secure.cheofoundation.com
Open in
urlscan Pro
216.235.194.126
Public Scan
Submitted URL: http://support.cheofoundation.com/site/R?i=xf2f9lSBuZmBNB3iYS-OSrRN2hEr54WSbfaGehEE-iKKx1F9xYJ_kw
Effective URL: https://secure.cheofoundation.com/site/Donation2;jsessionid=00000000.app20121b?idb=158832805&1640.donation=form1&df_id=1640&mfc_pr...
Submission: On April 25 via api from SE — Scanned from SE
Effective URL: https://secure.cheofoundation.com/site/Donation2;jsessionid=00000000.app20121b?idb=158832805&1640.donation=form1&df_id=1640&mfc_pr...
Submission: On April 25 via api from SE — Scanned from SE
Summary
This website contacted 7 IPs
in 2 countries
across 9 domains to perform 50 HTTP transactions.
The main IP is 216.235.194.126, located in
United States and
belongs to BLACKBAUD-ASN, US.
The main domain is secure.cheofoundation.com.
TLS certificate: Issued by GeoTrust TLS RSA CA G1 on October 21st 2021. Valid for: a year.
This is the only time secure.cheofoundation.com was scanned on urlscan.io!
TLS certificate: Issued by GeoTrust TLS RSA CA G1 on October 21st 2021. Valid for: a year.
This is the only time secure.cheofoundation.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 3 39 | 216.235.194.126 216.235.194.126 | 15148 (BLACKBAUD...) (BLACKBAUD-ASN) | |
| 4 | 104.18.10.207 104.18.10.207 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 | 142.250.185.202 142.250.185.202 | 15169 (GOOGLE) (GOOGLE) | |
| 4 | 23.96.109.67 23.96.109.67 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 1 | 142.250.185.74 142.250.185.74 | 15169 (GOOGLE) (GOOGLE) | |
| 1 2 | 142.250.185.232 142.250.185.232 | 15169 (GOOGLE) (GOOGLE) | |
| 3 | 142.250.185.99 142.250.185.99 | 15169 (GOOGLE) (GOOGLE) | |
| 1 1 | 64.233.166.154 64.233.166.154 | 15169 (GOOGLE) (GOOGLE) | |
| 1 1 | 172.217.23.100 172.217.23.100 | 15169 (GOOGLE) (GOOGLE) | |
| 50 | 7 |
39
216.235.194.126
(United States)
ASN15148 (BLACKBAUD-ASN, US)
ASN15148 (BLACKBAUD-ASN, US)
| support.cheofoundation.com | |
| secure.cheofoundation.com |
1
142.250.185.202
(United States)
ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f10.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f10.1e100.net
| fonts.googleapis.com |
4
23.96.109.67
(Tappahannock, United States)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| doublethedonation.com |
1
142.250.185.74
(United States)
ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f10.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f10.1e100.net
| ajax.googleapis.com |
2
142.250.185.232
(United States)
ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f8.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f8.1e100.net
| ssl.google-analytics.com |
3
142.250.185.99
(United States)
ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net
| fonts.gstatic.com | |
| www.google.se |
1
64.233.166.154
(United States)
ASN15169 (GOOGLE, US)
PTR: wm-in-f154.1e100.net
ASN15169 (GOOGLE, US)
PTR: wm-in-f154.1e100.net
| stats.g.doubleclick.net |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 39 |
cheofoundation.com
3 redirects
support.cheofoundation.com secure.cheofoundation.com |
1 MB |
| 4 |
doublethedonation.com
doublethedonation.com — Cisco Umbrella Rank: 65322 |
110 KB |
| 4 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 640 |
102 KB |
| 2 |
gstatic.com
fonts.gstatic.com |
60 KB |
| 2 |
google-analytics.com
1 redirects
ssl.google-analytics.com — Cisco Umbrella Rank: 269 |
17 KB |
| 2 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 39 ajax.googleapis.com — Cisco Umbrella Rank: 271 |
32 KB |
| 1 |
google.se
www.google.se — Cisco Umbrella Rank: 25949 |
501 B |
| 1 |
google.com
1 redirects
www.google.com — Cisco Umbrella Rank: 2 |
577 B |
| 1 |
doubleclick.net
1 redirects
stats.g.doubleclick.net — Cisco Umbrella Rank: 80 |
472 B |
| 50 | 9 |
| Domain | Requested by | |
|---|---|---|
| 37 | secure.cheofoundation.com |
1 redirects
secure.cheofoundation.com
|
| 4 | doublethedonation.com |
secure.cheofoundation.com
doublethedonation.com |
| 4 | maxcdn.bootstrapcdn.com |
secure.cheofoundation.com
maxcdn.bootstrapcdn.com |
| 2 | fonts.gstatic.com |
fonts.googleapis.com
|
| 2 | ssl.google-analytics.com |
1 redirects
secure.cheofoundation.com
|
| 2 | support.cheofoundation.com | 2 redirects |
| 1 | www.google.se |
secure.cheofoundation.com
|
| 1 | www.google.com | 1 redirects |
| 1 | stats.g.doubleclick.net | 1 redirects |
| 1 | ajax.googleapis.com |
secure.cheofoundation.com
|
| 1 | fonts.googleapis.com |
secure.cheofoundation.com
|
| 50 | 11 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| cheofoundation.com |
| help.convio.net |
| www.facebook.com |
| twitter.com |
| www.instagram.com |
| www.youtube.com |
| www.linkedin.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| secure.cheofoundation.com GeoTrust TLS RSA CA G1 |
2021-10-21 - 2022-10-21 |
a year | crt.sh |
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-01-29 - 2023-01-29 |
a year | crt.sh |
| upload.video.google.com GTS CA 1C3 |
2022-04-11 - 2022-07-04 |
3 months | crt.sh |
| doublethedonation.com Sectigo ECC Domain Validation Secure Server CA |
2020-04-09 - 2022-07-12 |
2 years | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2022-04-11 - 2022-07-04 |
3 months | crt.sh |
| *.gstatic.com GTS CA 1C3 |
2022-04-11 - 2022-07-04 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://secure.cheofoundation.com/site/Donation2;jsessionid=00000000.app20121b?idb=158832805&1640.donation=form1&df_id=1640&mfc_pref=T&NONCE_TOKEN=0AFD40E513524B121A9BD16D166E3151&s_src=email&autologin=true&idb=0&AddInterest=1044
Frame ID: 79982396E78FB26853534FDACBAA587E
Requests: 50 HTTP requests in this frame
Screenshot
Page Title
Spring Direct Mail - CHEO FoundationPage URL History Show full URLs
-
http://support.cheofoundation.com/site/R?i=xf2f9lSBuZmBNB3iYS-OSrRN2hEr54WSbfaGehEE-iKKx1F9xYJ_kw
HTTP 302
http://support.cheofoundation.com/site/Donation2?idb=0&df_id=1640&1640.donation=root&mfc_pref=T&autologin=true... HTTP 302
https://secure.cheofoundation.com/site/Donation2;jsessionid=00000000.app20121b?idb=0&df_id=1640&1640.donation=... HTTP 302
https://secure.cheofoundation.com/site/Donation2;jsessionid=00000000.app20121b?idb=158832805&1640.donation=for... Page URL
Detected technologies
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Blackbaud Luminate Online
(Payment processors)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /site/Donation2?.*df_id=
- js/convio/modules\.js
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Font API
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
YUI
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- (?:/yui/|yui\.yahooapis\.com)
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery UI
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery-ui[.-]([\d.]*\d)[^/]*\.js
- jquery-ui.*\.js
Page Statistics
7 Outgoing links
These are links going to different origins than the main page.
URL: https://cheofoundation.com/
Search URL Search Domain Scan URL
URL: http://help.convio.net/site/PageServer?s_site=chfon&pagename=user_donation_cvv
Title: What is this?
Title: What is this?
Search URL Search Domain Scan URL
URL: https://www.facebook.com/CHEOkids/
Search URL Search Domain Scan URL
URL: https://twitter.com/CHEO
Search URL Search Domain Scan URL
URL: https://www.instagram.com/cheohospital/?hl=en
Search URL Search Domain Scan URL
URL: https://www.youtube.com/user/CHEOvideos
Search URL Search Domain Scan URL
URL: https://www.linkedin.com/company/cheo-ottawa/
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://support.cheofoundation.com/site/R?i=xf2f9lSBuZmBNB3iYS-OSrRN2hEr54WSbfaGehEE-iKKx1F9xYJ_kw
HTTP 302
http://support.cheofoundation.com/site/Donation2?idb=0&df_id=1640&1640.donation=root&mfc_pref=T&autologin=true&AddInterest=1044&s_src=email HTTP 302
https://secure.cheofoundation.com/site/Donation2;jsessionid=00000000.app20121b?idb=0&df_id=1640&1640.donation=root&mfc_pref=T&autologin=true&AddInterest=1044&s_src=email&NONCE_TOKEN=B9A4B9175D21089BD4F4356419B6E11D HTTP 302
https://secure.cheofoundation.com/site/Donation2;jsessionid=00000000.app20121b?idb=158832805&1640.donation=form1&df_id=1640&mfc_pref=T&NONCE_TOKEN=0AFD40E513524B121A9BD16D166E3151&s_src=email&autologin=true&idb=0&AddInterest=1044 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 39- https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=659569724&utmhn=secure.cheofoundation.com&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Spring%20Direct%20Mail%20-%20CHEO%20Foundation&utmhid=1968860572&utmr=-&utmp=%2Ffunnel%2FDonation2%2FSpring%2520Direct%2520Mail%2520-%2520One%2520Time%2Fform1&utmht=1650890782675&utmac=UA-87954891-1&utmcc=__utma%3D1.636740002.1650890783.1650890783.1650890783.1%3B%2B__utmz%3D1.1650890783.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1276633128&utmredir=1&utmu=qhCAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-87954891-1&cid=636740002.1650890783&jid=1276633128&_v=5.7.2&z=659569724 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-87954891-1&cid=636740002.1650890783&jid=1276633128&_v=5.7.2&z=659569724 HTTP 302
- https://www.google.se/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-87954891-1&cid=636740002.1650890783&jid=1276633128&_v=5.7.2&z=659569724&slf_rd=1&random=1237194465
50 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
Donation2;jsessionid=00000000.app20121b
secure.cheofoundation.com/site/ Redirect Chain
|
143 KB 26 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
yui-min.js
secure.cheofoundation.com/yui3/yui/ |
15 KB 15 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
modules.js
secure.cheofoundation.com/js/convio/ |
15 KB 15 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
utils.js
secure.cheofoundation.com/js/ |
32 KB 32 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
obs_comp_rollup.js
secure.cheofoundation.com/js/ |
10 KB 11 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
default.css
secure.cheofoundation.com/css/themes/ |
4 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
alphacube.css
secure.cheofoundation.com/css/themes/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
UserGlobalStyle.css
secure.cheofoundation.com/css/ |
51 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ResponsiveBase.css
secure.cheofoundation.com/css/responsive/ |
15 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
DonFormResponsive.css
secure.cheofoundation.com/css/responsive/ |
33 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
FormComponentsBehavior.css
secure.cheofoundation.com/css/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
FormComponentsBehavior.js
secure.cheofoundation.com/js/ |
14 KB 15 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
don_level_elements.js
secure.cheofoundation.com/js/ |
4 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
don_premium_elements.js
secure.cheofoundation.com/js/ |
11 KB 11 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
donations2.js
secure.cheofoundation.com/js/ |
6 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
CustomStyle.css
secure.cheofoundation.com/css/ |
1 KB 974 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
CustomWysiwygStyle.css
secure.cheofoundation.com/css/ |
239 B 506 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/ |
118 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ |
27 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css2
fonts.googleapis.com/ |
34 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cheo_foundation_logo_df.png
secure.cheofoundation.com/images/content/pagebuilder/ |
26 KB 27 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
CP_Logo_RGB.png
secure.cheofoundation.com/images/content/pagebuilder/ |
15 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
heartmonthbanner11295.jpg
secure.cheofoundation.com/images/content/pagebuilder/ |
78 KB 79 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
required.png
secure.cheofoundation.com/images/ |
360 B 672 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
up-arrow.png
secure.cheofoundation.com/images/content/pagebuilder/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
layout_thumbnail_1224.1958030813.custom.jpg
secure.cheofoundation.com/images/stationery/ |
2 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
layout_thumbnail_1241.321316465.custom.jpg
secure.cheofoundation.com/images/stationery/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
layout_thumbnail_1222.2020519779.custom.jpg
secure.cheofoundation.com/images/stationery/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ddplugin.js
doublethedonation.com/api/js/ |
421 KB 89 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ddplugin.css
doublethedonation.com/api/css/ |
153 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
amex_small.gif
secure.cheofoundation.com/images/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
mastercd_small.gif
secure.cheofoundation.com/images/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
visa_small.gif
secure.cheofoundation.com/images/ |
2 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.0/ |
84 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/ |
36 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ga.js
ssl.google-analytics.com/ |
45 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
background-1640.jpg
secure.cheofoundation.com/images/content/pagebuilder/ |
449 KB 449 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ |
44 KB 44 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
UqyNK9UOIntux_czAvDQx_ZcHqZXBNQzdcD5.woff2
fonts.gstatic.com/s/shadowsintolight/v14/ |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
loader-min.js
secure.cheofoundation.com/yui3/loader/ |
15 KB 15 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ga-audiences
www.google.se/ads/ Redirect Chain
|
42 B 501 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
logging.js
secure.cheofoundation.com/js/convio/ |
656 B 982 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-detect-existing.js
secure.cheofoundation.com/jquery/ |
532 B 858 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
embed-script-heartbeat
doublethedonation.com/api/360matchpro/v1/ |
0 184 B |
XHR
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/ |
65 KB 66 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-1.6.4.min.js
secure.cheofoundation.com/jquery/ |
130 KB 131 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
plugin_settings
doublethedonation.com/api/v1/ |
379 B 408 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
AjaxHelper;jsessionid=00000000.app20121b
secure.cheofoundation.com/site/ |
126 KB 25 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-noconflict.js
secure.cheofoundation.com/jquery/ |
1 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-ui-1.8.16.custom.min.js
secure.cheofoundation.com/jquery/plugins/ui/ |
206 KB 206 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
317 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails function| YUI function| getModules object| Y function| emptyFunction function| toFunction function| remapConsoleFunctions object| Utils object| UtilsConstants function| addOnLoadHandler function| getObj function| MM_swapImgRestore function| MM_preloadImages function| MM_findObj function| MM_swapImage function| MM_openBrWindow function| appendToUrl function| addHiddenInput function| CurrencyContext object| utils_currencyContext function| setCurrencyContext function| parseCurrency function| formatCurrency function| getCurrencyScalingFactor string| utils_digits function| parseIntStrict function| getSelOptionObject function| getOptionSelection function| addOptionToSelect function| deselectOption function| changeLinksToStayInPopup function| link_submit_redirect function| findContainingLink function| DlgMgr object| DialogManager function| openModelessDialog function| reloadWindow function| isNS function| isIE function| closeWin function| set_display function| disable_edit function| removeChildren function| getElementText function| setElementText function| set_visible function| show_block_element function| show_element function| hide_element function| parse_boolean function| disable_element function| reset_element function| get_input_default_value function| get_input_value function| get_option_value function| is_text_field function| set_input_value function| get_which_radio function| subclass function| getAncestor function| getAncestorByClass function| findAllOfClass function| isOfClass function| filterByClass function| cv_show_help function| cv_new_win_from_link function| cv_new_win function| cv_win_focus function| cv_should_handle function| cv_popup_from_link_handler function| cv_new_win_from_link_handler function| cv_new_win_handler function| cv_help_link_handler function| enable_help_links function| cv_show_preview function| cv_preview_link_handler function| cv_launch_window_on_load function| enable_preview_links function| URLEncode function| URLEncodeParamValue function| decToHex function| reversal function| isUrlOK function| SetChecked function| limitArea number| WCAGState function| keepAlive function| forceKeepAlive function| formatTime undefined| keepAliveDialog undefined| keepAliveTimer function| initKeepAliveDialog function| showTimingOutDialog function| showTimedOutDialog function| showKeepAliveDialog function| keepAlivePoll function| keepAlive2 function| forceKeepAlive2 boolean| _submitOnce function| submitOnce function| submitEnter function| copy_to_clip function| choiceSelected function| ds_merge_field function| ds_merge_direct_field function| ds_merge_date_field function| MergeCompositeObserver function| trim function| isArray function| showLightbox function| hideLightbox function| resizeBgDiv function| preEnhance function| postEnhance function| toTitleCase function| enhanceDomToPostLatin1EncodedData function| CList function| CCallWrapper function| CSimpleObservable object| oc_components function| ObservableComponent function| ObservableRadioComponent function| ObservableGridComponent function| get_observable_component function| fire_obs_comp_event function| observe_component function| filter_values_equal function| ComponentEnabler function| ComponentDisabler function| ComponentDisplayer function| ObservableComponentEvent string| FC_ROW_CLASS string| FC_INPUT_CLASS string| FC_EDIT_BUTTON_CLASS string| FC_MSG_ROW_CLASS string| FC_MESSAGE_ICON_CLASS string| FC_ERROR_TEXT_CLASS string| FC_INFO_TEXT_CLASS string| FC_WARN_TEXT_CLASS string| FC_REQUIRED_CLASS string| FC_LABEL_TEXT_CLASS object| fc_globalMessages undefined| fc_edit_component_fn function| FormComponent function| fc_setEditComponentFn function| FCGlobalMessages function| fc_setGlobalMessages function| fc_registerComponent function| fc_hideChildren function| fc_setMessageDisplay function| fc_editComponent function| fc_showInformational function| fc_handle_enter_key function| fc_button_purpose function| fc_showInfosRequired function| showCheckboxInfosRequired function| fc_showInfosNotRequired function| fc_getFormRow function| fc_getPeerByClass function| fc_getChildByClass function| fc_getElementText function| fc_getAbsolutePosition function| fc_getFieldLabel function| fc_getFieldInfoText function| fc_showIcon function| fc_makeInfoMsgImg function| fc_makeWarningMsgImg function| fc_makeSpacerImg function| fc_initMsgContainers function| fc_getOrMakeChildDiv function| fc_getInfoMsgContainer function| fc_getInfoImgContainer function| fc_getWarnMsgContainer function| fc_getWarnImgContainer function| fc_getErrorMsgContainer function| fc_getErrorImgContainer function| fc_getContainer function| fc_showWarningMessage function| fc_hideInitialMessage function| fc_hideWarningMessage function| fc_updateWarningDisplay function| fc_isEmptyField function| fc_hideInfoMsg function| fc_hideWarnMsg function| fc_hideErrorMsg function| fc_copyChildren function| fc_addTablePadding function| fc_isMacIE function| FCDynamicMessageInfo function| fc_setDimensions function| fc_showHTMLBlock function| fc_showOtherMessage function| fc_activateEditButtons function| fc_activateFormInputs function| fc_activateInputs function| fc_init object| dl_levelInfos undefined| dl_obs_comp undefined| dl_other_amt_obs_comp function| dl_observeLevelChange function| dl_observeOtherAmountChange function| dl_LevelInfo function| dl_addLevelInfo function| dl_OtherAmountLevelInfo function| dl_addOtherAmountLevelInfo function| dl_findLabel function| dl_setAccessibleMessages function| dl_showLevelMessage function| dl_levelFocused function| dl_levelSelected function| dl_levelBlur function| dl_checkInitialLevel function| dl_initLevelInfo function| dl_findLevelAsk function| dl_onload boolean| dl_init_begun function| dl_init_callback function| dl_init string| DON_PS_PREM_SELECT_LIST_CLASS string| DON_PS_PREM_RADIO_BUTTON_CLASS string| DON_PS_PREM_NONE_AVAIL_ROW_ID string| DON_PS_PREM_AVAIL_FOR_USER_SPECIFIED_AMT_ROW_ID number| DON_PS_NO_SELECTION_PREM_PRODUCT_ID number| DON_PS_PREM_AVAIL_FOR_USER_SPECIFIED_AMT_PRODUCT_ID object| don_ps_premiumInfos object| don_ps_radio_buttons boolean| don_ps_searched_for_radios undefined| don_ps_select_list undefined| don_ps_select_list_clone boolean| don_ps_searched_for_select object| don_premium_map object| don_ps_value_map number| don_ps_level_id number| don_ps_user_specified_level_id number| don_ps_user_specified_value function| DonLevelPremiums function| don_ps_map_premium_to_level function| don_ps_getHighestDonLevelPremiums function| don_ps_set_selected_level_id function| don_ps_set_user_specified_level function| don_ps_set_user_specified_value function| don_ps_getRadioButtons function| don_ps_getSelectList function| don_ps_getOrigSelectList function| don_ps_reset_select_list function| don_ps_filter_by_level function| don_ps_filter_by_string_value function| don_ps_filter_by_value function| don_ps_filter_radios_by_level function| don_ps_hide_or_show_premium_radio function| don_ps_filter_select_by_level function| don_ps_hide_or_show_premium_option function| removeOptionElement function| don_ps_PremiumInfo function| don_ps_addPremiumInfo function| don_ps_findPremiumInfoDiv function| don_ps_findPremiumInfoDivs function| don_ps_get_premium_id function| don_ps_showPremiumMessage function| don_ps_configSelected function| don_ps_premiumSelected function| don_ps_initPremiumInfo function| don_ps_checkInitial function| don_ps_simulateSelection number| timerID function| don_ps_queue_filter_by_string_value function| don_ps_dequeue_filter_by_value function| don_ps_immediate_filter_by_value function| don_ps_LevelChangeObserver function| don_ps_OtherAmountChangeObserver function| don_ps_init function| Address function| AddressComponents function| DonAddressCopier function| Name function| NameComponents function| DonNameCopier function| Email function| EmailComponents function| DonEmailCopier function| Phone function| PhoneComponents function| DonPhoneCopier object| _gaq function| reloadPage function| testAjax function| updateDonorCoverAmount function| evalMatchingGift object| comp function| tribute_type_listChanged object| el function| tribute_notify_recip_state_listChanged function| donor_addr_state_listChanged function| donor_addr_country_listChanged object| _gat object| gaGlobal object| cvLogger object| shadow$provide object| closure_lm_285349 object| doublethedonation object| DDCONF function| billing_addr_state_listChanged function| billing_addr_country_listChanged object| comp1 object| comp2 function| PaymentObserver boolean| submitted function| checkDoubleClick function| $ function| jQuery boolean| foundNonStandardJQuery string| nonStandardJQueryVersion function| DP_jQuery_1650890784192 undefined| desc14 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| secure.cheofoundation.com/site/AnonymousLogin | Name: JSESSIONID Value: 2A2FA2839889340F248804345F79A718.app20121b |
|
| secure.cheofoundation.com/site/CRDonationAPI | Name: JSESSIONID Value: 2A2FA2839889340F248804345F79A718.app20121b |
|
| secure.cheofoundation.com/site/CRConsAPI | Name: JSESSIONID Value: 2A2FA2839889340F248804345F79A718.app20121b |
|
| secure.cheofoundation.com/site/CrmRest | Name: JSESSIONID Value: 2A2FA2839889340F248804345F79A718.app20121b |
|
| secure.cheofoundation.com/site/ | Name: JSESSIONID Value: 2A2FA2839889340F248804345F79A718.app20121b |
|
| support.cheofoundation.com/ | Name: JSESSIONID Value: 2A2FA2839889340F248804345F79A718.app20121b |
|
| support.cheofoundation.com/ | Name: redirector_cookie Value: 629208529: |
|
| support.cheofoundation.com/ | Name: ADRUM_BTa Value: R:0|g:02fda7fd-8bb9-4bd7-b363-c2bb56f1668d|n:blackbaud2_6dc0b052-be8b-4220-8cef-3caf73889ed1 |
|
| support.cheofoundation.com/ | Name: ADRUM_BT1 Value: R:0|i:94017|e:29 |
|
| secure.cheofoundation.com/ | Name: __utma Value: 1.636740002.1650890783.1650890783.1650890783.1 |
|
| secure.cheofoundation.com/ | Name: __utmc Value: 1 |
|
| secure.cheofoundation.com/ | Name: __utmz Value: 1.1650890783.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none) |
|
| secure.cheofoundation.com/ | Name: __utmt Value: 1 |
|
| secure.cheofoundation.com/ | Name: __utmb Value: 1.1.10.1650890783 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Content-Security-Policy | frame-ancestors 'self' *.facebook.com *.salesforce.com *.convio.net *.google.com *.force.com facebook.com salesforce.com convio.net google.com force.com; report-uri https://secure.cheofoundation.com/site/XFrameViolation |
| X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
doublethedonation.com
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
secure.cheofoundation.com
ssl.google-analytics.com
stats.g.doubleclick.net
support.cheofoundation.com
www.google.com
www.google.se
104.18.10.207
142.250.185.202
142.250.185.232
142.250.185.74
142.250.185.99
172.217.23.100
216.235.194.126
23.96.109.67
64.233.166.154
00f5dd181885d595e4f6d530573151cbf77b1e7a4e496ae1328f420ad5d3eed1
0564fc6fb9e76ae43726619fded5366d22d698a63f585e1177957d2324850f57
0ffe23019a5966c6be22cdae62b4eb2d7fcdf994b729cd5f7b96bfd8a03cfac3
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
135ae3e7f5e9b6c501a48f208ab55f701c066f5543fc4d7d64ef766cc722fae9
2344bf11d8936ea401e4024d5e8f2060095264d179d34ee2388c6832c603ea27
2498c027559c4ae9a920e18e30031193148983e7ea195416d62c5d0ea2eaa3ac
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
31b47b27a22be9e40b0eceb623ffe26cb1d64e40507ee043939506942148b582
34d4b0d52609d6fe3b7a0b1ade615a14d99b59b85c35a078c7839e33695a893b
3e9a2e6b6c897c92108079df6223ce7644b47392b13885794d2ec5919500df65
4edb816a596f9a4a768c41f9f21b5b2bcfb74f80f913a7f40b899c2d05ec1719
5156ac03ccc24181bbf668be4e81961579b0fe51034233454e47077aec2e29af
53380404709f3d3e845a1e33be4d4e0bac1a77845e10f68111ffb474a4bf0961
56fb1bf075613aa1e61d6cf81fe7ae08d45fe7a16689d118bfa06e17600ac4cc
5a7da38c8fe525b5906333959ef8e7741d5613721cd61f1a7dc608e77f31a1d6
619726d2407ab5b265b169f0dd09285b5c4a492ae72c3638e073d57caf65b9da
63ed18ad1d3a7386c599f3ea93fcbbfcb1bef440fc6d3e5abe0c383c3fbde953
674cd503faf64c54d7ee61f351edf3eaf0c6dae1e7a4e6be46b858e610047018
69bffd1a8ad326cbe635c1aa4501526b180044052ff34fe3c407763bc90e0930
70c6153c446ec4fd067ed43a8544da1c3b5db57554f864c85d380cca95126730
7160204b75c30da32f1bc2f5bef93bebea43302523bba0a5c32a5dd2e995fe75
789ea3db44dd9c89c8283ed3693b61d5ee77486d451704e6aad5a0db0eab590f
7a3128e46723c7678baf654887c20e4988feee55464261e7096fe3cb20ce0f3f
883d960ce1c77e0135036935fad3f9cd9ea6203c79286af3e2a801a75fdaa123
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8f7f2e9fdf93b584b7ddbe21ae1d3c85de8d310bf87d210f8f1bc88af1857fcd
931bf6ce88f5237d3795bca1fcfb831181a75de7add4b03e6e7b17b3c79a8ca4
94ed7cb8ed1e55ce0f92402e844aa992bc13ca32ea6980da3819a85f5acc5270
957f312f39ed8ba93485141af5af501f1d2b7b372433d8ac77b0923a5c584204
968b35aedd60a141c8fae53a365ee4468cce4b3ef127a2209f3a5ff942ae5f7e
9949830afb880a5b2473a3638a93f29952c71695d3190e35af43e8b75c989607
9cdd1eae85ce614b8b8ae27bd5d03dc82f0fe2e9ed1f39bd48975c9e9e52993b
9d70c065686ca9d9a64dc68489bf7e1e2ae44cc5247bc0c1e77c93ed42e6f560
aa095c1b39b9a80b9847de7118da49affeeed83f3ef5d154759d0ee9471392a1
aa432c05daee8749817b34c7d407845c3132dbb52fe62bb15f8d745cdb869134
adae8181e3273af1702575e59e9c29b34eedf74943cdde9758a4ccf8e39c5641
b40b8ac506f774221299db6e27efd7e2ff9bd2793bdbe3f8211f6ba0ecff62d9
c6692607384f0b261f38edee88dc75ee817827d26aecc4ae765ada9aa92dd36b
db4bb1e314a04c52d8ad52c3a66ce793a012910e88d90295767ec52d75a4d72f
dd5d6ad0753422b193694e8743fe96884e3903c0d60f59b5ef2dcd17fe4e5a52
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
dddb90184d87f59b1a025fa9b460ef0b25fbaa3ea192a83d31535dbb20ec10ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fe59a65a5a28038ecf82cce9653807715cfc33aad5f24986056157a0be96d1ad
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
fff2b203f1c1fdebdaa53bff73c70053a84efac7b7cb646c1602cf323a0efe1e