trumpcard.trumphotels.com
Open in
urlscan Pro
104.18.19.20
Public Scan
Effective URL: https://trumpcard.trumphotels.com/trump-card/join
Submission: On September 14 via api from US — Scanned from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 9th 2021. Valid for: a year.
This is the only time trumpcard.trumphotels.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN41412 (MIVITEC-AS, DE)
PTR: server47185.mivitec.net
trump.serenata-nethotel.com |
ASN15169 (GOOGLE, US)
PTR: lhr25s33-in-f4.1e100.net
www.google.com |
ASN15169 (GOOGLE, US)
PTR: lhr48s27-in-f10.1e100.net
maps.googleapis.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-32-23-93.fra56.r.cloudfront.net
d1gd5ngg4o7o11.cloudfront.net |
ASN15169 (GOOGLE, US)
PTR: lhr48s08-in-f3.1e100.net
www.gstatic.com |
ASN15169 (GOOGLE, US)
PTR: lhr25s34-in-f8.1e100.net
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
PTR: lhr25s26-in-f3.1e100.net
fonts.gstatic.com |
ASN15169 (GOOGLE, US)
PTR: lhr48s27-in-f8.1e100.net
ssl.google-analytics.com |
ASN15169 (GOOGLE, US)
PTR: ams16s22-in-f14.1e100.net
www.google-analytics.com |
ASN15169 (GOOGLE, US)
PTR: lhr48s08-in-f6.1e100.net
2833303.fls.doubleclick.net |
ASN15169 (GOOGLE, US)
PTR: lhr25s34-in-f2.1e100.net
www.googleadservices.com | |
adservice.google.com |
ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-otp1.fbcdn.net
connect.facebook.net |
ASN15169 (GOOGLE, US)
PTR: lhr25s31-in-f2.1e100.net
googleads.g.doubleclick.net |
ASN15169 (GOOGLE, US)
PTR: wd-in-f157.1e100.net
bid.g.doubleclick.net |
ASN15169 (GOOGLE, US)
PTR: wk-in-f157.1e100.net
stats.g.doubleclick.net |
ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-otp1.facebook.com
www.facebook.com |
Domain | Requested by | |
---|---|---|
12 | trumpcard.trumphotels.com |
trumpcard.trumphotels.com
static.cloudflareinsights.com |
9 | www.gstatic.com |
www.google.com
www.gstatic.com |
9 | www.google.com |
trumpcard.trumphotels.com
www.gstatic.com www.google.com |
5 | fonts.gstatic.com |
www.google.com
|
4 | maps.googleapis.com |
trumpcard.trumphotels.com
maps.googleapis.com |
3 | bat.bing.com |
www.googletagmanager.com
bat.bing.com |
3 | 2833303.fls.doubleclick.net |
1 redirects
www.googletagmanager.com
|
2 | www.facebook.com | |
2 | googleads.g.doubleclick.net |
www.googleadservices.com
|
2 | connect.facebook.net |
trumpcard.trumphotels.com
connect.facebook.net |
2 | www.google-analytics.com |
www.googletagmanager.com
|
2 | ssl.google-analytics.com |
www.googletagmanager.com
|
2 | cdn.cookielaw.org |
www.googletagmanager.com
cdn.cookielaw.org |
1 | adservice.google.com |
2833303.fls.doubleclick.net
|
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | bid.g.doubleclick.net |
www.googleadservices.com
|
1 | csxd.synxis.com |
t.contentsquare.net
|
1 | t.contentsquare.net |
trumpcard.trumphotels.com
|
1 | www.googleadservices.com |
www.googletagmanager.com
|
1 | www.googletagmanager.com |
trumpcard.trumphotels.com
|
1 | d1gd5ngg4o7o11.cloudfront.net |
trumpcard.trumphotels.com
|
1 | static.cloudflareinsights.com |
trumpcard.trumphotels.com
|
1 | polyfill.io |
trumpcard.trumphotels.com
|
1 | trump.serenata-nethotel.com | 1 redirects |
68 | 24 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.trumphotels.com |
onetrust.com |
trumphotels.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
trumphotels.com Cloudflare Inc ECC CA-3 |
2021-06-09 - 2022-06-08 |
a year | crt.sh |
www.google.com GTS CA 1C3 |
2021-08-23 - 2021-11-15 |
3 months | crt.sh |
polyfill.io GlobalSign Atlas R3 DV TLS CA 2020 |
2021-06-04 - 2022-07-06 |
a year | crt.sh |
upload.video.google.com GTS CA 1O1 |
2021-08-23 - 2021-11-15 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-06-11 - 2022-06-10 |
a year | crt.sh |
*.cloudfront.net Amazon |
2021-03-19 - 2022-03-17 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2021-08-23 - 2021-11-15 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2021-08-23 - 2021-11-15 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2021-08-23 - 2021-11-15 |
3 months | crt.sh |
cookielaw.org Cloudflare Inc ECC CA-3 |
2021-06-01 - 2022-05-31 |
a year | crt.sh |
*.doubleclick.net GTS CA 1C3 |
2021-08-23 - 2021-11-15 |
3 months | crt.sh |
www.bing.com Microsoft RSA TLS CA 02 |
2021-07-06 - 2022-01-06 |
6 months | crt.sh |
www.googleadservices.com GTS CA 1C3 |
2021-08-23 - 2021-11-15 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2021-07-20 - 2021-10-18 |
3 months | crt.sh |
t.contentsquare.net Amazon |
2020-12-13 - 2022-01-11 |
a year | crt.sh |
csxd-01.contentsquare.net Amazon |
2021-09-01 - 2022-09-30 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2021-08-23 - 2021-11-15 |
3 months | crt.sh |
This page contains 8 frames:
Primary Page:
https://trumpcard.trumphotels.com/trump-card/join
Frame ID: A38C5D4E38E31A6E88DC04534BF3B0B4
Requests: 45 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldv9H0UAAAAAO-uMHsS4fX0NtDjnlBdbJSja-kF&co=aHR0cHM6Ly90cnVtcGNhcmQudHJ1bXBob3RlbHMuY29tOjQ0Mw..&hl=de&v=wxAi4AKLXL2kBAvXqI4XLSWS&size=invisible&cb=z4i7cshzn3s9
Frame ID: BF75C6EB4B4180FCC94920A5A18B3021
Requests: 1 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldv9H0UAAAAAO-uMHsS4fX0NtDjnlBdbJSja-kF&co=aHR0cHM6Ly90cnVtcGNhcmQudHJ1bXBob3RlbHMuY29tOjQ0Mw..&hl=de&v=wxAi4AKLXL2kBAvXqI4XLSWS&size=invisible&cb=8hgv22sucbz1
Frame ID: 01134C243E602762DB0E4069CA85E236
Requests: 7 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/bframe?hl=de&v=wxAi4AKLXL2kBAvXqI4XLSWS&k=6Ldv9H0UAAAAAO-uMHsS4fX0NtDjnlBdbJSja-kF&cb=1xvfu1ug1g15
Frame ID: AE57E0156876876F2E75D3BA9BDA69A2
Requests: 11 HTTP requests in this frame
Frame:
https://2833303.fls.doubleclick.net/activityi;dc_pre=CLWTg8_z_vICFUlz0wod_rwIDA;src=2833303;type=inqui0;cat=undefined;ord=4369345726994;gtm=2wg9d0;auiddc=71913594.1631637571;ps=1;~oref=https%3A%2F%2Ftrumpcard.trumphotels.com%2Ftrump-card%2Fjoin
Frame ID: 5C5AC336AA4419AF652B0FAAF819F6B6
Requests: 2 HTTP requests in this frame
Frame:
https://csxd.synxis.com/xdframe-1.0.0.html
Frame ID: B77222EF249B0EE2C0F9CDF6715F98AD
Requests: 1 HTTP requests in this frame
Frame:
https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Frame ID: D671D96A7D0EA2DDFEBF5149EE9A9B3C
Requests: 1 HTTP requests in this frame
Frame:
https://www.facebook.com/tr/
Frame ID: 501B667D5F92807121E70CC9A2C3A91B
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Hotel Membership & Rewards Programs | Trump Card – Join NowPage URL History Show full URLs
-
https://trump.serenata-nethotel.com/campaignsvc/getlink.aspx?ser-cpgid=a8268601-02bd-41ed-ac82-9c71ffcc768c&ser-...
HTTP 302
https://trumpcard.trumphotels.com/trump-card/join Page URL
Detected technologies
Google Maps (Maps) ExpandDetected patterns
- //maps\.google(?:apis)?\.com/maps/api/js
Cloudflare Browser Insights (Analytics) Expand
Detected patterns
- static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Facebook (Widgets) Expand
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtm\.js
OneTrust (Cookie compliance) Expand
Detected patterns
- cdn\.cookielaw\.org
Polyfill (JavaScript Libraries) Expand
Detected patterns
- /polyfill\.min\.js
reCAPTCHA (Captchas) Expand
Detected patterns
- /recaptcha/api\.js
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
Title: Privacy & Cookie Policy
Search URL Search Domain Scan URL
Title: Terms of Service
Search URL Search Domain Scan URL
Title: Privacy & Cookie Policy
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: trumphotels.com
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://trump.serenata-nethotel.com/campaignsvc/getlink.aspx?ser-cpgid=a8268601-02bd-41ed-ac82-9c71ffcc768c&ser-linkid=be4dae9b-2be7-4bb2-9d9b-d67ceb229b61
HTTP 302
https://trumpcard.trumphotels.com/trump-card/join Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 33- https://2833303.fls.doubleclick.net/activityi;src=2833303;type=inqui0;cat=undefined;ord=4369345726994;gtm=2wg9d0;auiddc=71913594.1631637571;ps=1;~oref=https%3A%2F%2Ftrumpcard.trumphotels.com%2Ftrump-card%2Fjoin HTTP 302
- https://2833303.fls.doubleclick.net/activityi;dc_pre=CLWTg8_z_vICFUlz0wod_rwIDA;src=2833303;type=inqui0;cat=undefined;ord=4369345726994;gtm=2wg9d0;auiddc=71913594.1631637571;ps=1;~oref=https%3A%2F%2Ftrumpcard.trumphotels.com%2Ftrump-card%2Fjoin
68 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
join
trumpcard.trumphotels.com/trump-card/ Redirect Chain
|
75 KB 17 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
digitalData.min.js
trumpcard.trumphotels.com/skins/master/assets/tracking/ |
2 KB 933 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.svg
trumpcard.trumphotels.com/skins/trump-hotels-resorts-card/assets/loyalty/images/ |
10 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo-black.svg
trumpcard.trumphotels.com/skins/trump-hotels-resorts-card/assets/loyalty/images/ |
10 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
www.google.com/recaptcha/ |
907 B 1009 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
styles.min.css
trumpcard.trumphotels.com/skins/trump-hotels-resorts-card/1628008166/assets/loyalty/styles/ |
50 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
polyfill.min.js
polyfill.io/v3/ |
101 B 586 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
scripts.min.js
trumpcard.trumphotels.com/skins/trump-hotels-resorts-card/1628008166/assets/loyalty/scripts/ |
1 MB 403 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
maps.googleapis.com/maps/api/ |
146 KB 48 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
beacon.min.js
static.cloudflareinsights.com/ |
13 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
284a58ca02d3ef406dee6ddb1f8d6458.jpg
d1gd5ngg4o7o11.cloudfront.net/trumphotels.com-1511479685/cms/cache/v2/5c112fbe10fc0.jpg/1800x1200/fit/80/ |
284 KB 284 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Gotham-Book.woff2
trumpcard.trumphotels.com/skins/trump-hotels-resorts-card/assets/loyalty/fonts/ |
31 KB 32 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
GothamHTF-Medium.woff2
trumpcard.trumphotels.com/skins/trump-hotels-resorts-card/assets/loyalty/fonts/ |
11 KB 12 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
GothamHTF-Light.woff2
trumpcard.trumphotels.com/skins/trump-hotels-resorts-card/assets/loyalty/fonts/ |
11 KB 12 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
GothamHTF-Book.woff2
trumpcard.trumphotels.com/skins/trump-hotels-resorts-card/assets/loyalty/fonts/ |
11 KB 12 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__de.js
www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/ |
343 KB 135 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
357 KB 88 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
anchor
www.google.com/recaptcha/api2/ Frame BF75 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
anchor
www.google.com/recaptcha/api2/ Frame 0113 |
40 KB 20 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
styles__ltr.css
www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/ Frame 0113 |
52 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
recaptcha__de.js
www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/ Frame 0113 |
343 KB 134 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4b347266-7934-497b-96cd-b9ab817622af.js
cdn.cookielaw.org/consent/ |
92 KB 17 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 0113 |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0113 |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0113 |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
webworker.js
www.google.com/recaptcha/api2/ Frame 0113 |
102 B 132 B |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
optanon.css
cdn.cookielaw.org/skins/5.9.0/default_flat_bottom_two_button_black/v2/css/ |
23 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bframe
www.google.com/recaptcha/api2/ Frame AE57 |
7 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
styles__ltr.css
www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/ Frame AE57 |
52 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
recaptcha__de.js
www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/ Frame AE57 |
343 KB 134 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cookie-icon.png
trumpcard.trumphotels.com/images/ |
361 B 361 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga.js
ssl.google-analytics.com/ |
45 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
48 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
activityi;dc_pre=CLWTg8_z_vICFUlz0wod_rwIDA;src=2833303;type=inqui0;cat=undefined;ord=4369345726994;gtm=2wg9d0;auiddc=71913594.1631637571;ps=1;~oref=https%3A%2F%2Ftrumpcard.trumphotels.com%2Ftrump-...
2833303.fls.doubleclick.net/ Frame 5C5A Redirect Chain
|
426 B 370 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bat.js
bat.bing.com/ |
30 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
36 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
99 KB 26 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
96a5eae656a1e.js
t.contentsquare.net/uxa/ |
296 KB 62 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
activityi;register_conversion=1;src=2833303;type=inqui0;cat=undefined;ord=4369345726994;gtm=2wg9d0;auiddc=71913594.1631637571;ps=1;~oref=https%3A%2F%2Ftrumpcard.trumphotels.com%2Ftrump-card%2Fjoin
2833303.fls.doubleclick.net/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
rum
trumpcard.trumphotels.com/cdn-cgi/ |
0 173 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
reload
www.google.com/recaptcha/api2/ Frame AE57 |
35 KB 21 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
__utm.gif
ssl.google-analytics.com/r/ |
35 B 54 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5013636.js
bat.bing.com/p/action/ |
0 111 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0
bat.bing.com/action/ |
0 151 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame AE57 |
600 B 622 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame AE57 |
530 B 552 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
info_2x.png
www.gstatic.com/recaptcha/api2/ Frame AE57 |
665 B 687 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame AE57 |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame AE57 |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame AE57 |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
payload
www.google.com/recaptcha/api2/ Frame AE57 |
30 KB 30 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
xdframe-1.0.0.html
csxd.synxis.com/ Frame B772 |
311 B 655 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
8caa3eda-6b8f-4c31-90f2-bec1e08e2d57
https://trumpcard.trumphotels.com/ |
6 KB 0 |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1007260908/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel
bid.g.doubleclick.net/xbbe/ Frame D671 |
0 704 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/787485211/ |
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
2 B 439 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
collect
www.google-analytics.com/ |
35 B 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
1571288923183304
connect.facebook.net/signals/config/ |
306 KB 87 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dc_pre=CLWTg8_z_vICFUlz0wod_rwIDA;src=2833303;type=inqui0;cat=undefined;ord=4369345726994;gtm=2wg9d0;auiddc=*;ps=1;~oref=https%3A%2F%2Ftrumpcard.trumphotels.com%2Ftrump-card%2Fjoin
adservice.google.com/ddm/fls/z/ Frame 5C5A |
42 B 515 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ga-audiences
www.google.com/ads/ |
42 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.google.com/pagead/1p-user-list/787485211/ |
42 B 64 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.google.com/pagead/1p-user-list/1007260908/ |
42 B 64 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 313 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
/
www.facebook.com/tr/ Frame 501B |
0 18 B |
Document
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
common.js
maps.googleapis.com/maps-api-v3/api/js/46/4/intl/de_ALL/ |
86 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
util.js
maps.googleapis.com/maps-api-v3/api/js/46/4/intl/de_ALL/ |
288 KB 88 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
AuthenticationService.Authenticate
maps.googleapis.com/maps/api/js/ |
62 B 84 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.google.com
- URL
- https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldv9H0UAAAAAO-uMHsS4fX0NtDjnlBdbJSja-kF&co=aHR0cHM6Ly90cnVtcGNhcmQudHJ1bXBob3RlbHMuY29tOjQ0Mw..&hl=de&v=wxAi4AKLXL2kBAvXqI4XLSWS&size=invisible&cb=z4i7cshzn3s9
Verdicts & Comments Add Verdict or Comment
133 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| onbeforexrselect boolean| originAgentCluster string| templateURL object| siteSettings object| currentPropertyId object| bookingEngineVars object| digitalData object| s string| s_account string| s_sites object| __pageCategory object| __clientInfo object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client boolean| verified function| getBtn function| onSubmit function| onloadCallback function| atLeastOneNUmber function| lowercase function| uppercase function| min8char function| validZipCode function| dobMonth function| dobYear function| leadingZero function| ordinal_suffix_of function| selectStates function| countryHasRegions function| populateYear function| populateMonth function| showReward function| initAutocomplete function| fillInAddress object| odometerOptions object| windowObject object| documentObject object| rootObject object| header object| mainNav object| booking object| photos object| mobileNavigation object| mobileNavigationParent object| mobileNavigationTrigger object| events object| tier object| swipers object| tierPopup object| slideshows boolean| keyboardNavigation object| isMobileDevice object| isAndroidOrIphone boolean| slideshowsStopped function| processCheckinCheckoutInputs function| processCategorySelectors function| processSelects function| disableKeyboardNavigation function| restoreKeyboardNavigation object| contentReadMore object| scrollingWrapper undefined| lastY function| $ function| jQuery object| whatInput function| Odometer function| Swiper function| Galleria object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome object| dataLayer object| __cfBeacon object| closure_lm_784230 object| google object| module$exports$mapsapi$util$event object| module$contents$mapsapi$overlay$overlayView_OverlayView object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data function| onYouTubeIframeAPIReady undefined| a object| c function| jsonFeed object| OneTrust object| Optanon string| OnetrustActiveGroups string| OptanonActiveGroups function| OptanonWrapper string| pairNum object| _gaq string| GoogleAnalyticsObject function| ga object| uetq function| fbq function| _fbq object| _uxa object| _gat object| gaGlobal function| UET function| UET_init function| UET_push object| CS_CONF function| csDate object| csJSON function| csArray function| csString function| csURL function| csMutationObserver function| csNodechildNodes function| csNodehasChildNodes function| csNodeparentNode function| csNodenextSibling function| csElementshadowRoot function| csEventtarget object| CSPureWindow object| CSPathComputation object| UXAnalytics function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| gaplugins object| gaData21 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.google.com/recaptcha | Name: _GRECAPTCHA Value: 09ACyyrCSatfJbBnXNeeFcjan7bWB7QKX86OUugfJEnBQIfSEMCOQ3qe297P-cz6HTlnm0Guft5UKp2719YKvIOIk |
|
trump.serenata-nethotel.com/ | Name: ASP.NET_SessionId Value: obiyzjntisnkyr02f3gvysgx |
|
trumpcard.trumphotels.com/ | Name: HeBSCMSPremium60 Value: tl9vb161cjentcmt736pom7233 |
|
.trumphotels.com/ | Name: __cfruid Value: 5edc78272bcd90828acb872b8a4366b59d535b28-1631637569 |
|
.trumphotels.com/ | Name: _gcl_au Value: 1.1.71913594.1631637571 |
|
.trumpcard.trumphotels.com/ | Name: OptanonConsent Value: isIABGlobal=false&datestamp=Tue+Sep+14+2021+16%3A39%3A31+GMT%2B0000+(GMT)&version=5.9.0&landingPath=https%3A%2F%2Ftrumpcard.trumphotels.com%2Ftrump-card%2Fjoin&groups=1%3A1%2C2%3A1%2C3%3A1%2C4%3A1%2C0_105469%3A1%2C0_105467%3A1%2C0_105465%3A1%2C0_105470%3A1%2C0_105468%3A1%2C0_105466%3A1%2C101%3A1%2C102%3A1%2C103%3A1%2C104%3A1%2C105%3A1%2C106%3A1%2C107%3A1%2C108%3A1%2C109%3A1%2C110%3A1%2C111%3A1%2C112%3A1%2C113%3A1%2C114%3A1%2C115%3A1%2C116%3A1%2C117%3A1%2C118%3A1%2C119%3A1%2C120%3A1%2C121%3A1%2C122%3A1%2C123%3A1%2C124%3A1%2C125%3A1%2C126%3A1%2C127%3A1%2C128%3A1%2C129%3A1%2C130%3A1%2C131%3A1%2C132%3A1%2C133%3A1%2C134%3A1 |
|
.trumpcard.trumphotels.com/ | Name: __utma Value: 139886838.725731618.1631637572.1631637572.1631637572.1 |
|
.trumpcard.trumphotels.com/ | Name: __utmc Value: 139886838 |
|
.trumpcard.trumphotels.com/ | Name: __utmz Value: 139886838.1631637572.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none) |
|
.trumpcard.trumphotels.com/ | Name: __utmt Value: 1 |
|
.trumpcard.trumphotels.com/ | Name: __utmb Value: 139886838.1.10.1631637572 |
|
.bing.com/ | Name: MUID Value: 1FF6A03F775C682B27E4B08D761E6981 |
|
.trumphotels.com/ | Name: _uetsid Value: 5637aca0157a11ec80a975820b1ee6d5 |
|
.trumphotels.com/ | Name: _uetvid Value: 5637d4f0157a11ec8d5bcb15fcf7b81e |
|
.trumpcard.trumphotels.com/ | Name: _ga Value: GA1.3.725731618.1631637572 |
|
.trumpcard.trumphotels.com/ | Name: _gid Value: GA1.3.1406144794.1631637572 |
|
.trumpcard.trumphotels.com/ | Name: _dc_gtm_UA-28910272-1 Value: 1 |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUmBKaG9WnunenQtv-4Te_Z2QAKLjRSGYIN9OjezBrNSAoZGxd96ceopJIRV |
|
.trumphotels.com/ | Name: _cs_ex Value: 1617822895 |
|
.trumphotels.com/ | Name: _cs_c Value: 1 |
|
.trumphotels.com/ | Name: _fbp Value: fb.1.1631637572278.308596071 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | upgrade-insecure-requests |
Strict-Transport-Security | max-age=63072000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
2833303.fls.doubleclick.net
adservice.google.com
bat.bing.com
bid.g.doubleclick.net
cdn.cookielaw.org
connect.facebook.net
csxd.synxis.com
d1gd5ngg4o7o11.cloudfront.net
fonts.gstatic.com
googleads.g.doubleclick.net
maps.googleapis.com
polyfill.io
ssl.google-analytics.com
static.cloudflareinsights.com
stats.g.doubleclick.net
t.contentsquare.net
trump.serenata-nethotel.com
trumpcard.trumphotels.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.google.com
104.16.148.64
104.16.95.65
104.18.19.20
13.107.21.200
13.32.23.93
142.250.178.10
142.250.178.8
142.250.179.226
142.250.187.196
142.250.187.226
142.250.187.232
151.101.1.26
172.217.169.3
172.217.169.35
172.217.169.38
172.253.120.157
185.60.218.24
185.60.218.35
216.58.212.238
65.9.71.103
65.9.71.45
74.125.206.157
91.90.158.185
01c5f3d7746282875c8967061c478f1170c9fceb13eb94ccf785f8d0f48cd7a3
031a0368beab51d73df97a25a863419fb53e216238351a0340ca882037f70e81
0341c3af156a77bb38505ad7e31d748795d4177b15f58d79bff63b2f5e76cae9
03a22bc0dfcaf1965802408a7a588c36b5b7e7f7a574473d44f3954583cdcc4d
07c219228b50fbfef302ce5ce7a3bdcdb8e64034f2e55aba771819bf98faf468
0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
12ae01d498fd998263b555e99880c6838ef6acca33fcd2e1cb12367a99e928f4
134376d0d2e8e3b8333cf504dd9cab6d72bf56387d0230e5ba0d29898961f029
1576970a3c17962ea9c82cd7970bd08795cc557688d6762f2cbffd1c97e7040e
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2aeac6421f0594377c8962d61f42fb3cd75fc46f0c9a46f276ac1d86c7b66884
2f835555bc70aa00ccd0756fb371cf3fbc33d80a873def9acdeb863df8bb5104
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
371b79c7df2dad780cbdcdff87d111f93cb48f41d4d7bb34f4906845ac9fb585
3a93efdd6e3fc06eda81580b11218166e4019ba6796bd7f3821925af90d43ce2
3d37b170affddaaa2a6489a82bab8df4e72c56a65b069991ea9084643d477d58
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e48e8dada6c1e8a5fb31c28a198f2931138504a6a292ee8635fadeff84f595c
447fd670d1fb0c3ad5440066d45170ba09c5b73ad27e9afed0b1c9283b01195f
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
521ef254d07faccd016adcdfe67e71e7468780929a5f3f922cef4bd19c68335b
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
577323fdccabcfd5d8e111c825b185b02a52e5813f98124eaf24f8420c78b427
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5be3b1363c9f010c54bd50f70a1c0d0efe05ebe769c91c8b38b5d798b0009a6e
5c1282fb121104f5a505ecbfd7194e64c98db6b830684450dcfc478021d05257
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
70141a2cb05f27c0422d349a2e6a538261ccab6dca01dac957cd5cf702178438
7183981b50e249b21e12cf7a1194dec444ce703b7452ed2949621fb1e1efc2fc
73d039528c2cdfbd9e836c5f23c999f801caf8746cd8c5789bfec09c697b9c40
8227a862b924b10dd6f1937cc73288d73111599d2968728fc762baf159cc3e78
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
866897cc032a0811738e6109ba21db466748d3dc256733770deff6865136fce4
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
89d30d476ee21b7246ce11789df05ba16a1790138e7fc08e92f981d62e0c884a
9b05f0a176dc31740d778ae036b73cf86a64dc2e68e467171250183dfce81278
a7f99ab09b15008cdb7bc2b2b680b24cf4e95219b83c9355d76da7e879480543
a972809ba4a3674bbee54d608f32ebfa42e6149f336ac40134f285b7c28c308b
ae5a8fca293591b8a174507de5772ccdb2b80885521bd83bd41c5cf446983f7d
c24f3fbba81d362e13c8c5557dd5a05163bb47898a83471c6a778bc426395a0a
c8ca8ed0f32f7a269e112b200f20e4fa74138a3e8c15318d54f930c86bc96625
c910528ea672f0abce6a4356e7a66fee63ce1430e520d2f157ea987b758a06a1
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
cd6f49bec93b11101a6f332f021fa33245b8d6c80fc25b96a4f8e0118d592ec1
d5b2ae7227faa65d6a5730b0eee3d65131ffb92c57b8fcd9e99ef9427092a69e
d81f74a964d2966f3965ac11a778944b649ea834fde48dfc5bfe081faef2f873
dd1b5e04d54c4420fe3e8e6abe2875fc7f13a3cd6384b6c2afc1a35e302dd846
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e96f565269c2eaf3cb9650b1b86856817c0b018e302ccccce1592fdcfc69b0e1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62