Tue, 15 Sep 2020 01:46:07 GMT
Accept-Ranges: bytes
ntCoent-Length: 33820
Keep-Alive: timeout=15, max=369
Content-Type: text/css
Content-Encoding: gzip
Content-Length: 5748
secure.easterseals.com/css/FormComponentsBehavior.css
74.123.152.171200 OK 1.8 kB URL HTTP/1.1 secure.easterseals.com/css/FormComponentsBehavior.css
IP 74.123.152.171:0
File type GTA in-game text (GXT), version 3, used in GTA VC/LS/VCS\012- , ASCII text
Hash 231b4bd8234f1b5c144fff5ad64a5767
f3a749576d9011f2b451128674acd87fe0bbd978
1f9731ec9d9a811e80730102efe6d1195eb19628fb6e630a78af00d99445ed58
GET /css/FormComponentsBehavior.css HTTP/1.1
Host: secure.easterseals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/site/Donation2;jsessionid=00000000.app20110a?df_id=20503&20503.donation=form1&s_src=jtk1009-fr-nd&utm_medium=email&utm_source=engage&utm_campaign=GT_2022&autologin=true&PREFILL_AMOUNT=$15.00&NONCE_TOKEN=0F55D009A148667D6E510B3C37BA6957
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 1
Date: Fri, 02 Dec 2022 03:02:01 GMT
Cache-Control: private
Connection: Keep-Alive
Via: NS-CACHE-10.0: 21
ETag: "182e-4d5c4e8824380"
Server: Apache
Last-Modified: Fri, 15 Feb 2013 15:19:58 GMT
Accept-Ranges: bytes
ntCoent-Length: 6190
Keep-Alive: timeout=15, max=351
Content-Type: text/css
Content-Encoding: gzip
Content-Length: 1751
secure.easterseals.com/js/FormComponentsBehavior.js
74.123.152.171200 OK 8.9 kB URL HTTP/1.1 secure.easterseals.com/js/FormComponentsBehavior.js
IP 74.123.152.171:0
Hash 20c29bb4e9552b82e87f37b7903f5590
9e45f2c5c49dd78c2aa1424394327160e23f5e78
4b90f3cac9d34681f12a17c8b3781ac37617d095039603c60e8330fda3156cbd
GET /js/FormComponentsBehavior.js HTTP/1.1
Host: secure.easterseals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/site/Donation2;jsessionid=00000000.app20110a?df_id=20503&20503.donation=form1&s_src=jtk1009-fr-nd&utm_medium=email&utm_source=engage&utm_campaign=GT_2022&autologin=true&PREFILL_AMOUNT=$15.00&NONCE_TOKEN=0F55D009A148667D6E510B3C37BA6957
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 1
Date: Fri, 02 Dec 2022 03:02:01 GMT
Cache-Control: private
Connection: Keep-Alive
Via: NS-CACHE-10.0: 21
ETag: "9018-45b6e5d330ec0"
Server: Apache
Last-Modified: Tue, 11 Nov 2008 18:51:15 GMT
Accept-Ranges: bytes
ntCoent-Length: 36888
Keep-Alive: timeout=15, max=258
Content-Type: application/x-javascript
Content-Encoding: gzip
Content-Length: 8887
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 160166b6df71f2dec5feee1a59a61972
4b159f7394a5d635115ca4dd2ed100c440f2b4ed
0c1d45f5508eb5789f0bfc223663fb29922c59075fde9905c1da49a08228bdbf
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=128287
Date: Fri, 02 Dec 2022 03:02:01 GMT
Etag: "6388b0d1-1d7"
Expires: Sat, 03 Dec 2022 14:40:08 GMT
Last-Modified: Thu, 01 Dec 2022 13:49:05 GMT
Server: ECS (nyb/1D0B)
X-Cache: Miss from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: YXSvj5YHWknjt6rYGrh32Hb0o_9W-TRs2jnRkg1xgL77RszUX6kLhg==
Age: 3063
secure.easterseals.com/js/don_level_elements.js
74.123.152.171200 OK 1.6 kB URL HTTP/1.1 secure.easterseals.com/js/don_level_elements.js
IP 74.123.152.171:0
File type Algol 68 source text\012- Pascal source, ASCII text, with very long lines (385)
Hash 84a141842fe986f9329fadb4f6ba04d2
b220e4b1f6574772238592a788224b16a42bcd31
c3ffb8b110e55a8001c85469d0529418d6e4b602a39171accd228db573931b0b
GET /js/don_level_elements.js HTTP/1.1
Host: secure.easterseals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/site/Donation2;jsessionid=00000000.app20110a?df_id=20503&20503.donation=form1&s_src=jtk1009-fr-nd&utm_medium=email&utm_source=engage&utm_campaign=GT_2022&autologin=true&PREFILL_AMOUNT=$15.00&NONCE_TOKEN=0F55D009A148667D6E510B3C37BA6957
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 1
Date: Fri, 02 Dec 2022 03:02:01 GMT
Cache-Control: private
Connection: Keep-Alive
Via: NS-CACHE-10.0: 21
ETag: "1195-471220f751240"
Server: Apache
Last-Modified: Fri, 14 Aug 2009 23:03:29 GMT
Accept-Ranges: bytes
ntCoent-Length: 4501
Keep-Alive: timeout=15, max=200
Content-Type: application/x-javascript
Content-Encoding: gzip
Content-Length: 1554
secure.easterseals.com/js/don_premium_elements.js
74.123.152.171200 OK 5.3 kB URL HTTP/1.1 secure.easterseals.com/js/don_premium_elements.js
IP 74.123.152.171:0
Hash 0fc97b435f82c8e98f9571ffb0506a2c
67c73db87ec310eb211ab771a35045cea8d91f70
b41b1d61efc74bcdc24b7db4fb217f2c41aafc3a7b1fedeb3ce51b797c32409d
GET /js/don_premium_elements.js HTTP/1.1
Host: secure.easterseals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/site/Donation2;jsessionid=00000000.app20110a?df_id=20503&20503.donation=form1&s_src=jtk1009-fr-nd&utm_medium=email&utm_source=engage&utm_campaign=GT_2022&autologin=true&PREFILL_AMOUNT=$15.00&NONCE_TOKEN=0F55D009A148667D6E510B3C37BA6957
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 1
Date: Fri, 02 Dec 2022 03:02:01 GMT
Cache-Control: private
Connection: Keep-Alive
Via: NS-CACHE-10.0: 21
ETag: "4534-45b6e5d23cc80"
Server: Apache
Last-Modified: Tue, 11 Nov 2008 18:51:14 GMT
Accept-Ranges: bytes
ntCoent-Length: 17716
Keep-Alive: timeout=15, max=147
Content-Type: application/x-javascript
Content-Encoding: gzip
Content-Length: 5306
secure.easterseals.com/js/donations2.js
74.123.152.171200 OK 1.7 kB URL HTTP/1.1 secure.easterseals.com/js/donations2.js
IP 74.123.152.171:0
Hash 8a29b0672db1d1086790175127994ea1
f5f523cee4332cc73a5b898c97bffdc860c1a7ca
4ecb7381c659450e711caa8cc647fa9d612168e865f9709dcbd4994f4cd98659
GET /js/donations2.js HTTP/1.1
Host: secure.easterseals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/site/Donation2;jsessionid=00000000.app20110a?df_id=20503&20503.donation=form1&s_src=jtk1009-fr-nd&utm_medium=email&utm_source=engage&utm_campaign=GT_2022&autologin=true&PREFILL_AMOUNT=$15.00&NONCE_TOKEN=0F55D009A148667D6E510B3C37BA6957
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 1
Date: Fri, 02 Dec 2022 03:02:01 GMT
Cache-Control: private
Connection: Keep-Alive
Via: NS-CACHE-10.0: 21
ETag: "22fd-4b9a629a17740"
Server: Apache
Last-Modified: Thu, 23 Feb 2012 18:53:41 GMT
Accept-Ranges: bytes
ntCoent-Length: 8957
Keep-Alive: timeout=15, max=335
Content-Type: application/x-javascript
Content-Encoding: gzip
Content-Length: 1746
www.easterseals.com/components/cookie/cookie.js
74.123.154.52200 OK 636 B URL HTTP/1.1 www.easterseals.com/components/cookie/cookie.js
IP 74.123.154.52:0
Hash 69c5056930385f425eea5665dda3945c
b524fdfb4c623c3657faa5e1f28563d7e4c71da7
3a269926fafc2cc9f7c04c5481146f36ef099c5491bf6dbf8d64e027039877ea
GET /components/cookie/cookie.js HTTP/1.1
Host: www.easterseals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Age: 1
Date: Fri, 02 Dec 2022 03:02:01 GMT
Cache-Control: private
Connection: Keep-Alive
Via: NS-CACHE-10.0: 32
ETag: "/CM0VFsQqx6"
Server: Resin/4.0.65
Last-Modified: Thu, 21 May 2015 05:13:38 GMT
Content-Type: application/x-javascript
ntCoent-Length: 1369
Keep-Alive: timeout=1, max=500
Content-Encoding: gzip
Content-Length: 636
www.xverify.com/sharedjs/jquery-ui.min.js
54.230.111.10200 OK 65 kB URL HTTP/2 www.xverify.com/sharedjs/jquery-ui.min.js
IP 54.230.111.10:0
Hash 9d36d7c08c993b3d40a34486040fe218
f0618ca8636381b87fd444b38954c44054a88517
4cdded5995a78bb291411faf0551ea5b04988e624af756eaa1ea0915441748b5
GET /sharedjs/jquery-ui.min.js HTTP/1.1
Host: www.xverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Fri, 02 Dec 2022 03:02:00 GMT
server: Apache/2.4.18 (Ubuntu)
last-modified: Wed, 02 Feb 2022 16:47:54 GMT
accept-ranges: bytes
content-encoding: gzip
etag: "3a7cc-5d70bc77a2360-gzip"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: guG7jptNX0JaUThe3BLtoTNFxh76EDOCw5vDBsJ4BMWoZ97jQhIVTA==
X-Firefox-Spdy: h2
secure.easterseals.com/css/CustomWysiwygStyle.css
74.123.152.171200 OK 263 B URL HTTP/1.1 secure.easterseals.com/css/CustomWysiwygStyle.css
IP 74.123.152.171:0
Hash 35c02f5bc8b8046ea13c836c1bf37dce
29f9589b345479a4482069881096b144c58c187a
05a6457e571807a86810d8953affb3c458cb04c073d314f434a29c538fd7bae5
GET /css/CustomWysiwygStyle.css HTTP/1.1
Host: secure.easterseals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/site/Donation2;jsessionid=00000000.app20110a?df_id=20503&20503.donation=form1&s_src=jtk1009-fr-nd&utm_medium=email&utm_source=engage&utm_campaign=GT_2022&autologin=true&PREFILL_AMOUNT=$15.00&NONCE_TOKEN=0F55D009A148667D6E510B3C37BA6957
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 1
Date: Fri, 02 Dec 2022 03:02:01 GMT
Cache-Control: private
Connection: Keep-Alive
Via: NS-CACHE-10.0: 21
ETag: "18e-56e5eb01730d7"
Server: Apache
Last-Modified: Mon, 11 Jun 2018 14:37:23 GMT
Accept-Ranges: bytes
Cteonnt-Length: 398
Keep-Alive: timeout=15, max=367
Content-Type: text/css
Content-Encoding: gzip
Content-Length: 263
secure.easterseals.com/css/CustomStyle.css
74.123.152.171200 OK 2.3 kB URL HTTP/1.1 secure.easterseals.com/css/CustomStyle.css
IP 74.123.152.171:0
File type ASCII text, with very long lines (1023)
Hash 3a4db65c1b0c3aa91460a6dabf7e1cfd
8f40a59f717b96dbb82fb3d95b6ca05e589c7455
4226ddf237fb1c9f69a988f9938cdb2eabfadc5de0c92b3668373a0a7505264c
GET /css/CustomStyle.css HTTP/1.1
Host: secure.easterseals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/site/Donation2;jsessionid=00000000.app20110a?df_id=20503&20503.donation=form1&s_src=jtk1009-fr-nd&utm_medium=email&utm_source=engage&utm_campaign=GT_2022&autologin=true&PREFILL_AMOUNT=$15.00&NONCE_TOKEN=0F55D009A148667D6E510B3C37BA6957
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 1
Date: Fri, 02 Dec 2022 03:02:01 GMT
Cache-Control: private
Connection: Keep-Alive
Via: NS-CACHE-10.0: 21
ETag: "275a-580225c822345"
Server: Apache
Last-Modified: Wed, 23 Jan 2019 16:12:32 GMT
Accept-Ranges: bytes
ntCoent-Length: 10074
Keep-Alive: timeout=15, max=58
Content-Type: text/css
Content-Encoding: gzip
Content-Length: 2333
secure.easterseals.com/js/validForm.js
74.123.152.171200 OK 2.0 kB URL HTTP/1.1 secure.easterseals.com/js/validForm.js
IP 74.123.152.171:0
Hash 3792d26cd32366c6cbe34a3f6c002d4e
d5b5f50983e8a5b9eb19f70efdc83f7d525ea1e9
67f0cce22bb37f958d06da2cc04e1c6b92a25a4985a23debbcd7969b06434786
GET /js/validForm.js HTTP/1.1
Host: secure.easterseals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/site/Donation2;jsessionid=00000000.app20110a?df_id=20503&20503.donation=form1&s_src=jtk1009-fr-nd&utm_medium=email&utm_source=engage&utm_campaign=GT_2022&autologin=true&PREFILL_AMOUNT=$15.00&NONCE_TOKEN=0F55D009A148667D6E510B3C37BA6957
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 1
Date: Fri, 02 Dec 2022 03:02:01 GMT
Cache-Control: private
Connection: Keep-Alive
Via: NS-CACHE-10.0: 21
ETag: "19a1-45b6e5d330ec0"
Server: Apache
Last-Modified: Tue, 11 Nov 2008 18:51:15 GMT
Accept-Ranges: bytes
ntCoent-Length: 6561
Keep-Alive: timeout=15, max=11
Content-Type: application/x-javascript
Content-Encoding: gzip
Content-Length: 2046
secure.easterseals.com/css/easterseals-clo.css
74.123.152.171200 OK 11 kB URL HTTP/1.1 secure.easterseals.com/css/easterseals-clo.css
IP 74.123.152.171:0
File type ASCII text, with very long lines (806)
Hash 23fae6e23812dbc900aac6ec439d2efd
3b0fe4c02af924e32cb9ffeb9ddf506cad7e4206
f3cf1fe2550f422ddb1f4696d60b79ee6c86aaed70a0551c09f462e33bff532e
GET /css/easterseals-clo.css HTTP/1.1
Host: secure.easterseals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/site/Donation2;jsessionid=00000000.app20110a?df_id=20503&20503.donation=form1&s_src=jtk1009-fr-nd&utm_medium=email&utm_source=engage&utm_campaign=GT_2022&autologin=true&PREFILL_AMOUNT=$15.00&NONCE_TOKEN=0F55D009A148667D6E510B3C37BA6957
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 1
Date: Fri, 02 Dec 2022 03:02:01 GMT
Cache-Control: private
Connection: Keep-Alive
Via: NS-CACHE-10.0: 21
ETag: "cffa-5de0a2128ac5b"
Server: Apache
Last-Modified: Mon, 02 May 2022 16:46:10 GMT
Accept-Ranges: bytes
ntCoent-Length: 53242
Keep-Alive: timeout=15, max=317
Content-Type: text/css
Content-Encoding: gzip
Content-Length: 11121
secure.easterseals.com/css/easterseals-clo-responsive.css
74.123.152.171200 OK 2.3 kB URL HTTP/1.1 secure.easterseals.com/css/easterseals-clo-responsive.css
IP 74.123.152.171:0
Hash affd35c35100ab3c410a021bdeed265e
1a01bb9b4b1ac00367114a19043cc7e63a5e010a
6e244c3cbd471fb73d8837f196123961fc30cd02813c4f8aa7012b5b9833b3db
GET /css/easterseals-clo-responsive.css HTTP/1.1
Host: secure.easterseals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/site/Donation2;jsessionid=00000000.app20110a?df_id=20503&20503.donation=form1&s_src=jtk1009-fr-nd&utm_medium=email&utm_source=engage&utm_campaign=GT_2022&autologin=true&PREFILL_AMOUNT=$15.00&NONCE_TOKEN=0F55D009A148667D6E510B3C37BA6957
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 1
Date: Fri, 02 Dec 2022 03:02:01 GMT
Cache-Control: private
Connection: Keep-Alive
Via: NS-CACHE-10.0: 21
ETag: "250b-5b8f6c707dc84"
Server: Apache
Last-Modified: Fri, 15 Jan 2021 21:08:44 GMT
Accept-Ranges: bytes
ntCoent-Length: 9483
Keep-Alive: timeout=15, max=329
Content-Type: text/css
Content-Encoding: gzip
Content-Length: 2322
secure.easterseals.com/js/easterseals.js
74.123.152.171200 OK 1.4 kB URL HTTP/1.1 secure.easterseals.com/js/easterseals.js
IP 74.123.152.171:0
Hash ce1036b9a3acb689e2865d5e30129aa2
6fff7ba670ef307564508395d4d749e203c410f6
6c9810a556614161ca24c25213ef92adb45f43a4e6419dd747c1229dbb6d9332
GET /js/easterseals.js HTTP/1.1
Host: secure.easterseals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/site/Donation2;jsessionid=00000000.app20110a?df_id=20503&20503.donation=form1&s_src=jtk1009-fr-nd&utm_medium=email&utm_source=engage&utm_campaign=GT_2022&autologin=true&PREFILL_AMOUNT=$15.00&NONCE_TOKEN=0F55D009A148667D6E510B3C37BA6957
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 1
Date: Fri, 02 Dec 2022 03:02:01 GMT
Cache-Control: private
Connection: Keep-Alive
Via: NS-CACHE-10.0: 21
ETag: "f64-5eec7be1efc03"
Server: Apache
Last-Modified: Thu, 01 Dec 2022 17:42:19 GMT
Accept-Ranges: bytes
Cteonnt-Length: 3940
Keep-Alive: timeout=15, max=229
Content-Type: application/x-javascript
Content-Encoding: gzip
Content-Length: 1403
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 03:02:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://secure.easterseals.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:54 GMT
expires: Thu, 30 Nov 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 113287
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 188c50963e7939b1f26a31dbcb8c8200
859416e6148ea6618584e53604efcf072bb989cc
3a313cd3c1693a886bfbf6ffc6fbac78f87e6ded2b9a7749553444ada65ce36e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 03:02:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 03:02:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
secure.easterseals.com/css/general_donation_styles_2016.css
74.123.152.171200 OK 9.1 kB URL HTTP/1.1 secure.easterseals.com/css/general_donation_styles_2016.css
IP 74.123.152.171:0
File type ASCII text, with very long lines (619)
Hash 1cc97b1c7c188af7018c27ed6fe04a61
e5309fcf7553e875256b1af7fdf23d7ffea67f99
61e4edf820318fc58bdf8c313426c96bc5ceaa7c3ec9a8746ca1e3f140d9ed3c
GET /css/general_donation_styles_2016.css HTTP/1.1
Host: secure.easterseals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/site/Donation2;jsessionid=00000000.app20110a?df_id=20503&20503.donation=form1&s_src=jtk1009-fr-nd&utm_medium=email&utm_source=engage&utm_campaign=GT_2022&autologin=true&PREFILL_AMOUNT=$15.00&NONCE_TOKEN=0F55D009A148667D6E510B3C37BA6957
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 1
Date: Fri, 02 Dec 2022 03:02:01 GMT
Cache-Control: private
Connection: Keep-Alive
Via: NS-CACHE-10.0: 21
ETag: "a7ec-5cba97e0c9bb4"
Server: Apache
Last-Modified: Fri, 10 Sep 2021 19:55:08 GMT
Accept-Ranges: bytes
ntCoent-Length: 42988
Keep-Alive: timeout=15, max=106
Content-Type: text/css
Content-Encoding: gzip
Content-Length: 9057
www.googletagmanager.com/gtm.js?id=GTM-WR5XFK
142.250.74.40200 OK 91 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-WR5XFK
IP 142.250.74.40:0
File type ASCII text, with very long lines (16789)
Hash 8af2773b363fe6d135c03a4dc3697ce3
1d41a15821ab2b24ac7f84fe5e2601c9bfc48a69
abdc45e1edd14c9873bd85f33f90c8ac88628800e2fbabff10754465544beb31
GET /gtm.js?id=GTM-WR5XFK HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 02 Dec 2022 03:02:01 GMT
expires: Fri, 02 Dec 2022 03:02:01 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 90839
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
secure.easterseals.com/css/xverify.css
74.123.152.171200 OK 500 B URL HTTP/1.1 secure.easterseals.com/css/xverify.css
IP 74.123.152.171:0
Hash c739d98931c968fc48d24793b5308768
f79f7e801391c8ac6e533023b5f4d9a9cc350ff8
0eeb7509c2d41028d3fe05a7d228746b9e3767e21601c23e8e3f5d5b4f7f8ee8
GET /css/xverify.css HTTP/1.1
Host: secure.easterseals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/site/Donation2;jsessionid=00000000.app20110a?df_id=20503&20503.donation=form1&s_src=jtk1009-fr-nd&utm_medium=email&utm_source=engage&utm_campaign=GT_2022&autologin=true&PREFILL_AMOUNT=$15.00&NONCE_TOKEN=0F55D009A148667D6E510B3C37BA6957
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 1
Date: Fri, 02 Dec 2022 03:02:01 GMT
Cache-Control: private
Connection: Keep-Alive
Via: NS-CACHE-10.0: 21
ETag: "796-599d9bf2e8712"
Server: Apache
Last-Modified: Mon, 16 Dec 2019 22:29:38 GMT
Accept-Ranges: bytes
Cteonnt-Length: 1942
Keep-Alive: timeout=15, max=16
Content-Type: text/css
Content-Encoding: gzip
Content-Length: 500
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 188c50963e7939b1f26a31dbcb8c8200
859416e6148ea6618584e53604efcf072bb989cc
3a313cd3c1693a886bfbf6ffc6fbac78f87e6ded2b9a7749553444ada65ce36e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 03:02:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
secure.easterseals.com/yui3/loader/loader-min.js
74.123.152.171200 OK 5.3 kB URL HTTP/1.1 secure.easterseals.com/yui3/loader/loader-min.js
IP 74.123.152.171:0
File type ASCII text, with very long lines (6006)
Hash 3dccb35812973a881ce4be08302ee5a0
227fe81184e0605ed9ef8ecb1a3ad930ef39381f
497b190dd9a6ef4864546a059b6f89fd8b1fe9080a2dce6eb7b582bbbe1095c4
GET /yui3/loader/loader-min.js HTTP/1.1
Host: secure.easterseals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/site/Donation2;jsessionid=00000000.app20110a?df_id=20503&20503.donation=form1&s_src=jtk1009-fr-nd&utm_medium=email&utm_source=engage&utm_campaign=GT_2022&autologin=true&PREFILL_AMOUNT=$15.00&NONCE_TOKEN=0F55D009A148667D6E510B3C37BA6957
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 1
Date: Fri, 02 Dec 2022 03:02:01 GMT
Cache-Control: private
Connection: Keep-Alive
Via: NS-CACHE-10.0: 21
ETag: "3c99-487aa3880d540"
Server: Apache
Last-Modified: Fri, 28 May 2010 16:44:29 GMT
Accept-Ranges: bytes
ntCoent-Length: 15513
Keep-Alive: timeout=15, max=426
Content-Type: application/x-javascript
Content-Encoding: gzip
Content-Length: 5337
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://secure.easterseals.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:56 GMT
expires: Thu, 30 Nov 2023 19:33:56 GMT
cache-control: public, max-age=31536000
age: 113285
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://secure.easterseals.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:34:15 GMT
expires: Thu, 30 Nov 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 113266
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14233
Expires: Fri, 02 Dec 2022 06:59:14 GMT
Date: Fri, 02 Dec 2022 03:02:01 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb30f254-1327-487b-a297-00361bfd5c02.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb30f254-1327-487b-a297-00361bfd5c02.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cd78aa69439c995167f32b8a41a1f4f6
d07d6145182f312f3ed86ecf96b4ffa175416fa0
3b08cf3fad31ee0cf3ee25abc2484fb4283543865a42dfc568b14f9856fd3bb5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb30f254-1327-487b-a297-00361bfd5c02.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7722
x-amzn-requestid: 8d7c4800-6c06-43ed-afa1-94840d42f591
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGy2Gr1IAMFWeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e78-429ae3135d47e3b020c4c7a1;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:36:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Z8thSamrCRejcAcQEGAp4WpSMzMEvstuZtVpKAjiCH4dyJyf1yihBA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:50:11 GMT
age: 18710
etag: "d07d6145182f312f3ed86ecf96b4ffa175416fa0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcca8556b-b044-489f-bc74-086aad62b062.webp
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcca8556b-b044-489f-bc74-086aad62b062.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d147ccb10bda82b153a596c3c967cd6a
ffd0763f997e71a8c1458523fc17cafe8849dfdf
1cfeb90a4ba027195f903d938d4a0aac418a1c2f0b52215ec023263f15905971
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcca8556b-b044-489f-bc74-086aad62b062.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7591
x-amzn-requestid: e179862e-f840-4e50-a9dc-09f325479b9a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGgMFRZIAMFl7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e01-676a1571459f2d83488f2765;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: oB5K_ZCWWwCltMx8FQSjDdXRMzSTSyRLSYSLAooQXuCrUxadLUiWkA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:48:51 GMT
age: 18790
etag: "ffd0763f997e71a8c1458523fc17cafe8849dfdf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 156e9ea97b774cbd8361072e4041b6c8
fc71ae3cae92ed6011904bb2367f23bf4e69fab4
58d953c19ebbbdfc3965bbe3f52308d4702deaf4d0c029f4674bcb862da138af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8863
x-amzn-requestid: 798d014b-0f9c-4787-a676-8f5e8fae3d11
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdG14HBNIAMFdWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851bf-7549feac6d476a8512676412;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: r_0F64VpyutAOJ9IcTWrs3Sv--fhKiwKsV1FW0fOMSRt1QLLPxvJzg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 07:43:11 GMT
age: 69530
etag: "fc71ae3cae92ed6011904bb2367f23bf4e69fab4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
secure.easterseals.com/images/discovercard_sm.gif
74.123.152.171200 OK 1.2 kB URL HTTP/1.1 secure.easterseals.com/images/discovercard_sm.gif
IP 74.123.152.171:0
File type GIF image data, version 89a, 32 x 21\012- data
Hash 16ad7a96f265ad15bf26173d3bc4e7bf
5da88c06f624ed25ee1c6a2a1a15397c6491a93d
dac695819f41d925f1c03b5af9f45b26bab4b46d36e2a5fb99eb9f82751d87e8
GET /images/discovercard_sm.gif HTTP/1.1
Host: secure.easterseals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/site/Donation2;jsessionid=00000000.app20110a?df_id=20503&20503.donation=form1&s_src=jtk1009-fr-nd&utm_medium=email&utm_source=engage&utm_campaign=GT_2022&autologin=true&PREFILL_AMOUNT=$15.00&NONCE_TOKEN=0F55D009A148667D6E510B3C37BA6957
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 1
Date: Fri, 02 Dec 2022 03:02:01 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 21
ETag: "491-3f5caa646f900"
Server: Apache
Last-Modified: Thu, 28 Apr 2005 08:07:32 GMT
Accept-Ranges: bytes
Content-Length: 1169
Keep-Alive: timeout=15, max=475
Content-Type: image/gif
secure.easterseals.com/images/amex_small.gif
74.123.152.171200 OK 1.6 kB URL HTTP/1.1 secure.easterseals.com/images/amex_small.gif
IP 74.123.152.171:0
File type GIF image data, version 89a, 40 x 23\012- data
Hash 1a62c406da5700f73276a279bfddebcf
6a085c67fb5ec270c8b31048b40909836a092721
010e2dedce12a182247baf7d70f7f0aabe5ab06395c7f6805b55c9385fe8a6a3
GET /images/amex_small.gif HTTP/1.1
Host: secure.easterseals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/site/Donation2;jsessionid=00000000.app20110a?df_id=20503&20503.donation=form1&s_src=jtk1009-fr-nd&utm_medium=email&utm_source=engage&utm_campaign=GT_2022&autologin=true&PREFILL_AMOUNT=$15.00&NONCE_TOKEN=0F55D009A148667D6E510B3C37BA6957
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 1
Date: Fri, 02 Dec 2022 03:02:01 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 21
ETag: "655-471117ac5aac0"
Server: Apache
Last-Modified: Fri, 14 Aug 2009 03:16:35 GMT
Accept-Ranges: bytes
Content-Length: 1621
Keep-Alive: timeout=15, max=356
Content-Type: image/gif
secure.easterseals.com/images/payment/paypal-logo.png
74.123.152.171200 OK 1.3 kB URL HTTP/1.1 secure.easterseals.com/images/payment/paypal-logo.png
IP 74.123.152.171:0
File type PNG image data, 67 x 27, 8-bit/color RGBA, non-interlaced\012- data
Hash 27e29208a0c8a6c4bba37cd96141e486
40852aa549950e97fe2d1b6815e9578b47dd3fde
f18896239d5200eed4c02bfe6ccd51cec397800614a3503bb6e5c39c23ef63b2
GET /images/payment/paypal-logo.png HTTP/1.1
Host: secure.easterseals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/site/Donation2;jsessionid=00000000.app20110a?df_id=20503&20503.donation=form1&s_src=jtk1009-fr-nd&utm_medium=email&utm_source=engage&utm_campaign=GT_2022&autologin=true&PREFILL_AMOUNT=$15.00&NONCE_TOKEN=0F55D009A148667D6E510B3C37BA6957
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 1
Date: Fri, 02 Dec 2022 03:02:01 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 21
ETag: "50f-4c6cd47ada400"
Server: Apache
Last-Modified: Thu, 09 Aug 2012 04:01:20 GMT
Accept-Ranges: bytes
Content-Length: 1295
Keep-Alive: timeout=15, max=411
Content-Type: image/png
secure.easterseals.com/images/mastercd_small.gif
74.123.152.171200 OK 1.3 kB URL HTTP/1.1 secure.easterseals.com/images/mastercd_small.gif
IP 74.123.152.171:0
File type GIF image data, version 89a, 31 x 21\012- data
Hash a46b05d5d50e59ce61c9a27a9b9620ad
333510d5d7a538ca392bdb64be10dc0f1520a5f7
79eb4ea57c753b1671353a2814264bf9250ba50150c6c93c8feb8fc70b882c57
GET /images/mastercd_small.gif HTTP/1.1
Host: secure.easterseals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/site/Donation2;jsessionid=00000000.app20110a?df_id=20503&20503.donation=form1&s_src=jtk1009-fr-nd&utm_medium=email&utm_source=engage&utm_campaign=GT_2022&autologin=true&PREFILL_AMOUNT=$15.00&NONCE_TOKEN=0F55D009A148667D6E510B3C37BA6957
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 1
Date: Fri, 02 Dec 2022 03:02:01 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 21
ETag: "4f1-471117ac5aac0"
Server: Apache
Last-Modified: Fri, 14 Aug 2009 03:16:35 GMT
Accept-Ranges: bytes
Content-Length: 1265
Keep-Alive: timeout=15, max=346
Content-Type: image/gif
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14233
Expires: Fri, 02 Dec 2022 06:59:14 GMT
Date: Fri, 02 Dec 2022 03:02:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14233
Expires: Fri, 02 Dec 2022 06:59:14 GMT
Date: Fri, 02 Dec 2022 03:02:01 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F092f8542-1ed2-47c2-82aa-d5ef970a77ca.png
34.120.237.76200 OK 3.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F092f8542-1ed2-47c2-82aa-d5ef970a77ca.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 89e1a735e16f55c78fa75ae434294029
6c56f4015305eff04a99cec9758cd40bf4e5f704
26e8b042c0bbef2c7f93f77451563cf6e12af282251ef864652574be2b2c5b15
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F092f8542-1ed2-47c2-82aa-d5ef970a77ca.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3711
x-amzn-requestid: 68772438-16c4-40ab-a40e-860425d8301c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGyhHVsIAMFmsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e76-21d27db6708228002e738938;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:36:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JOCSKxy4WUDbS22Gd9BlyN1gmcDsDNlNWnT57KITGlNwfOe_Iaco9g==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:48:59 GMT
age: 18782
etag: "6c56f4015305eff04a99cec9758cd40bf4e5f704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
secure.easterseals.com/images/content/pagebuilder/Visa_Master_Card_and_Discover_Verification_Code.jpg
74.123.152.171200 OK 17 kB URL HTTP/1.1 secure.easterseals.com/images/content/pagebuilder/Visa_Master_Card_and_Discover_Verification_Code.jpg
IP 74.123.152.171:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 71x71, segment length 16, progressive, precision 8, 179x139, components 3\012- data
Hash 8c54a379143ce108153aeb2e983b7c22
f2350525a8a4a9346f63ee819429243795cd31fe
55d0e77eff1f604c37c4c5ed0c51c80adb76a6481bc2f15361025dd6a53fc0a4
GET /images/content/pagebuilder/Visa_Master_Card_and_Discover_Verification_Code.jpg HTTP/1.1
Host: secure.easterseals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/site/Donation2;jsessionid=00000000.app20110a?df_id=20503&20503.donation=form1&s_src=jtk1009-fr-nd&utm_medium=email&utm_source=engage&utm_campaign=GT_2022&autologin=true&PREFILL_AMOUNT=$15.00&NONCE_TOKEN=0F55D009A148667D6E510B3C37BA6957
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 1
Date: Fri, 02 Dec 2022 03:02:01 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 21
ETag: "43ab-5711f99ff02ad"
Server: Apache
Last-Modified: Mon, 16 Jul 2018 15:37:05 GMT
Accept-Ranges: bytes
Content-Length: 17323
Keep-Alive: timeout=15, max=213
Content-Type: image/jpeg
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14233
Expires: Fri, 02 Dec 2022 06:59:14 GMT
Date: Fri, 02 Dec 2022 03:02:01 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb8ec880-52b8-4350-bb47-d051878e78f1.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb8ec880-52b8-4350-bb47-d051878e78f1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 25c68d8b1fae82820f93efca500fd848
45cf5e1a54ee491497ffe08a8e39fe97ba3c8a48
f0ec6b6f6ba0a931c9b71f5bc7ad1e5b89c8e4d8b7441f35eeebfba418d0e588
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb8ec880-52b8-4350-bb47-d051878e78f1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6882
x-amzn-requestid: 6b5f15a5-c15b-46bf-9fd5-5d013d37a0eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGfrG3WIAMFc9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891dfd-6038ca700dfb4489230c2683;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2O6x-8-ESFDtlhcjVyGxEXCZcLbbfhsCVQeX02lbNMupPWmM-fKuLA==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:34:54 GMT
age: 19627
etag: "45cf5e1a54ee491497ffe08a8e39fe97ba3c8a48"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
34.120.237.76200 OK 2.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b47431190f34eccf0a6efb98e2a32b7d
9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Fw6nrporwF27NW0-vXpaolW79nDXLF2RyS-lqhhp1osHt7q98VpI3g==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:49:56 GMT
age: 18725
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
secure.easterseals.com/images/content/pagebuilder/easterseals.png
74.123.152.171200 OK 2.7 kB URL HTTP/1.1 secure.easterseals.com/images/content/pagebuilder/easterseals.png
IP 74.123.152.171:0
File type PNG image data, 330 x 129, 8-bit colormap, non-interlaced\012- data
Hash 5dd1afce76dae272b68d1e79c93514f3
03f63d1abfab608f260748005e9548440f9b7a51
40e2eb8088bd8c70233dc9aa6590d4517be0607d9b464f01755af3a3d2e7ba25
GET /images/content/pagebuilder/easterseals.png HTTP/1.1
Host: secure.easterseals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/site/Donation2;jsessionid=00000000.app20110a?df_id=20503&20503.donation=form1&s_src=jtk1009-fr-nd&utm_medium=email&utm_source=engage&utm_campaign=GT_2022&autologin=true&PREFILL_AMOUNT=$15.00&NONCE_TOKEN=0F55D009A148667D6E510B3C37BA6957
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 1
Date: Fri, 02 Dec 2022 03:02:01 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 21
ETag: "a76-5531ed6b58219"
Server: Apache
Last-Modified: Thu, 29 Jun 2017 20:06:39 GMT
Accept-Ranges: bytes
Content-Length: 2678
Keep-Alive: timeout=15, max=77
Content-Type: image/png
secure.easterseals.com/bb/images/es2016_checkbox_unclick.png
74.123.152.171200 OK 373 B URL HTTP/1.1 secure.easterseals.com/bb/images/es2016_checkbox_unclick.png
IP 74.123.152.171:0
File type PNG image data, 17 x 18, 8-bit/color RGB, non-interlaced\012- data
Hash f468852abdb7d594b12a9e42ad371889
4846449f099fd48da10b53d52b4fc993befc3759
a71b3b184aabff8cd9fefff5a83b1bf916da04d0baea57336d5ce619c6b09f70
GET /bb/images/es2016_checkbox_unclick.png HTTP/1.1
Host: secure.easterseals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/css/general_donation_styles_2016.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 1
Date: Fri, 02 Dec 2022 03:02:01 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 21
ETag: "175-5264c0c2e96c6"
Server: Apache
Last-Modified: Mon, 07 Dec 2015 10:09:07 GMT
Accept-Ranges: bytes
Content-Length: 373
Keep-Alive: timeout=15, max=334
Content-Type: image/png
secure.easterseals.com/bb/images/required-asterisk-orange.png
74.123.152.171200 OK 153 B URL HTTP/1.1 secure.easterseals.com/bb/images/required-asterisk-orange.png
IP 74.123.152.171:0
File type PNG image data, 5 x 12, 8-bit/color RGBA, non-interlaced\012- data
Hash 89b7378d042a065d324a4b180076c15f
2ba2659c3a713e27e7016f14bd1774a8a640b5ae
7d40a8936ae718bc4caa26b5f51d664f96a77337f0cc2348e38783721cb2700f
GET /bb/images/required-asterisk-orange.png HTTP/1.1
Host: secure.easterseals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/css/general_donation_styles_2016.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 1
Date: Fri, 02 Dec 2022 03:02:01 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 21
ETag: "99-530dde199928f"
Server: Apache
Last-Modified: Tue, 19 Apr 2016 22:20:14 GMT
Accept-Ranges: bytes
Content-Length: 153
Cneonction: close
Content-Type: image/png
secure.easterseals.com/bb/images/es2016_checkbox_click.png
74.123.152.171200 OK 782 B URL HTTP/1.1 secure.easterseals.com/bb/images/es2016_checkbox_click.png
IP 74.123.152.171:0
File type PNG image data, 17 x 18, 8-bit/color RGB, non-interlaced\012- data
Hash 0059aa311820ace3a4f40294420b1c99
8fc0330792482357a43779d8377d7a6b00c4a7fa
e0474e51fe4a70d05e7bc0c396613ff8813387d6f223fe02a9a4888f9cb91d9c
GET /bb/images/es2016_checkbox_click.png HTTP/1.1
Host: secure.easterseals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/css/general_donation_styles_2016.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 1
Date: Fri, 02 Dec 2022 03:02:01 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 21
ETag: "30e-5264c0c2b0339"
Server: Apache
Last-Modified: Mon, 07 Dec 2015 10:09:07 GMT
Accept-Ranges: bytes
Content-Length: 782
Keep-Alive: timeout=15, max=500
Content-Type: image/png
secure.easterseals.com/images/content/pagebuilder/arrow-177-24.png
74.123.152.171200 OK 581 B URL HTTP/1.1 secure.easterseals.com/images/content/pagebuilder/arrow-177-24.png
IP 74.123.152.171:0
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 54e879723f48753960fd23c67ffeb781
587fc3b81a59fd7b9ff5c7e19f0c794fb5c893ca
fe706741804b98a8b5832be08da1d17f235241f889af10e89ac8513bf21c0bb1
GET /images/content/pagebuilder/arrow-177-24.png HTTP/1.1
Host: secure.easterseals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/site/Donation2;jsessionid=00000000.app20110a?df_id=20503&20503.donation=form1&s_src=jtk1009-fr-nd&utm_medium=email&utm_source=engage&utm_campaign=GT_2022&autologin=true&PREFILL_AMOUNT=$15.00&NONCE_TOKEN=0F55D009A148667D6E510B3C37BA6957
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 1
Date: Fri, 02 Dec 2022 03:02:01 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 21
ETag: "245-555da77cf4b47"
Server: Apache
Last-Modified: Thu, 03 Aug 2017 14:48:04 GMT
Accept-Ranges: bytes
Content-Length: 581
Keep-Alive: timeout=15, max=485
Content-Type: image/png
secure.easterseals.com/images/content/pagebuilder/donation_options_01.jpg
74.123.152.171200 OK 5.3 kB URL HTTP/1.1 secure.easterseals.com/images/content/pagebuilder/donation_options_01.jpg
IP 74.123.152.171:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 143x143, components 3\012- data
Hash fbf6179120089b04a5cd4e5de64fd780
f375904cc6d4a8aa388e249eb4eb7d75f78a98f0
5a8aa0cb89de632b7d17dcab645eefbc7576d14e1df93797fff20e8839ad696a
GET /images/content/pagebuilder/donation_options_01.jpg HTTP/1.1
Host: secure.easterseals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/site/Donation2;jsessionid=00000000.app20110a?df_id=20503&20503.donation=form1&s_src=jtk1009-fr-nd&utm_medium=email&utm_source=engage&utm_campaign=GT_2022&autologin=true&PREFILL_AMOUNT=$15.00&NONCE_TOKEN=0F55D009A148667D6E510B3C37BA6957
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 1
Date: Fri, 02 Dec 2022 03:02:01 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 21
ETag: "14df-52616af42c90a"
Server: Apache
Last-Modified: Fri, 04 Dec 2015 18:29:15 GMT
Accept-Ranges: bytes
Content-Length: 5343
Keep-Alive: timeout=15, max=463
Content-Type: image/jpeg
secure.easterseals.com/images/content/pagebuilder/donation_options_02.jpg
74.123.152.171200 OK 6.3 kB URL HTTP/1.1 secure.easterseals.com/images/content/pagebuilder/donation_options_02.jpg
IP 74.123.152.171:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 143x143, components 3\012- data
Hash 8ae89da058a9aab111433191a8933719
61c1303b10bed783a04f1cde2e96834333008cde
83ae7f5d2d3b6d97c33a323943f616b3ffd55c7062186f248f8a5728ce404883
GET /images/content/pagebuilder/donation_options_02.jpg HTTP/1.1
Host: secure.easterseals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/site/Donation2;jsessionid=00000000.app20110a?df_id=20503&20503.donation=form1&s_src=jtk1009-fr-nd&utm_medium=email&utm_source=engage&utm_campaign=GT_2022&autologin=true&PREFILL_AMOUNT=$15.00&NONCE_TOKEN=0F55D009A148667D6E510B3C37BA6957
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 1
Date: Fri, 02 Dec 2022 03:02:02 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 21
ETag: "188d-52616cb8fc6f1"
Server: Apache
Last-Modified: Fri, 04 Dec 2015 18:37:09 GMT
Accept-Ranges: bytes
Content-Length: 6285
Keep-Alive: timeout=15, max=496
Content-Type: image/jpeg
secure.easterseals.com/images/content/pagebuilder/donation_options_03.jpg
74.123.152.171200 OK 5.8 kB URL HTTP/1.1 secure.easterseals.com/images/content/pagebuilder/donation_options_03.jpg
IP 74.123.152.171:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 143x143, components 3\012- data
Hash 696166b1d441b29d6acdd80b60446072
02f5005f0aee422d40fcb8ea6675000061eef7f5
0fd127a136758c322f40571c3003b4fcbdbbc0cf15a19682926139cad43fabbc
GET /images/content/pagebuilder/donation_options_03.jpg HTTP/1.1
Host: secure.easterseals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/site/Donation2;jsessionid=00000000.app20110a?df_id=20503&20503.donation=form1&s_src=jtk1009-fr-nd&utm_medium=email&utm_source=engage&utm_campaign=GT_2022&autologin=true&PREFILL_AMOUNT=$15.00&NONCE_TOKEN=0F55D009A148667D6E510B3C37BA6957
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 1
Date: Fri, 02 Dec 2022 03:02:02 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 21
ETag: "16d1-5260617b69a06"
Server: Apache
Last-Modified: Thu, 03 Dec 2015 22:41:33 GMT
Accept-Ranges: bytes
Content-Length: 5841
Keep-Alive: timeout=15, max=499
Content-Type: image/jpeg
secure.easterseals.com/images/content/pagebuilder/bbb-horizontal.jpg
74.123.152.171200 OK 3.1 kB URL HTTP/1.1 secure.easterseals.com/images/content/pagebuilder/bbb-horizontal.jpg
IP 74.123.152.171:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 111x43, components 3\012- data
Hash 08266a9c7287148433c7dd8c4ea1cefc
ac661f42bd466adce60270cc4ec853a349667b3d
568c4db1b54d447c11c13a667e1edc82762147b80f15d78aff562d8d897b8d4f
GET /images/content/pagebuilder/bbb-horizontal.jpg HTTP/1.1
Host: secure.easterseals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/site/Donation2;jsessionid=00000000.app20110a?df_id=20503&20503.donation=form1&s_src=jtk1009-fr-nd&utm_medium=email&utm_source=engage&utm_campaign=GT_2022&autologin=true&PREFILL_AMOUNT=$15.00&NONCE_TOKEN=0F55D009A148667D6E510B3C37BA6957
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 1
Date: Fri, 02 Dec 2022 03:02:02 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 21
ETag: "c36-5379bd715d3fa"
Server: Apache
Last-Modified: Thu, 14 Jul 2016 17:29:11 GMT
Accept-Ranges: bytes
Content-Length: 3126
Keep-Alive: timeout=15, max=456
Content-Type: image/jpeg
secure.easterseals.com/images/content/pagebuilder/wcag2A.png
74.123.152.171200 OK 1.1 kB URL HTTP/1.1 secure.easterseals.com/images/content/pagebuilder/wcag2A.png
IP 74.123.152.171:0
File type PNG image data, 88 x 31, 8-bit colormap, non-interlaced\012- data
Hash 3309d517598f8405e548f291ef593401
462ee985ef2f20add9b5e0856e0e659105bcc051
0cfa808a35f55cfe021e81531f54156a136d6bc41ae1501003fe2ef9742b5e21
GET /images/content/pagebuilder/wcag2A.png HTTP/1.1
Host: secure.easterseals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/site/Donation2;jsessionid=00000000.app20110a?df_id=20503&20503.donation=form1&s_src=jtk1009-fr-nd&utm_medium=email&utm_source=engage&utm_campaign=GT_2022&autologin=true&PREFILL_AMOUNT=$15.00&NONCE_TOKEN=0F55D009A148667D6E510B3C37BA6957
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 1
Date: Fri, 02 Dec 2022 03:02:02 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 21
ETag: "42b-4dab9ef462840"
Server: Apache
Last-Modified: Fri, 19 Apr 2013 17:20:25 GMT
Accept-Ranges: bytes
Content-Length: 1067
Keep-Alive: timeout=15, max=497
Content-Type: image/png
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e1b412269b0fac9f219807cf75c79fca
f1aa5efe4a8e509a2047c5082efc4f5c0f70f6cd
64985dd3ab78ffac3a1ce92b1ec26388473519700e98017dc1ca1ffef6cd6774
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "64985DD3AB78FFAC3A1CE92B1EC26388473519700E98017DC1CA1FFEF6CD6774"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17060
Expires: Fri, 02 Dec 2022 07:46:22 GMT
Date: Fri, 02 Dec 2022 03:02:02 GMT
Connection: keep-alive
secure.easterseals.com/images/visa_small.gif
74.123.152.171200 OK 1.3 kB URL HTTP/1.1 secure.easterseals.com/images/visa_small.gif
IP 74.123.152.171:0
File type GIF image data, version 89a, 37 x 23\012- data
Hash 6db9d3b85a26c2b3517b2a410a6f98fe
665de4c7b2b3df9559a178e41c555e76fc83129a
b140ff05c53cbedf64280a4a17e6c3e9eef9102b03b081d9e1e30e39573c069a
GET /images/visa_small.gif HTTP/1.1
Host: secure.easterseals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/site/Donation2;jsessionid=00000000.app20110a?df_id=20503&20503.donation=form1&s_src=jtk1009-fr-nd&utm_medium=email&utm_source=engage&utm_campaign=GT_2022&autologin=true&PREFILL_AMOUNT=$15.00&NONCE_TOKEN=0F55D009A148667D6E510B3C37BA6957
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 1
Date: Fri, 02 Dec 2022 03:02:02 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 21
ETag: "4f7-471117ac5aac0"
Server: Apache
Last-Modified: Fri, 14 Aug 2009 03:16:35 GMT
Accept-Ranges: bytes
Content-Length: 1271
Keep-Alive: timeout=15, max=36
Content-Type: image/gif
secure.easterseals.com/images/content/pagebuilder/American_Express_Verification_Code.jpg
74.123.152.171200 OK 16 kB URL HTTP/1.1 secure.easterseals.com/images/content/pagebuilder/American_Express_Verification_Code.jpg
IP 74.123.152.171:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 71x71, segment length 16, progressive, precision 8, 179x146, components 3\012- data
Hash 8d75b646901d10387e584b6ba99f5c42
6fed39d8211bab1d64a806f22cc45c13db6b86d8
dcefc3eaea81554447b3dfc436dbbc27042e71fb64e8175cdafe1fe759e593c1
GET /images/content/pagebuilder/American_Express_Verification_Code.jpg HTTP/1.1
Host: secure.easterseals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/site/Donation2;jsessionid=00000000.app20110a?df_id=20503&20503.donation=form1&s_src=jtk1009-fr-nd&utm_medium=email&utm_source=engage&utm_campaign=GT_2022&autologin=true&PREFILL_AMOUNT=$15.00&NONCE_TOKEN=0F55D009A148667D6E510B3C37BA6957
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 1
Date: Fri, 02 Dec 2022 03:02:02 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 21
ETag: "3fda-5711f97cd471d"
Server: Apache
Last-Modified: Mon, 16 Jul 2018 15:36:28 GMT
Accept-Ranges: bytes
Content-Length: 16346
Keep-Alive: timeout=15, max=351
Content-Type: image/jpeg
secure.easterseals.com/js/convio/logging.js
74.123.152.171200 OK 239 B URL HTTP/1.1 secure.easterseals.com/js/convio/logging.js
IP 74.123.152.171:0
File type ASCII text, with very long lines (576)
Hash 27c777073837dcbdbf342e757ff1561b
bcc56b4c2f2866c6714d8ffaca640bd352deafdb
a28a4b14b3d295bf2afcb56c31964d437bfcf5b945c8a1354007e330e2367b2b
GET /js/convio/logging.js HTTP/1.1
Host: secure.easterseals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/site/Donation2;jsessionid=00000000.app20110a?df_id=20503&20503.donation=form1&s_src=jtk1009-fr-nd&utm_medium=email&utm_source=engage&utm_campaign=GT_2022&autologin=true&PREFILL_AMOUNT=$15.00&NONCE_TOKEN=0F55D009A148667D6E510B3C37BA6957
Cookie: _gcl_au=1.1.918867410.1669950120
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 2
Date: Fri, 02 Dec 2022 03:02:01 GMT
Cache-Control: private
Connection: Keep-Alive
Via: NS-CACHE-10.0: 21
ETag: "290-4d5bd38b89a00"
Server: Apache
Last-Modified: Fri, 15 Feb 2013 06:09:44 GMT
Accept-Ranges: bytes
Cteonnt-Length: 656
Keep-Alive: timeout=15, max=402
Content-Type: application/x-javascript
Content-Encoding: gzip
Content-Length: 239
seal.digicert.com/seals/cascade/seal.min.js
3.19.8.217200 OK 3.3 kB URL HTTP/1.1 seal.digicert.com/seals/cascade/seal.min.js
IP 3.19.8.217:0
File type ASCII text, with very long lines (7741), with no line terminators
Hash 02dcd5ea231004305b668ecad0e0ee37
d8d16e16a55374e91cf8eb68374d60f315e3cc29
b330547e047a0b2529f3136dd520bc64d5a8ced171bdcff2065db886aae07219
GET /seals/cascade/seal.min.js HTTP/1.1
Host: seal.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 03:02:02 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
vary: Accept-Encoding
last-modified: Fri, 02 Dec 2022 00:12:40 GMT
etag: W/"1e3d-5eecd321cae00"
content-encoding: gzip
X-XSS-Protection: 1; mode=block, 1; mode=block
X-Content-Type-Options: nosniff, nosniff
Strict-Transport-Security: max-age=31536000
ocsp.godaddy.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash 0b414e130c818d917fe2d85ca706808c
582c06dfca93b3c792770ec16184781ff7af049b
22265244cefa0457a1372dffdbd16dd5e50db2f3147d83f56d9123e4516bf2e5
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 02 Dec 2022 03:02:02 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 01 Dec 2022 20:52:17 GMT
Expires: Fri, 02 Dec 2022 20:52:17 GMT
ETag: "582c06dfca93b3c792770ec16184781ff7af049b"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
secure.easterseals.com/jquery/jquery-detect-existing.js
74.123.152.171200 OK 323 B URL HTTP/1.1 secure.easterseals.com/jquery/jquery-detect-existing.js
IP 74.123.152.171:0
Hash 5db71d0ba284155e7bc14607f88e6291
31e8c0964c982a6fe1ec81b8e8063ae15e632ddf
8917d3cbe6d6d15a24bb58547774bcc0413dd2a3401e0811d6ba6eca02982851
GET /jquery/jquery-detect-existing.js HTTP/1.1
Host: secure.easterseals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/site/Donation2;jsessionid=00000000.app20110a?df_id=20503&20503.donation=form1&s_src=jtk1009-fr-nd&utm_medium=email&utm_source=engage&utm_campaign=GT_2022&autologin=true&PREFILL_AMOUNT=$15.00&NONCE_TOKEN=0F55D009A148667D6E510B3C37BA6957
Cookie: _gcl_au=1.1.918867410.1669950120; _ga_DEYHML97HR=GS1.1.1669950120.1.0.1669950120.0.0.0; _ga=GA1.1.1362702858.1669950121
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 03:02:02 GMT
Server: Apache
Last-Modified: Thu, 09 Aug 2012 04:01:20 GMT
ETag: "214-4c6cd47ada400"
Accept-Ranges: bytes
Cteonnt-Length: 532
Keep-Alive: timeout=15, max=470
Connection: Keep-Alive
Content-Type: application/x-javascript
Cache-Control: private
Content-Encoding: gzip
Content-Length: 323
tags.wdsvc.net/controller.js?id=100011
52.5.59.110302 Found 0 B URL HTTP/1.1 tags.wdsvc.net/controller.js?id=100011
IP 52.5.59.110:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /controller.js?id=100011 HTTP/1.1
Host: tags.wdsvc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: private, no-cache
location: https://tags.wdsvc.net/container.js?id=100011&v=4.10&t=1669950122438
Set-Cookie: _wdTest=accept; Domain=.wdsvc.net; Path=/; Max-Age=30; SameSite=none; secure; HttpOnly
wds_random=2022-12-02T03:02:02.438Z~2022-12-02T03:02:02.438Z|2995182159131095|40|; expires=Mon, 01 Dec 2025 03:02:02 GMT; domain=.wdsvc.net;path=/;SameSite=none; secure; HttpOnly
Date: Fri, 02 Dec 2022 03:02:02 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Transfer-Encoding: chunked
esanalytics.duckdns.org/matomo.js
45.76.30.222200 OK 66 kB URL HTTP/2 esanalytics.duckdns.org/matomo.js
IP 45.76.30.222:0
File type ASCII text, with very long lines (1601)
Hash a3a7245d6daf7d31d2069c0ba05879dd
ec1bf464889e71aec1ced6d8361a26c76e4a1460
d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /matomo.js HTTP/1.1
Host: esanalytics.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 02 Dec 2022 03:02:02 GMT
content-type: application/javascript
content-length: 65842
last-modified: Wed, 12 Oct 2022 16:00:42 GMT
etag: "6346e4aa-10132"
expires: Fri, 02 Dec 2022 04:02:02 GMT
pragma: public
cache-control: max-age=3600, public
accept-ranges: bytes
X-Firefox-Spdy: h2
secure.easterseals.com/images/content/pagebuilder/select_bg.png
74.123.152.171200 OK 97 kB URL HTTP/1.1 secure.easterseals.com/images/content/pagebuilder/select_bg.png
IP 74.123.152.171:0
File type PNG image data, 36 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash a05e6c317f55a55598f29262b88fc9a3
a04b501b43eee6b06b642b5b597f9a9decad6994
f0927ebd0458f37493523abe0fde2d42d077e3f7c68f9ca33a4f3406846d003b
GET /images/content/pagebuilder/select_bg.png HTTP/1.1
Host: secure.easterseals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/css/general_donation_styles_2016.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 03:02:01 GMT
Server: Apache
Last-Modified: Wed, 09 Dec 2015 18:08:59 GMT
ETag: "17a08-5267afbff3b38"
Accept-Ranges: bytes
Content-Length: 96776
Keep-Alive: timeout=15, max=159
Connection: Keep-Alive
Content-Type: image/png
secure.easterseals.com/jquery/jquery-1.6.4.min.js
74.123.152.171200 OK 41 kB URL HTTP/1.1 secure.easterseals.com/jquery/jquery-1.6.4.min.js
IP 74.123.152.171:0
File type Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Hash 5116190aac46215b7291c84060a75f6b
b7eca20016846ccc4809d422bd58e30649663266
5015a17e5cee1de0ef90b5ccf42994c76fff1f0873053ca36503d3f8cb3bde16
GET /jquery/jquery-1.6.4.min.js HTTP/1.1
Host: secure.easterseals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/site/Donation2;jsessionid=00000000.app20110a?df_id=20503&20503.donation=form1&s_src=jtk1009-fr-nd&utm_medium=email&utm_source=engage&utm_campaign=GT_2022&autologin=true&PREFILL_AMOUNT=$15.00&NONCE_TOKEN=0F55D009A148667D6E510B3C37BA6957
Cookie: _gcl_au=1.1.918867410.1669950120; _ga_DEYHML97HR=GS1.1.1669950120.1.0.1669950120.0.0.0; _ga=GA1.1.1362702858.1669950121
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 03:02:02 GMT
Server: Apache
Last-Modified: Fri, 29 May 2020 05:03:01 GMT
ETag: "20908-5a6c25c039167"
Accept-Ranges: bytes
Cteonnt-Length: 133384
Keep-Alive: timeout=15, max=461
Connection: Keep-Alive
Content-Type: application/x-javascript
Cache-Control: private
Content-Encoding: gzip
Transfer-Encoding: chunked
tags.wdsvc.net/container.js?id=100011&v=4.10&t=1669950122438
52.5.59.110200 OK 27 kB URL HTTP/1.1 tags.wdsvc.net/container.js?id=100011&v=4.10&t=1669950122438
IP 52.5.59.110:0
File type ASCII text, with very long lines (27185), with no line terminators
Hash 7e44e0d717d5ba27140384440ad822dd
28313d033a2caa2dbf72b48b8d0db8861c1c334a
c4169a9f65c97de05a77f68976aa5de0c41f94e3c9eb11461315745baf8e9b8c
GET /container.js?id=100011&v=4.10&t=1669950122438 HTTP/1.1
Host: tags.wdsvc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://secure.easterseals.com/
Connection: keep-alive
Cookie: _wdTest=accept; wds_random=2022-12-02T03:02:02.438Z~2022-12-02T03:02:02.438Z|2995182159131095|40|
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-length: 27185
Expires: Mon, 3 Jan 2005 13:00:00 GMT
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate
Set-Cookie: wds_random=2022-12-02T03:02:02.438Z~2022-12-02T03:02:02.438Z|2995182159131095|40|; expires=Mon, 01 Dec 2025 03:02:02 GMT; domain=.wdsvc.net;path=/; SameSite=none; secure; HttpOnly
Date: Fri, 02 Dec 2022 03:02:02 GMT
Connection: keep-alive
Keep-Alive: timeout=5
tags.wdsvc.net/tpc-eval/?lid=184d0c8aa2a-tags7-aa41a30a1f1d7
52.5.59.110200 OK 21 B URL HTTP/1.1 tags.wdsvc.net/tpc-eval/?lid=184d0c8aa2a-tags7-aa41a30a1f1d7
IP 52.5.59.110:0
File type ASCII text, with no line terminators
Hash 003a8361d4dd772481d7141c6ffe7ca5
1edd2f58fba4ac9191493fb71a5d2c2407e34c56
b0e70b299ab9c122ad93531fa8e5309833baecd53dd55c992c538f8b33bfa22d
GET /tpc-eval/?lid=184d0c8aa2a-tags7-aa41a30a1f1d7 HTTP/1.1
Host: tags.wdsvc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/
Cookie: _wdTest=accept; wds_random=2022-12-02T03:02:02.438Z~2022-12-02T03:02:02.438Z|2995182159131095|40|
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-length: 21
Expires: Mon, 3 Jan 2005 13:00:00 GMT
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate
Date: Fri, 02 Dec 2022 03:02:02 GMT
Connection: keep-alive
Keep-Alive: timeout=5
secure.easterseals.com/jquery/jquery-noconflict.js
74.123.152.171200 OK 574 B URL HTTP/1.1 secure.easterseals.com/jquery/jquery-noconflict.js
IP 74.123.152.171:0
Hash 7b7998f3980d2930126b9deeff54423c
b7a9b7fbee7598d46d1f5e4ec5071454c2fe9224
37a09d646039a96757a93098019d9fab6e6d97af26394a0a534d4b77775c8aa4
GET /jquery/jquery-noconflict.js HTTP/1.1
Host: secure.easterseals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/site/Donation2;jsessionid=00000000.app20110a?df_id=20503&20503.donation=form1&s_src=jtk1009-fr-nd&utm_medium=email&utm_source=engage&utm_campaign=GT_2022&autologin=true&PREFILL_AMOUNT=$15.00&NONCE_TOKEN=0F55D009A148667D6E510B3C37BA6957
Cookie: _gcl_au=1.1.918867410.1669950120; _ga_DEYHML97HR=GS1.1.1669950120.1.0.1669950120.0.0.0; _ga=GA1.1.1362702858.1669950121; _pk_ref.1.deb2=%5B%22GT_2022%22%2C%22%22%2C1669950121%2C%22%22%5D; _pk_id.1.deb2=70ab93d090409de7.1669950121.; _pk_ses.1.deb2=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 03:02:02 GMT
Server: Apache
Last-Modified: Thu, 09 Aug 2012 04:01:20 GMT
ETag: "46f-4c6cd47ada400"
Accept-Ranges: bytes
Cteonnt-Length: 1135
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Content-Type: application/x-javascript
Cache-Control: private
Content-Encoding: gzip
Content-Length: 574
region1.google-analytics.com/g/collect?v=2&tid=G-DEYHML97HR>m=2oebu0&_p=1084572448&cid=1362702858.1669950121&ul=en-us&sr=1280x1024&_s=1&sid=1669950120&sct=1&seg=0&dl=https%3A%2F%2Fsecure.easterseals.com%2Fsite%2FDonation2%3Bjsessionid%3D00000000.app20110a%3Fdf_id%3D20503%2620503.donation%3Dform1%26s_src%3Djtk1009-fr-nd%26utm_medium%3Demail%26utm_source%3Dengage%26utm_campaign%3DGT_2022%26autologin%3Dtrue%26PREFILL_AMOUNT%3D%2415.00%26NONCE_TOKEN%3D0F55D009A148667D6E510B3C37BA6957&dt=Support%20Easterseals%20-%20Easterseals&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-DEYHML97HR>m=2oebu0&_p=1084572448&cid=1362702858.1669950121&ul=en-us&sr=1280x1024&_s=1&sid=1669950120&sct=1&seg=0&dl=https%3A%2F%2Fsecure.easterseals.com%2Fsite%2FDonation2%3Bjsessionid%3D00000000.app20110a%3Fdf_id%3D20503%2620503.donation%3Dform1%26s_src%3Djtk1009-fr-nd%26utm_medium%3Demail%26utm_source%3Dengage%26utm_campaign%3DGT_2022%26autologin%3Dtrue%26PREFILL_AMOUNT%3D%2415.00%26NONCE_TOKEN%3D0F55D009A148667D6E510B3C37BA6957&dt=Support%20Easterseals%20-%20Easterseals&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-DEYHML97HR>m=2oebu0&_p=1084572448&cid=1362702858.1669950121&ul=en-us&sr=1280x1024&_s=1&sid=1669950120&sct=1&seg=0&dl=https%3A%2F%2Fsecure.easterseals.com%2Fsite%2FDonation2%3Bjsessionid%3D00000000.app20110a%3Fdf_id%3D20503%2620503.donation%3Dform1%26s_src%3Djtk1009-fr-nd%26utm_medium%3Demail%26utm_source%3Dengage%26utm_campaign%3DGT_2022%26autologin%3Dtrue%26PREFILL_AMOUNT%3D%2415.00%26NONCE_TOKEN%3D0F55D009A148667D6E510B3C37BA6957&dt=Support%20Easterseals%20-%20Easterseals&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://secure.easterseals.com
Connection: keep-alive
Referer: https://secure.easterseals.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://secure.easterseals.com
date: Fri, 02 Dec 2022 03:02:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.14200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.14:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 02 Dec 2022 02:46:55 GMT
expires: Fri, 02 Dec 2022 04:46:55 GMT
cache-control: public, max-age=7200
age: 907
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 49a9684674e0f1b3974c6427c5354fe4
c201e61bcda9cc91369f0c57f8236fcdd3db26c6
27b8d50242836a45aca1fcd0cb58e7f685011c1f93b57d0e3ea9a02400f8d801
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 03:02:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a11a991958dbd78dfb3392214590ef38
c5fb54ce1ad1c51598623b66827af482c565e0d5
01d67dc39941deea93712fa87453fd27679357916ab856358e0bda7a63b2624d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6178
Cache-Control: max-age=167050
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 03:02:02 GMT
Etag: "63893c12-1d7"
Expires: Sun, 04 Dec 2022 01:26:12 GMT
Last-Modified: Thu, 01 Dec 2022 23:43:14 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash aac45347379512c590ac14620e5693e5
4fd2f73f103879c06ea471eb35eb6a2f50ee825e
7a8e3f07e4e312c3b8fad4d6e89fc0e405163b4b7833d8eb68ba148a58b6b5a5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2736
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 03:02:02 GMT
Last-Modified: Fri, 02 Dec 2022 02:16:26 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
bat.bing.com/bat.js
204.79.197.200200 OK 11 kB IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (39007), with no line terminators
Hash 22e2e3226eb5ada04929a2e43307eeda
04615fa88f80567974bdeb0f103ca5909746ebd7
41feebdfb0b03cd7fee2eb886adef6f3f1f85d3f14215e9a388d2a50e42efb9b
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11421
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 09 Nov 2022 21:23:50 GMT
accept-ranges: bytes
etag: "077538f81f4d81:0"
vary: Accept-Encoding
set-cookie: MUID=20DD6690ACAF67D131C674FEAD5A66F8; domain=.bing.com; expires=Wed, 27-Dec-2023 03:02:02 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9FCF782869E94A60977DA7F73D939FE4 Ref B: OSL30EDGE0209 Ref C: 2022-12-02T03:02:02Z
date: Fri, 02 Dec 2022 03:02:02 GMT
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: BA+qVZMZB6QtxChtJo0KztjFdEbGLXPoOSc5OZc+qa14fm0By9GdY61nvetct8Fv36wP0dBV0OF7n56llg/smQ==
content-length: 27340
x-fb-trip-id: 1904183273
date: Fri, 02 Dec 2022 03:02:02 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/871726665/?random=1669950120395&cv=11&fst=1669950120395&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fsecure.easterseals.com%2Fsite%2FDonation2%3Bjsessionid%3D00000000.app20110a%3Fdf_id%3D20503%2620503.donation%3Dform1%26s_src%3Djtk1009-fr-nd%26utm_medium%3Demail%26utm_source%3Dengage%26utm_campaign%3DGT_2022%26autologin%3Dtrue%26PREFILL_AMOUNT%3D%2415.00%26NONCE_TOKEN%3D0F55D009A148667D6E510B3C37BA6957&tiba=Support%20Easterseals%20-%20Easterseals&auid=918867410.1669950120&rfmt=3&fmt=4
142.250.74.162200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/871726665/?random=1669950120395&cv=11&fst=1669950120395&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fsecure.easterseals.com%2Fsite%2FDonation2%3Bjsessionid%3D00000000.app20110a%3Fdf_id%3D20503%2620503.donation%3Dform1%26s_src%3Djtk1009-fr-nd%26utm_medium%3Demail%26utm_source%3Dengage%26utm_campaign%3DGT_2022%26autologin%3Dtrue%26PREFILL_AMOUNT%3D%2415.00%26NONCE_TOKEN%3D0F55D009A148667D6E510B3C37BA6957&tiba=Support%20Easterseals%20-%20Easterseals&auid=918867410.1669950120&rfmt=3&fmt=4
IP 142.250.74.162:0
File type ASCII text, with very long lines (2387), with no line terminators
Hash 0932889c574a80cec9c9320589b4336d
31721d9b98ea72e124d531734954419e7fb029df
41b9900b16da0507d78733404ed21b3c4ab973f1935fea79a62916b45e0ad529
GET /pagead/viewthroughconversion/871726665/?random=1669950120395&cv=11&fst=1669950120395&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fsecure.easterseals.com%2Fsite%2FDonation2%3Bjsessionid%3D00000000.app20110a%3Fdf_id%3D20503%2620503.donation%3Dform1%26s_src%3Djtk1009-fr-nd%26utm_medium%3Demail%26utm_source%3Dengage%26utm_campaign%3DGT_2022%26autologin%3Dtrue%26PREFILL_AMOUNT%3D%2415.00%26NONCE_TOKEN%3D0F55D009A148667D6E510B3C37BA6957&tiba=Support%20Easterseals%20-%20Easterseals&auid=918867410.1669950120&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 03:02:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1059
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 02-Dec-2022 03:17:02 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a11a991958dbd78dfb3392214590ef38
c5fb54ce1ad1c51598623b66827af482c565e0d5
01d67dc39941deea93712fa87453fd27679357916ab856358e0bda7a63b2624d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6178
Cache-Control: max-age=167050
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 03:02:02 GMT
Etag: "63893c12-1d7"
Expires: Sun, 04 Dec 2022 01:26:12 GMT
Last-Modified: Thu, 01 Dec 2022 23:43:14 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
secure.easterseals.com/favicon-new.ico
74.123.152.171200 OK 1.2 kB URL HTTP/1.1 secure.easterseals.com/favicon-new.ico
IP 74.123.152.171:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 5008f35b80ce8b0ecc4852ef44d2b1f8
fbf5736a8c5c64623c191decfb63a7843f2288c9
f36befd634fdf0fa7bc9a332223ee9980d82ed23965f15111c87ab5b1573c5ee
GET /favicon-new.ico HTTP/1.1
Host: secure.easterseals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/site/Donation2;jsessionid=00000000.app20110a?df_id=20503&20503.donation=form1&s_src=jtk1009-fr-nd&utm_medium=email&utm_source=engage&utm_campaign=GT_2022&autologin=true&PREFILL_AMOUNT=$15.00&NONCE_TOKEN=0F55D009A148667D6E510B3C37BA6957
Cookie: _gcl_au=1.1.918867410.1669950120; _ga_DEYHML97HR=GS1.1.1669950120.1.0.1669950120.0.0.0; _ga=GA1.1.1362702858.1669950121; _pk_ref.1.deb2=%5B%22GT_2022%22%2C%22%22%2C1669950121%2C%22%22%5D; _pk_id.1.deb2=70ab93d090409de7.1669950121.; _pk_ses.1.deb2=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 1
Date: Fri, 02 Dec 2022 03:02:02 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 21
ETag: "47e-57e557d8f7db2"
Server: Apache
Last-Modified: Mon, 31 Dec 2018 18:22:07 GMT
Accept-Ranges: bytes
Content-Length: 1150
Keep-Alive: timeout=15, max=127
Content-Type: image/x-icon
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 51d5484b700426c5612c309bbf14b114
026994960bfaaa4e2604b66cb795b2787fe300a2
e3e30a64f2e4fc59120c46b320d104f1b9d9a8af90106ab78715d14e49e11ae0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 03:02:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
secure.easterseals.com/bb/images/paypal_button.png
74.123.152.171200 OK 2.5 kB URL HTTP/1.1 secure.easterseals.com/bb/images/paypal_button.png
IP 74.123.152.171:0
File type PNG image data, 44 x 39, 8-bit/color RGB, non-interlaced\012- data
Hash db336f868765284a235109170f6699e5
007bfd5d6313841360f011bf1c434ba20d376791
b929da362a693de43b3e105c3ec94820150eb0e6c4296852203bdf9e5444fc07
GET /bb/images/paypal_button.png HTTP/1.1
Host: secure.easterseals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/css/general_donation_styles_2016.css
Cookie: _gcl_au=1.1.918867410.1669950120; _ga_DEYHML97HR=GS1.1.1669950120.1.0.1669950120.0.0.0; _ga=GA1.1.1362702858.1669950121; _pk_ref.1.deb2=%5B%22GT_2022%22%2C%22%22%2C1669950121%2C%22%22%5D; _pk_id.1.deb2=70ab93d090409de7.1669950121.; _pk_ses.1.deb2=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 1
Date: Fri, 02 Dec 2022 03:02:02 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 21
ETag: "995-52669c05b8efe"
Server: Apache
Last-Modified: Tue, 08 Dec 2015 21:35:24 GMT
Accept-Ranges: bytes
Content-Length: 2453
Keep-Alive: timeout=15, max=312
Content-Type: image/png
secure.easterseals.com/bb/images/es2016_radio_button_unclick.png
74.123.152.171200 OK 555 B URL HTTP/1.1 secure.easterseals.com/bb/images/es2016_radio_button_unclick.png
IP 74.123.152.171:0
File type PNG image data, 18 x 18, 8-bit/color RGB, non-interlaced\012- data
Hash 290daec7d9a0d509ad2b82488671bddc
b28445b82b95bd0880464727236d2d559466213c
66e5aaa21de0fc8b405c154674d319b1900c63485f2a0b1459713b79e1d34df5
GET /bb/images/es2016_radio_button_unclick.png HTTP/1.1
Host: secure.easterseals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/site/Donation2;jsessionid=00000000.app20110a?df_id=20503&20503.donation=form1&s_src=jtk1009-fr-nd&utm_medium=email&utm_source=engage&utm_campaign=GT_2022&autologin=true&PREFILL_AMOUNT=$15.00&NONCE_TOKEN=0F55D009A148667D6E510B3C37BA6957
Cookie: _gcl_au=1.1.918867410.1669950120; _ga_DEYHML97HR=GS1.1.1669950120.1.0.1669950120.0.0.0; _ga=GA1.1.1362702858.1669950121; _pk_ref.1.deb2=%5B%22GT_2022%22%2C%22%22%2C1669950121%2C%22%22%5D; _pk_id.1.deb2=70ab93d090409de7.1669950121.; _pk_ses.1.deb2=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 1
Date: Fri, 02 Dec 2022 03:02:02 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 21
ETag: "22b-5264c0c3791d7"
Server: Apache
Last-Modified: Mon, 07 Dec 2015 10:09:07 GMT
Accept-Ranges: bytes
Content-Length: 555
Keep-Alive: timeout=15, max=369
Content-Type: image/png
secure.easterseals.com/bb/images/creditcardimgs.png
74.123.152.171200 OK 12 kB URL HTTP/1.1 secure.easterseals.com/bb/images/creditcardimgs.png
IP 74.123.152.171:0
File type PNG image data, 216 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash 7001efb86151894d4c3f8c9d32100ad2
35944d188ff7f1830d941d0809fb9a7d840734d9
2c068f9efec0dcaac2fc504faf0298a3fcaa44f58230caaa55814ca8e5404c98
GET /bb/images/creditcardimgs.png HTTP/1.1
Host: secure.easterseals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/css/general_donation_styles_2016.css
Cookie: _gcl_au=1.1.918867410.1669950120; _ga_DEYHML97HR=GS1.1.1669950120.1.0.1669950120.0.0.0; _ga=GA1.1.1362702858.1669950121; _pk_ref.1.deb2=%5B%22GT_2022%22%2C%22%22%2C1669950121%2C%22%22%5D; _pk_id.1.deb2=70ab93d090409de7.1669950121.; _pk_ses.1.deb2=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 1
Date: Fri, 02 Dec 2022 03:02:02 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 21
ETag: "2e6d-52668bedba91e"
Server: Apache
Last-Modified: Tue, 08 Dec 2015 20:23:24 GMT
Accept-Ranges: bytes
Content-Length: 11885
Keep-Alive: timeout=15, max=474
Content-Type: image/png
secure.easterseals.com/bb/images/es2016_radio_button_click.png
74.123.152.171200 OK 817 B URL HTTP/1.1 secure.easterseals.com/bb/images/es2016_radio_button_click.png
IP 74.123.152.171:0
File type PNG image data, 18 x 18, 8-bit/color RGB, non-interlaced\012- data
Hash 29f5fd25e855aedba6be0cda415fb34e
051824b824ae253cad9e2483e69ee4bd57cf99ac
d6440c53b2e1754c030884cd733cc67291631a4487b04879c3d854e1eb852f4f
GET /bb/images/es2016_radio_button_click.png HTTP/1.1
Host: secure.easterseals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/site/Donation2;jsessionid=00000000.app20110a?df_id=20503&20503.donation=form1&s_src=jtk1009-fr-nd&utm_medium=email&utm_source=engage&utm_campaign=GT_2022&autologin=true&PREFILL_AMOUNT=$15.00&NONCE_TOKEN=0F55D009A148667D6E510B3C37BA6957
Cookie: _gcl_au=1.1.918867410.1669950120; _ga_DEYHML97HR=GS1.1.1669950120.1.0.1669950120.0.0.0; _ga=GA1.1.1362702858.1669950121; _pk_ref.1.deb2=%5B%22GT_2022%22%2C%22%22%2C1669950121%2C%22%22%5D; _pk_id.1.deb2=70ab93d090409de7.1669950121.; _pk_ses.1.deb2=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 1
Date: Fri, 02 Dec 2022 03:02:02 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 21
ETag: "331-5264c0c343c10"
Server: Apache
Last-Modified: Mon, 07 Dec 2015 10:09:07 GMT
Accept-Ranges: bytes
Content-Length: 817
Keep-Alive: timeout=15, max=484
Content-Type: image/png
vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
143.204.55.105200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
IP 143.204.55.105:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Hash e0652b84b7b3b650769c759fc520c3f8
0b55d6e28613350c7f41b88f19e726e6751ad03b
94b4c240f83065223dcacdd3f8b69cb229d0616edc3e2041eef3e270d859fc3d
GET /box-5e66f98b4ee957db209dc6f63e3d59dd.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1035
date: Wed, 23 Nov 2022 13:10:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "e0652b84b7b3b650769c759fc520c3f8"
last-modified: Wed, 23 Nov 2022 13:09:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: aXyf17Q2ON2Ei9Yzxg4s_ek9olixcLhSJd_N8EIYtFjvDomEYvksLQ==
age: 741117
X-Firefox-Spdy: h2
esanalytics.duckdns.org/matomo.php?action_name=Support%20Easterseals%20-%20Easterseals&idsite=1&rec=1&r=083768&h=3&m=2&s=0&url=https%3A%2F%2Fsecure.easterseals.com%2Fsite%2FDonation2%3Bjsessionid%3D00000000.app20110a%3Fdf_id%3D20503%2620503.donation%3Dform1%26s_src%3Djtk1009-fr-nd%26utm_medium%3Demail%26utm_source%3Dengage%26utm_campaign%3DGT_2022%26autologin%3Dtrue%26PREFILL_AMOUNT%3D%2415.00%26NONCE_TOKEN%3D0F55D009A148667D6E510B3C37BA6957&_id=70ab93d090409de7&_idn=1&cs=windows-1252&send_image=0&_rcn=GT_2022&_refts=1669950121&cookie=1&res=1280x1024&dimension1=national&pv_id=P2vAUr&pf_net=492&pf_srv=362&pf_tfr=151&pf_dm1=1364&uadata=%7B%7D
45.76.30.222204 No Content 0 B URL HTTP/2 esanalytics.duckdns.org/matomo.php?action_name=Support%20Easterseals%20-%20Easterseals&idsite=1&rec=1&r=083768&h=3&m=2&s=0&url=https%3A%2F%2Fsecure.easterseals.com%2Fsite%2FDonation2%3Bjsessionid%3D00000000.app20110a%3Fdf_id%3D20503%2620503.donation%3Dform1%26s_src%3Djtk1009-fr-nd%26utm_medium%3Demail%26utm_source%3Dengage%26utm_campaign%3DGT_2022%26autologin%3Dtrue%26PREFILL_AMOUNT%3D%2415.00%26NONCE_TOKEN%3D0F55D009A148667D6E510B3C37BA6957&_id=70ab93d090409de7&_idn=1&cs=windows-1252&send_image=0&_rcn=GT_2022&_refts=1669950121&cookie=1&res=1280x1024&dimension1=national&pv_id=P2vAUr&pf_net=492&pf_srv=362&pf_tfr=151&pf_dm1=1364&uadata=%7B%7D
IP 45.76.30.222:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery DynDNS domain detected
POST /matomo.php?action_name=Support%20Easterseals%20-%20Easterseals&idsite=1&rec=1&r=083768&h=3&m=2&s=0&url=https%3A%2F%2Fsecure.easterseals.com%2Fsite%2FDonation2%3Bjsessionid%3D00000000.app20110a%3Fdf_id%3D20503%2620503.donation%3Dform1%26s_src%3Djtk1009-fr-nd%26utm_medium%3Demail%26utm_source%3Dengage%26utm_campaign%3DGT_2022%26autologin%3Dtrue%26PREFILL_AMOUNT%3D%2415.00%26NONCE_TOKEN%3D0F55D009A148667D6E510B3C37BA6957&_id=70ab93d090409de7&_idn=1&cs=windows-1252&send_image=0&_rcn=GT_2022&_refts=1669950121&cookie=1&res=1280x1024&dimension1=national&pv_id=P2vAUr&pf_net=492&pf_srv=362&pf_tfr=151&pf_dm1=1364&uadata=%7B%7D HTTP/1.1
Host: esanalytics.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Content-Length: 0
Origin: https://secure.easterseals.com
Connection: keep-alive
Referer: https://secure.easterseals.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.18.0 (Ubuntu)
date: Fri, 02 Dec 2022 03:02:02 GMT
access-control-allow-origin: https://secure.easterseals.com
access-control-allow-credentials: true
referrer-policy: origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
secure.easterseals.com/jquery/plugins/ui/jquery-ui-1.8.16.custom.min.js
74.123.152.171200 OK 60 kB URL HTTP/1.1 secure.easterseals.com/jquery/plugins/ui/jquery-ui-1.8.16.custom.min.js
IP 74.123.152.171:0
File type ASCII text, with very long lines (559)
Hash 37a1ab748d46e10d1b54c79be3f0b148
522472bfb6ba298edfc895b5c1fa59e5513aad3f
92784ee46a33ed6941fd2647575b03ff08c12daa6132737dc90a9ad7e5a23b3e
GET /jquery/plugins/ui/jquery-ui-1.8.16.custom.min.js HTTP/1.1
Host: secure.easterseals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/site/Donation2;jsessionid=00000000.app20110a?df_id=20503&20503.donation=form1&s_src=jtk1009-fr-nd&utm_medium=email&utm_source=engage&utm_campaign=GT_2022&autologin=true&PREFILL_AMOUNT=$15.00&NONCE_TOKEN=0F55D009A148667D6E510B3C37BA6957
Cookie: _gcl_au=1.1.918867410.1669950120; _ga_DEYHML97HR=GS1.1.1669950120.1.0.1669950120.0.0.0; _ga=GA1.1.1362702858.1669950121; _pk_ref.1.deb2=%5B%22GT_2022%22%2C%22%22%2C1669950121%2C%22%22%5D; _pk_id.1.deb2=70ab93d090409de7.1669950121.; _pk_ses.1.deb2=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 03:02:03 GMT
Server: Apache
Last-Modified: Thu, 23 Feb 2012 05:26:27 GMT
ETag: "3361f-4b99ae2bd46c0"
Accept-Ranges: bytes
Cteonnt-Length: 210463
Keep-Alive: timeout=15, max=171
Connection: Keep-Alive
Content-Type: application/x-javascript
Cache-Control: private
Content-Encoding: gzip
Transfer-Encoding: chunked
script.hotjar.com/modules.90de377b639fd5b933d2.js
143.204.55.96200 OK 68 kB URL HTTP/2 script.hotjar.com/modules.90de377b639fd5b933d2.js
IP 143.204.55.96:0
File type Unicode text, UTF-8 text, with very long lines (48714)
Hash 8766036825574dfbddbfc197bd098f6b
3c6087743e1b23d7f071f66d65bec1fdb143a2c2
89c7cf4e7103f90d1cc059e02ac95e97a976de4867e6215945fa6046b04db0b8
GET /modules.90de377b639fd5b933d2.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 68504
date: Thu, 01 Dec 2022 13:37:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "8766036825574dfbddbfc197bd098f6b"
last-modified: Thu, 01 Dec 2022 13:36:28 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _nkdUrjMUDovNMHy1xERx207TZls9dqbuHpVK3KiA_7Gy-re7HLfRA==
age: 48297
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=11000037&tm=gtm002&Ver=2&mid=b78340e3-33b2-446e-85e4-d29d5fd01d87&sid=b139667071ed11eda93ea36ec0e94cb6&vid=b139a46071ed11eda9d4d757f759af4d&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Support%20Easterseals%20-%20Easterseals&p=https%3A%2F%2Fsecure.easterseals.com%2Fsite%2FDonation2%3Bjsessionid%3D00000000.app20110a%3Fdf_id%3D20503%2620503.donation%3Dform1%26s_src%3Djtk1009-fr-nd%26utm_medium%3Demail%26utm_source%3Dengage%26utm_campaign%3DGT_2022%26autologin%3Dtrue%26PREFILL_AMOUNT%3D%2415.00%26NONCE_TOKEN%3D0F55D009A148667D6E510B3C37BA6957&r=<=2760&evt=pageLoad&sv=1&rn=53026
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=11000037&tm=gtm002&Ver=2&mid=b78340e3-33b2-446e-85e4-d29d5fd01d87&sid=b139667071ed11eda93ea36ec0e94cb6&vid=b139a46071ed11eda9d4d757f759af4d&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Support%20Easterseals%20-%20Easterseals&p=https%3A%2F%2Fsecure.easterseals.com%2Fsite%2FDonation2%3Bjsessionid%3D00000000.app20110a%3Fdf_id%3D20503%2620503.donation%3Dform1%26s_src%3Djtk1009-fr-nd%26utm_medium%3Demail%26utm_source%3Dengage%26utm_campaign%3DGT_2022%26autologin%3Dtrue%26PREFILL_AMOUNT%3D%2415.00%26NONCE_TOKEN%3D0F55D009A148667D6E510B3C37BA6957&r=<=2760&evt=pageLoad&sv=1&rn=53026
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=11000037&tm=gtm002&Ver=2&mid=b78340e3-33b2-446e-85e4-d29d5fd01d87&sid=b139667071ed11eda93ea36ec0e94cb6&vid=b139a46071ed11eda9d4d757f759af4d&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Support%20Easterseals%20-%20Easterseals&p=https%3A%2F%2Fsecure.easterseals.com%2Fsite%2FDonation2%3Bjsessionid%3D00000000.app20110a%3Fdf_id%3D20503%2620503.donation%3Dform1%26s_src%3Djtk1009-fr-nd%26utm_medium%3Demail%26utm_source%3Dengage%26utm_campaign%3DGT_2022%26autologin%3Dtrue%26PREFILL_AMOUNT%3D%2415.00%26NONCE_TOKEN%3D0F55D009A148667D6E510B3C37BA6957&r=<=2760&evt=pageLoad&sv=1&rn=53026 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=083E05E34566608218F1178D44936193; domain=.bing.com; expires=Wed, 27-Dec-2023 03:02:03 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3FD977576CC84CF79B26DD40044C7D68 Ref B: OSL30EDGE0209 Ref C: 2022-12-02T03:02:03Z
date: Fri, 02 Dec 2022 03:02:02 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 81abfd63eeb2fadc85b31541378babb1
09d3223c1a2a4e2cbfcba0381ead2cee5ee0a200
c7665c83165956c11bdbe0509ae03bf6af1b34ca68bf352fbfd629dc3a04b815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 03:02:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 315873c315af2be891e63f8b421bae65
5277bb0c4fea2b036c6faf28d66395c96166ffd2
3f6657d352a42f8257409f2ed365a3fb928ac3eb74a34a2c74a433290182cc92
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 03:02:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/871726665/?random=1669950120395&cv=11&fst=1669950000000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fsecure.easterseals.com%2Fsite%2FDonation2%3Bjsessionid%3D00000000.app20110a%3Fdf_id%3D20503%2620503.donation%3Dform1%26s_src%3Djtk1009-fr-nd%26utm_medium%3Demail%26utm_source%3Dengage%26utm_campaign%3DGT_2022%26autologin%3Dtrue%26PREFILL_AMOUNT%3D%2415.00%26NONCE_TOKEN%3D0F55D009A148667D6E510B3C37BA6957&tiba=Support%20Easterseals%20-%20Easterseals&fmt=3&is_vtc=1&random=2209783293&rmt_tld=1&ipr=y
142.250.74.67200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/871726665/?random=1669950120395&cv=11&fst=1669950000000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fsecure.easterseals.com%2Fsite%2FDonation2%3Bjsessionid%3D00000000.app20110a%3Fdf_id%3D20503%2620503.donation%3Dform1%26s_src%3Djtk1009-fr-nd%26utm_medium%3Demail%26utm_source%3Dengage%26utm_campaign%3DGT_2022%26autologin%3Dtrue%26PREFILL_AMOUNT%3D%2415.00%26NONCE_TOKEN%3D0F55D009A148667D6E510B3C37BA6957&tiba=Support%20Easterseals%20-%20Easterseals&fmt=3&is_vtc=1&random=2209783293&rmt_tld=1&ipr=y
IP 142.250.74.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/871726665/?random=1669950120395&cv=11&fst=1669950000000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fsecure.easterseals.com%2Fsite%2FDonation2%3Bjsessionid%3D00000000.app20110a%3Fdf_id%3D20503%2620503.donation%3Dform1%26s_src%3Djtk1009-fr-nd%26utm_medium%3Demail%26utm_source%3Dengage%26utm_campaign%3DGT_2022%26autologin%3Dtrue%26PREFILL_AMOUNT%3D%2415.00%26NONCE_TOKEN%3D0F55D009A148667D6E510B3C37BA6957&tiba=Support%20Easterseals%20-%20Easterseals&fmt=3&is_vtc=1&random=2209783293&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 03:02:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/871726665/?random=1669950120395&cv=11&fst=1669950000000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fsecure.easterseals.com%2Fsite%2FDonation2%3Bjsessionid%3D00000000.app20110a%3Fdf_id%3D20503%2620503.donation%3Dform1%26s_src%3Djtk1009-fr-nd%26utm_medium%3Demail%26utm_source%3Dengage%26utm_campaign%3DGT_2022%26autologin%3Dtrue%26PREFILL_AMOUNT%3D%2415.00%26NONCE_TOKEN%3D0F55D009A148667D6E510B3C37BA6957&tiba=Support%20Easterseals%20-%20Easterseals&fmt=3&is_vtc=1&random=2209783293&rmt_tld=0&ipr=y
216.58.207.228200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/871726665/?random=1669950120395&cv=11&fst=1669950000000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fsecure.easterseals.com%2Fsite%2FDonation2%3Bjsessionid%3D00000000.app20110a%3Fdf_id%3D20503%2620503.donation%3Dform1%26s_src%3Djtk1009-fr-nd%26utm_medium%3Demail%26utm_source%3Dengage%26utm_campaign%3DGT_2022%26autologin%3Dtrue%26PREFILL_AMOUNT%3D%2415.00%26NONCE_TOKEN%3D0F55D009A148667D6E510B3C37BA6957&tiba=Support%20Easterseals%20-%20Easterseals&fmt=3&is_vtc=1&random=2209783293&rmt_tld=0&ipr=y
IP 216.58.207.228:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/871726665/?random=1669950120395&cv=11&fst=1669950000000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fsecure.easterseals.com%2Fsite%2FDonation2%3Bjsessionid%3D00000000.app20110a%3Fdf_id%3D20503%2620503.donation%3Dform1%26s_src%3Djtk1009-fr-nd%26utm_medium%3Demail%26utm_source%3Dengage%26utm_campaign%3DGT_2022%26autologin%3Dtrue%26PREFILL_AMOUNT%3D%2415.00%26NONCE_TOKEN%3D0F55D009A148667D6E510B3C37BA6957&tiba=Support%20Easterseals%20-%20Easterseals&fmt=3&is_vtc=1&random=2209783293&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 03:02:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bat.bing.com/p/action/11000037.js
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/11000037.js
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/11000037.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=3BD0A5DB2F1E6E6836EBB7B52EEB6F05; domain=.bing.com; expires=Wed, 27-Dec-2023 03:02:03 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6ED1F7A9A2314FE1B1B7C6D44D11122B Ref B: OSL30EDGE0209 Ref C: 2022-12-02T03:02:03Z
date: Fri, 02 Dec 2022 03:02:02 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 81abfd63eeb2fadc85b31541378babb1
09d3223c1a2a4e2cbfcba0381ead2cee5ee0a200
c7665c83165956c11bdbe0509ae03bf6af1b34ca68bf352fbfd629dc3a04b815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 03:02:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 533f66ef53706466ce20dc9aebf11812
0c0d713d538eb224deeb9241917a117205f16cb2
8ce7b68022c847b59b9a132ada3a75eea73bb57bae4683901c8df08fa255ba79
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 03:02:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
secure.easterseals.com/site/Donation2?idb=308320785&level_flexibleajaxfetch=true&df_id=20503&mfc_pref=T&level_flexibletotalcalculateBtn=true&20503.donation=form1&level_flexibleexpanded42513dynamicAmount=1500&level_flexibleexpandedsubmit=true&level_flexibleexpanded42516dynamicAmount=2500&level_flexibleexpandedsubmit=true&level_flexibleexpanded42515dynamicAmount=5000&level_flexibleexpandedsubmit=true&level_flexibleexpanded42526dynamicAmount=10000&level_flexibleexpandedsubmit=true&level_flexibleexpandedsubmit=true&level_flexibleexpandedsubmit=true&level_flexibleexpandedsubmit=true&level_flexibleexpandedsubmit=true&level_flexibleexpanded=42525&level_flexibleexpanded42525amount=15&level_flexibleexpandedsubmit=true&level_flexiblesubmit=true&level_flexiblegift_type=1&level_flexiblegift_typesubmit=true&level_flexibledurationsubmit_skip=true
74.123.152.171200 200 26 B URL HTTP/1.1 secure.easterseals.com/site/Donation2?idb=308320785&level_flexibleajaxfetch=true&df_id=20503&mfc_pref=T&level_flexibletotalcalculateBtn=true&20503.donation=form1&level_flexibleexpanded42513dynamicAmount=1500&level_flexibleexpandedsubmit=true&level_flexibleexpanded42516dynamicAmount=2500&level_flexibleexpandedsubmit=true&level_flexibleexpanded42515dynamicAmount=5000&level_flexibleexpandedsubmit=true&level_flexibleexpanded42526dynamicAmount=10000&level_flexibleexpandedsubmit=true&level_flexibleexpandedsubmit=true&level_flexibleexpandedsubmit=true&level_flexibleexpandedsubmit=true&level_flexibleexpandedsubmit=true&level_flexibleexpanded=42525&level_flexibleexpanded42525amount=15&level_flexibleexpandedsubmit=true&level_flexiblesubmit=true&level_flexiblegift_type=1&level_flexiblegift_typesubmit=true&level_flexibledurationsubmit_skip=true
IP 74.123.152.171:0
File type ASCII text, with no line terminators
Hash ad19e4f61d7d4032196f10e5e861bdf5
1ce3fb44e3833c8968962d952ce1de9f9d9c67b9
8c09ae039135711ae1c4941568400fb9469b0d17dd64d36902d6b3d9c5051201
GET /site/Donation2?idb=308320785&level_flexibleajaxfetch=true&df_id=20503&mfc_pref=T&level_flexibletotalcalculateBtn=true&20503.donation=form1&level_flexibleexpanded42513dynamicAmount=1500&level_flexibleexpandedsubmit=true&level_flexibleexpanded42516dynamicAmount=2500&level_flexibleexpandedsubmit=true&level_flexibleexpanded42515dynamicAmount=5000&level_flexibleexpandedsubmit=true&level_flexibleexpanded42526dynamicAmount=10000&level_flexibleexpandedsubmit=true&level_flexibleexpandedsubmit=true&level_flexibleexpandedsubmit=true&level_flexibleexpandedsubmit=true&level_flexibleexpandedsubmit=true&level_flexibleexpanded=42525&level_flexibleexpanded42525amount=15&level_flexibleexpandedsubmit=true&level_flexiblesubmit=true&level_flexiblegift_type=1&level_flexiblegift_typesubmit=true&level_flexibledurationsubmit_skip=true HTTP/1.1
Host: secure.easterseals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://secure.easterseals.com/site/Donation2;jsessionid=00000000.app20110a?df_id=20503&20503.donation=form1&s_src=jtk1009-fr-nd&utm_medium=email&utm_source=engage&utm_campaign=GT_2022&autologin=true&PREFILL_AMOUNT=$15.00&NONCE_TOKEN=0F55D009A148667D6E510B3C37BA6957
Cookie: JSESSIONID=5CF9BC2D975AF7D5674AF8F8F5BF2FBE.app20110a; _gcl_au=1.1.918867410.1669950120; _ga_DEYHML97HR=GS1.1.1669950120.1.0.1669950120.0.0.0; _ga=GA1.2.1362702858.1669950121; _pk_ref.1.deb2=%5B%22GT_2022%22%2C%22%22%2C1669950121%2C%22%22%5D; _pk_id.1.deb2=70ab93d090409de7.1669950121.; _pk_ses.1.deb2=1; _gid=GA1.2.1447634711.1669950121; _uetsid=b139667071ed11eda93ea36ec0e94cb6; _uetvid=b139a46071ed11eda9d4d757f759af4d
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 200
Date: Fri, 02 Dec 2022 03:02:03 GMT
Server: Apache
X-Content-Type-Options: nosniff
Cache-Control: no-cache, no-store
Pragma: no-cache
Set-Cookie: JSESSIONID=5CF9BC2D975AF7D5674AF8F8F5BF2FBE.app20110a; Path=/site/
JSESSIONID=5CF9BC2D975AF7D5674AF8F8F5BF2FBE.app20110a;Path=/site/CRConsAPI; Secure; SameSite=None
JSESSIONID=5CF9BC2D975AF7D5674AF8F8F5BF2FBE.app20110a;Path=/site/CrmRest; Secure; SameSite=None
JSESSIONID=5CF9BC2D975AF7D5674AF8F8F5BF2FBE.app20110a;Path=/site/AnonymousLogin; Secure; SameSite=None
JSESSIONID=5CF9BC2D975AF7D5674AF8F8F5BF2FBE.app20110a;Path=/site/CRDonationAPI; Secure; SameSite=None
Content-Security-Policy: frame-ancestors 'self' *.facebook.com *.salesforce.com *.convio.net *.google.com *.force.com facebook.com salesforce.com convio.net google.com force.com *.easterseals.com easterseals.com; report-uri https://secure.easterseals.com/site/XFrameViolation
X-Frame-Options: allow-from 'self' *.facebook.com *.salesforce.com *.convio.net *.google.com *.force.com facebook.com salesforce.com convio.net google.com force.com *.easterseals.com easterseals.com
Cteonnt-Length: 6
Keep-Alive: timeout=15, max=280
Connection: Keep-Alive
Content-Type: text/html;charset=ISO-8859-1
Content-Encoding: gzip
Content-Length: 26
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-2424721-1&cid=1362702858.1669950121&jid=1573710819&gjid=2127130649&_gid=1447634711.1669950121&_u=KCDAiEITRAAAAEAAI~&z=845248138
108.177.14.154200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-2424721-1&cid=1362702858.1669950121&jid=1573710819&gjid=2127130649&_gid=1447634711.1669950121&_u=KCDAiEITRAAAAEAAI~&z=845248138
IP 108.177.14.154:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-2424721-1&cid=1362702858.1669950121&jid=1573710819&gjid=2127130649&_gid=1447634711.1669950121&_u=KCDAiEITRAAAAEAAI~&z=845248138 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://secure.easterseals.com
Connection: keep-alive
Referer: https://secure.easterseals.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://secure.easterseals.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 02 Dec 2022 03:02:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=356063674761505&ev=PageView&dl=https%3A%2F%2Fsecure.easterseals.com%2Fsite%2FDonation2%3Bjsessionid%3D00000000.app20110a%3Fdf_id%3D20503%2620503.donation%3Dform1%26s_src%3Djtk1009-fr-nd%26utm_medium%3Demail%26utm_source%3Dengage%26utm_campaign%3DGT_2022%26autologin%3Dtrue%26PREFILL_AMOUNT%3D%2415.00%26NONCE_TOKEN%3D0F55D009A148667D6E510B3C37BA6957&rl=&if=false&ts=1669950121667&sw=1280&sh=1024&v=2.9.89&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1669950121666.651095922&it=1669950121294&coo=false&rqm=GET
157.240.240.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=356063674761505&ev=PageView&dl=https%3A%2F%2Fsecure.easterseals.com%2Fsite%2FDonation2%3Bjsessionid%3D00000000.app20110a%3Fdf_id%3D20503%2620503.donation%3Dform1%26s_src%3Djtk1009-fr-nd%26utm_medium%3Demail%26utm_source%3Dengage%26utm_campaign%3DGT_2022%26autologin%3Dtrue%26PREFILL_AMOUNT%3D%2415.00%26NONCE_TOKEN%3D0F55D009A148667D6E510B3C37BA6957&rl=&if=false&ts=1669950121667&sw=1280&sh=1024&v=2.9.89&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1669950121666.651095922&it=1669950121294&coo=false&rqm=GET
IP 157.240.240.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=356063674761505&ev=PageView&dl=https%3A%2F%2Fsecure.easterseals.com%2Fsite%2FDonation2%3Bjsessionid%3D00000000.app20110a%3Fdf_id%3D20503%2620503.donation%3Dform1%26s_src%3Djtk1009-fr-nd%26utm_medium%3Demail%26utm_source%3Dengage%26utm_campaign%3DGT_2022%26autologin%3Dtrue%26PREFILL_AMOUNT%3D%2415.00%26NONCE_TOKEN%3D0F55D009A148667D6E510B3C37BA6957&rl=&if=false&ts=1669950121667&sw=1280&sh=1024&v=2.9.89&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1669950121666.651095922&it=1669950121294&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Fri, 02 Dec 2022 03:02:03 GMT
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 1dddd4bcea49aa6effe2a4ca728714e2
d09cdcc6caf35a9ed4e411637bee00e309fafd1b
7aa83fe655e2d6859e3534f058e417b6713a992349d2f543b06b98285f850b06
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=133977
Date: Fri, 02 Dec 2022 03:02:03 GMT
Etag: "6388c757-1d7"
Expires: Sat, 03 Dec 2022 16:15:00 GMT
Last-Modified: Thu, 01 Dec 2022 15:25:11 GMT
Server: ECS (nyb/1D14)
X-Cache: Miss from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: dmWOojn9vMFiPHagybvalti2nw6u2oMcjJWzMjZECWveHJoBMTajVw==
Age: 2989
pixel.quantserve.com/pixel;r=1299398566;source=gtm;event=refresh;labels=_fp.event.Default;rf=0;a=p-zZ-bdZEzfX09m;url=https%3A%2F%2Fsecure.easterseals.com%2Fsite%2FDonation2%3Bjsessionid%3D00000000.app20110a%3Fdf_id%3D20503%2620503.donation%3Dform1%26s_src%3Djtk1009-fr-nd%26utm_medium%3Demail%26utm_source%3Dengage%26utm_campaign%3DGT_2022%26autologin%3Dtrue%26PREFILL_AMOUNT%3D%2415.00%26NONCE_TOKEN%3D0F55D009A148667D6E510B3C37BA6957;uht=2;fpan=1;fpa=P0-1319429139-1669950121320;pbc=;ns=0;ce=1;qjs=1;qv=48c6ea86-20221121114006;cm=;gdpr=0;ref=;d=easterseals.com;dst=0;et=1669950121947;tzo=0;ogl=url.https%3A%2F%2Fsecure%252Eeasterseals%252Ecom%2Fsite%2FDonation2%3Bjsessionid%3D00000000%252Eapp20110a%3Fdf_i%2Ctitle.Support%20Easterseals%2Cdescription.Advocating%20for%20full%252C%20equity%252C%20inclusion%252C%20and%20access%2Ctype.website%2Cimage.https%3A%2F%2Fsecure%252Eeasterseals%252Ecom%2Fimages%2Fbackdrops%2Fdonation_backdrop_08%252Ejpg%2Cimage%3Aalt.All%20Abilities%252E%20Limitless%20Possibilities%252E%2Cimage%3Awidth.1360%2Cimage%3Aheight.1150;ses=17f437ee-acba-41dd-8621-82acbe2868b7
91.228.74.251200 OK 35 B URL HTTP/2 pixel.quantserve.com/pixel;r=1299398566;source=gtm;event=refresh;labels=_fp.event.Default;rf=0;a=p-zZ-bdZEzfX09m;url=https%3A%2F%2Fsecure.easterseals.com%2Fsite%2FDonation2%3Bjsessionid%3D00000000.app20110a%3Fdf_id%3D20503%2620503.donation%3Dform1%26s_src%3Djtk1009-fr-nd%26utm_medium%3Demail%26utm_source%3Dengage%26utm_campaign%3DGT_2022%26autologin%3Dtrue%26PREFILL_AMOUNT%3D%2415.00%26NONCE_TOKEN%3D0F55D009A148667D6E510B3C37BA6957;uht=2;fpan=1;fpa=P0-1319429139-1669950121320;pbc=;ns=0;ce=1;qjs=1;qv=48c6ea86-20221121114006;cm=;gdpr=0;ref=;d=easterseals.com;dst=0;et=1669950121947;tzo=0;ogl=url.https%3A%2F%2Fsecure%252Eeasterseals%252Ecom%2Fsite%2FDonation2%3Bjsessionid%3D00000000%252Eapp20110a%3Fdf_i%2Ctitle.Support%20Easterseals%2Cdescription.Advocating%20for%20full%252C%20equity%252C%20inclusion%252C%20and%20access%2Ctype.website%2Cimage.https%3A%2F%2Fsecure%252Eeasterseals%252Ecom%2Fimages%2Fbackdrops%2Fdonation_backdrop_08%252Ejpg%2Cimage%3Aalt.All%20Abilities%252E%20Limitless%20Possibilities%252E%2Cimage%3Awidth.1360%2Cimage%3Aheight.1150;ses=17f437ee-acba-41dd-8621-82acbe2868b7
IP 91.228.74.251:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55d25e9dc950d5db4d53a3b195c046c6
75e91ae3e549dab12ed1c9787ade9131aef1c981
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
GET /pixel;r=1299398566;source=gtm;event=refresh;labels=_fp.event.Default;rf=0;a=p-zZ-bdZEzfX09m;url=https%3A%2F%2Fsecure.easterseals.com%2Fsite%2FDonation2%3Bjsessionid%3D00000000.app20110a%3Fdf_id%3D20503%2620503.donation%3Dform1%26s_src%3Djtk1009-fr-nd%26utm_medium%3Demail%26utm_source%3Dengage%26utm_campaign%3DGT_2022%26autologin%3Dtrue%26PREFILL_AMOUNT%3D%2415.00%26NONCE_TOKEN%3D0F55D009A148667D6E510B3C37BA6957;uht=2;fpan=1;fpa=P0-1319429139-1669950121320;pbc=;ns=0;ce=1;qjs=1;qv=48c6ea86-20221121114006;cm=;gdpr=0;ref=;d=easterseals.com;dst=0;et=1669950121947;tzo=0;ogl=url.https%3A%2F%2Fsecure%252Eeasterseals%252Ecom%2Fsite%2FDonation2%3Bjsessionid%3D00000000%252Eapp20110a%3Fdf_i%2Ctitle.Support%20Easterseals%2Cdescription.Advocating%20for%20full%252C%20equity%252C%20inclusion%252C%20and%20access%2Ctype.website%2Cimage.https%3A%2F%2Fsecure%252Eeasterseals%252Ecom%2Fimages%2Fbackdrops%2Fdonation_backdrop_08%252Ejpg%2Cimage%3Aalt.All%20Abilities%252E%20Limitless%20Possibilities%252E%2Cimage%3Awidth.1360%2Cimage%3Aheight.1150;ses=17f437ee-acba-41dd-8621-82acbe2868b7 HTTP/1.1
Host: pixel.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 03:02:03 GMT
content-type: image/gif
content-length: 35
cache-control: private, no-cache, no-store, proxy-revalidate
expires: Fri, 04 Aug 1978 12:00:00 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
set-cookie: mc=63896aab-9523e-db510-a48ba; expires=Tue, 02-Jan-2024 03:02:03 GMT; path=/; domain=.quantserve.com
X-Firefox-Spdy: h2
secure.easterseals.com/site/AjaxHelper;jsessionid=00000000.app20110a?NONCE_TOKEN=52163A15DA7E477723531E3E31912B39
74.123.152.171200 200 6.2 kB URL HTTP/1.1 secure.easterseals.com/site/AjaxHelper;jsessionid=00000000.app20110a?NONCE_TOKEN=52163A15DA7E477723531E3E31912B39
IP 74.123.152.171:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (449)
Hash 21929db3b719b6b05e84a5b82bbaa203
4e83bd2a06fa6b722e497e4a751968177939da74
3e61627265e2c8ceded2e6c44bfca9828eebee4764fdd12cdb8171277d5a36d2
POST /site/AjaxHelper;jsessionid=00000000.app20110a?NONCE_TOKEN=52163A15DA7E477723531E3E31912B39 HTTP/1.1
Host: secure.easterseals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://secure.easterseals.com
Connection: keep-alive
Referer: https://secure.easterseals.com/site/Donation2;jsessionid=00000000.app20110a?df_id=20503&20503.donation=form1&s_src=jtk1009-fr-nd&utm_medium=email&utm_source=engage&utm_campaign=GT_2022&autologin=true&PREFILL_AMOUNT=$15.00&NONCE_TOKEN=0F55D009A148667D6E510B3C37BA6957
Cookie: JSESSIONID=5CF9BC2D975AF7D5674AF8F8F5BF2FBE.app20110a; _gcl_au=1.1.918867410.1669950120; _ga_DEYHML97HR=GS1.1.1669950120.1.0.1669950120.0.0.0; _ga=GA1.2.1362702858.1669950121; _pk_ref.1.deb2=%5B%22GT_2022%22%2C%22%22%2C1669950121%2C%22%22%5D; _pk_id.1.deb2=70ab93d090409de7.1669950121.; _pk_ses.1.deb2=1; _gid=GA1.2.1447634711.1669950121; _uetsid=b139667071ed11eda93ea36ec0e94cb6; _uetvid=b139a46071ed11eda9d4d757f759af4d; _clck=19cm1vo|1|f72|0; _fbp=fb.1.1669950121666.651095922; _gat=1; _hjSessionUser_1985657=eyJpZCI6IjRmZGJhNGIwLWMwY2UtNTYxMC1hMWU0LTJhMGJkZDA5M2YzNSIsImNyZWF0ZWQiOjE2Njk5NTAxMjE2MTEsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=1; _hjSession_1985657=eyJpZCI6IjcyN2M5MzU0LWIwOGYtNDliNS1hNDE5LTkxZDdmYmIzNDI4MyIsImNyZWF0ZWQiOjE2Njk5NTAxMjE2ODcsImluU2FtcGxlIjp0cnVlfQ==; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=0; __qca=P0-1319429139-1669950121320
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
HTTP/1.1 200 200
Date: Fri, 02 Dec 2022 03:02:03 GMT
Server: Apache
X-Content-Type-Options: nosniff
Cache-Control: no-store
Pragma: no-cache
Set-Cookie: JSESSIONID=5CF9BC2D975AF7D5674AF8F8F5BF2FBE.app20110a; Path=/site/
JSESSIONID=5CF9BC2D975AF7D5674AF8F8F5BF2FBE.app20110a;Path=/site/CRConsAPI; Secure; SameSite=None
JSESSIONID=5CF9BC2D975AF7D5674AF8F8F5BF2FBE.app20110a;Path=/site/CrmRest; Secure; SameSite=None
JSESSIONID=5CF9BC2D975AF7D5674AF8F8F5BF2FBE.app20110a;Path=/site/AnonymousLogin; Secure; SameSite=None
JSESSIONID=5CF9BC2D975AF7D5674AF8F8F5BF2FBE.app20110a;Path=/site/CRDonationAPI; Secure; SameSite=None
Content-Security-Policy: frame-ancestors 'self' *.facebook.com *.salesforce.com *.convio.net *.google.com *.force.com facebook.com salesforce.com convio.net google.com force.com *.easterseals.com easterseals.com; report-uri https://secure.easterseals.com/site/XFrameViolation
X-Frame-Options: allow-from 'self' *.facebook.com *.salesforce.com *.convio.net *.google.com *.force.com facebook.com salesforce.com convio.net google.com force.com *.easterseals.com easterseals.com
Keep-Alive: timeout=15, max=470
Connection: Keep-Alive
Content-Type: text/html;charset=ISO-8859-1
Content-Encoding: gzip
Transfer-Encoding: chunked
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 902
Origin: https://secure.easterseals.com
Connection: keep-alive
Referer: https://secure.easterseals.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://secure.easterseals.com
access-control-allow-credentials: true
date: Fri, 02 Dec 2022 03:02:03 GMT
X-Firefox-Spdy: h2
in.hotjar.com/api/v2/client/sites/1985657/visit-data?sv=7
99.80.127.52200 OK 95 B URL HTTP/2 in.hotjar.com/api/v2/client/sites/1985657/visit-data?sv=7
IP 99.80.127.52:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 039d32f7359c34eee13f02bae640eff7
7550a24e404da6c533fa8597113eec17a6d55f4c
1874a3ed03bfe4289ca3a8cc3c495a498033ddb248a6fbdcdce02e70065eca54
POST /api/v2/client/sites/1985657/visit-data?sv=7 HTTP/1.1
Host: in.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 112
Origin: https://secure.easterseals.com
Connection: keep-alive
Referer: https://secure.easterseals.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 03:02:03 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2
c.clarity.ms/c.gif
20.234.93.27302 Found 0 B IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=E3227FE0EDF44D2E8DC154A3794DF752&RedC=c.clarity.ms&MXFR=0DDB5958A6A7680E132F4B36A2A7660E
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=0DDB5958A6A7680E132F4B36A2A7660E; domain=.clarity.ms; expires=Wed, 27-Dec-2023 03:02:04 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Fri, 02 Dec 2022 03:02:03 GMT
content-length: 0
X-Firefox-Spdy: h2
c.bing.com/c.gif?CtsSyncId=E3227FE0EDF44D2E8DC154A3794DF752&RedC=c.clarity.ms&MXFR=0DDB5958A6A7680E132F4B36A2A7660E
204.79.197.200302 Found 0 B URL HTTP/2 c.bing.com/c.gif?CtsSyncId=E3227FE0EDF44D2E8DC154A3794DF752&RedC=c.clarity.ms&MXFR=0DDB5958A6A7680E132F4B36A2A7660E
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif?CtsSyncId=E3227FE0EDF44D2E8DC154A3794DF752&RedC=c.clarity.ms&MXFR=0DDB5958A6A7680E132F4B36A2A7660E HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://secure.easterseals.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=E3227FE0EDF44D2E8DC154A3794DF752&MUID=21D44C4E997C64252E9C5E20988965DE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=21D44C4E997C64252E9C5E20988965DE; domain=c.bing.com; expires=Wed, 27-Dec-2023 03:02:04 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D09D541CADA34B2494C046708E34D51A Ref B: OSL30EDGE0209 Ref C: 2022-12-02T03:02:04Z
date: Fri, 02 Dec 2022 03:02:03 GMT
content-length: 0
X-Firefox-Spdy: h2
c.clarity.ms/c.gif?CtsSyncId=E3227FE0EDF44D2E8DC154A3794DF752&MUID=21D44C4E997C64252E9C5E20988965DE
20.234.93.27200 OK 42 B URL HTTP/2 c.clarity.ms/c.gif?CtsSyncId=E3227FE0EDF44D2E8DC154A3794DF752&MUID=21D44C4E997C64252E9C5E20988965DE
IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash 32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
GET /c.gif?CtsSyncId=E3227FE0EDF44D2E8DC154A3794DF752&MUID=21D44C4E997C64252E9C5E20988965DE HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://secure.easterseals.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Thu, 13 Oct 2022 20:07:05 GMT
accept-ranges: bytes
etag: "40db785d3fdfd81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Fri, 02-Dec-2022 03:12:04 GMT; path=/; SameSite=None; Secure;
date: Fri, 02 Dec 2022 03:02:03 GMT
content-length: 42
X-Firefox-Spdy: h2
seal.digicert.com/seals/cascade/?tag=jRYEKqSz&referer=secure.easterseals.com&format=png
3.19.8.217200 OK 6.7 kB URL HTTP/1.1 seal.digicert.com/seals/cascade/?tag=jRYEKqSz&referer=secure.easterseals.com&format=png
IP 3.19.8.217:0
File type PNG image data, 201 x 101, 8-bit/color RGBA, non-interlaced\012- data
Hash 77c0928ba8c6607dddac6a5ef27409e2
494d5c1fb9c63eddb9e245d8868ed595f4cd8762
6c9cccb8ff4e878e33e299cf8f824f327610c89f343a752c1df68a71f1f84a18
GET /seals/cascade/?tag=jRYEKqSz&referer=secure.easterseals.com&format=png HTTP/1.1
Host: seal.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 03:02:04 GMT
Content-Type: image/png
Content-Length: 6731
Connection: keep-alive
last-modified: Fri, 02 Dec 2022 00:00:00 +0000
cache-control: max-age=86400
expires: Sat, 03 Dec 2022 03:02:04 +0000
X-XSS-Protection: 1; mode=block, 1; mode=block
X-Content-Type-Options: nosniff, nosniff
Strict-Transport-Security: max-age=31536000
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 80343
Origin: https://secure.easterseals.com
Connection: keep-alive
Referer: https://secure.easterseals.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://secure.easterseals.com
access-control-allow-credentials: true
date: Fri, 02 Dec 2022 03:02:03 GMT
X-Firefox-Spdy: h2
tags.wdsvc.net/post-log?v=4.10&t=1669950122538
52.5.59.110200 OK 0 B URL HTTP/1.1 tags.wdsvc.net/post-log?v=4.10&t=1669950122538
IP 52.5.59.110:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /post-log?v=4.10&t=1669950122538 HTTP/1.1
Host: tags.wdsvc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 896
Origin: https://secure.easterseals.com
Connection: keep-alive
Referer: https://secure.easterseals.com/
Cookie: _wdTest=accept; wds_random=2022-12-02T03:02:02.438Z~2022-12-02T03:02:02.438Z|2995182159131095|40|
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Origin: https://secure.easterseals.com
Access-Control-Allow-Credentials: true
Content-Type: text/html
Content-length: 0
Set-Cookie: wds_random=2022-12-02T03:02:02.438Z~2022-12-02T03:02:02.438Z|2995182159131095|40|; expires=Mon, 01 Dec 2025 03:02:04 GMT; domain=.wdsvc.net;path=/; SameSite=none; secure; HttpOnly
Date: Fri, 02 Dec 2022 03:02:04 GMT
Connection: keep-alive
Keep-Alive: timeout=5
ocsp.globalsign.com/gsgccr3dvtlsca2020
151.101.2.133200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 151.101.2.133:0
Hash f640cc98e145a8705495c33b812ed5c0
dbc42de141aabff0db87618b4950123e2e06142a
4742cc385a294b522b9aae280f247e5b29f16e3605aabf07b418ad341a38831a
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1414
Server: nginx
Content-Type: application/ocsp-response
Expires: Tue, 06 Dec 2022 01:46:38 GMT
ETag: "dbc42de141aabff0db87618b4950123e2e06142a"
Last-Modified: Fri, 02 Dec 2022 01:46:39 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Fri, 02 Dec 2022 03:02:04 GMT
Age: 3401
X-Served-By: cache-qpg1235-QPG, cache-bma1669-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 31, 7
X-Timer: S1669950125.794297,VS0,VE0
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 693
Origin: https://secure.easterseals.com
Connection: keep-alive
Referer: https://secure.easterseals.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://secure.easterseals.com
access-control-allow-credentials: true
date: Fri, 02 Dec 2022 03:02:06 GMT
X-Firefox-Spdy: h2
insight.adsrvr.org/track/conv/?adv=jlsx3s4&ct=0:gzj1qvw&fmt=3&orderid=&vf=&v=&td1=184d0c8aa2a-tags7-aa41a30a1f1d7
52.223.40.198200 OK 0 B URL HTTP/2 insight.adsrvr.org/track/conv/?adv=jlsx3s4&ct=0:gzj1qvw&fmt=3&orderid=&vf=&v=&td1=184d0c8aa2a-tags7-aa41a30a1f1d7
IP 52.223.40.198:0
GET /track/conv/?adv=jlsx3s4&ct=0:gzj1qvw&fmt=3&orderid=&vf=&v=&td1=184d0c8aa2a-tags7-aa41a30a1f1d7 HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 03:02:04 GMT
content-type: image/gif
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
insight.adsrvr.org/track/conv/?adv=jlsx3s4&ct=0:4y5kggi&fmt=3&orderid=&vf=&v=&td1=184d0c8aa2a-tags7-aa41a30a1f1d7
52.223.40.198200 OK 0 B URL HTTP/2 insight.adsrvr.org/track/conv/?adv=jlsx3s4&ct=0:4y5kggi&fmt=3&orderid=&vf=&v=&td1=184d0c8aa2a-tags7-aa41a30a1f1d7
IP 52.223.40.198:0
GET /track/conv/?adv=jlsx3s4&ct=0:4y5kggi&fmt=3&orderid=&vf=&v=&td1=184d0c8aa2a-tags7-aa41a30a1f1d7 HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 03:02:04 GMT
content-type: image/gif
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:400,700,700italic,500italic,500,400italic|Material+Icons
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:400,700,700italic,500italic,500,400italic|Material+Icons
IP 142.250.74.106:0
GET /css?family=Roboto:400,700,700italic,500italic,500,400italic|Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Dec 2022 03:02:00 GMT
date: Fri, 02 Dec 2022 03:02:00 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
secure.quantserve.com/quant.js
91.228.74.251200 OK 0 B URL HTTP/2 secure.quantserve.com/quant.js
IP 91.228.74.251:0
GET /quant.js HTTP/1.1
Host: secure.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 03:02:02 GMT
content-type: application/javascript
accept-ranges: bytes
cache-control: private, max-age=604800
content-encoding: gzip
etag: "nAbmxtqHqaYrwBiADJAeFg=="
expires: Fri, 09 Dec 2022 03:02:02 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
www.clarity.ms/tag/56gpkrx4mn
13.107.246.53200 OK 0 B URL HTTP/2 www.clarity.ms/tag/56gpkrx4mn
IP 13.107.246.53:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
GET /tag/56gpkrx4mn HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/x-javascript
expires: -1
set-cookie: CLID=85a4fddb426041499a796de2a360c538.20221202.20231202; expires=Sat, 02 Dec 2023 03:02:02 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
x-cache: CONFIG_NOCACHE
x-azure-ref: 0qmqJYwAAAACqm/2G9xMZS4kgS5Gud97XQU1TMDRFREdFMTgyMgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Fri, 02 Dec 2022 03:02:02 GMT
X-Firefox-Spdy: h2
www.clarity.ms/eus2/s/0.6.43/clarity.js
13.107.246.53200 OK 0 B URL HTTP/2 www.clarity.ms/eus2/s/0.6.43/clarity.js
IP 13.107.246.53:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
GET /eus2/s/0.6.43/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=86400
content-type: application/javascript;charset=utf-8
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d9026a431ead4c"
x-cache: TCP_HIT
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-azure-ref: 0q2qJYwAAAAAY3u1+HppyTaaZi6mNpGszQU1TMDRFREdFMTgyMgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Fri, 02 Dec 2022 03:02:02 GMT
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-1985657.js?sv=7
143.204.55.37200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-1985657.js?sv=7
IP 143.204.55.37:0
GET /c/hotjar-1985657.js?sv=7 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Fri, 02 Dec 2022 03:02:02 GMT
cache-control: max-age=60
etag: W/21498ff72202b2a63c06df549a70778b
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Tyou6fAzv5UXm4FiACsdchLLAxuCarJacwDk5UaXJY145BPe-WPi2A==
X-Firefox-Spdy: h2
secure.easterseals.com/images/backdrops/donation_backdrop_06.jpg
74.123.152.171200 OK 0 B URL HTTP/1.1 secure.easterseals.com/images/backdrops/donation_backdrop_06.jpg
IP 74.123.152.171:0
GET /images/backdrops/donation_backdrop_06.jpg HTTP/1.1
Host: secure.easterseals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/site/Donation2;jsessionid=00000000.app20110a?df_id=20503&20503.donation=form1&s_src=jtk1009-fr-nd&utm_medium=email&utm_source=engage&utm_campaign=GT_2022&autologin=true&PREFILL_AMOUNT=$15.00&NONCE_TOKEN=0F55D009A148667D6E510B3C37BA6957
Cookie: _gcl_au=1.1.918867410.1669950120; _ga_DEYHML97HR=GS1.1.1669950120.1.0.1669950120.0.0.0; _ga=GA1.1.1362702858.1669950121; _pk_ref.1.deb2=%5B%22GT_2022%22%2C%22%22%2C1669950121%2C%22%22%5D; _pk_id.1.deb2=70ab93d090409de7.1669950121.; _pk_ses.1.deb2=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 03:02:02 GMT
Server: Apache
Last-Modified: Tue, 04 Oct 2016 20:29:39 GMT
ETag: "28cc9-53e0feb761ed1"
Accept-Ranges: bytes
Content-Length: 167113
Keep-Alive: timeout=15, max=261
Connection: Keep-Alive
Content-Type: image/jpeg
ws22.hotjar.com/api/v2/sites/1985657/recordings/content
63.34.245.36200 OK 0 B URL HTTP/2 ws22.hotjar.com/api/v2/sites/1985657/recordings/content
IP 63.34.245.36:0
POST /api/v2/sites/1985657/recordings/content HTTP/1.1
Host: ws22.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 229914
Origin: https://secure.easterseals.com
Connection: keep-alive
Referer: https://secure.easterseals.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 03:02:04 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2
insight.adsrvr.org/track/evnt/?adv=jlsx3s4&ct=0:0oaser5&fmt=3&td1=184d0c8aa2a-tags7-aa41a30a1f1d7
52.223.40.198200 OK 0 B URL HTTP/2 insight.adsrvr.org/track/evnt/?adv=jlsx3s4&ct=0:0oaser5&fmt=3&td1=184d0c8aa2a-tags7-aa41a30a1f1d7
IP 52.223.40.198:0
GET /track/evnt/?adv=jlsx3s4&ct=0:0oaser5&fmt=3&td1=184d0c8aa2a-tags7-aa41a30a1f1d7 HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.easterseals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 03:02:04 GMT
content-type: image/gif
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2