www.davethomasfoundation.org
Open in
urlscan Pro
138.197.240.14
Public Scan
Submitted URL: https://supportca.davethomasfoundation.org/
Effective URL: https://www.davethomasfoundation.org/canada/
Submission: On September 01 via automatic, source certstream-suspicious — Scanned from DE
Effective URL: https://www.davethomasfoundation.org/canada/
Submission: On September 01 via automatic, source certstream-suspicious — Scanned from DE
Summary
This website contacted 28 IPs
in 6 countries
across 19 domains to perform 90 HTTP transactions.
The main IP is 138.197.240.14, located in
New York, United States and
belongs to DIGITALOCEAN-ASN, US.
The main domain is www.davethomasfoundation.org.
TLS certificate: Issued by R3 on July 26th 2022. Valid for: 3 months.
This is the only time www.davethomasfoundation.org was scanned on urlscan.io!
TLS certificate: Issued by R3 on July 26th 2022. Valid for: 3 months.
This is the only time www.davethomasfoundation.org was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
3
74.123.153.108
(United States)
ASN15148 (BLACKBAUD-ASN, US)
PTR: cluster2.convio.net
ASN15148 (BLACKBAUD-ASN, US)
PTR: cluster2.convio.net
| supportca.davethomasfoundation.org | |
| dtfa2.convio.net |
44
138.197.240.14
(New York, United States)
ASN14061 (DIGITALOCEAN-ASN, US)
ASN14061 (DIGITALOCEAN-ASN, US)
| www.davethomasfoundation.org |
3
2a00:1450:4001:800::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
2
74.123.154.146
(United States)
ASN15148 (BLACKBAUD-ASN, US)
PTR: cluster3.convio.net
ASN15148 (BLACKBAUD-ASN, US)
PTR: cluster3.convio.net
| secure3.convio.net |
3
2a00:1450:4001:812::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.google-analytics.com |
1
2a02:26f0:3500:16::215:14a0
(Frankfurt am Main, Germany)
ASN20940 (AKAMAI-ASN1, NL)
ASN20940 (AKAMAI-ASN1, NL)
| snap.licdn.com |
1
142.250.185.162
(United States)
ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
| www.googleadservices.com |
2
172.217.16.198
(United States)
ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f6.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f6.1e100.net
| 9358335.fls.doubleclick.net |
5
2620:1ec:c11::200
(United States)
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| bat.bing.com | |
| c.bing.com |
3
2620:1ec:21::14
(United States)
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| px.ads.linkedin.com | |
| www.linkedin.com |
1
2a00:1450:4001:80b::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| googleads.g.doubleclick.net |
1
54.187.202.233
(Boardman, United States)
ASN16509 (AMAZON-02, US)
PTR: ec2-54-187-202-233.us-west-2.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-54-187-202-233.us-west-2.compute.amazonaws.com
| api.userway.org |
2
2a03:2880:f11c:8083:face:b00c:0:25de
(Frankfurt am Main, Germany)
ASN32934 (FACEBOOK, US)
ASN32934 (FACEBOOK, US)
| www.facebook.com |
1
212.82.100.181
(Dublin, Ireland)
ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com
ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com
| sp.analytics.yahoo.com |
2
20.120.65.166
(Tappahannock, United States)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| l.clarity.ms |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 45 |
davethomasfoundation.org
1 redirects
supportca.davethomasfoundation.org www.davethomasfoundation.org |
2 MB |
| 6 |
clarity.ms
1 redirects
www.clarity.ms — Cisco Umbrella Rank: 527 c.clarity.ms — Cisco Umbrella Rank: 955 l.clarity.ms — Cisco Umbrella Rank: 5269 |
26 KB |
| 5 |
bing.com
1 redirects
bat.bing.com — Cisco Umbrella Rank: 354 c.bing.com — Cisco Umbrella Rank: 213 |
13 KB |
| 5 |
doubleclick.net
1 redirects
stats.g.doubleclick.net — Cisco Umbrella Rank: 85 9358335.fls.doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 |
3 KB |
| 5 |
userway.org
cdn.userway.org — Cisco Umbrella Rank: 5560 api.userway.org — Cisco Umbrella Rank: 5451 |
38 KB |
| 4 |
linkedin.com
3 redirects
px.ads.linkedin.com — Cisco Umbrella Rank: 370 www.linkedin.com — Cisco Umbrella Rank: 586 px4.ads.linkedin.com — Cisco Umbrella Rank: 6068 |
3 KB |
| 4 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37 region1.google-analytics.com — Cisco Umbrella Rank: 3463 |
20 KB |
| 4 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 154 |
198 KB |
| 4 |
convio.net
2 redirects
dtfa2.convio.net secure3.convio.net — Cisco Umbrella Rank: 97707 |
162 KB |
| 3 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 66 |
179 KB |
| 2 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 113 |
315 B |
| 2 |
google.de
www.google.de — Cisco Umbrella Rank: 6487 adservice.google.de — Cisco Umbrella Rank: 9270 |
1 KB |
| 2 |
google.com
adservice.google.com — Cisco Umbrella Rank: 78 www.google.com — Cisco Umbrella Rank: 2 |
1 KB |
| 2 |
yimg.com
s.yimg.com — Cisco Umbrella Rank: 436 |
7 KB |
| 2 |
crazyegg.com
script.crazyegg.com — Cisco Umbrella Rank: 1671 |
3 KB |
| 1 |
yahoo.com
sp.analytics.yahoo.com — Cisco Umbrella Rank: 1199 |
632 B |
| 1 |
googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 132 |
16 KB |
| 1 |
licdn.com
snap.licdn.com — Cisco Umbrella Rank: 754 |
3 KB |
| 1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 43 |
1 KB |
| 90 | 19 |
| Domain | Requested by | |
|---|---|---|
| 44 | www.davethomasfoundation.org |
www.davethomasfoundation.org
|
| 4 | bat.bing.com |
www.davethomasfoundation.org
bat.bing.com |
| 4 | cdn.userway.org |
www.davethomasfoundation.org
cdn.userway.org |
| 4 | connect.facebook.net |
www.davethomasfoundation.org
connect.facebook.net |
| 3 | www.google-analytics.com |
www.davethomasfoundation.org
www.google-analytics.com |
| 3 | www.googletagmanager.com |
www.davethomasfoundation.org
www.googletagmanager.com |
| 2 | l.clarity.ms |
www.clarity.ms
|
| 2 | c.clarity.ms | 1 redirects |
| 2 | www.clarity.ms |
bat.bing.com
www.clarity.ms |
| 2 | www.facebook.com |
www.davethomasfoundation.org
|
| 2 | px.ads.linkedin.com | 2 redirects |
| 2 | s.yimg.com |
www.davethomasfoundation.org
s.yimg.com |
| 2 | 9358335.fls.doubleclick.net |
1 redirects
www.googletagmanager.com
|
| 2 | stats.g.doubleclick.net |
www.google-analytics.com
|
| 2 | secure3.convio.net |
www.davethomasfoundation.org
|
| 2 | script.crazyegg.com |
www.davethomasfoundation.org
script.crazyegg.com |
| 2 | dtfa2.convio.net | 2 redirects |
| 1 | c.bing.com | 1 redirects |
| 1 | sp.analytics.yahoo.com |
www.davethomasfoundation.org
|
| 1 | adservice.google.de |
adservice.google.com
|
| 1 | www.google.de |
www.davethomasfoundation.org
|
| 1 | www.google.com |
www.davethomasfoundation.org
|
| 1 | adservice.google.com |
9358335.fls.doubleclick.net
|
| 1 | api.userway.org |
cdn.userway.org
|
| 1 | googleads.g.doubleclick.net |
www.googleadservices.com
|
| 1 | px4.ads.linkedin.com |
www.davethomasfoundation.org
|
| 1 | www.linkedin.com | 1 redirects |
| 1 | region1.google-analytics.com |
www.googletagmanager.com
|
| 1 | www.googleadservices.com |
www.googletagmanager.com
|
| 1 | snap.licdn.com |
www.davethomasfoundation.org
|
| 1 | fonts.googleapis.com |
www.davethomasfoundation.org
|
| 1 | supportca.davethomasfoundation.org | 1 redirects |
| 90 | 32 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| secure2.convio.net |
| supportca.davethomasfoundation.org |
| shopdavethomasfoundation.org |
| www.youtube.com |
| www.facebook.com |
| twitter.com |
| www.instagram.com |
| www.linkedin.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| davethomasfoundation.org R3 |
2022-07-26 - 2022-10-24 |
3 months | crt.sh |
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-04-08 - 2023-04-08 |
a year | crt.sh |
| upload.video.google.com GTS CA 1C3 |
2022-08-08 - 2022-10-31 |
3 months | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2022-08-15 - 2022-11-07 |
3 months | crt.sh |
| secure3.convio.net GeoTrust TLS RSA CA G1 |
2021-10-14 - 2022-11-14 |
a year | crt.sh |
| *.facebook.com DigiCert SHA2 High Assurance Server CA |
2022-06-11 - 2022-09-09 |
3 months | crt.sh |
| snap.licdn.com DigiCert SHA2 Secure Server CA |
2022-03-01 - 2023-03-01 |
a year | crt.sh |
| 1667503734.rsc.cdn77.org R3 |
2022-08-15 - 2022-11-13 |
3 months | crt.sh |
| *.g.doubleclick.net GTS CA 1C3 |
2022-08-15 - 2022-11-07 |
3 months | crt.sh |
| www.googleadservices.com GTS CA 1C3 |
2022-08-15 - 2022-11-07 |
3 months | crt.sh |
| *.doubleclick.net GTS CA 1C3 |
2022-08-08 - 2022-10-31 |
3 months | crt.sh |
| *.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA |
2022-07-25 - 2022-09-14 |
2 months | crt.sh |
| www.bing.com Microsoft RSA TLS CA 01 |
2022-06-10 - 2022-12-10 |
6 months | crt.sh |
| api.userway.org Amazon |
2021-11-02 - 2022-11-30 |
a year | crt.sh |
| *.google.com GTS CA 1C3 |
2022-08-15 - 2022-11-07 |
3 months | crt.sh |
| www.google.com GTS CA 1C3 |
2022-08-15 - 2022-11-07 |
3 months | crt.sh |
| www.google.de GTS CA 1C3 |
2022-08-08 - 2022-10-31 |
3 months | crt.sh |
| *.google.de GTS CA 1C3 |
2022-08-15 - 2022-11-07 |
3 months | crt.sh |
| real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA |
2022-08-09 - 2023-02-01 |
6 months | crt.sh |
| www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1 |
2022-02-27 - 2023-02-27 |
a year | crt.sh |
| a.clarity.ms Microsoft Azure TLS Issuing CA 02 |
2022-06-07 - 2023-06-02 |
a year | crt.sh |
This page contains 5 frames:
Primary Page:
https://www.davethomasfoundation.org/canada/
Frame ID: EFA26E18D67806AA87E3E9670526EA88
Requests: 88 HTTP requests in this frame
Frame:
https://9358335.fls.doubleclick.net/activityi;dc_pre=CKCAwKGo9PkCFbsLewod7o8GfQ;src=9358335;type=sitev0;cat=dtfa-0;ord=3096497927151;gtm=2wg8t0;auiddc=490452421.1662060072;u6=%2Fcanada%2F;~oref=https%3A%2F%2Fwww.davethomasfoundation.org%2Fcanada%2F
Frame ID: DA683EA9E98DB1BBCF4C4EDC2BFD62FF
Requests: 1 HTTP requests in this frame
Frame:
https://adservice.google.com/ddm/fls/i/dc_pre=CKCAwKGo9PkCFbsLewod7o8GfQ;src=9358335;type=sitev0;cat=dtfa-0;ord=3096497927151;gtm=2wg8t0;auiddc=490452421.1662060072;u6=%2Fcanada%2F;~oref=https%3A%2F%2Fwww.davethomasfoundation.org%2Fcanada%2F
Frame ID: E15DF64072CC863D6C61D2473067999F
Requests: 1 HTTP requests in this frame
Frame:
https://adservice.google.de/ddm/fls/i/dc_pre=CKCAwKGo9PkCFbsLewod7o8GfQ;src=9358335;type=sitev0;cat=dtfa-0;ord=3096497927151;gtm=2wg8t0;auiddc=490452421.1662060072;u6=%2Fcanada%2F;~oref=https%3A%2F%2Fwww.davethomasfoundation.org%2Fcanada%2F
Frame ID: F2272D0614374B601E8F54AAF4D59969
Requests: 1 HTTP requests in this frame
Frame:
https://www.facebook.com/tr/
Frame ID: 2031E0F0D91C0D9E9633A14302F8C672
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Dave Thomas Foundation Canada | Foster Care AdoptionPage URL History Show full URLs
-
https://supportca.davethomasfoundation.org/
HTTP 302
http://dtfa2.convio.net/ HTTP 301
http://dtfa2.convio.net/site/PageServer HTTP 302
https://www.davethomasfoundation.org/canada/ Page URL
Detected technologies
WordPress
(CMS)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /wp-(?:content|includes)/
Yoast SEO
(SEO)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Crazy Egg
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script\.crazyegg\.com/pages/scripts/\d+/\d+\.js
Facebook
(Widgets)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Linkedin Insight Tag
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Modernizr
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
UserWay
(Accessibility)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- cdn\.userway\.org/widget.*\.js
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery Migrate
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Page Statistics
10 Outgoing links
These are links going to different origins than the main page.
URL: https://secure2.convio.net/dtfa2/site/Donation2;jsessionid=00000000.app248a?1400.donation=form1&df_id=1400&mfc_pref=T&NONCE_TOKEN=38B9D085114540604D3C13052EC8428E
Title: Give Today
Title: Give Today
Search URL Search Domain Scan URL
URL: https://supportca.davethomasfoundation.org/site/Donation2?df_id=2080&mfc_pref=T&2080.donation=form1
Title: Give Monthly
Title: Give Monthly
Search URL Search Domain Scan URL
URL: https://supportca.davethomasfoundation.org/site/Donation2;jsessionid=00000000.app248a?1400.donation=form1&df_id=1400&mfc_pref=T&NONCE_TOKEN=38B9D085114540604D3C13052EC8428E
Title: Donate
Title: Donate
Search URL Search Domain Scan URL
URL: https://shopdavethomasfoundation.org/collections/canada
Title: <img src="https://www.davethomasfoundation.org/wp-content/uploads/2019/06/CA-GetInvolved_Shop.jpg" />
Title: <img src="https://www.davethomasfoundation.org/wp-content/uploads/2019/06/CA-GetInvolved_Shop.jpg" />
Search URL Search Domain Scan URL
URL: https://www.youtube.com/playlist?list=PLF5a-nu5k60SI6cXqt0Ze2nr9gMVRTdJw
Title: Watch More Stories
Title: Watch More Stories
Search URL Search Domain Scan URL
URL: https://www.facebook.com/DaveThomasFoundationforAdoption
Search URL Search Domain Scan URL
URL: https://twitter.com/DTFA
Search URL Search Domain Scan URL
URL: https://www.instagram.com/dtfa/
Search URL Search Domain Scan URL
URL: https://www.linkedin.com/company/dave-thomas-foundation-for-adoption
Search URL Search Domain Scan URL
URL: https://www.youtube.com/user/DaveThomasFoundation
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://supportca.davethomasfoundation.org/
HTTP 302
http://dtfa2.convio.net/ HTTP 301
http://dtfa2.convio.net/site/PageServer HTTP 302
https://www.davethomasfoundation.org/canada/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 53- https://9358335.fls.doubleclick.net/activityi;src=9358335;type=sitev0;cat=dtfa-0;ord=3096497927151;gtm=2wg8t0;auiddc=490452421.1662060072;u6=%2Fcanada%2F;~oref=https%3A%2F%2Fwww.davethomasfoundation.org%2Fcanada%2F HTTP 302
- https://9358335.fls.doubleclick.net/activityi;dc_pre=CKCAwKGo9PkCFbsLewod7o8GfQ;src=9358335;type=sitev0;cat=dtfa-0;ord=3096497927151;gtm=2wg8t0;auiddc=490452421.1662060072;u6=%2Fcanada%2F;~oref=https%3A%2F%2Fwww.davethomasfoundation.org%2Fcanada%2F
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=56536&time=1662060071915&url=https%3A%2F%2Fwww.davethomasfoundation.org%2Fcanada%2F HTTP 302
- https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D56536%26time%3D1662060071915%26url%3Dhttps%253A%252F%252Fwww.davethomasfoundation.org%252Fcanada%252F%26liSync%3Dtrue HTTP 302
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=56536&time=1662060071915&url=https%3A%2F%2Fwww.davethomasfoundation.org%2Fcanada%2F&liSync=true HTTP 302
- https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=56536&time=1662060071915&url=https%3A%2F%2Fwww.davethomasfoundation.org%2Fcanada%2F&liSync=true&e_ipv6=AQL6OJCDvac5ugAAAYL6gA3lRwhCqKqOcZk94Flv7rlh4prXMiLIeYDKLGGuzgHlp72NfcoO3Rkg-DvmBU4UIKz3EHo5ng
- https://c.clarity.ms/c.gif HTTP 302
- https://c.bing.com/c.gif?CtsSyncId=F7C5A7841D33414B95F83932EE099BBB&RedC=c.clarity.ms&MXFR=2AACD37CA94669E4271CC16EAD4667B0 HTTP 302
- https://c.clarity.ms/c.gif?CtsSyncId=F7C5A7841D33414B95F83932EE099BBB&MUID=0FCE7036F7C36B0E06016224F6A86A11
90 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
/
www.davethomasfoundation.org/canada/ Redirect Chain
|
140 KB 32 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
wpo-minify-header-bbd944b9.min.css
www.davethomasfoundation.org/wp-content/cache/wpo-minify/1661829101/assets/ |
488 KB 79 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.min.js
www.davethomasfoundation.org/wp-includes/js/jquery/ |
87 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-migrate.min.js
www.davethomasfoundation.org/wp-includes/js/jquery/ |
11 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
all.js
www.davethomasfoundation.org/wp-content/themes/dave-thomas/js/ |
462 KB 117 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
luminateExtend.js
www.davethomasfoundation.org/wp-content/themes/dave-thomas/js/ |
16 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bundle.js
www.davethomasfoundation.org/wp-content/themes/dave-thomas/build/ |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
all.min.js
www.davethomasfoundation.org/wp-content/plugins/ubermenu/assets/fontawesome/js/ |
1 MB 407 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
v4-shims.min.js
www.davethomasfoundation.org/wp-content/plugins/ubermenu/assets/fontawesome/js/ |
15 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1443.js
script.crazyegg.com/pages/scripts/0083/ |
6 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css2
fonts.googleapis.com/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
209 KB 75 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
wpo-minify-footer-7eae4099.min.css
www.davethomasfoundation.org/wp-content/cache/wpo-minify/1661829101/assets/ |
128 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
collapse.js
www.davethomasfoundation.org/wp-content/plugins/jquery-collapse-o-matic/js/ |
19 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
core.min.js
www.davethomasfoundation.org/wp-includes/js/jquery/ui/ |
20 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
modernizr.custom.min.js
www.davethomasfoundation.org/wp-content/plugins/ultimate-social-media-icons/js/shuffle/ |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.shuffle.min.js
www.davethomasfoundation.org/wp-content/plugins/ultimate-social-media-icons/js/shuffle/ |
11 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
random-shuffle-min.js
www.davethomasfoundation.org/wp-content/plugins/ultimate-social-media-icons/js/shuffle/ |
1 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
custom.js
www.davethomasfoundation.org/wp-content/plugins/ultimate-social-media-icons/js/ |
30 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ubermenu.min.js
www.davethomasfoundation.org/wp-content/plugins/ubermenu/assets/js/ |
33 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
regenerator-runtime.min.js
www.davethomasfoundation.org/wp-includes/js/dist/vendor/ |
6 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
wp-polyfill.min.js
www.davethomasfoundation.org/wp-includes/js/dist/vendor/ |
19 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
dom-ready.min.js
www.davethomasfoundation.org/wp-includes/js/dist/ |
498 B 673 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
hooks.min.js
www.davethomasfoundation.org/wp-includes/js/dist/ |
5 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
i18n.min.js
www.davethomasfoundation.org/wp-includes/js/dist/ |
10 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
a11y.min.js
www.davethomasfoundation.org/wp-includes/js/dist/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.json.min.js
www.davethomasfoundation.org/wp-content/plugins/gravityforms/js/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
gravityforms.min.js
www.davethomasfoundation.org/wp-content/plugins/gravityforms/js/ |
43 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
conditional_logic.min.js
www.davethomasfoundation.org/wp-content/plugins/gravityforms/js/ |
9 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
placeholders.jquery.min.js
www.davethomasfoundation.org/wp-content/plugins/gravityforms/js/ |
5 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
gfsignature_delete_signature.min.js
www.davethomasfoundation.org/wp-content/plugins/gravityformssignature/js/ |
513 B 575 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
lazyload.min.js
www.davethomasfoundation.org/wp-content/plugins/rocket-lazy-load/assets/js/16.1/ |
8 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
dtfa_general-lb_img.jpg
www.davethomasfoundation.org/wp-content/uploads/2021/08/ |
123 KB 123 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
dtfa-july22-lb-tshirt.jpg
secure3.convio.net/dtfa/images/content/pagebuilder/ |
125 KB 125 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
dtfa-july22-lb-circle.png
secure3.convio.net/dtfa/images/content/pagebuilder/ |
35 KB 35 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gtm.js
www.googletagmanager.com/ |
176 KB 64 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
100 KB 27 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
64 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
red-bg.png
www.davethomasfoundation.org/wp-content/themes/dave-thomas/img/ |
67 KB 67 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
fa-regular-400.woff2
www.davethomasfoundation.org/wp-content/plugins/ubermenu/assets/fontawesome/webfonts/ |
13 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
fontawesome-webfont.woff2
www.davethomasfoundation.org/wp-content/themes/dave-thomas/fonts/ |
75 KB 76 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Stag-Medium.otf
www.davethomasfoundation.org/wp-content/themes/dave-thomas/fonts/ |
45 KB 45 KB |
Font
font/otf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
CA-HomePageHeader.jpg
www.davethomasfoundation.org/wp-content/uploads/2019/06/ |
147 KB 147 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
gray-spots-bg.png
www.davethomasfoundation.org/wp-content/themes/dave-thomas/img/ |
355 KB 355 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Stag-Light.otf
www.davethomasfoundation.org/wp-content/themes/dave-thomas/fonts/ |
117 KB 117 KB |
Font
font/otf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
66 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
insight.min.js
snap.licdn.com/li.lms-analytics/ |
8 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sdk.js
connect.facebook.net/en_US/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
widget.js
cdn.userway.org/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cd-top-arrow.svg
www.davethomasfoundation.org/wp-content/themes/dave-thomas/img/ |
562 B 850 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 448 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
collect
www.google-analytics.com/ |
35 B 194 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
41 KB 16 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
activityi;dc_pre=CKCAwKGo9PkCFbsLewod7o8GfQ;src=9358335;type=sitev0;cat=dtfa-0;ord=3096497927151;gtm=2wg8t0;auiddc=490452421.1662060072;u6=%2Fcanada%2F;~oref=https%3A%2F%2Fwww.davethomasfoundation....
9358335.fls.doubleclick.net/ Frame DA68 Redirect Chain
|
517 B 426 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ytc.js
s.yimg.com/wi/ |
16 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bat.js
bat.bing.com/ |
38 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
js
www.googletagmanager.com/gtag/ |
105 KB 41 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
region1.google-analytics.com/g/ |
0 347 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
collect
px4.ads.linkedin.com/ Redirect Chain
|
0 265 B |
Image
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
sdk.js
connect.facebook.net/en_US/ |
299 KB 85 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
1909300529327809
connect.facebook.net/signals/config/ |
293 KB 84 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
widget_app_base_1661983785797.js
cdn.userway.org/widgetapp/2022-08-31/ |
119 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
collect
www.google-analytics.com/j/ |
2 B 22 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/751047742/ |
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
56358547.js
bat.bing.com/p/action/ |
1 KB 862 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
0
bat.bing.com/action/ |
0 120 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
0
bat.bing.com/actionp/ |
0 175 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
collect
stats.g.doubleclick.net/j/ |
1 B 22 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
M7PShF5GHh
api.userway.org/api/tunings/ |
1 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
youtube.png
www.davethomasfoundation.org/wp-content/plugins/rocket-lazy-load/assets/img/ |
662 B 946 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dc_pre=CKCAwKGo9PkCFbsLewod7o8GfQ;src=9358335;type=sitev0;cat=dtfa-0;ord=3096497927151;gtm=2wg8t0;auiddc=490452421.1662060072;u6=%2Fcanada%2F;~oref=https%3A%2F%2Fwww.davethomasfoundation.org%2Fcana...
adservice.google.com/ddm/fls/i/ Frame E15D |
516 B 869 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.com/pagead/1p-user-list/751047742/ |
42 B 548 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.de/pagead/1p-user-list/751047742/ |
42 B 548 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
www.davethomasfoundation.org.json
script.crazyegg.com/pages/data-scripts/0083/1443/site/ |
1 KB 760 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
dtfa-canada-logo.png
www.davethomasfoundation.org/wp-content/uploads/2018/03/ |
9 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
CA-GetInvolved_Shop.jpg
www.davethomasfoundation.org/wp-content/uploads/2019/06/ |
12 KB 12 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
CA-GetInvolved_Give.jpg
www.davethomasfoundation.org/wp-content/uploads/2019/06/ |
22 KB 22 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
CA-GetInvolved_Event.jpg
www.davethomasfoundation.org/wp-content/uploads/2019/06/ |
40 KB 41 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
WWK-CA-Logo.jpg
www.davethomasfoundation.org/wp-content/uploads/2019/12/ |
21 KB 22 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
10096717.json
s.yimg.com/wi/config/ |
2 B 484 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dc_pre=CKCAwKGo9PkCFbsLewod7o8GfQ;src=9358335;type=sitev0;cat=dtfa-0;ord=3096497927151;gtm=2wg8t0;auiddc=490452421.1662060072;u6=%2Fcanada%2F;~oref=https%3A%2F%2Fwww.davethomasfoundation.org%2Fcana...
adservice.google.de/ddm/fls/i/ Frame F227 |
194 B 870 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.facebook.com/tr/ |
44 B 297 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sp.pl
sp.analytics.yahoo.com/ |
43 B 632 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
56358547
www.clarity.ms/tag/uet/ |
2 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
clarity.js
www.clarity.ms/eus-e/s/0.6.40/ |
54 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
c.gif
c.clarity.ms/ Redirect Chain
|
42 B 367 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
/
www.facebook.com/tr/ Frame 2031 |
0 18 B |
Document
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
l.clarity.ms/ |
0 184 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
body_wh.svg
cdn.userway.org/widgetapp/images/ |
931 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
spin_wh.svg
cdn.userway.org/widgetapp/images/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
l.clarity.ms/ |
0 48 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
239 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| gform function| $ function| jQuery function| luminateExtend function| external_links_in_new_windows_loop function| external_links_in_new_windows_load object| dataLayer function| fbq function| _fbq string| gaProperty string| disableStr function| gaOptout string| GoogleAnalyticsObject function| ga function| gtag string| _linkedin_data_partner_id function| sfsi_processfurther function| collapse_init function| swapTitle function| toggleState function| closeOtherGroups function| closeOtherRelMembers function| closeOtherTogMembers function| closeOtherMembers function| colomat_expandall function| colomat_collapseall object| Modernizr function| Manipulator object| sfsi_icon_ajax_object function| showErrorSuc function| beForeLoad function| sfsi_make_popBox function| sfsi_stick_widget function| sfsi_float_widget function| sfsi_shuffle function| Shuffle function| sfsi_setCookie function| sfsfi_getCookie function| sfsi_hideFooter number| global_error function| sfsihidemepopup object| initTop function| close_overlay function| sfsi_wechat_share function| sfsi_mobile_wechat_share function| sfsi_copy_text_parent_input function| sfsi_responsive_toggle function| sfsi_time_pop_up function| sfsi_social_pop_up function| sfsi_plugin_version function| sfsi_widget_set function| sfsi_pinterest_modal_images function| sfsi_pinterest_modal object| sfsi_functions_loaded function| SFSI object| ubermenu_data function| uber_supports function| uber_op function| uberMenu_openMega function| uberMenu_openFlyout function| uberMenu_close function| uberMenu_redrawSubmenus object| runtime object| regeneratorRuntime function| setImmediate function| clearImmediate object| wp function| sprintf function| vsprintf object| gform_i18n object| gf_legacy_multi object| gform_gravityforms object| gf_global object| gf_legacy object| gform_signature_delete_signature_strings object| lazyLoadOptions function| lazyLoadThumb function| lazyLoadYoutubeIframe function| _getURLParameter function| _log object| MR object| general_lb object| july2022_lb object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager object| dotq object| uetq function| onYouTubeIframeAPIReady function| lintrk boolean| _already_called_lintrk object| FB object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome function| a object| fontawesome-free-shims function| announceAJAXValidationErrors function| gformBindFormatPricingFields function| Currency function| gformCleanNumber function| gformGetDecimalSeparator function| gformIsNumber function| gformIsNumeric function| gformDeleteUploadedFile object| _gformPriceFields undefined| _anyProductSelected function| gformIsHidden function| gformCalculateTotalPrice function| gformUpdateTotalFieldPrice function| gformGetShippingPrice function| gformGetFieldId function| gformCalculateProductPrice function| gformGetProductQuantity function| gformIsProductSelected function| gformGetBasePrice function| gformFormatMoney function| gformFormatPricingField function| gformToNumber function| gformGetPriceDifference function| gformGetOptionLabel function| gformGetProductIds function| gformGetPrice function| gformRoundPrice function| gformRegisterPriceField function| gformInitPriceFields function| gformShowPasswordStrength function| gformPasswordStrength function| gformToggleShowPassword function| gformToggleCheckboxes function| gformToggleRadioOther function| gformAddListItem function| gformDeleteListItem function| gformAdjustClasses function| gformAdjustRowAttributes function| gformToggleIcons function| gformAddRepeaterItem function| gformDeleteRepeaterItem function| gformResetRepeaterAttributes function| gformToggleRepeaterButtons function| gformMatchCard function| gformFindCardType function| gformToggleCreditCard function| gformInitChosenFields function| gformInitCurrencyFormatFields function| GFMergeTag function| GFCalc undefined| __gf_keyup_timeout function| gformFormatNumber function| getMatchGroups function| gf_get_field_number_format function| gformValidateFileSize function| gformInitSpinner function| gformAddSpinner function| gformReInitTinymceInstance function| gf_raw_input_change function| gf_get_input_id_by_html_id function| gf_get_form_id_by_html_id function| gf_get_ids_by_html_id function| gf_input_change function| gformExtractFieldId function| gformExtractInputIndex function| rgars function| rgar function| HandleUnsavedChanges function| renderRecaptcha function| gformIsRecaptchaPending object| gfMultiFileUploader undefined| __gf_timeout_handle function| gf_apply_rules function| gf_check_field_rule function| gf_get_field_logic function| gf_apply_field_rule function| gf_get_field_action function| gf_is_match function| gf_is_match_checkable function| gf_is_checkable_empty function| gf_is_match_default function| gf_format_number function| gf_try_convert_float function| gf_matches_operation function| gf_get_value function| gf_do_field_action function| gf_do_next_button_action function| gf_do_action function| gf_reset_to_default function| gf_is_hidden_pricing_input object| UserWayWidgetApp function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| UET function| UET_init function| UET_push object| ueto_59f883b634 object| __buffer object| Placeholders function| __read function| __spreadArray function| __values function| __assign function| __rest object| messageStream object| _userway_config boolean| _userway function| deleteSignature string| com_binding object| submitSurveyCallback object| gf_form_conditional_logic string| gf_number_format function| do_callback boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_SITE_DATA_URL string| CE_USER_DATA_URL function| LazyLoad object| YAHOO object| images boolean| is_image object| iframes boolean| is_iframe object| rocket_lazy string| CE_USER_COMMON_SCRIPT_URL string| CE_USER_THIRDPARTY_SCRIPT_URL function| clarity object| UserWay28 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| dtfa2.convio.net/ | Name: JSESSIONID Value: 7069F21685844B2F675BFE1E88FA0E7F.app20048a |
|
| .davethomasfoundation.org/ | Name: _gid Value: GA1.2.274556730.1662060072 |
|
| .davethomasfoundation.org/ | Name: _gat Value: 1 |
|
| .davethomasfoundation.org/ | Name: _gcl_au Value: 1.1.490452421.1662060072 |
|
| .davethomasfoundation.org/ | Name: _ga_E2R73L4QHZ Value: GS1.1.1662060071.1.0.1662060071.0.0.0 |
|
| .davethomasfoundation.org/ | Name: _ga Value: GA1.2.1421154276.1662060072 |
|
| .davethomasfoundation.org/ | Name: _gat_gtag_UA_9040611_3 Value: 1 |
|
| .bing.com/ | Name: MUID Value: 0FCE7036F7C36B0E06016224F6A86A11 |
|
| .davethomasfoundation.org/ | Name: _uetsid Value: 3d636ac02a2b11edbf9a9f35623553d1 |
|
| .davethomasfoundation.org/ | Name: _uetvid Value: 3d634f402a2b11eda2772db3ee0100a3 |
|
| .doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
| .linkedin.com/ | Name: UserMatchHistory Value: AQLtKj1MRDck6wAAAYL6gAyLdfFE9rkvIlhAol9Ib2A_Pr-llwXs_NARaHdL_0rADrr84zX0MLh1dw |
|
| .linkedin.com/ | Name: AnalyticsSyncHistory Value: AQJm-wQryXk1hwAAAYL6gAyLKMOnrLfmx5ke8PkKEHmiOnGf4K5_UuYndBbDcdkItE1Su8cZ2QAYZ3dIRNJhng |
|
| .ads.linkedin.com/ | Name: lang Value: v=2&lang=en-us |
|
| .linkedin.com/ | Name: bcookie Value: "v=2&8fb8b9c6-790f-4ef3-8608-9db0df25d1e4" |
|
| .linkedin.com/ | Name: lidc Value: "b=TGST06:s=T:r=T:a=T:p=T:g=2502:u=1:x=1:i=1662060072:t=1662146472:v=2:sig=AQFLlu7kXC4a5mJwEueehWP8e6GFqBhe" |
|
| .davethomasfoundation.org/ | Name: _fbp Value: fb.1.1662060072301.722243137 |
|
| .linkedin.com/ | Name: lang Value: v=2&lang=de-de |
|
| .www.linkedin.com/ | Name: bscookie Value: "v=1&2022090119211280062c0a-f890-4284-8e74-7be92b4d96d3AQF66-BZri6iy3RIhG_t7VprAMct5RLv" |
|
| .linkedin.com/ | Name: li_gc Value: MTswOzE2NjIwNjAwNzI7MjswMjHkHD1tXD6U4+uN9/dtnx+WIuKc0Pdn/HJvZI3bSxUmtA== |
|
| .yahoo.com/ | Name: A3 Value: d=AQABBCgGEWMCEI25ntQf1lzxZx-UBirpSMcFEgEBAQFXEmMaYwAAAAAA_eMAAA&S=AQAAAubhXvT9_YIE11zHgvHVx3U |
|
| www.clarity.ms/ | Name: CLID Value: 19d9c184088442c1b4e3fbc9f65e3d69.20220901.20230901 |
|
| .davethomasfoundation.org/ | Name: _clck Value: 195tj8i|1|f4i|0 |
|
| .c.bing.com/ | Name: SRM_B Value: 0FCE7036F7C36B0E06016224F6A86A11 |
|
| .c.clarity.ms/ | Name: SM Value: C |
|
| .clarity.ms/ | Name: MUID Value: 0FCE7036F7C36B0E06016224F6A86A11 |
|
| .c.clarity.ms/ | Name: ANONCHK Value: 0 |
|
| .davethomasfoundation.org/ | Name: _clsk Value: 8t8te|1662060073360|1|1|l.clarity.ms/collect |
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
9358335.fls.doubleclick.net
adservice.google.com
adservice.google.de
api.userway.org
bat.bing.com
c.bing.com
c.clarity.ms
cdn.userway.org
connect.facebook.net
dtfa2.convio.net
fonts.googleapis.com
googleads.g.doubleclick.net
l.clarity.ms
px.ads.linkedin.com
px4.ads.linkedin.com
region1.google-analytics.com
s.yimg.com
script.crazyegg.com
secure3.convio.net
snap.licdn.com
sp.analytics.yahoo.com
stats.g.doubleclick.net
supportca.davethomasfoundation.org
www.clarity.ms
www.davethomasfoundation.org
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
13.107.42.14
138.197.240.14
142.250.185.162
172.217.16.198
20.120.65.166
20.234.93.27
2001:4860:4802:34::36
212.82.100.181
2606:4700::6813:9308
2620:1ec:21::14
2620:1ec:27::cafe:1959
2620:1ec:c11::200
2a00:1288:80:807::1
2a00:1450:4001:800::2008
2a00:1450:4001:803::2002
2a00:1450:4001:808::2003
2a00:1450:4001:80b::2002
2a00:1450:4001:811::2002
2a00:1450:4001:811::2004
2a00:1450:4001:812::200e
2a00:1450:400c:c0a::9d
2a00:1450:400e:811::200a
2a02:26f0:3500:16::215:14a0
2a02:6ea0:cb00::2
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f11c:8083:face:b00c:0:25de
54.187.202.233
74.123.153.108
74.123.154.146
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
02eeedec2acea6d50bbe19af108de7b1cbe451f5eec2f0e9b48e2e943d8502e0
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
05abb31db2198f420cbe8a6c1ad3ec4f8a62584407cd139702ef69cc2b66a8d5
083ffbd5edb4ad2c516638b3f27727452c983938ce2ad0d4f4bf838f0ecb689a
08b88efd853fcb4c9af0a8dfd9ca97a972d6470b1ff5dbb21afb4dfd712d5c4f
0a9740d7846f6d145537c695a485e92c2c31bd0c707d63c2f2ad06889b2f1f15
0c0176368e4a375c002a5589b4110673a18f069de043a5e745c3998e57414dfb
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0fc0a22e5e67c95d02c389a1454acc67df53e2f6a46af739f3eac7e352644751
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
166c7c3bb5f76f977a9f2a5490589b3466374eb2b3f064802e56f08bad71fbf0
1dc4b29dd0acbed77ec2fd81036c33efd4ab5989e8182705a30615a00a0117f7
1e767c8751e50a5583d063874ee5f28703bcccc248446ae1b0a8beb236a20415
240b702419d6c39ecc4896f0132ccfc9bc517e9aef0c782d99580e0c678b47d5
249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f
25800cfac70d7b2f594d5f3874d0cac93209a3d21efa3e9a3c14189244af74b1
27c3bf929f7e6021b1cc58298f368b0477f5abcb39b7993450bf7af0f8f77239
29c7ceffe2b367039ee6eb32a7334e2a9131654cdbdaf57a5431d909f69d1cab
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2ea7b6239f35a469544dd5ebf41fd87cd49e652a572f17e795d913404c7447bd
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
32c7beb1bf104eff87bc06dc0aefb64fd9ecdec23d7a4a763e7390865b73c59a
397f4a4ed8c4d3632675297b5ea9f6249eb1d1c564e10a5e541c0b0f4c68eeb5
3d1aa143071e7a7c055e6cc817b05f9f3732febf298008634da840bd3318f552
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4c5e10b3496ff844faf3e2d032e243d4a366a5cbc95ad7bef5dd924322e31b3a
53cd7db8ee22c00f7b6955b9b420b49e14733727b4f7e51566d92158acc8e935
5a12c4288760e55f2fd6a414b4625913833a0bac129c81d31f5a51ceab56ac52
5df2942db2352e49e00bcf3393b875a71d0acee986e48fbdcc5879846f5c3689
606e46b3271e903999a190dc0f340431b6ef89a12ec005d6c22acfefa2d62715
693c8b61667ac94847264924178702a190c5113b41b82085dad0641f89e3f864
69d4cfd023d016c27b6a8764d0814cebfdf745a5a01646906794d6b8c5d2cae1
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c6e26a1d0310afb5d2a3943537f02f3a3bf36b3d3add66308c34fd2ba26677c
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf
702c691d721f699d8c218e46f58ac2be07e6b663b1233493a3d9138aa1de67a2
74375438f8e4ec69913ef5b83e80beecb1786b6d63fbb6e173c453f656a1fa56
7584de55deb27d5530041c04dc2b8043fd03532c5a319df52752702fee157c18
76073ba66f13280cb9b5af2d5919d9124cfced02362005c16b84c0f8e0154f59
7c12f87ede42d258c3db4e8b7235c6da4f2ef6bc3e93d4ff542f5e7d75208a32
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8577be08e13d868781746fd18e27a2d95ee4658c33221ec7659ece82d4d31463
8d0bab1ed66a025c8f27a7e47ed60dd02c5362f70859faf71ef69579c6764f73
962e504a432dc854248150de57c243b9bd296cda3edc07446b471924ef4bf935
9678662f8e1a4bf27116cd9102a944183b8065b30188b9e0669c800592bdf13c
96b87d4265375454c4a4dfb9d4d2eaa71eea8a2b7f3569228788f5393233a4d5
986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134
9d20feedc0534681cd1285b532da876fc9b92885d1b8d4e7edf066ee013613f4
9d5b4bf5ccbbeab40cc9952defd1150dce9491b52e2bec3f5c02caa9e1c3c504
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1a7a6ff21b01d709caa24c58d6e81e640ce66d5b552fa2ef9eac8c5e537bfcc
a8ced04c94a5bed3d2c5546355634cd8e7d3033ff7939a2f1ce2a6297b9830ee
aacfca9e2765bc904464d3356e9a84ceacb76085a68fd125f95c4ece14aa3708
b1c3c0547d13712eb19bec64cf7ecefb10f3212f28b96fdb49108419c02b96b9
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a
bbffae0d03e6d48b808856596e595ab718c08bbc4476e7323bfcff4a6f833260
bcc8c7373be9980b6fbf97d001363825b297b9df6a6e6fe02007a8c9ab003e86
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c37567e97b88156268a5724c3c88ad44c31afab9fae1a37047b02d0033d7466f
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
cb1e0962f3bd2bc252207934903ee23b2956f92321f52633f69cfb49360654b8
cb47b561f47e3d106d419bdd7721a3a26a00c36e20ce6f1bfa3c6d13cdb8c76f
ccba45393ac1e87b579bb699e64b4d5278d16958c4a96c9f4f07a178844fbc70
d3ed914e01c8250ecbbd8100ec0130495f0dd9158266bdccb58a6918a35ffa2e
d5a23e2d21b41062c1b54fdcc6b35bf3d4c4dda1a5ceea6d36582331cec458e1
d62a7b7ec5313469ebff5c006b9068dc44d6d1c122cf787ffa29a10113b34060
d6934bbfcc78a548a0543cf8adecbe4925ef6cc090f73df48dbce6d0c30e0353
d6f587354e37acc80e46998df0b5bded7cf431e73c6d99594c42b06187e8b32e
d88ddfa0a16ff3c9e416bc082c34552e29dbca91ba4927bd9ca28a3a66d50c1d
da7ff92b53bfd5c36e2fc1ddcc7b3115c51d10066210598ae0836a3c9d4fdebb
de07924648d8c6f4c4b0ac5dc18c4049dda3b772816c70ee2e7e24eafea1be0d
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5fc28a845d8b8a279c9c867cb86cee52b6ddf9df67f91b0c6a15513848fdb29
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
f6200e00f9bcf9a324c8c1a046c6bc624ebcaf1379faf13e4d76ae56ea0d1a11
f62054be93b9f30643e209e390ae4299eb0501d1d89d9c8a3c6ee496ea9bd99c
fbf1e222e697d576111db4821dd581883fbe4c8b1a1dc56b20f9130a1f5359f3