secure.nrsc.org
Open in
urlscan Pro
2606:4700::6812:a460
Public Scan
Effective URL: https://secure.nrsc.org/donation_page/triple-match-3/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=2019...
Submission: On September 23 via manual from US
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on August 26th 2019. Valid for: 3 months.
This is the only time secure.nrsc.org was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 52.10.238.11 52.10.238.11 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
14 | 2606:4700::68... 2606:4700::6812:a460 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
3 | 104.109.64.186 104.109.64.186 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 | 2606:2800:234... 2606:2800:234:59:254c:406:2366:268c | 15133 (EDGECAST) (EDGECAST - MCI Communications Services) | |
1 | 2a00:1450:400... 2a00:1450:4001:817::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
8 | 2600:9000:20b... 2600:9000:20bb:d000:14:71e7:1f40:93a1 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
6 | 23.111.9.35 23.111.9.35 | 33438 (HIGHWINDS2) (HIGHWINDS2 - Highwinds Network Group) | |
2 | 2a00:1450:400... 2a00:1450:4001:819::2008 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 172.217.18.2 172.217.18.2 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 151.101.12.157 151.101.12.157 | 54113 (FASTLY) (FASTLY - Fastly) | |
2 | 2620:1ec:c11:... 2620:1ec:c11::200 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation) | |
1 | 2a00:1450:400... 2a00:1450:4001:806::2002 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 2 | 2a00:1450:400... 2a00:1450:4001:81e::2004 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 2a00:1450:400... 2a00:1450:4001:820::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 104.244.42.5 104.244.42.5 | 13414 (TWITTER) (TWITTER - Twitter Inc.) | |
7 | 2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
2 | 2a00:1288:f03... 2a00:1288:f03d:1fa::2000 | 10310 (YAHOO-1) (YAHOO-1 - Oath Holdings Inc.) | |
1 | 143.204.214.21 143.204.214.21 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 | 104.244.42.67 104.244.42.67 | 13414 (TWITTER) (TWITTER - Twitter Inc.) | |
2 | 35.186.226.184 35.186.226.184 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
4 | 2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
1 | 52.216.128.213 52.216.128.213 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
2 3 | 2a00:1450:400... 2a00:1450:4001:815::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 2 | 2a00:1450:400... 2a00:1450:400c:c09::9c | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
65 | 23 |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-10-238-11.us-west-2.compute.amazonaws.com
paracom.paramountcommunication.com |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
secure.nrsc.org |
ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-64-186.deploy.static.akamaitechnologies.com
use.typekit.net | |
p.typekit.net |
ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
platform.twitter.com |
ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
secure.victorypassport.com |
ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)
use.fontawesome.com |
ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s28-in-f2.1e100.net
www.googleadservices.com |
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
bat.bing.com |
ASN15169 (GOOGLE - Google LLC, US)
googleads.g.doubleclick.net |
ASN15169 (GOOGLE - Google LLC, US)
www.google.com |
ASN15169 (GOOGLE - Google LLC, US)
www.google.de |
ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net | |
staticxx.facebook.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-214-21.fra53.r.cloudfront.net
sc-static.net |
ASN15169 (GOOGLE - Google LLC, US)
PTR: 184.226.186.35.bc.googleusercontent.com
tr.snapchat.com |
ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com |
ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com |
ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net |
Domain | Requested by | |
---|---|---|
14 | secure.nrsc.org |
secure.nrsc.org
|
8 | secure.victorypassport.com |
secure.nrsc.org
secure.victorypassport.com |
6 | connect.facebook.net |
secure.nrsc.org
connect.facebook.net |
6 | use.fontawesome.com |
secure.nrsc.org
use.fontawesome.com |
4 | www.facebook.com |
secure.nrsc.org
www.googletagmanager.com |
3 | www.google-analytics.com |
2 redirects
secure.victorypassport.com
|
2 | stats.g.doubleclick.net |
1 redirects
secure.nrsc.org
|
2 | tr.snapchat.com |
www.googletagmanager.com
|
2 | s.yimg.com |
secure.nrsc.org
s.yimg.com |
2 | www.google.de |
secure.nrsc.org
|
2 | www.google.com |
1 redirects
secure.nrsc.org
|
2 | bat.bing.com |
www.googletagmanager.com
secure.nrsc.org |
2 | www.googletagmanager.com |
secure.nrsc.org
secure.victorypassport.com |
2 | platform.twitter.com |
secure.nrsc.org
platform.twitter.com |
2 | use.typekit.net |
secure.nrsc.org
use.typekit.net |
1 | s3.amazonaws.com |
secure.nrsc.org
|
1 | p.typekit.net |
secure.nrsc.org
|
1 | analytics.twitter.com |
static.ads-twitter.com
|
1 | sc-static.net |
secure.nrsc.org
|
1 | staticxx.facebook.com |
connect.facebook.net
|
1 | t.co |
secure.nrsc.org
|
1 | googleads.g.doubleclick.net |
www.googleadservices.com
|
1 | static.ads-twitter.com |
www.googletagmanager.com
|
1 | www.googleadservices.com |
www.googletagmanager.com
|
1 | fonts.googleapis.com |
secure.nrsc.org
|
1 | paracom.paramountcommunication.com | 1 redirects |
65 | 26 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.nrsc.org |
Subject Issuer | Validity | Valid | |
---|---|---|---|
secure.nrsc.org Let's Encrypt Authority X3 |
2019-08-26 - 2019-11-24 |
3 months | crt.sh |
*.typekit.net DigiCert SHA2 Secure Server CA |
2018-07-20 - 2020-01-03 |
a year | crt.sh |
*.twimg.com DigiCert SHA2 High Assurance Server CA |
2018-11-19 - 2019-11-27 |
a year | crt.sh |
*.googleapis.com GTS CA 1O1 |
2019-09-05 - 2019-11-28 |
3 months | crt.sh |
*.victorypassport.com Amazon |
2019-02-05 - 2020-03-05 |
a year | crt.sh |
*.fontawesome.com DigiCert SHA2 Secure Server CA |
2018-09-17 - 2019-11-21 |
a year | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2019-09-05 - 2019-11-28 |
3 months | crt.sh |
www.googleadservices.com GTS CA 1O1 |
2019-09-05 - 2019-11-28 |
3 months | crt.sh |
ads-twitter.com DigiCert SHA2 High Assurance Server CA |
2019-08-14 - 2020-08-18 |
a year | crt.sh |
www.bing.com Microsoft IT TLS CA 2 |
2019-04-30 - 2021-04-30 |
2 years | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2019-09-05 - 2019-11-28 |
3 months | crt.sh |
www.google.com GTS CA 1O1 |
2019-09-05 - 2019-11-28 |
3 months | crt.sh |
www.google.de GTS CA 1O1 |
2019-09-05 - 2019-11-28 |
3 months | crt.sh |
t.co DigiCert SHA2 High Assurance Server CA |
2019-03-07 - 2020-03-07 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2019-08-24 - 2019-10-19 |
2 months | crt.sh |
*.yahoo.com DigiCert SHA2 High Assurance Server CA |
2019-09-17 - 2019-11-01 |
a month | crt.sh |
sc-static.net DigiCert SHA2 Secure Server CA |
2019-03-11 - 2021-03-15 |
2 years | crt.sh |
*.twitter.com DigiCert SHA2 High Assurance Server CA |
2019-01-28 - 2020-01-28 |
a year | crt.sh |
tr.snapchat.com DigiCert SHA2 Secure Server CA |
2019-02-19 - 2021-02-23 |
2 years | crt.sh |
s3.amazonaws.com DigiCert Baltimore CA-2 G2 |
2018-12-03 - 2019-10-25 |
a year | crt.sh |
This page contains 8 frames:
Primary Page:
https://secure.nrsc.org/donation_page/triple-match-3/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190923_JD-DL_KarlRove&utm_content=20190923_NotOnTrack_body_txt_midnight&action=email_click&ha1=
Frame ID: 1E3424819710C476113E00409814D6EB
Requests: 58 HTTP requests in this frame
Frame:
https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: 76ED74E1FE5425E0682515E4EF5B1F7A
Requests: 1 HTTP requests in this frame
Frame:
https://platform.twitter.com/widgets/widget_iframe.d6364fae9340b0be5f13818370141fd0.html?origin=https%3A%2F%2Fsecure.nrsc.org
Frame ID: 21ACC6AAF67CD89EC8B417C28DCA0139
Requests: 1 HTTP requests in this frame
Frame:
https://tr.snapchat.com/cm/i
Frame ID: A1BE855E3606D9BB762EC73E693562F6
Requests: 1 HTTP requests in this frame
Frame:
https://tr.snapchat.com/p
Frame ID: EAB421E27E5ABB145CD86D781A0F3564
Requests: 1 HTTP requests in this frame
Frame:
https://secure.victorypassport.com/pages/nrsc/triple-match-donation-page-karl-3x?location=https%3A%2F%2Fsecure.nrsc.org%2Fdonation_page%2Ftriple-match-3&location_url=aHR0cHM6Ly9zZWN1cmUubnJzYy5vcmcvZG9uYXRpb25fcGFnZS90cmlwbGUtbWF0Y2gtMy8%2FcmVjdXJyaW5nPXRydWUmdXRtX21lZGl1bT1lbWFpbCZ1dG1fc291cmNlPUpELURMJnV0bV9jYW1wYWlnbj0yMDE5MDkyM19KRC1ETF9LYXJsUm92ZSZ1dG1fY29udGVudD0yMDE5MDkyM19Ob3RPblRyYWNrX2JvZHlfdHh0X21pZG5pZ2h0JmFjdGlvbj1lbWFpbF9jbGljayZoYTE9Iw%3D%3D
Frame ID: D2E44701F715B835D509C316B9C1DCEF
Requests: 1 HTTP requests in this frame
Frame:
https://www.facebook.com/tr/
Frame ID: BC51AA74E8D7F2C7C3891BC5FD0D34E0
Requests: 1 HTTP requests in this frame
Frame:
https://www.facebook.com/tr/
Frame ID: 98234ECF456E8DF90F85BDE4B08AF7B8
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://paracom.paramountcommunication.com/ct/52881198:sh0j1Zw6N:m:1:2178217229:32A817856A891326CFEAB47CC555EF9B:r
HTTP 302
https://secure.nrsc.org/donation_page/triple-match-3/?recurring=true&utm_medium=email&utm_source=JD-... Page URL
Detected technologies
WordPress (CMS) ExpandDetected patterns
- html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
- script /\/wp-(?:content|includes)\//i
- html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
PHP (Programming Languages) Expand
Detected patterns
- html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
- script /\/wp-(?:content|includes)\//i
- html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
MySQL (Databases) Expand
Detected patterns
- html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
- script /\/wp-(?:content|includes)\//i
- html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Yoast SEO (SEO) Expand
Detected patterns
- html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
CloudFlare (CDN) Expand
Detected patterns
- headers server /^cloudflare$/i
Facebook (Widgets) Expand
Detected patterns
- script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Font Awesome (Font Scripts) Expand
Detected patterns
- html /<script[^>]* src=[^>]+fontawesome(?:\.js)?/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Google Font API (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Google Tag Manager (Tag Managers) Expand
Detected patterns
- html /<!-- (?:End )?Google Tag Manager -->/i
Twitter (Widgets) Expand
Detected patterns
- script /\/\/platform\.twitter\.com\/widgets\.js/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
- script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i
jQuery Migrate (JavaScript Libraries) Expand
Detected patterns
- script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Privacy Policy
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://paracom.paramountcommunication.com/ct/52881198:sh0j1Zw6N:m:1:2178217229:32A817856A891326CFEAB47CC555EF9B:r
HTTP 302
https://secure.nrsc.org/donation_page/triple-match-3/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190923_JD-DL_KarlRove&utm_content=20190923_NotOnTrack_body_txt_midnight&action=email_click&ha1= Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 59- https://www.google-analytics.com/r/collect?v=1&_v=j79&a=235264469&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.nrsc.org%2Fdonation_page%2Ftriple-match-3%2F%3Frecurring%3Dtrue%26utm_medium%3Demail%26utm_source%3DJD-DL%26utm_campaign%3D20190923_JD-DL_KarlRove%26utm_content%3D20190923_NotOnTrack_body_txt_midnight%26action%3Demail_click%26ha1%3D&ul=en-us&de=UTF-8&dt=Triple%20Match%20%7C%20NRSC&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=1942738089&gjid=211218147&cid=1136758513.1569265789&tid=UA-23419263-1&_gid=654949866.1569265789&_r=1&z=736764143 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-23419263-1&cid=1136758513.1569265789&jid=1942738089&_gid=654949866.1569265789&gjid=211218147&_v=j79&z=736764143 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-23419263-1&cid=1136758513.1569265789&jid=1942738089&_v=j79&z=736764143 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-23419263-1&cid=1136758513.1569265789&jid=1942738089&_v=j79&z=736764143&slf_rd=1&random=1310626043
- https://www.google-analytics.com/r/collect?v=1&_v=j79&a=235264469&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.nrsc.org%2Fdonation_page%2Ftriple-match-3%2F%3Frecurring%3Dtrue%26utm_medium%3Demail%26utm_source%3DJD-DL%26utm_campaign%3D20190923_JD-DL_KarlRove%26utm_content%3D20190923_NotOnTrack_body_txt_midnight%26action%3Demail_click%26ha1%3D&ul=en-us&de=UTF-8&dt=Triple%20Match%20%7C%20NRSC&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aEDAAEAB~&jid=1761102680&gjid=359419797&cid=1136758513.1569265789&tid=UA-23419263-11&_gid=654949866.1569265789&_r=1>m=2wg9b05WDLTFM&z=1065273302 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-23419263-11&cid=1136758513.1569265789&jid=1761102680&_gid=654949866.1569265789&gjid=359419797&_v=j79&z=1065273302
65 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
secure.nrsc.org/donation_page/triple-match-3/ Redirect Chain
|
19 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nnp5tpv.js
use.typekit.net/ |
18 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
widgets.js
platform.twitter.com/ |
95 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.min.css
secure.nrsc.org/wp-includes/css/dist/block-library/ |
29 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
1 KB 442 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jigsaw.css
secure.victorypassport.com/styles/ |
789 B 924 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
secure.nrsc.org/wp-content/themes/nrsc/assets/css/ |
106 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9b6261cc3e.js
use.fontawesome.com/ |
9 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.js
secure.nrsc.org/wp-includes/js/jquery/ |
95 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-migrate.min.js
secure.nrsc.org/wp-includes/js/jquery/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utilities.css
secure.nrsc.org/wp-content/themes/nrsc/assets/css/ |
112 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
brands.css
use.fontawesome.com/releases/v5.2.0/css/ |
637 B 624 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome.css
use.fontawesome.com/releases/v5.2.0/css/ |
44 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jigsaw_initial
secure.victorypassport.com/scripts/ |
813 B 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
slidebars.min.js
secure.nrsc.org/wp-content/themes/nrsc/assets/js/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
backstretch.min.js
secure.nrsc.org/wp-content/themes/nrsc/assets/js/ |
17 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.matchHeight.min.js
secure.nrsc.org/wp-content/themes/nrsc/assets/js/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scripts.js
secure.nrsc.org/wp-content/themes/nrsc/assets/js/ |
250 KB 82 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wp-embed.min.js
secure.nrsc.org/wp-includes/js/ |
1 KB 850 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lazyload.min.js
secure.nrsc.org/wp-content/plugins/wp-rocket/assets/js/lazyload/11.0.6/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
81 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
24 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uwt.js
static.ads-twitter.com/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bat.js
bat.bing.com/ |
23 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/863113746/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/863113746/ |
42 B 118 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/863113746/ |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
t.co/i/ |
43 B 448 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9b6261cc3e.css
use.fontawesome.com/ |
1 KB 684 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/en_US/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0
bat.bing.com/action/ |
0 117 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cerabasic-regular-webfont.woff2
secure.nrsc.org/wp-content/themes/nrsc/assets/fonts/cera/ |
20 KB 20 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jigsaw.css
secure.victorypassport.com/styles/ |
789 B 925 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jigsaw
secure.victorypassport.com/scripts/ |
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome-css.min.css
use.fontawesome.com/releases/v4.7.0/css/ |
30 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/en_US/ |
195 KB 58 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cerabasic-bold-webfont.woff2
secure.nrsc.org/wp-content/themes/nrsc/assets/fonts/cera/ |
20 KB 20 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
xd_arbiter.php
staticxx.facebook.com/connect/ Frame 76ED |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-webfont.woff2
use.fontawesome.com/releases/v4.7.0/fonts/ |
75 KB 76 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
121 KB 31 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ytc.js
s.yimg.com/wi/ |
18 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scevent.min.js
sc-static.net/ |
14 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1877534775869068
connect.facebook.net/signals/config/ |
308 KB 79 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
10060016.json
s.yimg.com/wi/config/ |
2 B 482 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/2f0e6a/00000000000000003b9b12e6/27/ |
15 KB 15 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
widget_iframe.d6364fae9340b0be5f13818370141fd0.html
platform.twitter.com/widgets/ Frame 21AC |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
analytics.twitter.com/i/ |
31 B 636 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i
tr.snapchat.com/cm/ Frame A1BE |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
p
tr.snapchat.com/ Frame EAB4 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
inferredEvents.js
connect.facebook.net/signals/plugins/ |
35 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 254 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p.gif
p.typekit.net/ |
35 B 201 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
triple-match-donation-page-karl-3x
secure.victorypassport.com/pages/nrsc/ Frame D2E4 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
application-699debf42ab7586933d3e1dbd037e5e6a017ecfdb03c20128fd9d95e3f75b8a5.css
secure.victorypassport.com/assets/jackal/ |
20 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
application-8943e86fe85ef49329362e2269c234f280ac59f88d7e072dd16511193d57215d.js
secure.victorypassport.com/assets/jackal/ |
42 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
www.facebook.com/tr/ Frame BC51 |
0 0 |
Document
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
circles-cda90b57321e88549d90dc2492ee86043bd080f154107d931c065dea54f8fb2c.jpg
secure.victorypassport.com/assets/ |
444 B 812 B |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
VictoryPassport.ttf
s3.amazonaws.com/assets.victorypassport.com/fonts/ |
11 KB 11 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
122 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
43 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
528927697229967
connect.facebook.net/signals/config/ |
307 KB 79 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
stats.g.doubleclick.net/r/ Redirect Chain
|
35 B 113 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 153 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
www.facebook.com/tr/ Frame 9823 |
0 0 |
Document
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
86 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| dataLayer object| google_tag_manager function| twq object| uetq function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| Typekit object| __twttrll object| twttr object| __twttr function| UET object| FontAwesomeCdnConfig string| cssUrl undefined| $ function| jQuery object| urls object| styleJigsaw string| styleJgsawUrl string| JSLink object| JSElement function| slidebars object| FB object| jQuery112400017616520383594292 function| fbq function| _fbq object| dotq function| snaptr object| r object| YAHOO undefined| I13N_Conf undefined| YWA_Global_Conf function| getDevice function| setImmediate function| clearImmediate function| Vue function| Hammer function| filter function| sortBy object| wp object| lazyLoadOptions function| lazyLoadThumb function| lazyLoadYoutubeIframe function| _extends function| _typeof function| LazyLoad object| images boolean| is_image object| iframes boolean| is_iframe object| rocket_lazy function| _classCallCheck function| _inherits object| vp function| _createClass function| VPModal function| _get function| VPAuthorizeDialog function| VPBaseForm function| VPEventProcessor function| VPForgotPasswordForm function| VPLoginDialog function| VPLoginForm function| VPParentLocation function| VPPublishAnalytics function| VPRegistrationForm function| VPScrollToTop function| VPToolbar function| Messages function| DOMUtils function| VPUpdateBackgroundImage function| VPUpdateFrameHeight function| VPUpdateToolbar function| Utils object| vpToolbar object| vpEventProcessor boolean| ieVersion object| Mustache string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData21 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.secure.victorypassport.com/ | Name: __stripe_sid Value: e03e7c75-fadb-4c6f-8ff3-c9f8673b6c41 |
|
.secure.victorypassport.com/ | Name: __stripe_mid Value: 9b7162cf-f941-49af-96a0-425be2f1ad05 |
|
.victorypassport.com/ | Name: _gat Value: 1 |
|
.victorypassport.com/ | Name: _gat_UA-10463545-10 Value: 1 |
|
.victorypassport.com/ | Name: _gid Value: GA1.2.1037073404.1569265789 |
|
.victorypassport.com/ | Name: _ga Value: GA1.2.1103333664.1569265789 |
|
secure.victorypassport.com/ | Name: _mystique_session Value: S2dUVjEyV0taWEd4Zmx3ak1GcHZ1NVIyOWJveGRpR0oxYW00eHlrMlRlblhYVTg3SzFGbXdWVDRaVHhTNmY4ZEhyMlhaU0pXUmtWTDE1azRyYUx6YlB0OHgxQ0RSblBQaXp3emd6ZDdCbys4Zk5ZTmgwVXlaQXhESjdjb1dUc2c3YTJlRFFKVWY3NDZieFJvSXRHZ0t3PT0tLTBJb1VJU3l6RnBPU2xJbTlBK1YvWXc9PQ%3D%3D--4170dbcdc8862a42aadc1ee7bc2cafa4c542e7f7 |
|
.snapchat.com/ | Name: sc_at Value: v2|H4sIAAAAAAAAAAXBiREAIAgDsIm486EC44jVKRjeZO4A8VzYg6K8Ktk0ZSTTDb7PQ1XHirFgbtU+bR98+jIAAAA= |
|
.facebook.com/ | Name: fr Value: 0hXgIBjTSn5jv8Hro..BdiRh7...1.0.BdiRh7. |
|
.twitter.com/ | Name: personalization_id Value: "v1_TDvOQmRlryLQ0ZPhUd9XYQ==" |
|
.secure.nrsc.org/ | Name: _gid Value: GA1.3.654949866.1569265789 |
|
.secure.nrsc.org/ | Name: _gat_UA-23419263-11 Value: 1 |
|
.victorypassport.com/ | Name: _fbp Value: fb.1.1569265789060.1566980350 |
|
.secure.nrsc.org/ | Name: _ga Value: GA1.3.1136758513.1569265789 |
|
.victorypassport.com/ | Name: _dc_gtm_UA-10463545-9 Value: 1 |
|
.nrsc.org/ | Name: _gid Value: GA1.2.654949866.1569265789 |
|
.nrsc.org/ | Name: _ga Value: GA1.2.1136758513.1569265789 |
|
.nrsc.org/ | Name: _fbp Value: fb.1.1569265787496.1852654305 |
|
.nrsc.org/ | Name: _gat Value: 1 |
|
.nrsc.org/ | Name: _scid Value: 10a540e1-be10-4d12-89a2-a148e0f4a7ab |
|
.secure.nrsc.org/ | Name: __cfduid Value: d1f8c08704b08d34bc1f27468304b4a331569265786 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
analytics.twitter.com
bat.bing.com
connect.facebook.net
fonts.googleapis.com
googleads.g.doubleclick.net
p.typekit.net
paracom.paramountcommunication.com
platform.twitter.com
s.yimg.com
s3.amazonaws.com
sc-static.net
secure.nrsc.org
secure.victorypassport.com
static.ads-twitter.com
staticxx.facebook.com
stats.g.doubleclick.net
t.co
tr.snapchat.com
use.fontawesome.com
use.typekit.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
104.109.64.186
104.244.42.5
104.244.42.67
143.204.214.21
151.101.12.157
172.217.18.2
23.111.9.35
2600:9000:20bb:d000:14:71e7:1f40:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700::6812:a460
2620:1ec:c11::200
2a00:1288:f03d:1fa::2000
2a00:1450:4001:806::2002
2a00:1450:4001:815::200e
2a00:1450:4001:817::200a
2a00:1450:4001:819::2008
2a00:1450:4001:81e::2004
2a00:1450:4001:820::2003
2a00:1450:400c:c09::9c
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
35.186.226.184
52.10.238.11
52.216.128.213
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14d88b3a27f0e6de034f86ad42d6411081e9467daf754147f2f16bcb20782177
153ba604b684d54e7f2c2febdc0eddfd91c07e4c0d2a241e971792658a5fa7a7
15a4b768dcf0208dc3665c311ba8469dcb3a1b3d75d6a1a3ce553858daa2f51e
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
2084b02ef00961bf31c7df0ba542102895f3733ace3544bebf538608aef2f770
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
3b62820f2888c6dec47a70b30d1742bdac1e1c3a9b0bcc6d47d116f5de28d8f5
40ee70c9036bf25dbd16fa38434e0caf32f42b8600be2f124cc21b55adba3a39
4127627f5a295fc4bf76c2d6d0656bd420d6f61de1bf31743963b38022d0881d
41bca44f06264f32ea0841edeef809e5e8a006ce3258fb2c22829991dd5ee56c
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45491009ecacd44a68ce929f718ec44a30d50b204a1c0302871ea801a2410171
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4b8fe5c3d0e5ef7a6582185cbf5c535b5d369c8df1da98c03ed69833e55f474d
4d22f87893242016b19d07844de2a7b857faab225a744be22fb5e7aa58b22f65
4d2e73fabea4a24a0278320a4920a5766ae7c7c5a11f787e0f31467a253bdddf
5517e384dacbf9151599383c4965af3f19562148376757092affd1986bab5eb0
5aad0c603e44d8a8e20e6137a6433981fe1cf443e6bf2829efadd3f26c9a44fb
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
699debf42ab7586933d3e1dbd037e5e6a017ecfdb03c20128fd9d95e3f75b8a5
750eed5053d9666651ad45bb25117acf4169a603a73ff415ab5f29bf6aaf7ef7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
855ccd60eaf5bda8f6227dc53ff7be4b33ed7fd242452ccdf51b9cdcc6fc0280
85990e35a1bd9710094c42c86b371a1cb549c880a191aa795b1d6ceb43de8618
8690eff9b94fbb3061f440a6c452521df38dd673c721ceb661dee72e3cab8804
8943e86fe85ef49329362e2269c234f280ac59f88d7e072dd16511193d57215d
89c4c793ad6699e71e805763117dd94e9614d000dd4bd3dd34944b89773133e1
97fd47b2a2bc905922463b3ba0b0d726eaf214cd02540466cebc102a32348e98
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9d89f1419c265077c2dcece4c2e223a0a14c1b436086c478a40c2d40e7398511
a5d7cfd1fedf2035120da0699b947edff661d8118cb4f04c644b50688063d16e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad48c90f210c4489be45349eb7e50444a3749adfd02118d57586d819f27790ab
afcb1f6c5b300318111c91317309f5cd4e621638628db4aa5beefd622ca8be10
b139982ce002c53ddfb65aec1e90704c0a3704fc5aa35247f9323b74a1d3f721
b2c8a2356a67dde28735115997c96fbcc914ed2df1295dde1ec2c44e6c1615ab
b4e9e9bef19c34422f55a7fdb9d10c4db5e39cff24b8c98a0be0e09b2ee6ac2b
bd718c89edd9bd10538e733e1f63a9a27b6cc40cb05347a93321cb9a64f62b03
be217e8379199bbfaa9badbe7696c4cd90c18df390a7c4cae53f7096e15e650e
c1aaebd3e292905247afcee12242ae79f65b1612353455ae144367fa4868e60e
cda90b57321e88549d90dc2492ee86043bd080f154107d931c065dea54f8fb2c
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e79ed5247c32fef2049edc969ffb9445cc0ece8397a790e47e679a977afcb8f7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9cd83b1d0bc0eb8fc24cace7dadc0d77a69c9f67d4536cce9fb46e7d550946
f450674ffd3894e4d0759e542e92cc6b1d7243b76ce7c0a3fccb62f5f578e6a2
f871ea640b390fb63955568f537fe736c5fd9d12600eaff29990183ed3d17712
fa87904726726364ad19a7c4b2f2b20ee10637325601b5aa88ed8bfdcb7117a7
fd9b21475370627e77a6988f76c0bf93a005f9e66c4f2e9fd62e5c2de5976dc9