Overview

URL www.fundfc.org/
IP199.34.228.77
ASNWEEBLY
Location United States
Report completed2022-09-01 20:25:39 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-01 2 cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1660262238 Malware
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

URL ocsp.pki.goog/s/gts1d4/njBV-zwzk84
IP  142.250.74.3
Magic gzip compressed data, max compression\012- data
Size 812
MD5 0cff3958ebe5162b023b8c64717ff312
SHA1 8a038ebb897ee52a2810f6b8f64e0a5c42990b73
SHA256 3f1d3196b5523e01373872c07d615f82bfa069e6615ea657b3d27c778ae6dde0
Analyzer Analysed Verdict Comment
VirusTotal 0/0


Passive DNS (26)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS static.cloudflareinsights.com (1) 1294 2019-09-24 14:34:56 UTC 2022-09-01 08:23:25 UTC 104.18.47.230
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-01 13:57:28 UTC 143.204.55.35
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-01 05:02:40 UTC 34.217.237.91
mnemonic passive DNS donorbox.org (8) 38476 2014-11-08 01:24:25 UTC 2022-09-01 18:25:51 UTC 104.22.51.249
mnemonic passive DNS fonts.googleapis.com (5) 8877 2014-07-21 13:19:55 UTC 2022-09-01 17:05:24 UTC 142.250.74.10
mnemonic passive DNS code.getmdl.io (1) 50783 2016-02-08 07:21:48 UTC 2022-09-01 08:54:29 UTC 142.250.74.179
mnemonic passive DNS js.stripe.com (2) 1149 2012-09-30 12:39:23 UTC 2022-09-01 05:19:49 UTC 143.204.55.68
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-01 04:51:03 UTC 143.204.55.25
mnemonic passive DNS ajax.googleapis.com (1) 12905 2019-10-15 17:52:08 UTC 2022-09-01 18:00:30 UTC 142.250.74.10
mnemonic passive DNS ssl.google-analytics.com (1) 275 2012-10-03 00:55:57 UTC 2022-09-01 05:10:10 UTC 216.58.207.232
mnemonic passive DNS ocsp.sca1b.amazontrust.com (2) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 54.230.245.39
mnemonic passive DNS maps.googleapis.com (1) 33876 2019-10-17 15:56:16 UTC 2022-09-01 19:07:29 UTC 216.58.207.202
mnemonic passive DNS cdn2.editmysite.com (11) 11564 2012-10-02 18:27:39 UTC 2022-09-01 06:03:53 UTC 151.101.85.46
mnemonic passive DNS fonts.gstatic.com (8) 0 2014-08-29 13:43:22 UTC 2022-09-01 04:49:08 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS ec.editmysite.com (2) 12806 2017-01-29 21:50:35 UTC 2022-09-01 06:25:11 UTC 44.238.88.40
mnemonic passive DNS www.recaptcha.net (1) 2060 2017-06-22 10:23:09 UTC 2022-09-01 05:00:34 UTC 142.250.74.131
mnemonic passive DNS www.gstatic.com (1) 0 2016-07-26 09:37:06 UTC 2022-09-01 17:27:48 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS m.stripe.network (1) 1204 2018-06-23 22:39:58 UTC 2022-09-01 05:19:50 UTC 151.101.84.176
mnemonic passive DNS img-getpocket.cdn.mozilla.net (7) 1631 2017-09-01 03:40:57 UTC 2022-09-01 15:19:00 UTC 34.120.237.76
mnemonic passive DNS m.stripe.com (1) 1092 2021-04-11 19:21:28 UTC 2022-09-01 05:34:04 UTC 35.165.47.81
mnemonic passive DNS www.fundfc.org (13) 0 2019-12-02 15:21:52 UTC 2022-08-30 20:14:00 UTC 199.34.228.77 Unknown ranking
mnemonic passive DNS r3.o.lencr.org (6) 344 2020-12-02 08:52:13 UTC 2022-09-01 04:47:54 UTC 23.36.76.226
mnemonic passive DNS getpocket.cdn.mozilla.net (1) 1369 2017-08-31 07:41:15 UTC 2022-09-01 15:10:37 UTC 34.120.5.221
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-01 04:48:38 UTC 34.117.237.239
mnemonic passive DNS ocsp.digicert.com (3) 86 2012-05-21 07:02:23 UTC 2022-09-01 14:38:39 UTC 93.184.220.29
mnemonic passive DNS ocsp.pki.goog (16) 175 2017-06-14 07:23:31 UTC 2022-09-01 04:47:53 UTC 142.250.74.3


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 199.34.228.77

Date UQ / IDS / BL URL IP
2022-12-01 19:39:33 +0000
0 - 0 - 0 www.wmclaw.com 199.34.228.77
2022-11-29 23:43:28 +0000
0 - 0 - 8 globalsry.com/ 199.34.228.77
2022-11-29 12:31:33 +0000
0 - 0 - 1 www.rsma.ie/ 199.34.228.77
2022-11-27 23:41:41 +0000
0 - 0 - 8 sry.com.tw/ 199.34.228.77
2022-11-26 23:41:41 +0000
0 - 0 - 8 sry.com.tw/ 199.34.228.77

Last 5 reports on ASN: WEEBLY

Date UQ / IDS / BL URL IP
2022-12-03 20:39:32 +0000
0 - 0 - 20 docusignsecirutmadmjg.weebly.com/ 199.34.228.53
2022-12-03 20:03:31 +0000
0 - 0 - 18 aol-109553.weeblysite.com/ 199.34.228.96
2022-12-03 18:27:59 +0000
0 - 0 - 11 gtrfgjhy.weebly.com/ 199.34.228.54
2022-12-03 17:51:32 +0000
0 - 0 - 18 aol-109553.weeblysite.com/ 199.34.228.96
2022-12-03 17:01:16 +0000
0 - 0 - 20 docusignsecirutmadmjg.weebly.com/ 199.34.228.54

Last 1 reports on domain: fundfc.org

Date UQ / IDS / BL URL IP
2022-09-01 20:25:39 +0000
0 - 0 - 1 www.fundfc.org/ 199.34.228.77

No other reports with similar screenshot



JavaScript

Executed Scripts (54)


Executed Evals (5)

#1 JavaScript::Eval (size: 16423, repeated: 1) - SHA256: 886652e58b5461cd29b049d72780e29072a826664dd7231dfbb854f07b13775b

                                        (function() {
    var i1 = function(n, t, a, O, A, H) {
            if (!t.K) {
                t.h++;
                try {
                    for (O = (H = (a = 0, void 0), t.j); --n;) try {
                        if (A = void 0, t.g) H = l(t.g, t);
                        else {
                            if ((a = k(t, 179), a) >= O) break;
                            H = (A = w((S(336, t, a), t)), k(t, A))
                        }
                        Q(false, (H && H.call ? H(t, n) : C([L, 21, A], 0, t), t), n, false)
                    } catch (G) {
                        k(t, 153) ? C(G, 22, t) : S(153, t, G)
                    }
                    if (!n) {
                        if (t.gr) {
                            t.h--, i1(795457819800, t);
                            return
                        }
                        C([L, 33], 0, t)
                    }
                } catch (G) {
                    try {
                        C(G, 22, t)
                    } catch (c) {
                        F(t, c)
                    }
                }
                t.h--
            }
        },
        S = function(n, t, a) {
            if (179 == n || 336 == n) t.R[n] ? t.R[n].concat(a) : t.R[n] = tB(a, t);
            else {
                if (t.T && 107 != n) return;
                268 == n || 359 == n || 90 == n || 257 == n || 494 == n ? t.R[n] || (t.R[n] = nj(t, 70, n, a)) : t.R[n] = nj(t, 105, n, a)
            }
            107 == n && (t.Z = N(32, false, t), t.X = void 0)
        },
        aD = function(n, t) {
            if (n = (t = null, I).trustedTypes, !n || !n.createPolicy) return t;
            try {
                t = n.createPolicy("bg", {
                    createHTML: HM,
                    createScript: HM,
                    createScriptURL: HM
                })
            } catch (a) {
                I.console && I.console.error(a.message)
            }
            return t
        },
        F = function(n, t) {
            n.K = ((n.K ? n.K + "~" : "E:") + t.message + ":" + t.stack).slice(0, 2048)
        },
        GD = function(n, t, a, O, A) {
            for (O = a[A = 0, 3] | 0, a = a[2] | 0; 15 > A; A++) n = n >>> 8 | n << 24, O = O >>> 8 | O << 24, n += t | 0, n ^= a + 2278, t = t << 3 | t >>> 29, O += a | 0, t ^= n, O ^= A + 2278, a = a << 3 | a >>> 29, a ^= O;
            return [t >>> 24 & 255, t >>> 16 & 255, t >>> 8 & 255, t >>> 0 & 255, n >>> 24 & 255, n >>> 16 & 255, n >>> 8 & 255, n >>> 0 & 255]
        },
        E, jm = function(n, t, a, O) {
            z(u(k((O = (a = w(n), w)(n), n), a), t), O, n)
        },
        y = function(n, t, a) {
            a = this;
            try {
                Oc(n, this, t)
            } catch (O) {
                F(this, O), n(function(A) {
                    A(a.K)
                })
            }
        },
        cM = function(n, t) {
            return (t = P(n), t & 128) && (t = t & 127 | P(n) << 7), t
        },
        m = function(n, t, a, O, A, H) {
            if (t.u.length) {
                (t.B = !(t.B && 0(), 0), t).rr = n;
                try {
                    O = t.l(), t.P = O, t.Y = 0, t.C = O, A = Kj(n, t), H = t.l() - t.P, t.o += H, H < (a ? 0 : 10) || 0 >= t.i-- || (H = Math.floor(H), t.N.push(254 >= H ? H : 254))
                } finally {
                    t.B = false
                }
                return A
            }
        },
        Oc = function(n, t, a, O, A) {
            for (t.xP = ((t.I8 = (t.lb = t[q], AB), t.ys = l1, t).pW = kD({get: function() {
                        return this.concat()
                    }
                }, t.J), h[t.J](t.pW, {
                    value: {
                        value: {}
                    }
                })), A = 0, O = []; 128 > A; A++) O[A] = String.fromCharCode(A);
            m(true, t, (g(t, (g(t, (S(406, t, (S((S(87, t, (S(90, t, (S(121, t, (t.qr = (S(188, t, ((S(114, t, ((S(59, t, (S(370, t, (S(56, t, (S(152, (S(0, (S(239, (S(238, (t.OP = (S(359, (S(194, t, (S(234, (S(17, (S(78, (S(270, t, (S(494, t, (S(108, (S(171, (S(427, t, (S(214, t, (S(284, (S(219, (S(((S(380, t, (S(11, t, (S((S(216, t, ((S(223, (S(341, t, ((S(146, t, (S(336, (S(179, (t.L = (t.j6 = (t.A = 1, ((t.rr = false, t).O = [], A = (((t.K = void 0, t).o = 0, t).i = ((t.wr = 0, t).R = [], t.h = (t.G = (t.Y = void 0, (t.U = 0, t.T = false, t.ub = function(H) {
                this.G = H
            }, t.u = (t.C = (t.B = false, 0), []), t.D = 8001, t.N = [], t).H = (t.j = 0, null), t), t.e6 = (t.P = 0, []), t.X = void 0, 0), 25), t.g = void 0, (t.I = void 0, t).Z = void 0, (t.W = void 0, window.performance) || {}), A.timeOrigin || (A.timing || {}).navigationStart) || 0), []), t), 0), t), 0), {})), t).S6 = 0, function(H, G, c, K) {
                !Q(false, H, G, true) && (G = b1(H), c = G.fW, K = G.V, H.G == H || K == H.ub && c == H) && (S(G.Gd, H, K.apply(c, G.s)), H.C = H.l())
            })), t), function(H, G, c, K, d, b) {
                if (!Q(true, H, G, true)) {
                    if ((H = (d = (K = (c = w((K = (d = w(H), w(H)), G = w(H), H)), G = k(H, G), k(H, K)), k(H, d)), k(H, c)), "object") == oD(d)) {
                        for (b in c = [], d) c.push(b);
                        d = c
                    }
                    for (c = (b = (G = 0 < G ? G : 1, 0), d.length); b < c; b += G) K(d.slice(b, (b | 0) + (G | 0)), H)
                }
            }), S)(403, t, function(H, G, c, K) {
                S((c = k(H, (K = k((G = (K = w((c = w(H), H)), w)(H), H), K), c)), G), H, c in K | 0)
            }), function(H, G, c, K, d) {
                (d = w((G = (c = w(H), w(H)), H)), H.G == H) && (K = k(H, c), G = k(H, G), d = k(H, d), K[G] = d, 107 == c && (H.X = void 0, 2 == G && (H.Z = N(32, false, H), H.X = void 0)))
            })), 12), t, function(H) {
                Sm(H, 4)
            }), function(H, G) {
                pj((G = k(H, w(H)), H.G), G)
            })), S(257, t, []), function(H, G, c) {
                Q(false, H, G, true) || (G = w(H), c = w(H), S(c, H, function(K) {
                    return eval(K)
                }(dz(k(H.G, G)))))
            })), S)(248, t, t), 153), t, 332), t), function(H, G, c, K, d, b) {
                Q(false, H, G, true) || (K = b1(H.G), G = K.Gd, c = K.fW, d = K.V, K = K.s, b = K.length, c = 0 == b ? new c[d] : 1 == b ? new c[d](K[0]) : 2 == b ? new c[d](K[0], K[1]) : 3 == b ? new c[d](K[0], K[1], K[2]) : 4 == b ? new c[d](K[0], K[1], K[2], K[3]) : 2(), S(G, H, c))
            }), t), function(H, G, c) {
                G = (G = (c = (G = w(H), w(H)), k(H, G)), oD)(G), S(c, H, G)
            }), function(H) {
                jm(H, 1)
            })), function(H, G, c, K) {
                (c = k(H, (K = k(H, (G = (c = (K = w(H), w(H)), w(H)), K)), c)), S)(G, H, K[c])
            })), t), function(H, G, c, K, d, b, p, x, V, Z, D, U) {
                function W(Y, e) {
                    for (; d < Y;) D |= P(H) << d, d += 8;
                    return D >>= (e = D & (1 << Y) - (d -= Y, 1), Y), e
                }
                for (G = (c = (b = (K = ((d = D = (Z = w(H), 0), W)(3) | 0) + 1, W(5)), V = 0), []); c < b; c++) U = W(1), G.push(U), V += U ? 0 : 1;
                for (x = (V = ((V | 0) - 1).toString(2).length, c = 0, []); c < b; c++) G[c] || (x[c] = W(V));
                for (V = 0; V < b; V++) G[V] && (x[V] = w(H));
                for (p = []; K--;) p.push(k(H, w(H)));
                S(Z, H, function(Y, e, v, T, r) {
                    for (T = (v = (e = [], 0), []); v < b; v++) {
                        if (!(r = x[v], G[v])) {
                            for (; r >= T.length;) T.push(w(Y));
                            r = T[r]
                        }
                        e.push(r)
                    }(Y.g = tB(p.slice(), Y), Y).I = tB(e, Y)
                })
            }), t), function(H, G, c, K, d) {
                0 !== (K = k(H, (G = (c = k(H, (d = k((c = w((K = (d = (G = w(H), w(H)), w)(H), H)), H), d), c)), k(H.G, G)), K)), G) && (K = V0(K, 1, c, H, G, d), G.addEventListener(d, K, R), S(423, H, [G, d, K]))
            }), [0, 0, 0])), function() {})), t), function(H) {
                xD(4, H)
            }), t), function(H, G) {
                (G = w(H), H = k(H.G, G), H)[0].removeEventListener(H[1], H[2], R)
            }), t), function(H, G, c) {
                S((c = (G = w(H), w)(H), c), H, "" + k(H, G))
            }), I)), t), f(4)), 0), t), function(H, G, c, K) {
                S((K = (G = w((c = w(H), H)), w(H)), K), H, k(H, c) || k(H, G))
            }), t), function(H, G, c, K) {
                (G = (K = (c = w(H), P(H)), w(H)), S)(G, H, k(H, c) >>> K)
            }), t), function(H, G, c, K, d) {
                for (d = (c = cM((G = w(H), H)), []), K = 0; K < c; K++) d.push(P(H));
                S(G, H, d)
            }), t), function(H, G, c, K) {
                G = (K = k(H, (c = (K = w(H), G = w(H), w(H)), K)), k)(H, G), S(c, H, +(K == G))
            }), 0)), function(H, G, c) {
                (G = k(H, (c = 0 != k(H, (G = w((c = w(H), H)), c)), G)), c) && S(179, H, G)
            })), function(H, G, c, K, d) {
                S((d = k(H, (c = k(H, (G = (d = w((G = (c = (K = w(H), w(H)), w(H)), H)), k(H, G)), c)), d)), K), H, V0(c, d, G, H))
            })), S)(442, t, function(H, G, c, K) {
                K = (G = k(H, (K = w(H), c = w(H), c)), k)(H, K), S(c, H, G + K)
            }), function(H) {
                xD(3, H)
            })), S)(423, t, 0), function(H, G, c, K) {
                if (G = H.e6.pop()) {
                    for (K = P(H); 0 < K; K--) c = w(H), G[c] = H.R[c];
                    (G[257] = H.R[257], G[121] = H.R[121], H).R = G
                } else S(179, H, H.j)
            })), 0), 2048)), [])), function(H) {
                jm(H, 4)
            })), 268), t, [160, 0, 0]), function(H, G, c, K, d, b, p) {
                for (K = (p = (d = k(H, (G = (b = (c = w(H), cM)(H), ""), 222)), d.length), 0); b--;) K = ((K | 0) + (cM(H) | 0)) % p, G += O[d[K]];
                S(c, H, G)
            })), [wz])), g(t, [B, a]), [Cj, n])), true))
        },
        I = this || self,
        Lj = function(n, t, a, O, A) {
            for (t = (A = (n = n.replace(/\r\n/g, "\n"), []), O = 0); O < n.length; O++) a = n.charCodeAt(O), 128 > a ? A[t++] = a : (2048 > a ? A[t++] = a >> 6 | 192 : (55296 == (a & 64512) && O + 1 < n.length && 56320 == (n.charCodeAt(O + 1) & 64512) ? (a = 65536 + ((a & 1023) << 10) + (n.charCodeAt(++O) & 1023), A[t++] = a >> 18 | 240, A[t++] = a >> 12 & 63 | 128) : A[t++] = a >> 12 | 224, A[t++] = a >> 6 & 63 | 128), A[t++] = a & 63 | 128);
            return A
        },
        Q0 = function(n, t, a) {
            return n.v(function(O) {
                a = O
            }, false, t), a
        },
        xD = function(n, t, a, O, A) {
            z(((a = k(t, (a = w((A = n & 3, n &= 4, t)), O = w(t), a)), n && (a = Lj("" + a)), A) && z(u(a.length, 2), O, t), a), O, t)
        },
        Uc = function(n, t) {
            (t.push(n[0] << 24 | n[1] << 16 | n[2] << 8 | n[3]), t.push(n[4] << 24 | n[5] << 16 | n[6] << 8 | n[7]), t).push(n[8] << 24 | n[9] << 16 | n[10] << 8 | n[11])
        },
        tB = function(n, t, a) {
            return ((a = h[t.J](t.xP), a)[t.J] = function() {
                return n
            }, a).concat = function(O) {
                n = O
            }, a
        },
        pj = function(n, t) {
            S(179, n, ((n.e6.push(n.R.slice()), n).R[179] = void 0, t))
        },
        C = function(n, t, a, O, A, H) {
            if (!a.T) {
                if (3 < (n = k(((A = k(a, (H = void 0, n && n[0] === L && (t = n[1], H = n[2], n = void 0), 257)), 0) == A.length && (O = k(a, 336) >> 3, A.push(t, O >> 8 & 255, O & 255), void 0 != H && A.push(H & 255)), t = "", n && (n.message && (t += n.message), n.stack && (t += ":" + n.stack)), a), 121), n)) {
                    t = Lj((t = t.slice(0, (n | 0) - 3), n -= (t.length | 0) + 3, t)), H = a.G, a.G = a;
                    try {
                        z(u(t.length, 2).concat(t), 359, a, 9)
                    } finally {
                        a.G = H
                    }
                }
                S(121, a, n)
            }
        },
        J = I.requestIdleCallback ? function(n) {
            requestIdleCallback(function() {
                n()
            }, {
                timeout: 4
            })
        } : I.setImmediate ? function(n) {
            setImmediate(n)
        } : function(n) {
            setTimeout(n, 0)
        },
        b1 = function(n, t, a, O, A, H) {
            for (A = ((O = w((t = n[YD] || {}, n)), t).Gd = w(n), t.s = [], n.G == n) ? (P(n) | 0) - 1 : 1, a = w(n), H = 0; H < A; H++) t.s.push(w(n));
            for (t.V = k(n, O); A--;) t.s[A] = k(n, t.s[A]);
            return t.fW = k(n, a), t
        },
        z = function(n, t, a, O, A, H) {
            if (a.G == a)
                for (H = k(a, t), 359 == t ? (t = function(G, c, K, d, b) {
                        if (H.m8 != (c = ((d = H.length, d) | 0) - 4 >> 3, c)) {
                            b = [0, (K = (c << (H.m8 = c, 3)) - 4, 0), A[1], A[2]];
                            try {
                                H.Jn = GD(F6((K | 0) + 4, H), F6(K, H), b)
                            } catch (p) {
                                throw p;
                            }
                        }
                        H.push(H.Jn[d & 7] ^ G)
                    }, A = k(a, 494)) : t = function(G) {
                        H.push(G)
                    }, O && t(O & 255), a = 0, O = n.length; a < O; a++) t(n[a])
        },
        f = function(n, t) {
            for (t = []; n--;) t.push(255 * Math.random() | 0);
            return t
        },
        X, l = function(n, t) {
            return n = n.create().shift(), t.g.create().length || t.I.create().length || (t.I = void 0, t.g = void 0), n
        },
        Nt = function(n, t, a, O) {
            try {
                O = n[((t | 0) + 2) % 3], n[t] = (n[t] | 0) - (n[((t | 0) + 1) % 3] | 0) - (O | 0) ^ (1 == t ? O << a : O >>> a)
            } catch (A) {
                throw A;
            }
        },
        Dk = function(n, t, a, O) {
            function A() {}
            return {
                invoke: (a = ID(n, (O = void 0, function(H) {
                    A && (t && J(t), O = H, A(), A = void 0)
                }), !!t)[0], function(H, G, c, K) {
                    function d() {
                        O(function(b) {
                            J(function() {
                                H(b)
                            })
                        }, c)
                    }
                    if (!G) return G = a(c), H && H(G), G;
                    O ? d() : (K = A, A = function() {
                        (K(), J)(d)
                    })
                })
            }
        },
        ID = function(n, t, a, O) {
            return (O = X[n.substring(0, 3) + "_"]) ? O(n.substring(3), t, a) : Ec(n, t)
        },
        k = function(n, t) {
            if (n = n.R[t], void 0 === n) throw [L, 30, t];
            if (n.value) return n.create();
            return n.create(3 * t * t + -61 * t + -57), n.prototype
        },
        oD = function(n, t, a) {
            if ("object" == (t = typeof n, t))
                if (n) {
                    if (n instanceof Array) return "array";
                    if (n instanceof Object) return t;
                    if ("[object Window]" == (a = Object.prototype.toString.call(n), a)) return "object";
                    if ("[object Array]" == a || "number" == typeof n.length && "undefined" != typeof n.splice && "undefined" != typeof n.propertyIsEnumerable && !n.propertyIsEnumerable("splice")) return "array";
                    if ("[object Function]" == a || "undefined" != typeof n.call && "undefined" != typeof n.propertyIsEnumerable && !n.propertyIsEnumerable("call")) return "function"
                } else return "null";
            else if ("function" == t && "undefined" == typeof n.call) return "object";
            return t
        },
        Kj = function(n, t, a, O) {
            for (; t.u.length;) {
                a = (t.H = null, t.u.pop());
                try {
                    O = zD(t, a)
                } catch (A) {
                    F(t, A)
                }
                if (n && t.H) {
                    n = t.H, n(function() {
                        m(true, t, true)
                    });
                    break
                }
            }
            return O
        },
        HM = function(n) {
            return n
        },
        P = function(n) {
            return n.g ? l(n.I, n) : N(8, true, n)
        },
        u = function(n, t, a, O) {
            for (a = (O = (t | 0) - 1, []); 0 <= O; O--) a[(t | 0) - 1 - (O | 0)] = n >> 8 * O & 255;
            return a
        },
        kD = function(n, t) {
            return h[t](h.prototype, {
                stack: n,
                floor: n,
                splice: n,
                propertyIsEnumerable: n,
                length: n,
                call: n,
                console: n,
                parent: n,
                pop: n,
                replace: n,
                document: n,
                prototype: n
            })
        },
        Q = function(n, t, a, O, A, H, G, c, K) {
            if (((t.G = ((H = (c = (n = 4 == (A = (O || t.Y++, K = n ? 255 : O ? 5 : 2, 0 < t.U && t.B && t.rr && 1 >= t.h && !t.g && !t.H && (!O || 1 < t.D - a) && 0 == document.hidden), t.Y)) || A ? t.l() : t.C, G = c - t.C, G >> 14), t).Z && (t.Z ^= H * (G << 2)), H || t.G), t).A += H, n) || A) t.C = c, t.Y = 0;
            if (!A || c - t.P < t.U - K) return false;
            return !(t.H = ((S(179, t, (A = k((t.D = a, t), O ? 336 : 179), t.j)), t.u).push([u1, A, O ? a + 1 : a]), J), 0)
        },
        F6 = function(n, t) {
            return t[n] << 24 | t[(n | 0) + 1] << 16 | t[(n | 0) + 2] << 8 | t[(n | 0) + 3]
        },
        nj = function(n, t, a, O, A, H, G, c) {
            return (c = h[n.J]((O = [-90, -(G = (H = $D, t) & 7, 61), 76, 46, 17, -76, O, 21, 12, -59], n.pW)), c[n.J] = function(K) {
                G += 6 + 7 * t, A = K, G &= 7
            }, c).concat = function(K) {
                return (K = (K = +((K = a % 16 + 1, H()) | 0) * K + 3 * a * a * K + O[G + 27 & 7] * a * K + 40 * A * A + G - -2280 * A - -2440 * a * A - K * A - 120 * a * a * A, A = void 0, O)[K], O)[(G + 69 & 7) + (t & 2)] = K, O[G + (t & 2)] = -61, K
            }, c
        },
        g = function(n, t) {
            n.u.splice(0, 0, t)
        },
        V0 = function(n, t, a, O, A, H) {
            function G() {
                if (O.G == O) {
                    if (O.R) {
                        var c = [Zk, n, a, void 0, A, H, arguments];
                        if (2 == t) var K = m(false, (g(O, c), O), false);
                        else if (1 == t) {
                            var d = !O.u.length;
                            g(O, c), d && m(false, O, false)
                        } else K = zD(O, c);
                        return K
                    }
                    A && H && A.removeEventListener(H, G, R)
                }
            }
            return G
        },
        w = function(n, t) {
            if (n.g) return l(n.I, n);
            return (t = N(8, true, n), t) & 128 && (t ^= 128, n = N(2, true, n), t = (t << 2) + (n | 0)), t
        },
        Ec = function(n, t) {
            return [(t(function(a) {
                a(n)
            }), function() {
                return n
            })]
        },
        WM = function(n, t, a) {
            if (3 == n.length) {
                for (a = 0; 3 > a; a++) t[a] += n[a];
                for (a = (n = 0, [13, 8, 13, 12, 16, 5, 3, 10, 15]); 9 > n; n++) t[3](t, n % 3, a[n])
            }
        },
        R = {
            passive: true,
            capture: true
        },
        zD = function(n, t, a, O, A) {
            if ((O = t[0], O) == M) n.i = 25, n.S(t);
            else if (O == q) {
                a = t[1];
                try {
                    A = n.K || n.S(t)
                } catch (H) {
                    F(n, H), A = n.K
                }
                a(A)
            } else if (O == u1) n.S(t);
            else if (O == B) n.S(t);
            else if (O == Cj) {
                try {
                    for (A = 0; A < n.L.length; A++) try {
                        a = n.L[A], a[0][a[1]](a[2])
                    } catch (H) {}
                } catch (H) {}(0, t[1])(function(H, G) {
                    n.v(H, true, G)
                }, (n.L = [], function(H) {
                    (g(n, (H = !n.u.length, [em])), H) && m(true, n, false)
                }))
            } else {
                if (O == Zk) return A = t[2], S(507, n, t[6]), S(146, n, A), n.S(t);
                O == em ? (n.O = [], n.R = null, n.N = []) : O == wz && "loading" === I.document.readyState && (n.H = function(H, G) {
                    function c() {
                        G || (G = true, H())
                    }(G = false, I).document.addEventListener("DOMContentLoaded", c, R), I.addEventListener("load", c, R)
                })
            }
        },
        N = function(n, t, a, O, A, H, G, c, K, d, b, p, x, V) {
            if ((b = k(a, 179), b) >= a.j) throw [L, 31];
            for (x = (K = (V = b, d = 0, a.lb).length, n); 0 < x;) A = V >> 3, c = V % 8, H = 8 - (c | 0), O = a.O[A], H = H < x ? H : x, t && (p = a, p.X != V >> 6 && (p.X = V >> 6, G = k(p, 107), p.W = GD(p.X, p.Z, [0, 0, G[1], G[2]])), O ^= a.W[A & K]), d |= (O >> 8 - (c | 0) - (H | 0) & (1 << H) - 1) << (x | 0) - (H | 0), x -= H, V += H;
            return S(179, a, (t = d, (b | 0) + (n | 0))), t
        },
        y0 = function(n, t, a, O) {
            return k(a, (S(179, a, (i1(t, ((O = k(a, 179), a).O && O < a.j ? (S(179, a, a.j), pj(a, n)) : S(179, a, n), a)), O)), 146))
        },
        Sm = function(n, t, a, O) {
            for (O = w(n), a = 0; 0 < t; t--) a = a << 8 | P(n);
            S(O, n, a)
        },
        YD = String.fromCharCode(105, 110, 116, 101, 103, 67, 104, 101, 99, 107, 66, 121, 112, 97, 115, 115),
        q = [],
        em = [],
        B = [],
        u1 = (y.prototype.EP = (y.prototype.gr = false, void 0), []),
        Cj = [],
        L = {},
        wz = [],
        M = (y.prototype.Pd = void 0, []),
        Zk = (y.prototype.F = "toString", []),
        h = (Uc, f, Nt, WM, L).constructor,
        $D = (E = (y.prototype.J = "create", y.prototype), E.v = function(n, t, a, O, A) {
            if ((a = "array" === oD(a) ? a : [a], this).K) n(this.K);
            else try {
                O = !this.u.length, A = [], g(this, [M, A, a]), g(this, [q, n, A]), t && !O || m(t, this, true)
            } catch (H) {
                F(this, H), n(this.K)
            }
        }, E.l = (window.performance || {}).now ? function() {
            return this.j6 + window.performance.now()
        } : function() {
            return +new Date
        }, E.sP = function() {
            return Math.floor(this.l())
        }, void 0),
        AB = (((y.prototype.S = (E.Xh = function(n, t, a) {
            return n ^ ((t ^= t << 13, t ^= t >> 17, t = (t ^ t << 5) & a) || (t = 1), t)
        }, E.nW = function(n, t, a, O, A, H) {
            for (O = H = 0, a = []; H < n.length; H++)
                for (O += t, A = A << t | n[H]; 7 < O;) O -= 8, a.push(A >> O & 255);
            return a
        }, E.a8 = function(n, t, a, O, A) {
            for (A = O = 0; O < n.length; O++) A += n.charCodeAt(O), A += A << 10, A ^= A >> 6;
            return O = new Number((n = (A += A << 3, A ^= A >> 11, A) + (A << 15) >>> 0, n & (1 << t) - 1)), O[0] = (n >>> t) % a, O
        }, E.bb = function() {
            return Math.floor(this.o + (this.l() - this.P))
        }, function(n, t) {
            return $D = (n = {}, t = {}, function() {
                    return t == n ? -57 : -37
                }),
                function(a, O, A, H, G, c, K, d, b, p, x, V, Z, D, U) {
                    D = t, t = n;
                    try {
                        if (U = a[0], U == B) {
                            O = a[1];
                            try {
                                for (K = p = (V = (x = atob(O), []), 0); p < x.length; p++) G = x.charCodeAt(p), 255 < G && (V[K++] = G & 255, G >>= 8), V[K++] = G;
                                S((this.j = (this.O = V, this).O.length << 3, 107), this, [0, 0, 0])
                            } catch (W) {
                                C(W, 17, this);
                                return
                            }
                            i1(8001, this)
                        } else if (U == M) a[1].push(k(this, 268).length, k(this, 90).length, k(this, 121), k(this, 359).length), S(146, this, a[2]), this.R[476] && y0(k(this, 476), 8001, this);
                        else {
                            if (U == q) {
                                this.G = (d = (Z = u(((V = a[2], k(this, 268)).length | 0) + 2, 2), this).G, this);
                                try {
                                    H = k(this, 257), 0 < H.length && z(u(H.length, 2).concat(H), 268, this, 10), z(u(this.A, 1), 268, this, 109), z(u(this[q].length, 1), 268, this), x = 0, x -= (k(this, 268).length | 0) + 5, x += k(this, 56) & 2047, c = k(this, 359), 4 < c.length && (x -= (c.length | 0) + 3), 0 < x && z(u(x, 2).concat(f(x)), 268, this, 15), 4 < c.length && z(u(c.length, 2).concat(c), 268, this, 156)
                                } finally {
                                    this.G = d
                                }
                                if (A = ((((K = f(2).concat(k(this, 268)), K)[1] = K[0] ^ 6, K)[3] = K[1] ^ Z[0], K)[4] = K[1] ^ Z[1], this).KW(K)) A = "!" + A;
                                else
                                    for (A = "", x = 0; x < K.length; x++) b = K[x][this.F](16), 1 == b.length && (b = "0" + b), A += b;
                                return k(this, (k(this, (k((p = A, this), 268).length = V.shift(), 90)).length = V.shift(), S(121, this, V.shift()), 359)).length = V.shift(), p
                            }
                            if (U == u1) y0(a[1], a[2], this);
                            else if (U == Zk) return y0(a[1], 8001, this)
                        }
                    } finally {
                        t = D
                    }
                }
        }()), y).prototype.ZE = 0, y).prototype.hn = 0, /./),
        l1, PM = B.pop.bind((y.prototype.KW = (y.prototype[Cj] = [0, 0, 1, 1, 0, 1, 1], function(n, t, a, O) {
            if (a = window.btoa) {
                for (O = (t = 0, ""); t < n.length; t += 8192) O += String.fromCharCode.apply(null, n.slice(t, t + 8192));
                n = a(O).replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, "")
            } else n = void 0;
            return n
        }), y.prototype[M])),
        dz = ((l1 = (AB[y.prototype.F] = PM, kD)({get: PM
        }, y.prototype.J), y).prototype.Hd = void 0, function(n, t) {
            return (t = aD()) && 1 === n.eval(t.createScript("1")) ? function(a) {
                return t.createScript(a)
            } : function(a) {
                return "" + a
            }
        }(I));
    40 < (X = I.botguard || (I.botguard = {}), X.m) || (X.m = 41, X.bg = Dk, X.a = ID), X.jBG_ = function(n, t, a) {
        return a = new y(t, n), [function(O) {
            return Q0(a, O)
        }]
    };
}).call(this);
                                    

#2 JavaScript::Eval (size: 22, repeated: 1) - SHA256: 402e82e4156ccb59ff4c82fa91888cec66203cf0adcfd6c409930c11ba6a3c8b

                                        0,
function(H) {
    Sm(H, 2)
}
                                    

#3 JavaScript::Eval (size: 15551, repeated: 1) - SHA256: 18f575f0bb2a785eb17d67542b72fcf79681a1a0faa8d90195f248d95b1bed3f

                                        /* Anti-spam. Want to say hello? Contact (base64) Ym90Z3VhcmQtY29udGFjdEBnb29nbGUuY29t */
(function() {
    var a = function(t) {
            return t
        },
        G = this || self,
        O = function(t, n) {
            if (!(t = (n = null, G.trustedTypes), t) || !t.createPolicy) return n;
            try {
                n = t.createPolicy("bg", {
                    createHTML: a,
                    createScript: a,
                    createScriptURL: a
                })
            } catch (H) {
                G.console && G.console.error(H.message)
            }
            return n
        };
    (0, eval)(function(t, n) {
        return (n = O()) && 1 === t.eval(n.createScript("1")) ? function(H) {
            return n.createScript(H)
        } : function(H) {
            return "" + H
        }
    }(G)(Array(7824 * Math.random() | 0).join("\n") + '(function(){var i1=function(n,t,a,O,A,H){if(!t.K){t.h++;try{for(O=(H=(a=0,void 0),t.j);--n;)try{if(A=void 0,t.g)H=l(t.g,t);else{if((a=k(t,179),a)>=O)break;H=(A=w((S(336,t,a),t)),k(t,A))}Q(false,(H&&H.call?H(t,n):C([L,21,A],0,t),t),n,false)}catch(G){k(t,153)?C(G,22,t):S(153,t,G)}if(!n){if(t.gr){t.h--,i1(795457819800,t);return}C([L,33],0,t)}}catch(G){try{C(G,22,t)}catch(c){F(t,c)}}t.h--}},S=function(n,t,a){if(179==n||336==n)t.R[n]?t.R[n].concat(a):t.R[n]=tB(a,t);else{if(t.T&&107!=n)return;268==n||359==n||90==n||257==n||494==n?t.R[n]||(t.R[n]=nj(t,70,n,a)):t.R[n]=nj(t,105,n,a)}107==n&&(t.Z=N(32,false,t),t.X=void 0)},aD=function(n,t){if(n=(t=null,I).trustedTypes,!n||!n.createPolicy)return t;try{t=n.createPolicy("bg",{createHTML:HM,createScript:HM,createScriptURL:HM})}catch(a){I.console&&I.console.error(a.message)}return t},F=function(n,t){n.K=((n.K?n.K+"~":"E:")+t.message+":"+t.stack).slice(0,2048)},GD=function(n,t,a,O,A){for(O=a[A=0,3]|0,a=a[2]|0;15>A;A++)n=n>>>8|n<<24,O=O>>>8|O<<24,n+=t|0,n^=a+2278,t=t<<3|t>>>29,O+=a|0,t^=n,O^=A+2278,a=a<<3|a>>>29,a^=O;return[t>>>24&255,t>>>16&255,t>>>8&255,t>>>0&255,n>>>24&255,n>>>16&255,n>>>8&255,n>>>0&255]},E,jm=function(n,t,a,O){z(u(k((O=(a=w(n),w)(n),n),a),t),O,n)},y=function(n,t,a){a=this;try{Oc(n,this,t)}catch(O){F(this,O),n(function(A){A(a.K)})}},cM=function(n,t){return(t=P(n),t&128)&&(t=t&127|P(n)<<7),t},m=function(n,t,a,O,A,H){if(t.u.length){(t.B=!(t.B&&0(),0),t).rr=n;try{O=t.l(),t.P=O,t.Y=0,t.C=O,A=Kj(n,t),H=t.l()-t.P,t.o+=H,H<(a?0:10)||0>=t.i--||(H=Math.floor(H),t.N.push(254>=H?H:254))}finally{t.B=false}return A}},Oc=function(n,t,a,O,A){for(t.xP=((t.I8=(t.lb=t[q],AB),t.ys=l1,t).pW=kD({get:function(){return this.concat()}},t.J),h[t.J](t.pW,{value:{value:{}}})),A=0,O=[];128>A;A++)O[A]=String.fromCharCode(A);m(true,t,(g(t,(g(t,(S(406,t,(S((S(87,t,(S(90,t,(S(121,t,(t.qr=(S(188,t,((S(114,t,((S(59,t,(S(370,t,(S(56,t,(S(152,(S(0,(S(239,(S(238,(t.OP=(S(359,(S(194,t,(S(234,(S(17,(S(78,(S(270,t,(S(494,t,(S(108,(S(171,(S(427,t,(S(214,t,(S(284,(S(219,(S(((S(380,t,(S(11,t,(S((S(216,t,((S(223,(S(341,t,((S(146,t,(S(336,(S(179,(t.L=(t.j6=(t.A=1,((t.rr=false,t).O=[],A=(((t.K=void 0,t).o=0,t).i=((t.wr=0,t).R=[],t.h=(t.G=(t.Y=void 0,(t.U=0,t.T=false,t.ub=function(H){this.G=H},t.u=(t.C=(t.B=false,0),[]),t.D=8001,t.N=[],t).H=(t.j=0,null),t),t.e6=(t.P=0,[]),t.X=void 0,0),25),t.g=void 0,(t.I=void 0,t).Z=void 0,(t.W=void 0,window.performance)||{}),A.timeOrigin||(A.timing||{}).navigationStart)||0),[]),t),0),t),0),{})),t).S6=0,function(H,G,c,K){!Q(false,H,G,true)&&(G=b1(H),c=G.fW,K=G.V,H.G==H||K==H.ub&&c==H)&&(S(G.Gd,H,K.apply(c,G.s)),H.C=H.l())})),t),function(H,G,c,K,d,b){if(!Q(true,H,G,true)){if((H=(d=(K=(c=w((K=(d=w(H),w(H)),G=w(H),H)),G=k(H,G),k(H,K)),k(H,d)),k(H,c)),"object")==oD(d)){for(b in c=[],d)c.push(b);d=c}for(c=(b=(G=0<G?G:1,0),d.length);b<c;b+=G)K(d.slice(b,(b|0)+(G|0)),H)}}),S)(403,t,function(H,G,c,K){S((c=k(H,(K=k((G=(K=w((c=w(H),H)),w)(H),H),K),c)),G),H,c in K|0)}),function(H,G,c,K,d){(d=w((G=(c=w(H),w(H)),H)),H.G==H)&&(K=k(H,c),G=k(H,G),d=k(H,d),K[G]=d,107==c&&(H.X=void 0,2==G&&(H.Z=N(32,false,H),H.X=void 0)))})),12),t,function(H){Sm(H,4)}),function(H,G){pj((G=k(H,w(H)),H.G),G)})),S(257,t,[]),function(H,G,c){Q(false,H,G,true)||(G=w(H),c=w(H),S(c,H,function(K){return eval(K)}(dz(k(H.G,G)))))})),S)(248,t,t),153),t,332),t),function(H,G,c,K,d,b){Q(false,H,G,true)||(K=b1(H.G),G=K.Gd,c=K.fW,d=K.V,K=K.s,b=K.length,c=0==b?new c[d]:1==b?new c[d](K[0]):2==b?new c[d](K[0],K[1]):3==b?new c[d](K[0],K[1],K[2]):4==b?new c[d](K[0],K[1],K[2],K[3]):2(),S(G,H,c))}),t),function(H,G,c){G=(G=(c=(G=w(H),w(H)),k(H,G)),oD)(G),S(c,H,G)}),function(H){jm(H,1)})),function(H,G,c,K){(c=k(H,(K=k(H,(G=(c=(K=w(H),w(H)),w(H)),K)),c)),S)(G,H,K[c])})),t),function(H,G,c,K,d,b,p,x,V,Z,D,U){function W(Y,e){for(;d<Y;)D|=P(H)<<d,d+=8;return D>>=(e=D&(1<<Y)-(d-=Y,1),Y),e}for(G=(c=(b=(K=((d=D=(Z=w(H),0),W)(3)|0)+1,W(5)),V=0),[]);c<b;c++)U=W(1),G.push(U),V+=U?0:1;for(x=(V=((V|0)-1).toString(2).length,c=0,[]);c<b;c++)G[c]||(x[c]=W(V));for(V=0;V<b;V++)G[V]&&(x[V]=w(H));for(p=[];K--;)p.push(k(H,w(H)));S(Z,H,function(Y,e,v,T,r){for(T=(v=(e=[],0),[]);v<b;v++){if(!(r=x[v],G[v])){for(;r>=T.length;)T.push(w(Y));r=T[r]}e.push(r)}(Y.g=tB(p.slice(),Y),Y).I=tB(e,Y)})}),t),function(H,G,c,K,d){0!==(K=k(H,(G=(c=k(H,(d=k((c=w((K=(d=(G=w(H),w(H)),w)(H),H)),H),d),c)),k(H.G,G)),K)),G)&&(K=V0(K,1,c,H,G,d),G.addEventListener(d,K,R),S(423,H,[G,d,K]))}),[0,0,0])),function(){})),t),function(H){xD(4,H)}),t),function(H,G){(G=w(H),H=k(H.G,G),H)[0].removeEventListener(H[1],H[2],R)}),t),function(H,G,c){S((c=(G=w(H),w)(H),c),H,""+k(H,G))}),I)),t),f(4)),0),t),function(H,G,c,K){S((K=(G=w((c=w(H),H)),w(H)),K),H,k(H,c)||k(H,G))}),t),function(H,G,c,K){(G=(K=(c=w(H),P(H)),w(H)),S)(G,H,k(H,c)>>>K)}),t),function(H,G,c,K,d){for(d=(c=cM((G=w(H),H)),[]),K=0;K<c;K++)d.push(P(H));S(G,H,d)}),t),function(H,G,c,K){G=(K=k(H,(c=(K=w(H),G=w(H),w(H)),K)),k)(H,G),S(c,H,+(K==G))}),0)),function(H,G,c){(G=k(H,(c=0!=k(H,(G=w((c=w(H),H)),c)),G)),c)&&S(179,H,G)})),function(H,G,c,K,d){S((d=k(H,(c=k(H,(G=(d=w((G=(c=(K=w(H),w(H)),w(H)),H)),k(H,G)),c)),d)),K),H,V0(c,d,G,H))})),S)(442,t,function(H,G,c,K){K=(G=k(H,(K=w(H),c=w(H),c)),k)(H,K),S(c,H,G+K)}),function(H){xD(3,H)})),S)(423,t,0),function(H,G,c,K){if(G=H.e6.pop()){for(K=P(H);0<K;K--)c=w(H),G[c]=H.R[c];(G[257]=H.R[257],G[121]=H.R[121],H).R=G}else S(179,H,H.j)})),0),2048)),[])),function(H){jm(H,4)})),268),t,[160,0,0]),function(H,G,c,K,d,b,p){for(K=(p=(d=k(H,(G=(b=(c=w(H),cM)(H),""),222)),d.length),0);b--;)K=((K|0)+(cM(H)|0))%p,G+=O[d[K]];S(c,H,G)})),[wz])),g(t,[B,a]),[Cj,n])),true))},I=this||self,Lj=function(n,t,a,O,A){for(t=(A=(n=n.replace(/\\r\\n/g,"\\n"),[]),O=0);O<n.length;O++)a=n.charCodeAt(O),128>a?A[t++]=a:(2048>a?A[t++]=a>>6|192:(55296==(a&64512)&&O+1<n.length&&56320==(n.charCodeAt(O+1)&64512)?(a=65536+((a&1023)<<10)+(n.charCodeAt(++O)&1023),A[t++]=a>>18|240,A[t++]=a>>12&63|128):A[t++]=a>>12|224,A[t++]=a>>6&63|128),A[t++]=a&63|128);return A},Q0=function(n,t,a){return n.v(function(O){a=O},false,t),a},xD=function(n,t,a,O,A){z(((a=k(t,(a=w((A=n&3,n&=4,t)),O=w(t),a)),n&&(a=Lj(""+a)),A)&&z(u(a.length,2),O,t),a),O,t)},Uc=function(n,t){(t.push(n[0]<<24|n[1]<<16|n[2]<<8|n[3]),t.push(n[4]<<24|n[5]<<16|n[6]<<8|n[7]),t).push(n[8]<<24|n[9]<<16|n[10]<<8|n[11])},tB=function(n,t,a){return((a=h[t.J](t.xP),a)[t.J]=function(){return n},a).concat=function(O){n=O},a},pj=function(n,t){S(179,n,((n.e6.push(n.R.slice()),n).R[179]=void 0,t))},C=function(n,t,a,O,A,H){if(!a.T){if(3<(n=k(((A=k(a,(H=void 0,n&&n[0]===L&&(t=n[1],H=n[2],n=void 0),257)),0)==A.length&&(O=k(a,336)>>3,A.push(t,O>>8&255,O&255),void 0!=H&&A.push(H&255)),t="",n&&(n.message&&(t+=n.message),n.stack&&(t+=":"+n.stack)),a),121),n)){t=Lj((t=t.slice(0,(n|0)-3),n-=(t.length|0)+3,t)),H=a.G,a.G=a;try{z(u(t.length,2).concat(t),359,a,9)}finally{a.G=H}}S(121,a,n)}},J=I.requestIdleCallback?function(n){requestIdleCallback(function(){n()},{timeout:4})}:I.setImmediate?function(n){setImmediate(n)}:function(n){setTimeout(n,0)},b1=function(n,t,a,O,A,H){for(A=((O=w((t=n[YD]||{},n)),t).Gd=w(n),t.s=[],n.G==n)?(P(n)|0)-1:1,a=w(n),H=0;H<A;H++)t.s.push(w(n));for(t.V=k(n,O);A--;)t.s[A]=k(n,t.s[A]);return t.fW=k(n,a),t},z=function(n,t,a,O,A,H){if(a.G==a)for(H=k(a,t),359==t?(t=function(G,c,K,d,b){if(H.m8!=(c=((d=H.length,d)|0)-4>>3,c)){b=[0,(K=(c<<(H.m8=c,3))-4,0),A[1],A[2]];try{H.Jn=GD(F6((K|0)+4,H),F6(K,H),b)}catch(p){throw p;}}H.push(H.Jn[d&7]^G)},A=k(a,494)):t=function(G){H.push(G)},O&&t(O&255),a=0,O=n.length;a<O;a++)t(n[a])},f=function(n,t){for(t=[];n--;)t.push(255*Math.random()|0);return t},X,l=function(n,t){return n=n.create().shift(),t.g.create().length||t.I.create().length||(t.I=void 0,t.g=void 0),n},Nt=function(n,t,a,O){try{O=n[((t|0)+2)%3],n[t]=(n[t]|0)-(n[((t|0)+1)%3]|0)-(O|0)^(1==t?O<<a:O>>>a)}catch(A){throw A;}},Dk=function(n,t,a,O){function A(){}return{invoke:(a=ID(n,(O=void 0,function(H){A&&(t&&J(t),O=H,A(),A=void 0)}),!!t)[0],function(H,G,c,K){function d(){O(function(b){J(function(){H(b)})},c)}if(!G)return G=a(c),H&&H(G),G;O?d():(K=A,A=function(){(K(),J)(d)})})}},ID=function(n,t,a,O){return(O=X[n.substring(0,3)+"_"])?O(n.substring(3),t,a):Ec(n,t)},k=function(n,t){if(n=n.R[t],void 0===n)throw[L,30,t];if(n.value)return n.create();return n.create(3*t*t+-61*t+-57),n.prototype},oD=function(n,t,a){if("object"==(t=typeof n,t))if(n){if(n instanceof Array)return"array";if(n instanceof Object)return t;if("[object Window]"==(a=Object.prototype.toString.call(n),a))return"object";if("[object Array]"==a||"number"==typeof n.length&&"undefined"!=typeof n.splice&&"undefined"!=typeof n.propertyIsEnumerable&&!n.propertyIsEnumerable("splice"))return"array";if("[object Function]"==a||"undefined"!=typeof n.call&&"undefined"!=typeof n.propertyIsEnumerable&&!n.propertyIsEnumerable("call"))return"function"}else return"null";else if("function"==t&&"undefined"==typeof n.call)return"object";return t},Kj=function(n,t,a,O){for(;t.u.length;){a=(t.H=null,t.u.pop());try{O=zD(t,a)}catch(A){F(t,A)}if(n&&t.H){n=t.H,n(function(){m(true,t,true)});break}}return O},HM=function(n){return n},P=function(n){return n.g?l(n.I,n):N(8,true,n)},u=function(n,t,a,O){for(a=(O=(t|0)-1,[]);0<=O;O--)a[(t|0)-1-(O|0)]=n>>8*O&255;return a},kD=function(n,t){return h[t](h.prototype,{stack:n,floor:n,splice:n,propertyIsEnumerable:n,length:n,call:n,console:n,parent:n,pop:n,replace:n,document:n,prototype:n})},Q=function(n,t,a,O,A,H,G,c,K){if(((t.G=((H=(c=(n=4==(A=(O||t.Y++,K=n?255:O?5:2,0<t.U&&t.B&&t.rr&&1>=t.h&&!t.g&&!t.H&&(!O||1<t.D-a)&&0==document.hidden),t.Y))||A?t.l():t.C,G=c-t.C,G>>14),t).Z&&(t.Z^=H*(G<<2)),H||t.G),t).A+=H,n)||A)t.C=c,t.Y=0;if(!A||c-t.P<t.U-K)return false;return!(t.H=((S(179,t,(A=k((t.D=a,t),O?336:179),t.j)),t.u).push([u1,A,O?a+1:a]),J),0)},F6=function(n,t){return t[n]<<24|t[(n|0)+1]<<16|t[(n|0)+2]<<8|t[(n|0)+3]},nj=function(n,t,a,O,A,H,G,c){return(c=h[n.J]((O=[-90,-(G=(H=$D,t)&7,61),76,46,17,-76,O,21,12,-59],n.pW)),c[n.J]=function(K){G+=6+7*t,A=K,G&=7},c).concat=function(K){return(K=(K=+((K=a%16+1,H())|0)*K+3*a*a*K+O[G+27&7]*a*K+40*A*A+G- -2280*A- -2440*a*A-K*A-120*a*a*A,A=void 0,O)[K],O)[(G+69&7)+(t&2)]=K,O[G+(t&2)]=-61,K},c},g=function(n,t){n.u.splice(0,0,t)},V0=function(n,t,a,O,A,H){function G(){if(O.G==O){if(O.R){var c=[Zk,n,a,void 0,A,H,arguments];if(2==t)var K=m(false,(g(O,c),O),false);else if(1==t){var d=!O.u.length;g(O,c),d&&m(false,O,false)}else K=zD(O,c);return K}A&&H&&A.removeEventListener(H,G,R)}}return G},w=function(n,t){if(n.g)return l(n.I,n);return(t=N(8,true,n),t)&128&&(t^=128,n=N(2,true,n),t=(t<<2)+(n|0)),t},Ec=function(n,t){return[(t(function(a){a(n)}),function(){return n})]},WM=function(n,t,a){if(3==n.length){for(a=0;3>a;a++)t[a]+=n[a];for(a=(n=0,[13,8,13,12,16,5,3,10,15]);9>n;n++)t[3](t,n%3,a[n])}},R={passive:true,capture:true},zD=function(n,t,a,O,A){if((O=t[0],O)==M)n.i=25,n.S(t);else if(O==q){a=t[1];try{A=n.K||n.S(t)}catch(H){F(n,H),A=n.K}a(A)}else if(O==u1)n.S(t);else if(O==B)n.S(t);else if(O==Cj){try{for(A=0;A<n.L.length;A++)try{a=n.L[A],a[0][a[1]](a[2])}catch(H){}}catch(H){}(0,t[1])(function(H,G){n.v(H,true,G)},(n.L=[],function(H){(g(n,(H=!n.u.length,[em])),H)&&m(true,n,false)}))}else{if(O==Zk)return A=t[2],S(507,n,t[6]),S(146,n,A),n.S(t);O==em?(n.O=[],n.R=null,n.N=[]):O==wz&&"loading"===I.document.readyState&&(n.H=function(H,G){function c(){G||(G=true,H())}(G=false,I).document.addEventListener("DOMContentLoaded",c,R),I.addEventListener("load",c,R)})}},N=function(n,t,a,O,A,H,G,c,K,d,b,p,x,V){if((b=k(a,179),b)>=a.j)throw[L,31];for(x=(K=(V=b,d=0,a.lb).length,n);0<x;)A=V>>3,c=V%8,H=8-(c|0),O=a.O[A],H=H<x?H:x,t&&(p=a,p.X!=V>>6&&(p.X=V>>6,G=k(p,107),p.W=GD(p.X,p.Z,[0,0,G[1],G[2]])),O^=a.W[A&K]),d|=(O>>8-(c|0)-(H|0)&(1<<H)-1)<<(x|0)-(H|0),x-=H,V+=H;return S(179,a,(t=d,(b|0)+(n|0))),t},y0=function(n,t,a,O){return k(a,(S(179,a,(i1(t,((O=k(a,179),a).O&&O<a.j?(S(179,a,a.j),pj(a,n)):S(179,a,n),a)),O)),146))},Sm=function(n,t,a,O){for(O=w(n),a=0;0<t;t--)a=a<<8|P(n);S(O,n,a)},YD=String.fromCharCode(105,110,116,101,103,67,104,101,99,107,66,121,112,97,115,115),q=[],em=[],B=[],u1=(y.prototype.EP=(y.prototype.gr=false,void 0),[]),Cj=[],L={},wz=[],M=(y.prototype.Pd=void 0,[]),Zk=(y.prototype.F="toString",[]),h=(Uc,f,Nt,WM,L).constructor,$D=(E=(y.prototype.J="create",y.prototype),E.v=function(n,t,a,O,A){if((a="array"===oD(a)?a:[a],this).K)n(this.K);else try{O=!this.u.length,A=[],g(this,[M,A,a]),g(this,[q,n,A]),t&&!O||m(t,this,true)}catch(H){F(this,H),n(this.K)}},E.l=(window.performance||{}).now?function(){return this.j6+window.performance.now()}:function(){return+new Date},E.sP=function(){return Math.floor(this.l())},void 0),AB=(((y.prototype.S=(E.Xh=function(n,t,a){return n^((t^=t<<13,t^=t>>17,t=(t^t<<5)&a)||(t=1),t)},E.nW=function(n,t,a,O,A,H){for(O=H=0,a=[];H<n.length;H++)for(O+=t,A=A<<t|n[H];7<O;)O-=8,a.push(A>>O&255);return a},E.a8=function(n,t,a,O,A){for(A=O=0;O<n.length;O++)A+=n.charCodeAt(O),A+=A<<10,A^=A>>6;return O=new Number((n=(A+=A<<3,A^=A>>11,A)+(A<<15)>>>0,n&(1<<t)-1)),O[0]=(n>>>t)%a,O},E.bb=function(){return Math.floor(this.o+(this.l()-this.P))},function(n,t){return $D=(n={},t={},function(){return t==n?-57:-37}),function(a,O,A,H,G,c,K,d,b,p,x,V,Z,D,U){D=t,t=n;try{if(U=a[0],U==B){O=a[1];try{for(K=p=(V=(x=atob(O),[]),0);p<x.length;p++)G=x.charCodeAt(p),255<G&&(V[K++]=G&255,G>>=8),V[K++]=G;S((this.j=(this.O=V,this).O.length<<3,107),this,[0,0,0])}catch(W){C(W,17,this);return}i1(8001,this)}else if(U==M)a[1].push(k(this,268).length,k(this,90).length,k(this,121),k(this,359).length),S(146,this,a[2]),this.R[476]&&y0(k(this,476),8001,this);else{if(U==q){this.G=(d=(Z=u(((V=a[2],k(this,268)).length|0)+2,2),this).G,this);try{H=k(this,257),0<H.length&&z(u(H.length,2).concat(H),268,this,10),z(u(this.A,1),268,this,109),z(u(this[q].length,1),268,this),x=0,x-=(k(this,268).length|0)+5,x+=k(this,56)&2047,c=k(this,359),4<c.length&&(x-=(c.length|0)+3),0<x&&z(u(x,2).concat(f(x)),268,this,15),4<c.length&&z(u(c.length,2).concat(c),268,this,156)}finally{this.G=d}if(A=((((K=f(2).concat(k(this,268)),K)[1]=K[0]^6,K)[3]=K[1]^Z[0],K)[4]=K[1]^Z[1],this).KW(K))A="!"+A;else for(A="",x=0;x<K.length;x++)b=K[x][this.F](16),1==b.length&&(b="0"+b),A+=b;return k(this,(k(this,(k((p=A,this),268).length=V.shift(),90)).length=V.shift(),S(121,this,V.shift()),359)).length=V.shift(),p}if(U==u1)y0(a[1],a[2],this);else if(U==Zk)return y0(a[1],8001,this)}}finally{t=D}}}()),y).prototype.ZE=0,y).prototype.hn=0,/./),l1,PM=B.pop.bind((y.prototype.KW=(y.prototype[Cj]=[0,0,1,1,0,1,1],function(n,t,a,O){if(a=window.btoa){for(O=(t=0,"");t<n.length;t+=8192)O+=String.fromCharCode.apply(null,n.slice(t,t+8192));n=a(O).replace(/\\+/g,"-").replace(/\\//g,"_").replace(/=/g,"")}else n=void 0;return n}),y.prototype[M])),dz=((l1=(AB[y.prototype.F]=PM,kD)({get:PM},y.prototype.J),y).prototype.Hd=void 0,function(n,t){return(t=aD())&&1===n.eval(t.createScript("1"))?function(a){return t.createScript(a)}:function(a){return""+a}}(I));40<(X=I.botguard||(I.botguard={}),X.m)||(X.m=41,X.bg=Dk,X.a=ID),X.jBG_=function(n,t,a){return a=new y(t,n),[function(O){return Q0(a,O)}]};}).call(this);'));
}).call(this);
                                    

#4 JavaScript::Eval (size: 22, repeated: 1) - SHA256: 7b2d5929e3715c281515139b01f46779e30171443e70764044a3a24f53c1f5aa

                                        0,
function(H) {
    Sm(H, 1)
}
                                    

#5 JavaScript::Eval (size: 64, repeated: 1) - SHA256: c0df8d2d49fd7cdf41d99c3042e41028b23a9c484615d4cb91aa84dbe028c1fd

                                        0,
function(H, G, c) {
    S((c = (G = (c = w(H), w(H)), H).R[c] && k(H, c), G), H, c)
}
                                    

Executed Writes (0)



HTTP Transactions (98)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: www.fundfc.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         199.34.228.77
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Thu, 01 Sep 2022 20:25:28 GMT
Server: Apache
Set-Cookie: is_mobile=0; path=/; domain=www.fundfc.org
Vary: X-W-SSL,User-Agent
Location: https://www.fundfc.org/
X-Host: blu71.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 338
Keep-Alive: timeout=10, max=60
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   338
Md5:    ee6f194e1e38d732e173a8c25a09934a
Sha1:   908d60632b42888155c66570adb0d5553b9f4d50
Sha256: 733a67673ccc63cda3ffc32d38d09a4af409f9eba5ac30611483f8709ea36f31
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "9B43EC48B16F96449208A0094C4D660806A2A2D344B5862DBFF4C393BF3F9F9F"
Last-Modified: Thu, 01 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7109
Expires: Thu, 01 Sep 2022 22:23:57 GMT
Date: Thu, 01 Sep 2022 20:25:28 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.25
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
date: Thu, 01 Sep 2022 01:15:17 GMT
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
etag: "742edb4038f38bc533514982f3d2e861"
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: diLXEG_8wDlwOdhoh3zyUzMT5oGBxFKpFyre4DXcpHRDLZK9SovEyA==
age: 69012
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    742edb4038f38bc533514982f3d2e861
Sha1:   cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
Sha256: b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "FC79E03D0A3668F6CC7034A138A194222C085A4768A43B06CCA3BB598715A1D7"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11170
Expires: Thu, 01 Sep 2022 23:31:38 GMT
Date: Thu, 01 Sep 2022 20:25:28 GMT
Connection: keep-alive

                                        
                                            GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=NO&count=30 HTTP/1.1 
Host: getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.5.221
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
vary: Accept-Encoding
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Hit from cloudfront
x-amz-cf-pop: SEA73-P2
x-amz-cf-id: GXQtV8Ed1MmdKeIFpUPzjtsI6vmYlmujk1Vex60Wx8e0lkxT3lcfNQ==
content-encoding: gzip
via: 1.1 a8e5d5aeee6eacca5c379e5059b1f68c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 20:12:56 GMT
age: 752
content-length: 42539
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size:   42539
Md5:    f98ab1c00fa955335edbbdf62a86aa7a
Sha1:   e86b04d8143eecce693f02f2ccb99ae1a21d6896
Sha256: d55f458fd15b2bca43408f3bb1b558f4fd832a9468270aa699b6d2c30791a4e2
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 01 Sep 2022 19:41:20 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: MCXQEfYmOZfEb4J2wJrwWoyNWYCT_jCf6VTi2jfe9tw-qcRG0KgdrQ==
Age: 2648


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    91dd975a7b17b2922dd23c0e49314e40
Sha1:   57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Thu, 01 Sep 2022 20:25:28 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A68834D6FCCF08845CE3109A8976119F0A38682B5E099C19F535C0620B25D12E"
Last-Modified: Tue, 30 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21537
Expires: Fri, 02 Sep 2022 02:24:25 GMT
Date: Thu, 01 Sep 2022 20:25:28 GMT
Connection: keep-alive

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Thu, 01 Sep 2022 19:57:05 GMT
Expires: Thu, 01 Sep 2022 19:59:33 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: kRPPLOg__bAA5wuH3lBXDh3rzXOb1xK98JuvlaMA88yU6QhFpiRqRQ==
Age: 1703


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET / HTTP/1.1 
Host: www.fundfc.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         199.34.228.77
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Thu, 01 Sep 2022 20:25:28 GMT
Server: Apache
Vary: X-W-SSL,Accept-Encoding,User-Agent
Set-Cookie: is_mobile=0; path=/; domain=www.fundfc.org language=en; expires=Thu, 15-Sep-2022 20:25:28 GMT; Max-Age=1209600; path=/
Cache-Control: private
ETag: W/"40d00ff5421f728c4f0e939784b22c41-gzip"
Content-Encoding: gzip
X-Host: grn108.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 16735
Keep-Alive: timeout=10, max=24
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (42182)
Size:   16735
Md5:    0f2b034599dc43e7e4646e5343435216
Sha1:   2d66163ade50313bd666303f3d63aa6d1ce6574c
Sha256: 9528ab7a2e16632daf77b4ae562a1961ed749ade784d0ceb4228df262aa07f8c
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6179
Cache-Control: 'max-age=158059'
Date: Thu, 01 Sep 2022 20:25:29 GMT
Etag: "63106818-1d7"
Last-Modified: Thu, 01 Sep 2022 18:42:30 GMT
Server: ECS (amb/6B8F)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 01 Sep 2022 20:25:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 01 Sep 2022 20:25:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ajax/libs/jquery/1.8.3/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fundfc.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33593
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 27 Aug 2022 09:37:50 GMT
expires: Sun, 27 Aug 2023 09:37:50 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 470859
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65483)
Size:   33593
Md5:    a54a444f20643b131117dc2112cca05f
Sha1:   074964746b12ff1d30f7656310d6154ae1cc98b5
Sha256: aa3ca8485dd777d4d880b38c1cf3bc2fc290d28a79ba3e3e43cba1f653132830
                                        
                                            GET /files/main_style.css?1660522801 HTTP/1.1 
Host: www.fundfc.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fundfc.org/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.77
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Thu, 01 Sep 2022 20:25:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
X-Host: grn70.sf2p.intern.weebly.net
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (717)
Size:   9636
Md5:    015a30a44c875045cda8800ade2d8ea3
Sha1:   991fb19b6f6c5b30716c37aef06603ad808e8670
Sha256: d314778e62386bec6049b20d310e86160698940a750fd681b00b4412eb4f83d0
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 01 Sep 2022 20:25:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /js/site/theme-plugins.js?buildTime=1660262238 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fundfc.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
last-modified: Thu, 25 Aug 2022 21:16:47 GMT
etag: "6307e6bf-314e"
expires: Thu, 08 Sep 2022 23:59:39 GMT
cache-control: max-age=1209600
x-host: grn57.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 01 Sep 2022 20:25:29 GMT
age: 591950
x-served-by: cache-sjc10021-SJC, cache-bma1647-BMA
x-cache: HIT, HIT
x-cache-hits: 2, 1
x-timer: S1662063929.216897,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 3747
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (12622), with no line terminators
Size:   3747
Md5:    326fac3bf2f5a48ddb695ce00260efd8
Sha1:   824134c8f3cbfc5b0ce818dcb0befc99842e4fa6
Sha256: 8fa81dbf4afb7142ee09f89d14e23fd44928c782bced6ef6c44fe9515429af50
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 01 Sep 2022 20:25:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 01 Sep 2022 20:25:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /js/site/commerce-core.js?buildTime=1660262238 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fundfc.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
last-modified: Tue, 23 Aug 2022 17:52:38 GMT
etag: "630513e6-f57e"
expires: Wed, 07 Sep 2022 13:52:03 GMT
cache-control: max-age=1209600
x-host: grn116.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 01 Sep 2022 20:25:29 GMT
age: 714805
x-served-by: cache-sjc10026-SJC, cache-bma1647-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1662063929.216932,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 17388
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32011)
Size:   17388
Md5:    e32a0ae988b9f1c9de6f0f70bfa0ffbd
Sha1:   c2e9ad2d183fa12c63df33521a919ad9eb0b44cb
Sha256: fb4389e623d2a4a9b1d7be60bb37b99e71294a39fbfee8f7d9db5f68f67d0ec8
                                        
                                            GET /js/site/main-commerce-browse.js?buildTime=1660262238 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fundfc.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
last-modified: Mon, 29 Aug 2022 23:14:16 GMT
etag: "630d4848-f92d"
expires: Tue, 13 Sep 2022 10:55:22 GMT
cache-control: max-age=1209600
x-host: blu31.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 01 Sep 2022 20:25:29 GMT
age: 207006
x-served-by: cache-sjc10065-SJC, cache-bma1647-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1662063929.216906,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 16977
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32049)
Size:   16977
Md5:    15eaf839ff82242f8d02b1f60c073760
Sha1:   ed5886bbb71827073b52523683a95f0a051f8c40
Sha256: c484962adc762a7df4929e867d53141cebf339cc60e1c611b3b7bfa61e1aea7d
                                        
                                            GET /css/social-icons.css?buildtime=1660262238 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fundfc.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
last-modified: Thu, 25 Aug 2022 21:16:22 GMT
etag: W/"6307e6a6-3319"
expires: Thu, 08 Sep 2022 23:59:37 GMT
cache-control: max-age=1209600
x-host: grn6.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 01 Sep 2022 20:25:29 GMT
age: 591952
x-served-by: cache-sjc10072-SJC, cache-bma1647-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 2
x-timer: S1662063929.234774,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 1639
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (13080)
Size:   1639
Md5:    243120f4b71fec847a87698dc4cbac6d
Sha1:   e13f40bd3e33d36e0d962600725068ca06f2f00f
Sha256: 3c533d4365608b04a206ffa7ad7f13714771e11bfde5b0e4253b19e29aa1c587
                                        
                                            GET /fonts/Aller/font.css?2 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fundfc.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
last-modified: Mon, 22 Aug 2022 16:54:05 GMT
etag: "6303b4ad-a2"
expires: Tue, 06 Sep 2022 12:59:14 GMT
cache-control: max-age=1209600
x-host: blu86.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 01 Sep 2022 20:25:29 GMT
age: 804375
x-served-by: cache-sjc10043-SJC, cache-bma1647-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 6
x-timer: S1662063929.234795,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 128
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   128
Md5:    76ca47eee0b492f01b04cb6b3978683d
Sha1:   b1d39aef9e678fb81df63f395a2991b2d1e269b0
Sha256: f2b23d94f7c941812ca7dbfac62771eece52732e99befe7206977262505a2d73
                                        
                                            GET /js/lang/en/stl.js?buildTime=1660262238& HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fundfc.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
last-modified: Mon, 22 Aug 2022 20:42:23 GMT
etag: "6303ea2f-2c44e"
expires: Tue, 06 Sep 2022 09:56:10 GMT
cache-control: max-age=1209600
x-host: grn133.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 01 Sep 2022 20:25:29 GMT
age: 815357
x-served-by: cache-sjc10061-SJC, cache-bma1647-BMA
x-cache: HIT, HIT
x-cache-hits: 12, 3
x-timer: S1662063929.224638,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 32802
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, Unicode text, UTF-8 text, with very long lines (64997)
Size:   32802
Md5:    40ee71f2f2de93b9561845efa9a0cbbc
Sha1:   13451e3fb165d1ad524d9863d8344eab4a2fe353
Sha256: 41a33daf28fc89ce06f3c6a6029d078c20a0f42f07d6ec3dc7127d206dcec5fe
                                        
                                            GET /js/site/main.js?buildTime=1660262238 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fundfc.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
last-modified: Thu, 25 Aug 2022 21:16:47 GMT
etag: "6307e6bf-74804"
expires: Thu, 08 Sep 2022 23:59:36 GMT
cache-control: max-age=1209600
x-host: grn89.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 01 Sep 2022 20:25:29 GMT
age: 591953
x-served-by: cache-sjc10069-SJC, cache-bma1647-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1662063929.217002,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 146400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32147)
Size:   146400
Md5:    81b8673c5d3aa3ab8c0574f2a8f0e3b4
Sha1:   2e0661bc7907d9e2703b3347c3fec579f0aef5d6
Sha256: 0e981f4de6287406ce261fddea24aa05ded4b6a8c4c07283c363c1502071cf40
                                        
                                            GET /css/old/fancybox.css?1660262238 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fundfc.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
last-modified: Mon, 29 Aug 2022 23:13:57 GMT
etag: "630d4835-f47"
expires: Tue, 13 Sep 2022 09:18:42 GMT
cache-control: max-age=1209600
x-host: blu106.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 01 Sep 2022 20:25:29 GMT
age: 212807
x-served-by: cache-sjc10043-SJC, cache-bma1647-BMA
x-cache: HIT, HIT
x-cache-hits: 2, 3
x-timer: S1662063929.252007,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 1218
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3910)
Size:   1218
Md5:    b644e92258f4c7c0b4270047652d1e60
Sha1:   93734d52ee9e86a768159e514076051813c39cd9
Sha256: 29199496fb817668f887938571046abcdfb49063d0207d571b361f221f467907
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 01 Sep 2022 20:25:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 01 Sep 2022 20:25:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: okFIkN5FCYj0AHgd2VpMLg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         34.217.237.91
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ZtVwT3rxelpK/g3+pELH9NCRKJs=

                                        
                                            GET /files/theme/plugins.js?1557172909 HTTP/1.1 
Host: www.fundfc.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fundfc.org/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.77
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Thu, 01 Sep 2022 20:25:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 13 Jun 2021 15:14:01 GMT
x-rgw-object-type: Normal
ETag: W/"d86334c666522e93294216386ef7e57b"
x-amz-request-id: tx000000000000000cd32ee-0061a71859-a9f4046-sfo1
X-Storage-Bucket: zb548
X-Storage-Object: b548f7d3463d55fb324b29d193d98a69dbbeef7348835c01916510410a8abe52
X-Host: blu24.sf2p.intern.weebly.net
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text
Size:   18070
Md5:    c078966075fc4554da70882e7e85af85
Sha1:   57930bfc5e2835d93ff4e3e8d2045c8f7bc36a28
Sha256: 9124e1d2e029f9d2d4a2db450950390bd7eb86a6ae5bfbb76e90a1671b136dd3
                                        
                                            GET /files/templateArtifacts.js?1660522801 HTTP/1.1 
Host: www.fundfc.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fundfc.org/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.77
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx
Date: Thu, 01 Sep 2022 20:25:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
X-Host: blu71.sf2p.intern.weebly.net
Content-Encoding: gzip


--- Additional Info ---
Magic:  exported SGML document, ASCII text, with very long lines (1630)
Size:   1632
Md5:    e0836e8203c22b8e4086f27e91e86f5a
Sha1:   28235e77f5a895c8cd411aff4a6ef4e6f7d419c2
Sha256: 32dbc4a2eeca39a57d35670f00e2cf59e03c279521e47506c56c5c36d8b664b6
                                        
                                            GET /files/theme/custom.js?1557172909 HTTP/1.1 
Host: www.fundfc.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fundfc.org/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.77
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Thu, 01 Sep 2022 20:25:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Mon, 16 May 2022 20:30:15 GMT
x-rgw-object-type: Normal
ETag: W/"9a4d3a18190ef2bede26423bb6604dc7"
x-amz-request-id: tx000000000000001dcde01-006284a5e1-b9fbc7f-sfo1
X-Storage-Bucket: z82b9
X-Storage-Object: 82b916388ce33d61e0bb3000fe2911bed0c3cf75e09cb31441b6e61816d45159
X-Host: blu134.sf2p.intern.weebly.net
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text
Size:   3100
Md5:    55de8dc7a1bf465a876334bd22d2e9b8
Sha1:   f1e0107e6300820b2019f4bf2e981386068bd4f8
Sha256: 623d5b53fc2e86d60c1f2d3a1751affd20cb6a88c79c5f9cdcb29a8aba71aac8
                                        
                                            GET /uploads/1/2/5/0/125088474/editor/logo.png?1625942872 HTTP/1.1 
Host: www.fundfc.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fundfc.org/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.77
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Thu, 01 Sep 2022 20:25:29 GMT
Content-Length: 32081
Connection: keep-alive
Last-Modified: Sat, 10 Jul 2021 18:47:52 GMT
x-rgw-object-type: Normal
ETag: "b17ed4e21d7132ca31f0dce54b34e0d4"
x-amz-request-id: tx000000000000030b2b9cd-00630d6f63-c03521c-sfo1
X-Storage-Bucket: z454c
X-Storage-Object: 454c961eafa02e9259c61b2e74a33a556dc2dcd704f0dd66abb7cecf8414a853
X-Host: grn139.sf2p.intern.weebly.net
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 227 x 227, 8-bit/color RGBA, non-interlaced\012- data
Size:   32081
Md5:    b17ed4e21d7132ca31f0dce54b34e0d4
Sha1:   016f0dc840f3cee30bb93bc8ce288d2fade313f4
Sha256: 454c961eafa02e9259c61b2e74a33a556dc2dcd704f0dd66abb7cecf8414a853
                                        
                                            GET /uploads/1/2/5/0/125088474/ffclogo.png HTTP/1.1 
Host: www.fundfc.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fundfc.org/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.77
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Thu, 01 Sep 2022 20:25:29 GMT
Content-Length: 8365
Connection: keep-alive
Last-Modified: Wed, 09 Sep 2020 14:39:11 GMT
x-rgw-object-type: Normal
ETag: "85f5f8f3902f52f3040214119697d588"
x-amz-request-id: tx00000000000001574e79f-0062e21c24-bfe27ea-sfo1
X-Storage-Bucket: za4d0
X-Storage-Object: a4d0cd2cf80265d8d35dd6d1e00abf9e582ac1311f3dde12dc9beb73c7d33e82
X-Host: blu25.sf2p.intern.weebly.net
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size:   8365
Md5:    85f5f8f3902f52f3040214119697d588
Sha1:   5f434ce4702cd70708ee6fabd3a1d423a28b821c
Sha256: a4d0cd2cf80265d8d35dd6d1e00abf9e582ac1311f3dde12dc9beb73c7d33e82
                                        
                                            GET /widget.js HTTP/1.1 
Host: donorbox.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fundfc.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.22.51.249
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Thu, 01 Sep 2022 20:25:29 GMT
cf-ray: 7440bc49aed50b06-OSL
age: 29
cache-control: public, s-maxage=120, max-age=0
last-modified: Thu, 01 Sep 2022 10:09:58 GMT
vary: Accept-Encoding
via: 1.1 vegur
cf-cache-status: HIT
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2512)
Size:   27341
Md5:    4386dbff494621e5731b4cd4438cf18f
Sha1:   530d26087f09bdfe07cca120e389ae6d224b2b93
Sha256: af0dc9bb883837f5ac09b65338ae03944085977aad31a79878ebf6b4163ae8f2
                                        
                                            GET /fonts/Aller/regular.ttf HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.fundfc.org
Connection: keep-alive
Referer: https://cdn2.editmysite.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: application/octet-stream
                                        
server: nginx
last-modified: Mon, 22 Aug 2022 16:54:05 GMT
etag: "6303b4ad-20d24"
expires: Tue, 06 Sep 2022 09:20:06 GMT
cache-control: max-age=1209600
x-host: blu42.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 01 Sep 2022 20:25:29 GMT
age: 817524
x-served-by: cache-sjc10079-SJC, cache-bma1647-BMA
x-cache: HIT, HIT
x-cache-hits: 8, 3
x-timer: S1662063930.937734,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 64039
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  TrueType Font data, digitally signed, 18 tables, 1st "DSIG", 15 names, Macintosh, type 1 string, AllerRegularDaltonMaagLtd.: Aller: 2008AllerVersion 1.00AllerDalton Maag Ltd.Aller\012- data
Size:   64039
Md5:    2f739dc10768f4da7cb3ab0c7327b069
Sha1:   3891339fbea360a573052114892a1f43dc610990
Sha256: 3f79c7d6c8835e01b4bdb25a571d149c021ed5aeef6fa2ca26930a506c2b8221
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 01 Sep 2022 20:25:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 01 Sep 2022 20:25:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 01 Sep 2022 20:25:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /css?family=Cardo:400,700,400italic&subset=latin,latin-ext HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fundfc.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 01 Sep 2022 20:25:29 GMT
date: Thu, 01 Sep 2022 20:25:29 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            GET /s/josefinsans/v25/Qw3aZQNVED7rKGKxtqIqX5EUDXx4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.fundfc.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 26592
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 29 Aug 2022 02:32:36 GMT
expires: Tue, 29 Aug 2023 02:32:36 GMT
cache-control: public, max-age=31536000
age: 323574
last-modified: Mon, 11 Jul 2022 20:56:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 26592, version 1.0\012- data
Size:   26592
Md5:    c2d66029cf6ae68a19e1398fc02feda6
Sha1:   c37e5907e49d2ed5b11f59841a3d16c911da7a5c
Sha256: 3701f4ae604d8fccb4ddca393e076a456aebfb06c1a9d94c1c13089293f55716
                                        
                                            GET /s/cardo/v19/wlp_gwjKBV1pqhv43IE.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.fundfc.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14880
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 29 Aug 2022 20:02:26 GMT
expires: Tue, 29 Aug 2023 20:02:26 GMT
cache-control: public, max-age=31536000
age: 260584
last-modified: Thu, 21 Apr 2022 17:05:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 14880, version 1.0\012- data
Size:   14880
Md5:    c1570bbb1803261029ee01e99efb78c9
Sha1:   c3f95b0464f08458f80126f4f32201921559c442
Sha256: f1346360729e77380edf8f17fa421b76452289ae1b5f4be290b19c4d204e9587
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 01 Sep 2022 20:25:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /uploads/1/2/5/0/125088474/published/fact_3.jpg HTTP/1.1 
Host: www.fundfc.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fundfc.org/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.77
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Thu, 01 Sep 2022 20:25:29 GMT
Content-Length: 19632
Connection: keep-alive
Last-Modified: Tue, 30 Jul 2019 16:35:36 GMT
x-rgw-object-type: Normal
ETag: "9d8b66f59f7cf2c4f2c53e71e04cbdb5"
x-amz-request-id: tx000000000000033328362-006310f7b9-c0351b0-sfo1
X-Storage-Bucket: zf439
X-Storage-Object: f439cc660c5be26fcbbc0bfe9caa12edf4ded7b182f75f394fd599e96ea47cf8
X-Host: blu14.sf2p.intern.weebly.net
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 335x384, components 3\012- data
Size:   19632
Md5:    9d8b66f59f7cf2c4f2c53e71e04cbdb5
Sha1:   bed50a59087f0bbdd49785220f526802617ea97b
Sha256: f439cc660c5be26fcbbc0bfe9caa12edf4ded7b182f75f394fd599e96ea47cf8
                                        
                                            GET /s/lora/v26/0QIvMX1D_JOuMwr7Iw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.fundfc.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35660
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 29 Aug 2022 19:24:23 GMT
expires: Tue, 29 Aug 2023 19:24:23 GMT
cache-control: public, max-age=31536000
age: 262867
last-modified: Mon, 15 Aug 2022 18:07:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 35660, version 1.0\012- data
Size:   35660
Md5:    0d0d3e5824e5e67a9e993960df2b67a9
Sha1:   328d67bb1d5899a7809df9f4385181863fd035f1
Sha256: 38da98e06ba18c4204f547d30572cd81a2dd3fd5438d306856d2617480ee8639
                                        
                                            GET /s/cardo/v19/wlpxgwjKBV1pqhv97IMx3A.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.fundfc.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18724
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Aug 2022 00:06:10 GMT
expires: Sat, 26 Aug 2023 00:06:10 GMT
cache-control: public, max-age=31536000
age: 591560
last-modified: Thu, 21 Apr 2022 16:54:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 18724, version 1.0\012- data
Size:   18724
Md5:    03846fd1ff535c1abbee5fb624297d50
Sha1:   93489fd28ee961d17301548affffeaef76b98079
Sha256: 845a35b5a38dba27a0ed97ee5044d9e40617809019ff843915a48d69e098b4b0
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 01 Sep 2022 20:25:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /uploads/1/2/5/0/125088474/published/ffclogo_2.png HTTP/1.1 
Host: www.fundfc.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fundfc.org/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.77
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Thu, 01 Sep 2022 20:25:29 GMT
Content-Length: 20243
Connection: keep-alive
Last-Modified: Wed, 09 Sep 2020 14:43:44 GMT
x-rgw-object-type: Normal
ETag: "dc6780fe48cce5d54478e2242926d79e"
x-amz-request-id: tx0000000000000334caad8-0063111539-c0351b0-sfo1
X-Storage-Bucket: z3ab4
X-Storage-Object: 3ab4718087bd0e0f88409a8ba75cca862529910eed079571d943bad1fc969a30
X-Host: blu27.sf2p.intern.weebly.net
Accept-Ranges: bytes, bytes


--- Additional Info ---
Magic:  PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size:   20243
Md5:    dc6780fe48cce5d54478e2242926d79e
Sha1:   ecd5974ce0832e1745c7b6fc55a0f7e0ba35f5fa
Sha256: 3ab4718087bd0e0f88409a8ba75cca862529910eed079571d943bad1fc969a30
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 01 Sep 2022 20:25:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ga.js HTTP/1.1 
Host: ssl.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fundfc.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.232
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17168
date: Thu, 01 Sep 2022 18:29:20 GMT
expires: Thu, 01 Sep 2022 20:29:20 GMT
cache-control: public, max-age=7200
age: 6970
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1305)
Size:   17168
Md5:    01d5892e6e243b52998310c2925b9f3a
Sha1:   58180151b6a6ee4af73583a214b68efb9e8844d4
Sha256: 7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
                                        
                                            GET /uploads/1/2/5/0/125088474/background-images/488442428.jpg HTTP/1.1 
Host: www.fundfc.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fundfc.org/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.77
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Thu, 01 Sep 2022 20:25:30 GMT
Content-Length: 127691
Connection: keep-alive
Last-Modified: Sat, 18 May 2019 04:11:20 GMT
x-rgw-object-type: Normal
ETag: "b26599739c3bbc72f7b249a35b5e4489"
x-amz-request-id: tx000000000000031668750-00630ee150-bfe27ea-sfo1
X-Storage-Bucket: z7e0a
X-Storage-Object: 7e0a433b862c4a3fa4d2d547eeec367cdb7a9d2484721a9b7765532299a20815
X-Host: blu134.sf2p.intern.weebly.net
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 2000x1333, components 3\012- data
Size:   127691
Md5:    b26599739c3bbc72f7b249a35b5e4489
Sha1:   f356af2bfc9d9a615df43d860fadb74f3bd86f55
Sha256: 7e0a433b862c4a3fa4d2d547eeec367cdb7a9d2484721a9b7765532299a20815
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 01 Sep 2022 20:25:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18305
Expires: Fri, 02 Sep 2022 01:30:35 GMT
Date: Thu, 01 Sep 2022 20:25:30 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18305
Expires: Fri, 02 Sep 2022 01:30:35 GMT
Date: Thu, 01 Sep 2022 20:25:30 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18305
Expires: Fri, 02 Sep 2022 01:30:35 GMT
Date: Thu, 01 Sep 2022 20:25:30 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bffab86-e623-4ccd-9297-981c9dc6e4cd.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9674
x-amzn-requestid: 79dc68ea-ea2e-4eab-bab9-1c89b0a955a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XjMSvHJ-oAMF6Jw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630ac0de-2370cf5363d5f308121f0ca4;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 01:11:58 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qAEve6mBQ9a1hr2fBR8xq42pxeG9Kjn4yWaMr4z4On46QC9R1K91pw==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 14:45:21 GMT
age: 20409
etag: "b691ef5e7a302e2678302818130a9637c3efbe3a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9674
Md5:    b0f6c541f6335bb709d2270147bd5aed
Sha1:   b691ef5e7a302e2678302818130a9637c3efbe3a
Sha256: e63922331a4463519e6df77ae7a1ad3316a36e54dd03c00ff6b119ee3fa684c5
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0198fd1f-b00c-442e-9184-8ce8ebf9593c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10777
x-amzn-requestid: 2e9a081f-2ae4-49b9-b9d4-79cae2b7eae9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xv3kRFiJIAMFgNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630fd2e7-2f9eec0b239ceb6d617431b6;Sampled=0
x-amzn-remapped-date: Wed, 31 Aug 2022 21:30:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: w9ACDg_Mxbl2GSEDeDAqdMlKjkCiMyWExvCUa2jHquaQy6U-4EJtbQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 21:37:19 GMT
age: 82091
etag: "d97a8b0e4b4dbc60dfc9eb15ba28f68e8e3731ef"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10777
Md5:    ba98f63d9bef7deebb9a8d1b3126d396
Sha1:   d97a8b0e4b4dbc60dfc9eb15ba28f68e8e3731ef
Sha256: b8f6c1c6b34ec452a6aa3090c30ebf3a68cb3b4d45a7b134ed32e1959f4f0682
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5b5a9a-050c-4a84-9e0d-dfa84795640f.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8009
x-amzn-requestid: 6d716dae-efa3-449a-a505-fb5f3d99c2df
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XsvlaFEaoAMFwDw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630e92ef-708228ce7e1fb3cb770cb490;Sampled=0
x-amzn-remapped-date: Tue, 30 Aug 2022 22:45:03 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Gwk8Z-MzgO1APlMgvdN3-5KGdQ2K4I959yy-YdbVUD5AOZTQ0mjYhQ==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 00:00:46 GMT
age: 73484
etag: "98e27f0dafd7b1b49e159ee038b41a811096a2d0"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8009
Md5:    6b2c036e67f8c39c136f6c69b0922eb1
Sha1:   98e27f0dafd7b1b49e159ee038b41a811096a2d0
Sha256: 9dc9e00e6f63a22dd85f54ba26326a9733f6c1d7a19c7b1636f14fca2722e6eb
                                        
                                            POST /ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails] HTTP/1.1 
Host: www.fundfc.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 83
Origin: https://www.fundfc.org
Connection: keep-alive
Referer: https://www.fundfc.org/
Cookie: is_mobile=0; language=en; _snow_ses.8483=*; _snow_id.8483=28b90b81-b755-43e6-8984-db92391713e2.1662063930.1.1662063930.1662063930.c5099b73-c517-43d2-b04a-1b8a32ad0c47
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.77
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Date: Thu, 01 Sep 2022 20:25:30 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: grn43.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 348
Keep-Alive: timeout=10, max=69
Connection: Keep-Alive


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (348), with no line terminators
Size:   348
Md5:    a944dd688c99d2901d6719be713271c0
Sha1:   4f5454d5d434829baf46671638610791758725d9
Sha256: adb97e1bc686c58b4286f1208d2bd969687c6cf3e2fc468697dfd956d260de49
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfd1bafb-f92b-46dc-9f17-4df493cefb83.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10137
x-amzn-requestid: 7d5f19c4-7c9b-4aad-928c-bb44da795f1f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XaISzFY1IAMF-zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630720de-0ea5331041f0167a196f9820;Sampled=0
x-amzn-remapped-date: Thu, 25 Aug 2022 07:12:30 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: h1ELVJBwpf4d3Fbspah-2KCSXx08D8_ZAgcZZjQSJdkMIUmtNmGJOw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 04:59:05 GMT
age: 55585
etag: "b844f3dcb14a2995644312406a80842e3f02a114"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10137
Md5:    ac4d5b101c9dc6a6f7e4bf252bfa9ca7
Sha1:   b844f3dcb14a2995644312406a80842e3f02a114
Sha256: e81f08ce6d9c7670f6e291f3d6a674b624386bd550d5c364264c3ff8fb7c797a
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9564bd06-b264-460b-96bb-6b37cf25a72b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 16818
x-amzn-requestid: 6950a3c5-2cdc-4a21-854c-10d925e32ecd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XiYLvHRSIAMFotQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630a6d7e-6e98b9a77e592bd01afb1d97;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 19:16:14 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3eBLhLH4APXLyj9kLHXNCFT9ccS_bnBp5INvMI93IFvOuBMERe_GgQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 13:35:58 GMT
age: 24572
etag: "9fef9b071daea6793cbbdfe391254ac4326b1aa2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   16818
Md5:    12756903aaa74164feb5f8525398ca36
Sha1:   9fef9b071daea6793cbbdfe391254ac4326b1aa2
Sha256: 6d474a6d96aebfed43a4f6812f18a1be8d100c590f75eb0fbf4ec7277dd0c442
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F141f656b-9191-4cf5-a05b-891ed5c9656f.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5079
x-amzn-requestid: 3b19c77a-2e9b-499f-890b-36fc4ee72ba7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XslOVEtZIAMFv1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630e825b-01b7b71617b59f7414a0e5e5;Sampled=0
x-amzn-remapped-date: Tue, 30 Aug 2022 21:34:19 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: et3ZsWRVoBNMpArUk9CohTyMpS5F0eKiR6cZJRfwAEiiFJUaeay58g==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 21:44:24 GMT
age: 81666
etag: "288b82ad8f924eb9570ae1c55da84d041f862366"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5079
Md5:    5c3b7580a37e6eb7e5bd18491f1d4dd6
Sha1:   288b82ad8f924eb9570ae1c55da84d041f862366
Sha256: 046d1ef76448c53446068ef5f8315b7299484996cdebfd9d1e749b4ded9c7d3c
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.39
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=161477
Date: Thu, 01 Sep 2022 20:25:30 GMT
Etag: "6310e10e-1d7"
Expires: Sat, 03 Sep 2022 17:16:47 GMT
Last-Modified: Thu, 01 Sep 2022 16:42:54 GMT
Server: ECS (nyb/1D34)
X-Cache: Miss from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 9gp-gZgYYN8tFngV9IKjl9H-EGZ5A4RASf8P8-gRUSEaA1ZZPGo3VQ==
Age: 2033

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.39
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 01 Sep 2022 20:25:30 GMT
Last-Modified: Thu, 01 Sep 2022 19:33:22 GMT
Server: ECS (nyb/1D35)
X-Cache: Miss from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: HN4jFQW-fApuYIu78deAqtJEutkhBkP6C_ggCP-HRxkep-JZdqWTrA==
Age: 3128

                                        
                                            POST /ajax/api/JsonRPC/Commerce/?Commerce[Checkout::getMiniCart] HTTP/1.1 
Host: www.fundfc.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 69
Origin: https://www.fundfc.org
Connection: keep-alive
Referer: https://www.fundfc.org/
Cookie: is_mobile=0; language=en; _snow_ses.8483=*; _snow_id.8483=28b90b81-b755-43e6-8984-db92391713e2.1662063930.1.1662063930.1662063930.c5099b73-c517-43d2-b04a-1b8a32ad0c47
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.77
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Date: Thu, 01 Sep 2022 20:25:30 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: blu125.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 2030
Keep-Alive: timeout=10, max=64
Connection: Keep-Alive


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (2030), with no line terminators
Size:   2030
Md5:    1b0617481c052bdef4857d75db039979
Sha1:   4cc3568a33d924505be6d407b31fc7571a7de966
Sha256: ac78879adc7191d06dbe68eb6bc2ebe0941a696e0faf2448125f1e0c2fe92405
                                        
                                            GET /assets/application_embed-a5a8d12a77e9f5d96fc00008a78e609d05bef2559c932fc4cfc8de00f7a87242.css HTTP/1.1 
Host: donorbox.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://donorbox.org/embed/fundfc?default_interval=null&hide_donation_meter=true
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.22.51.249
HTTP/2 200 OK
content-type: text/css
                                        
date: Thu, 01 Sep 2022 20:25:30 GMT
content-length: 64969
cf-ray: 7440bc4e7c050b06-OSL
accept-ranges: bytes
age: 345
content-encoding: gzip
last-modified: Wed, 01 Jun 2022 14:12:27 GMT
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding, Origin
via: 1.1 vegur
cf-cache-status: HIT
server: cloudflare
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (65533), with no line terminators
Size:   64969
Md5:    d59f5649bf08990d440d357ac967f40d
Sha1:   c9c1cf631895c9df5343c7d846ca71dbab43935c
Sha256: 2366ea2e61f133203ca85879582d9ea2c638b80fb4fb814de4060290ece2746b
                                        
                                            GET /css?family=Josefin+Sans:400,300,300italic,700,400italic,700italic&subset=latin,latin-ext HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fundfc.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 01 Sep 2022 20:25:29 GMT
date: Thu, 01 Sep 2022 20:25:29 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   17485
Md5:    f9b463088d6d592f4f867a915bf13816
Sha1:   8df2272bd810a21c32e43df7eb5f7858a7443e5e
Sha256: ed7e47652f93ae1b73310f5c668d7c2f407e2bb21403e822066f8df2055025fb
                                        
                                            OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1 
Host: ec.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.fundfc.org/
Origin: https://www.fundfc.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         44.238.88.40
HTTP/2 200 OK
                                        
date: Thu, 01 Sep 2022 20:25:30 GMT
content-length: 0
server: nginx
access-control-allow-origin: https://www.fundfc.org
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 5
X-Firefox-Spdy: h2

                                        
                                            POST /s/gts1d4/njBV-zwzk84 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 01 Sep 2022 20:25:30 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  gzip compressed data, max compression\012- data
Size:   812
Md5:    0cff3958ebe5162b023b8c64717ff312
Sha1:   8a038ebb897ee52a2810f6b8f64e0a5c42990b73
Sha256: 3f1d3196b5523e01373872c07d615f82bfa069e6615ea657b3d27c778ae6dde0

Alerts:
  File Analyzers:
    - virustotal: 0/0
                                        
                                            GET /1.1.1/material.indigo-pink.min.css HTTP/1.1 
Host: code.getmdl.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donorbox.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.179
HTTP/2 200 OK
content-type: text/css
                                        
access-control-allow-origin: *
allow: GET, HEAD, OPTIONS
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-appengine-log-flush-count: 0
x-cloud-trace-context: 70be2c462b43db86395e1f68439cc7fb
server: Google Frontend
content-length: 138128
date: Thu, 01 Sep 2022 15:07:23 GMT
cache-control: public,max-age=2592000
last-modified: Wed, 03 Feb 2016 15:50:37 GMT
etag: W/"2386ea5247b09703963cf983f8428147"
age: 19087
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65321)
Size:   138128
Md5:    cc2c3df4a275f075ea05b3c1757f0552
Sha1:   008da10dec6aef2fd60b9693544130dc6987aaee
Sha256: adc89d7d695381bf2118da87e677a2af4057f40e466cf6c1a9af963d3921e1e4
                                        
                                            GET /assets/cc-cvc-f02c13e7dcec5aa08988cad4a936831264fee830bc3a98ad3168f102587bcdf1.png HTTP/1.1 
Host: donorbox.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://donorbox.org/embed/fundfc?default_interval=null&hide_donation_meter=true
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.22.51.249
HTTP/2 200 OK
content-type: image/png
                                        
date: Thu, 01 Sep 2022 20:25:30 GMT
content-length: 4098
cf-ray: 7440bc4fcd6a0b06-OSL
accept-ranges: bytes
age: 183
last-modified: Tue, 24 Aug 2021 08:20:46 GMT
strict-transport-security: max-age=63072000; includeSubDomains
vary: Origin, Accept-Encoding
via: 1.1 vegur
cf-cache-status: HIT
server: cloudflare
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 297 x 161, 8-bit/color RGBA, non-interlaced\012- data
Size:   4098
Md5:    c63a41b382021659d7bebd25fcb91c15
Sha1:   4c88e00e264caa99209c85029added7cd4ddb5f1
Sha256: 93378c6a055ba88a98e4103e5e69223de732a96d649bf122de263af0748c639c
                                        
                                            GET /assets/donor_app-a36420b6c69602245340deb3ff7d2af4d7269594c3de4741a5960b4b7804d6c5.js HTTP/1.1 
Host: donorbox.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://donorbox.org/embed/fundfc?default_interval=null&hide_donation_meter=true
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.22.51.249
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Thu, 01 Sep 2022 20:25:30 GMT
content-length: 383108
cf-ray: 7440bc4fcd6e0b06-OSL
accept-ranges: bytes
age: 184
content-encoding: gzip
last-modified: Wed, 31 Aug 2022 14:00:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding, Origin
via: 1.1 vegur
cf-cache-status: HIT
server: cloudflare
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32759)
Size:   383108
Md5:    5916ff04bd7598c5d8e987e9d522148a
Sha1:   d8d1b880eaa057e0d6a460429a37a2bbc954a58a
Sha256: 95c893f3050913e7fb7e0a895ee7935a597867b1621f6ea6af2129ec5f841c65
                                        
                                            GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://donorbox.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 29 Aug 2022 18:53:20 GMT
expires: Tue, 29 Aug 2023 18:53:20 GMT
cache-control: public, max-age=31536000
age: 264730
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size:   44856
Md5:    565ce506190ad3af920b40baf1794cec
Sha1:   ad3cba5d06100e09449a864d3b5e58403b478b3d
Sha256: 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
                                        
                                            POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1 
Host: ec.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1785
Origin: https://www.fundfc.org
Connection: keep-alive
Referer: https://www.fundfc.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         44.238.88.40
HTTP/2 200 OK
content-type: text/plain; charset=UTF-8
                                        
date: Thu, 01 Sep 2022 20:25:30 GMT
content-length: 2
server: nginx
set-cookie: sp=3ec1cbd8-72fd-4496-9c00-787e704882f3; Expires=Fri, 01 Sep 2023 20:25:30 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://www.fundfc.org
access-control-allow-credentials: true
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   2
Md5:    444bcb3a3fcf8389296c49467f27e1d6
Sha1:   7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
Sha256: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
                                        
                                            GET /s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://donorbox.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 128352
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Aug 2022 20:36:08 GMT
expires: Fri, 25 Aug 2023 20:36:08 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 25 Aug 2022 00:26:06 GMT
age: 604162
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 128352, version 1.0\012- data
Size:   128352
Md5:    53436aca8627a49f4deaaa44dc9e3c05
Sha1:   0bc0c675480d94ec7e8609dda6227f88c5d08d2c
Sha256: 8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4043
Cache-Control: 'max-age=158059'
Date: Thu, 01 Sep 2022 20:25:30 GMT
Last-Modified: Thu, 01 Sep 2022 19:18:07 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 01 Sep 2022 20:25:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /recaptcha/api.js?render=6LcoYTscAAAAAM9KqIDhNEH8nQY_e9vOyA2M9YJz HTTP/1.1 
Host: www.recaptcha.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://donorbox.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.131
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
expires: Thu, 01 Sep 2022 20:25:31 GMT
date: Thu, 01 Sep 2022 20:25:31 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 588
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (887), with no line terminators
Size:   588
Md5:    748ee427992fb3421917c4fc3d5a2c87
Sha1:   8afa774e891f5f0b04ea2631d5f63b66023fcbd4
Sha256: e18fa3fd8de49645df64d9536285194f2ee1cc66f3cf234a4c840fb543cd4260
                                        
                                            GET /assets/SourceSansPro-Regular-9a14ddaff6e051bd91ce7aed4f5b7fd0d6109530be12d039845e7cedcb8182bf.otf HTTP/1.1 
Host: donorbox.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donorbox.org/assets/application_embed-a5a8d12a77e9f5d96fc00008a78e609d05bef2559c932fc4cfc8de00f7a87242.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.22.51.249
HTTP/2 200 OK
content-type: application/vnd.oasis.opendocument.formula-template
                                        
date: Thu, 01 Sep 2022 20:25:30 GMT
content-length: 229588
cf-ray: 7440bc507e340b06-OSL
accept-ranges: bytes
age: 6963
last-modified: Tue, 24 Aug 2021 08:20:46 GMT
strict-transport-security: max-age=63072000; includeSubDomains
vary: Origin, Accept-Encoding
via: 1.1 vegur
cf-cache-status: HIT
server: cloudflare
X-Firefox-Spdy: h2

                                        
                                            GET /v3/m-outer-2a0f7db50009238158f4274fa211fa55.html HTTP/1.1 
Host: js.stripe.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://donorbox.org/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.55.68
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
content-length: 186
last-modified: Thu, 01 Sep 2022 17:56:04 GMT
accept-ranges: bytes
server: Cloudfront
access-control-allow-origin: *
x-content-type-options: nosniff
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
timing-allow-origin: *
date: Thu, 01 Sep 2022 19:57:25 GMT
cache-control: max-age=31536000
etag: "2a0f7db50009238158f4274fa211fa55"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: hjj8os_pOG2ZDtUxvjiufP2DT9RNCQvJBzRVQHzTXNS4Gb0UIXb1ZQ==
age: 1697
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Size:   186
Md5:    2a0f7db50009238158f4274fa211fa55
Sha1:   5401959ce846dbf837e73b11310c57370511bca9
Sha256: 80583de98e5b41831986362db5e185b094a0bb376d1926aa16341ff21a018a4c
                                        
                                            GET /recaptcha/releases/mBwkfBPLFWI0ygbsp8eJNMkw/recaptcha__en.js HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://donorbox.org/
Origin: https://donorbox.org
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 157730
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 29 Aug 2022 16:27:28 GMT
expires: Tue, 29 Aug 2023 16:27:28 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 29 Aug 2022 04:01:21 GMT
age: 273483
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (613)
Size:   157730
Md5:    d27f59fd0d124cb313fe64dd5ba8b26c
Sha1:   05da0ecd3970a5a568305a51f1e38945cca7ab39
Sha256: 09b3f5846ef9e14fd2fb99c280cee6a25fc4c7c96e050e70cc754a96625de485
                                        
                                            GET /maps/api/js?key=AIzaSyBAJHuYv-4KCapwLLe2tgieJdbSDnRwE-s&libraries=places&callback=geocoderCB HTTP/1.1 
Host: maps.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://donorbox.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.202
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
date: Thu, 01 Sep 2022 20:25:31 GMT
expires: Thu, 01 Sep 2022 20:55:31 GMT
cache-control: public, max-age=1800
vary: Accept-Language
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 56051
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=13
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2468)
Size:   56051
Md5:    64b5cce9ba38aa4ff1daf7ac340010d6
Sha1:   6f1823d64e18c154d7cc7b07616ae5be9e18dc85
Sha256: 2fd7d24721405195bbba908cc66697f2c9c67fb414816f0e52fe546d7af8be71
                                        
                                            GET /inner.html HTTP/1.1 
Host: m.stripe.network
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         151.101.84.176
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
cache-control: max-age=300, public
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: Fastly
content-encoding: gzip
accept-ranges: bytes
date: Thu, 01 Sep 2022 20:25:31 GMT
via: 1.1 varnish
age: 29
x-request-id: 1aa1c18f-a409-4264-9abf-f979017a0121
x-served-by: cache-bma1635-BMA
x-cache: HIT
x-cache-hits: 10
x-timer: S1662063931.326805,VS0,VE0
vary: Accept-Encoding, Origin
content-length: 527
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (930), with no line terminators
Size:   527
Md5:    e02352ef72e8a9563463c07174b0e50f
Sha1:   7a41613f7eae0819d1a4785eae3617fdbb33b9b3
Sha256: 2275fff71f8cbf1f25a1af7f7bbe5ecbc868ed0b16d345a8ce31770f66fc8ea5
                                        
                                            GET /v3/ HTTP/1.1 
Host: js.stripe.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://donorbox.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.68
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
last-modified: Thu, 01 Sep 2022 18:29:24 GMT
server: Cloudfront
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-encoding: br
date: Thu, 01 Sep 2022 20:25:09 GMT
cache-control: max-age=60
etag: W/"7cd828014a55704f455f9fbe533089ac"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: QIQmcqaJ6NiaW7SHBjDYfkCoHL2l26EA-LlrLCeGDvaiAw17PUtaFA==
age: 22
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   97217
Md5:    14940e7924e9907fb8938e3b9f8ffa57
Sha1:   0cfe454ea3f36295ea369e7c7e62ff405df3f211
Sha256: 0b0596de8effc4233778a1a1cddbd86ca45df5cf37e74b84c9328904dea86be5
                                        
                                            GET /cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1662062400 HTTP/1.1 
Host: donorbox.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.22.51.249
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
date: Thu, 01 Sep 2022 20:25:31 GMT
content-encoding: gzip
x-control-type-options: nosniff
vary: accept-encoding
cache-control: max-age=14400, public
server: cloudflare
cf-ray: 7440bc51ffbd0b06-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   16888
Md5:    e29cfa9a71b527602a380ddf69e03ac7
Sha1:   42a566751d0d57f6f8a0ec6fedf92b6a4b575014
Sha256: e5a2569d265e5dca3d2b65c01ae4d3cd7be433356b65e9eca809d43bcee6e956
                                        
                                            GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.recaptcha.net
Connection: keep-alive
Referer: https://www.recaptcha.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 27 Aug 2022 12:31:58 GMT
expires: Sun, 27 Aug 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 460413
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size:   15344
Md5:    5d4aeb4e5f5ef754e307d7ffaef688bd
Sha1:   06db651cdf354c64a7383ea9c77024ef4fb4cef8
Sha256: 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
                                        
                                            GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.recaptcha.net
Connection: keep-alive
Referer: https://www.recaptcha.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Aug 2022 00:48:31 GMT
expires: Sat, 26 Aug 2023 00:48:31 GMT
cache-control: public, max-age=31536000
age: 589020
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Size:   15552
Md5:    285467176f7fe6bb6a9c6873b3dad2cc
Sha1:   ea04e4ff5142ddd69307c183def721a160e0a64e
Sha256: 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2968
Cache-Control: 'max-age=158059'
Date: Thu, 01 Sep 2022 20:25:32 GMT
Last-Modified: Thu, 01 Sep 2022 19:36:04 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /6 HTTP/1.1 
Host: m.stripe.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2824
Origin: https://m.stripe.network
Connection: keep-alive
Referer: https://m.stripe.network/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         35.165.47.81
HTTP/2 200 OK
content-type: application/json;charset=utf-8
                                        
server: nginx
date: Thu, 01 Sep 2022 20:25:32 GMT
content-length: 156
set-cookie: m=bc823293-03c9-4655-b5ad-364649d115c1e08912;Expires=Sat, 31-Aug-2024 20:25:32 GMT;Secure;HttpOnly; SameSite=None
x-content-type-options: nosniff
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
strict-transport-security: max-age=31556926; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   156
Md5:    848a783d68f660e5f6ddf5beac62bf77
Sha1:   36db1dfe08fd4d2c5b0ea309a747c3037b57638f
Sha256: 256632a078c4d9035a7ffeef10ff987c3cebd7af81ae4ac5fdfe742c5bd2448d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79bea3b3-c558-48ed-979e-3282a56393da.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8550
x-amzn-requestid: 6a3fd299-a5ef-4069-b686-74356344d6d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XikiaFbaoAMFyaQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630a8142-1b7fe4644a7045ff0284c401;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 20:40:34 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: -XnfcwJdAT4GvO2JAT-tQLma4lZ9ubwi_MonWPUQZHDx-giA-rElRQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 18:08:09 GMT
age: 8248
etag: "456dbbf8f3dfcfd63aab4201a04efd20262b9385"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8550
Md5:    0773269fad1678055c52b480b9e87750
Sha1:   456dbbf8f3dfcfd63aab4201a04efd20262b9385
Sha256: 6a65d7520e705c6c20ef97254ed1d6116daca506258368292c58f5f728987191
                                        
                                            GET /css/sites.css?buildTime=1660262238 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fundfc.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
last-modified: Thu, 25 Aug 2022 21:16:22 GMT
etag: W/"6307e6a6-347ac"
expires: Thu, 08 Sep 2022 23:59:36 GMT
cache-control: max-age=1209600
x-host: blu30.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 01 Sep 2022 20:25:29 GMT
age: 591952
x-served-by: cache-sjc10049-SJC, cache-bma1647-BMA
x-cache: HIT, HIT
x-cache-hits: 4, 3
x-timer: S1662063929.252018,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 29746
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /js/site/main-customer-accounts-site.js?buildTime=1660262238 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fundfc.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
last-modified: Mon, 22 Aug 2022 20:43:39 GMT
etag: "6303ea7b-82588"
expires: Tue, 06 Sep 2022 08:15:07 GMT
cache-control: max-age=1209600
x-host: blu127.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 01 Sep 2022 20:25:29 GMT
age: 821422
x-served-by: cache-sjc10038-SJC, cache-bma1647-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1662063929.216865,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 159020
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /css?family=Lora:400,700,400italic,700italic&subset=latin,latin-ext HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fundfc.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 01 Sep 2022 20:25:29 GMT
date: Thu, 01 Sep 2022 20:25:29 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            POST /cdn-cgi/rum? HTTP/1.1 
Host: donorbox.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://donorbox.org/embed/fundfc?default_interval=null&hide_donation_meter=true
content-type: application/json
Content-Length: 8124
Origin: https://donorbox.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.22.51.249
HTTP/2 200 OK
content-type: text/plain
                                        
date: Thu, 01 Sep 2022 20:25:31 GMT
access-control-allow-origin: https://donorbox.org
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 7440bc566db00b06-OSL
x-frame-options: DENY
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 HTTP/1.1 
Host: static.cloudflareinsights.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://donorbox.org/
Origin: https://donorbox.org
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.47.230
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
                                        
date: Thu, 01 Sep 2022 20:25:30 GMT
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2021.12.0
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 7440bc501f6e0b55-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css?family=Roboto:400,300,300italic,700,400italic,700italic&subset=latin,latin-ext HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fundfc.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 01 Sep 2022 20:25:29 GMT
date: Thu, 01 Sep 2022 20:25:29 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css?family=Droid+Sans:400,700&subset=latin,latin-ext HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fundfc.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 01 Sep 2022 20:25:29 GMT
date: Thu, 01 Sep 2022 20:25:29 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /embed/fundfc?default_interval=null&hide_donation_meter=true HTTP/1.1 
Host: donorbox.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fundfc.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.22.51.249
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
date: Thu, 01 Sep 2022 20:25:30 GMT
cf-ray: 7440bc4b688e0b06-OSL
cache-control: max-age=0, public, must-revalidate, s-maxage=10800
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept, Accept-Language, Accept-Encoding
via: 1.1 vegur
cf-cache-status: MISS
p3p: CP="ALL DSP COR CURa ADMa DEVa OUR IND COM NAV"
permissions-policy: speaker-selection=(),ambient-light-sensor=(),magnetometer=(),display-capture=(),midi=()
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-dbox-cache-lang: en-US,en;q=0.5
x-dbox-cache-url: https://donorbox.org/embed/fundfc?default_interval=null&hide_donation_meter=true&cf_cache_lang=en
x-download-options: noopen
x-frame-options: ALLOWALL
x-permitted-cross-domain-policies: none
x-protected-by: Sqreen
x-request-id: e0bca5ab-93d8-4afc-8451-110f3c643b28
x-runtime: 0.054522
x-xss-protection: 1; mode=block
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---