HTTP/1.1 200 OK
Transfer-Encoding: chunked
Connection: close
Server: GlobaLeaks
Date: Sat, 10 Jan 2026 02:58:42 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Onion-Location: http://4shoplmlv7c26nh3toy2s65l64zv6msow4edavzn4xbhvkh3cfz3csyd.onion/index.html
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Content-Security-Policy: base-uri 'none';connect-src 'self';default-src 'none';font-src 'self';form-action 'none';frame-ancestors 'none';frame-src 'self';img-src 'self';media-src 'self';script-src 'self';style-src 'self' 'nonce-dOMkp3DfmdWiiOEIQhqzlA==';trusted-types angular angular#bundler dompurify default;require-trusted-types-for 'script';report-to csp-endpoint
Reporting-Endpoints: csp-endpoint="/api/report"
Permissions-Policy: accelerometer=(),ambient-light-sensor=(),bluetooth=(),camera=(),clipboard-read=(),clipboard-write=(self),document-domain=(),display-capture=(),fullscreen=(),geolocation=(),gyroscope=(),idle-detection=(self),keyboard-map=(),local-fonts=(),magnetometer=(),microphone=(self),midi=(),notifications=(),payment=(),push=(),screen-wake-lock=(),serial=(),speaker-selection=(),usb=(),web-share=(),xr-spatial-tracking=()
X-Content-Type-Options: nosniff
Cache-Control: no-store
Referrer-Policy: no-referrer
X-Robots-Tag: noarchive
X-Check-Tor: False
Content-Type: text/html
Set-Cookie: visid_incap_3095621=nzPk/eN0Ro2Z7AH1e/+6DmHAYWkAAAAAQUIPAAAAAABFXBkGscOHCiE52k1lJ+aJ; expires=Sat, 09 Jan 2027 22:15:31 GMT; HttpOnly; path=/; Domain=.ysl.com
Set-Cookie: incap_ses_536_3095621=1k9DZFxVnF6U2slxj0FwB2HAYWkAAAAA15g2dBxSGc/rIAjuOsYwBQ==; path=/; Domain=.ysl.com
X-CDN: Imperva
X-Iinfo: 10-1539669-1539672 NNNN CT(2 5 0) RT(1768013922077 6) q(0 0 0 1) r(0 0) U12


<!doctype html>
<html lang="en" dir="lrt" class="h-100">

<head>
  <meta charset="utf-8">
  <meta name="viewport" content="width=device-width, initial-scale=1">
  <meta name="description" content="Secure whistleblowing platform based on GlobaLeaks free and open-source software.">
  <link rel="icon" id="favicon" type="image/x-icon" href="s/favicon">
<link rel="stylesheet" href="css/styles.css"></head>

<body>

<app-root ngcspnonce="dOMkp3DfmdWiiOEIQhqzlA=="></app-root>

<noscript>
  <div id="JavaScriptDisabled">
    <h1>Error!</h1><br/><br/>
    <div>This whistleblowing site is built with <a href="https://www.globaleaks.org" target="_blank">GlobaLeaks</a> that is a modern secure application that requires JavaScript.<br/><br/>While it is a common belief that JavaScript and security don't always work well together, we recommend using the <a href="https://www.torproject.org/download/" target="_blank">Tor Browser</a>, a browser specifically designed for enhanced security and privacy.</div>
  </div>
</noscript>
<script src="js/polyfills.js" type="module" nonce="dOMkp3DfmdWiiOEIQhqzlA=="></script><script src="js/main.js" type="module" nonce="dOMkp3DfmdWiiOEIQhqzlA=="></script><script type="text/javascript" src="/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=240915622" async></script></body>

</html>

HTTP/1.1 200 OK
Transfer-Encoding: chunked
Connection: close
Server: GlobaLeaks
Date: Sat, 10 Jan 2026 02:58:42 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Onion-Location: http://4shoplmlv7c26nh3toy2s65l64zv6msow4edavzn4xbhvkh3cfz3csyd.onion/index.html
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Content-Security-Policy: base-uri 'none';connect-src 'self';default-src 'none';font-src 'self';form-action 'none';frame-ancestors 'none';frame-src 'self';img-src 'self';media-src 'self';script-src 'self';style-src 'self' 'nonce-jtX+L3bLDEaVGfLri3xUGw==';trusted-types angular angular#bundler dompurify default;require-trusted-types-for 'script';report-to csp-endpoint
Reporting-Endpoints: csp-endpoint="/api/report"
Permissions-Policy: accelerometer=(),ambient-light-sensor=(),bluetooth=(),camera=(),clipboard-read=(),clipboard-write=(self),document-domain=(),display-capture=(),fullscreen=(),geolocation=(),gyroscope=(),idle-detection=(self),keyboard-map=(),local-fonts=(),magnetometer=(),microphone=(self),midi=(),notifications=(),payment=(),push=(),screen-wake-lock=(),serial=(),speaker-selection=(),usb=(),web-share=(),xr-spatial-tracking=()
X-Content-Type-Options: nosniff
Cache-Control: no-store
Referrer-Policy: no-referrer
X-Robots-Tag: noarchive
X-Check-Tor: False
Content-Type: text/html
Set-Cookie: visid_incap_3095621=zoBLgexWQeqJZguEROPar2HAYWkAAAAAQUIPAAAAAAAHQQ9kgqweTY2GrESfnq3k; expires=Sat, 09 Jan 2027 23:58:42 GMT; HttpOnly; path=/; Domain=.ysl.com
Set-Cookie: incap_ses_707_3095621=TcCYetheh2tPq84R28TPCWHAYWkAAAAALtNJ4mNczr24n2tGJE1bbg==; path=/; Domain=.ysl.com
X-CDN: Imperva
X-Iinfo: 58-300043908-300043929 NNNN CT(2 5 0) RT(1768013922042 3) q(0 1 1 31) r(1 1) U12


<!doctype html>
<html lang="en" dir="lrt" class="h-100">

<head>
  <meta charset="utf-8">
  <meta name="viewport" content="width=device-width, initial-scale=1">
  <meta name="description" content="Secure whistleblowing platform based on GlobaLeaks free and open-source software.">
  <link rel="icon" id="favicon" type="image/x-icon" href="s/favicon">
<link rel="stylesheet" href="css/styles.css"></head>

<body>

<app-root ngcspnonce="jtX+L3bLDEaVGfLri3xUGw=="></app-root>

<noscript>
  <div id="JavaScriptDisabled">
    <h1>Error!</h1><br/><br/>
    <div>This whistleblowing site is built with <a href="https://www.globaleaks.org" target="_blank">GlobaLeaks</a> that is a modern secure application that requires JavaScript.<br/><br/>While it is a common belief that JavaScript and security don't always work well together, we recommend using the <a href="https://www.torproject.org/download/" target="_blank">Tor Browser</a>, a browser specifically designed for enhanced security and privacy.</div>
  </div>
</noscript>
<script src="js/polyfills.js" type="module" nonce="jtX+L3bLDEaVGfLri3xUGw=="></script><script src="js/main.js" type="module" nonce="jtX+L3bLDEaVGfLri3xUGw=="></script><script type="text/javascript" src="/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=87899161" async></script></body>

</html>