shop.nwtf.org
Open in
urlscan Pro
208.67.80.166
Public Scan
Submitted URL: http://send.nwtf.net/link.cfm?r=LTU0cnmyemTV6haTtwNgJQ~~&pe=1MplCBmmBRQ45UKcOtYMLcoPjHoEvCpnJCQkodFKaI7gsp2Ixy0eTXR7_...
Effective URL: https://shop.nwtf.org/
Submission: On July 01 via manual from US — Scanned from US
Effective URL: https://shop.nwtf.org/
Submission: On July 01 via manual from US — Scanned from US
Summary
This website contacted 26 IPs
in 1 countries
across 26 domains to perform 89 HTTP transactions.
The main IP is 208.67.80.166, located in
United States and
belongs to RMM-SOLUTIONS-AS, US.
The main domain is shop.nwtf.org.
TLS certificate: Issued by SSL.com RSA SSL subCA on October 15th 2021. Valid for: a year.
This is the only time shop.nwtf.org was scanned on urlscan.io!
TLS certificate: Issued by SSL.com RSA SSL subCA on October 15th 2021. Valid for: a year.
This is the only time shop.nwtf.org was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
1
205.201.46.12
(United States)
ASN14618 (AMAZON-AES, US)
PTR: mail.46.12.mmsend.com
ASN14618 (AMAZON-AES, US)
PTR: mail.46.12.mmsend.com
| tracking.magnetmail.net |
4
143.204.146.58
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-143-204-146-58.ewr52.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-143-204-146-58.ewr52.r.cloudfront.net
| hello.zonos.com |
2
2606:4700::6811:915b
(United States)
ASN13335 (CLOUDFLARENET, US)
ASN13335 (CLOUDFLARENET, US)
| diffuser-cdn.app-us1.com | |
| prism.app-us1.com |
1
23.20.221.206
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-23-20-221-206.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-23-20-221-206.compute-1.amazonaws.com
| ptg-nwtf.img-us3.com |
1
52.216.85.227
(Ashburn, United States)
ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
| ac-image.s3.amazonaws.com |
1
99.84.47.13
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-99-84-47-13.ewr52.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-99-84-47-13.ewr52.r.cloudfront.net
| d226aj4ao1t61q.cloudfront.net |
1
99.84.126.77
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-99-84-126-77.ewr52.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-99-84-126-77.ewr52.r.cloudfront.net
| wp-ui.app-us1.com |
1
54.85.64.183
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-64-183.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-64-183.compute-1.amazonaws.com
| personalization-wp-service.cluster.app-us1.com |
9
34.206.225.93
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-225-93.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-225-93.compute-1.amazonaws.com
| d.adroll.com |
2
35.211.178.172
(North Charleston, United States)
ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
| x.bidswitch.net |
2
68.67.179.155
(Secaucus, United States)
ASN29990 (ASN-APPNEX, US)
PTR: 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ASN29990 (ASN-APPNEX, US)
PTR: 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
| ib.adnxs.com |
2
35.190.60.146
(Kansas City, United States)
ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
| idsync.rlcdn.com |
2
107.178.254.65
(Kansas City, United States)
ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
| pippio.com |
3
142.250.81.226
(United States)
ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f2.1e100.net
ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f2.1e100.net
| cm.g.doubleclick.net |
1
100.24.249.189
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-100-24-249-189.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-100-24-249-189.compute-1.amazonaws.com
| usermatch.krxd.net |
1
52.44.76.68
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-76-68.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-76-68.compute-1.amazonaws.com
| beacon.krxd.net |
2
34.98.64.218
(Kansas City, United States)
ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
| us-u.openx.net |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 49 |
nwtf.org
shop.nwtf.org |
2 MB |
| 16 |
adroll.com
9 redirects
s.adroll.com — Cisco Umbrella Rank: 2305 d.adroll.com — Cisco Umbrella Rank: 1568 |
29 KB |
| 6 |
typekit.net
use.typekit.net — Cisco Umbrella Rank: 595 p.typekit.net — Cisco Umbrella Rank: 706 |
184 KB |
| 4 |
app-us1.com
diffuser-cdn.app-us1.com — Cisco Umbrella Rank: 8160 prism.app-us1.com — Cisco Umbrella Rank: 8216 wp-ui.app-us1.com — Cisco Umbrella Rank: 74637 personalization-wp-service.cluster.app-us1.com — Cisco Umbrella Rank: 63938 |
14 KB |
| 4 |
doubleclick.net
4 redirects
stats.g.doubleclick.net — Cisco Umbrella Rank: 119 cm.g.doubleclick.net — Cisco Umbrella Rank: 205 |
1 KB |
| 4 |
zonos.com
hello.zonos.com — Cisco Umbrella Rank: 21611 |
50 KB |
| 3 |
acsbapp.com
acsbapp.com — Cisco Umbrella Rank: 4507 cdn.acsbapp.com — Cisco Umbrella Rank: 4869 |
164 KB |
| 2 |
openx.net
1 redirects
us-u.openx.net — Cisco Umbrella Rank: 387 |
408 B |
| 2 |
krxd.net
1 redirects
usermatch.krxd.net — Cisco Umbrella Rank: 1270 beacon.krxd.net — Cisco Umbrella Rank: 457 |
506 B |
| 2 |
pippio.com
2 redirects
pippio.com — Cisco Umbrella Rank: 809 |
717 B |
| 2 |
rlcdn.com
2 redirects
idsync.rlcdn.com — Cisco Umbrella Rank: 321 |
504 B |
| 2 |
adnxs.com
1 redirects
ib.adnxs.com — Cisco Umbrella Rank: 244 |
2 KB |
| 2 |
bidswitch.net
1 redirects
x.bidswitch.net — Cisco Umbrella Rank: 290 |
1 KB |
| 2 |
gstatic.com
fonts.gstatic.com |
29 KB |
| 2 |
google-analytics.com
1 redirects
ssl.google-analytics.com — Cisco Umbrella Rank: 390 |
17 KB |
| 2 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 71 |
2 KB |
| 1 |
yahoo.com
ads.yahoo.com — Cisco Umbrella Rank: 1058 |
194 B |
| 1 |
trackcmp.net
trackcmp.net — Cisco Umbrella Rank: 7883 |
362 B |
| 1 |
cloudfront.net
d226aj4ao1t61q.cloudfront.net |
741 B |
| 1 |
amazonaws.com
ac-image.s3.amazonaws.com — Cisco Umbrella Rank: 94784 |
6 KB |
| 1 |
img-us3.com
1 redirects
ptg-nwtf.img-us3.com |
226 B |
| 1 |
google.com
www.google.com — Cisco Umbrella Rank: 8 |
501 B |
| 1 |
myfonts.net
hello.myfonts.net — Cisco Umbrella Rank: 6043 |
353 B |
| 1 |
activehosted.com
ptg-nwtf.activehosted.com |
7 KB |
| 1 |
magnetmail.net
1 redirects
tracking.magnetmail.net — Cisco Umbrella Rank: 33988 |
756 B |
| 1 |
nwtf.net
1 redirects
send.nwtf.net |
925 B |
| 89 | 26 |
| Domain | Requested by | |
|---|---|---|
| 49 | shop.nwtf.org |
shop.nwtf.org
|
| 9 | d.adroll.com |
7 redirects
s.adroll.com
|
| 7 | s.adroll.com |
2 redirects
shop.nwtf.org
s.adroll.com |
| 5 | use.typekit.net |
shop.nwtf.org
use.typekit.net |
| 4 | hello.zonos.com |
shop.nwtf.org
hello.zonos.com |
| 3 | cm.g.doubleclick.net | 3 redirects |
| 2 | us-u.openx.net | 1 redirects |
| 2 | pippio.com | 2 redirects |
| 2 | idsync.rlcdn.com | 2 redirects |
| 2 | ib.adnxs.com | 1 redirects |
| 2 | x.bidswitch.net | 1 redirects |
| 2 | cdn.acsbapp.com |
acsbapp.com
|
| 2 | fonts.gstatic.com |
fonts.googleapis.com
|
| 2 | ssl.google-analytics.com |
1 redirects
shop.nwtf.org
|
| 2 | fonts.googleapis.com |
shop.nwtf.org
ptg-nwtf.activehosted.com |
| 1 | beacon.krxd.net | |
| 1 | usermatch.krxd.net | 1 redirects |
| 1 | ads.yahoo.com | |
| 1 | personalization-wp-service.cluster.app-us1.com |
wp-ui.app-us1.com
|
| 1 | wp-ui.app-us1.com |
diffuser-cdn.app-us1.com
|
| 1 | trackcmp.net |
diffuser-cdn.app-us1.com
|
| 1 | prism.app-us1.com |
diffuser-cdn.app-us1.com
|
| 1 | d226aj4ao1t61q.cloudfront.net |
shop.nwtf.org
|
| 1 | ac-image.s3.amazonaws.com |
shop.nwtf.org
|
| 1 | ptg-nwtf.img-us3.com | 1 redirects |
| 1 | diffuser-cdn.app-us1.com |
shop.nwtf.org
|
| 1 | acsbapp.com |
shop.nwtf.org
|
| 1 | www.google.com |
shop.nwtf.org
|
| 1 | stats.g.doubleclick.net | 1 redirects |
| 1 | p.typekit.net |
use.typekit.net
|
| 1 | hello.myfonts.net |
shop.nwtf.org
|
| 1 | ptg-nwtf.activehosted.com |
shop.nwtf.org
|
| 1 | tracking.magnetmail.net | 1 redirects |
| 1 | send.nwtf.net | 1 redirects |
| 89 | 34 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| twitter.com |
| www.instagram.com |
| www.facebook.com |
| www.youtube.com |
| www.nwtf.org |
| your.nwtf.org |
| www.nopcommerce.com |
| zonos.com |
| accessibe.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| shop.nwtf.org SSL.com RSA SSL subCA |
2021-10-15 - 2022-10-15 |
a year | crt.sh |
| upload.video.google.com GTS CA 1C3 |
2022-06-06 - 2022-08-29 |
3 months | crt.sh |
| use.typekit.net DigiCert TLS RSA SHA256 2020 CA1 |
2022-03-07 - 2023-04-07 |
a year | crt.sh |
| zonos.com Amazon |
2021-09-07 - 2022-10-06 |
a year | crt.sh |
| ssl1030294.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2022-06-01 - 2022-12-08 |
6 months | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2022-06-06 - 2022-08-29 |
3 months | crt.sh |
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-06-09 - 2023-06-09 |
a year | crt.sh |
| *.acsbapp.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1 |
2021-09-23 - 2022-10-05 |
a year | crt.sh |
| *.cloudfront.net Amazon |
2022-02-01 - 2023-01-31 |
a year | crt.sh |
| *.gstatic.com GTS CA 1C3 |
2022-06-06 - 2022-08-29 |
3 months | crt.sh |
| *.app-us1.com Amazon |
2022-01-04 - 2023-02-01 |
a year | crt.sh |
| *.cluster.app-us1.com Amazon |
2022-02-02 - 2023-03-02 |
a year | crt.sh |
| s.adroll.com Amazon |
2021-08-02 - 2022-08-31 |
a year | crt.sh |
| adroll.mgr.consensu.org Amazon |
2021-09-10 - 2022-10-09 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://shop.nwtf.org/
Frame ID: C41C241E4EACF56BB15A3C69414AB1D6
Requests: 90 HTTP requests in this frame
Screenshot
Page Title
Turkey Shoppe Online StoreClosePage URL History Show full URLs
-
http://send.nwtf.net/link.cfm?r=LTU0cnmyemTV6haTtwNgJQ~~&pe=1MplCBmmBRQ45UKcOtYMLcoPjHoEvCpnJCQko...
HTTP 302
https://tracking.magnetmail.net/rd/ttAQQHGh3PSvzEx6ty777NOqT3Tn-q_5xhY10o-zAuDktpi6l2lwbh2neCkgwn0RWa_s-A?ht... HTTP 302
https://shop.nwtf.org/ Page URL
Detected technologies
nopCommerce
(Ecommerce)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- (?:<!--Powered by nopCommerce|Powered by: <a[^>]+nopcommerce)
AdRoll
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- (?:a|s)\.adroll\.com
AppNexus
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- adnxs\.(?:net|com)
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Font API
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
OpenX
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- https?://[^/]*\.openx\.net
Typekit
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link [^>]*href="[^"]+use\.typekit\.(?:net|com)
Page Statistics
10 Outgoing links
These are links going to different origins than the main page.
URL: https://twitter.com/NWTF_official
Search URL Search Domain Scan URL
URL: https://www.instagram.com/official_nwtf/
Search URL Search Domain Scan URL
URL: https://www.facebook.com/THENWTF
Search URL Search Domain Scan URL
URL: https://www.youtube.com/user/NWTFonline
Search URL Search Domain Scan URL
URL: https://www.nwtf.org/
Title: NWTF.org
Title: NWTF.org
Search URL Search Domain Scan URL
URL: https://your.nwtf.org/membership/step1.php
Title: Become A Member
Title: Become A Member
Search URL Search Domain Scan URL
URL: https://your.nwtf.org/donate/
Title: Donate To Our Cause
Title: Donate To Our Cause
Search URL Search Domain Scan URL
URL: http://www.nopcommerce.com/
Title: nopCommerce
Title: nopCommerce
Search URL Search Domain Scan URL
URL: https://zonos.com/zonos-hello-free-duty-tax-calculator
Search URL Search Domain Scan URL
URL: https://accessibe.com/?utm_medium=link&utm_source=widget
Title: Web Accessibility Solution By accessiBe
Title: Web Accessibility Solution By accessiBe
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://send.nwtf.net/link.cfm?r=LTU0cnmyemTV6haTtwNgJQ~~&pe=1MplCBmmBRQ45UKcOtYMLcoPjHoEvCpnJCQkodFKaI7gsp2Ixy0eTXR7_bXrEAll60C0vjIQCrxgh2lwE8Vlbg~~&t=L3b6lVr4Ra6eyExdlgVkQw~~
HTTP 302
https://tracking.magnetmail.net/rd/ttAQQHGh3PSvzEx6ty777NOqT3Tn-q_5xhY10o-zAuDktpi6l2lwbh2neCkgwn0RWa_s-A?https%3A%2F%2Fshop%2Enwtf%2Eorg%2F HTTP 302
https://shop.nwtf.org/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 33- https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2122672182&utmhn=shop.nwtf.org&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Turkey%20Shoppe%20Online%20Store&utmhid=1221349223&utmr=-&utmp=%2F&utmht=1656698622304&utmac=UA-1481350-41&utmcc=__utma%3D36816482.42354723.1656698622.1656698622.1656698622.1%3B%2B__utmz%3D36816482.1656698622.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=755539159&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1481350-41&cid=42354723.1656698622&jid=755539159&_v=5.7.2&z=2122672182 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1481350-41&cid=42354723.1656698622&jid=755539159&_v=5.7.2&z=2122672182
- https://ptg-nwtf.img-us3.com/admin/bronto-email-logo.png HTTP 301
- https://ac-image.s3.amazonaws.com/2/5/2/8/2/0/7/home/admin/bronto-email-logo.png
- https://s.adroll.com/j/exp/WO7Z5FJGMBAPXKFSGBNZCT/index.js HTTP 302
- https://s.adroll.com/j/exp/index.js
- https://s.adroll.com/j/pre/WO7Z5FJGMBAPXKFSGBNZCT/AXZWV2537NDG7KQZEP5PTO/fpconsent.js HTTP 302
- https://s.adroll.com/j/pre/index.js
- https://d.adroll.com/pixel/WO7Z5FJGMBAPXKFSGBNZCT/AXZWV2537NDG7KQZEP5PTO?adroll_fpc=0cb16cfa07a9adb2338e02f1340ff83d-1656698623679&arrfrr=https%3A%2F%2Fshop.nwtf.org%2F&pv=77121625612.6906&cookie=&adroll_s_ref=&keyw= HTTP 302
- https://s.adroll.com/pixel/WO7Z5FJGMBAPXKFSGBNZCT/AXZWV2537NDG7KQZEP5PTO/66C3N64HAVHQZOZGLMTJP3.js
- https://d.adroll.com/cm/r/out?adroll_fpc=0cb16cfa07a9adb2338e02f1340ff83d-1656698623679&arrfrr=https%3A%2F%2Fshop.nwtf.org%2F&advertisable=WO7Z5FJGMBAPXKFSGBNZCT HTTP 302
- https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
- https://d.adroll.com/cm/b/out?adroll_fpc=0cb16cfa07a9adb2338e02f1340ff83d-1656698623679&arrfrr=https%3A%2F%2Fshop.nwtf.org%2F&advertisable=WO7Z5FJGMBAPXKFSGBNZCT HTTP 302
- https://x.bidswitch.net/sync?dsp_id=44&user_id=NmQ5Y2RmZWVkNWNkMjc0NTFjY2NjMGQ5NmQzODFkMTg HTTP 302
- https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NmQ5Y2RmZWVkNWNkMjc0NTFjY2NjMGQ5NmQzODFkMTg
- https://d.adroll.com/cm/x/out?adroll_fpc=0cb16cfa07a9adb2338e02f1340ff83d-1656698623679&arrfrr=https%3A%2F%2Fshop.nwtf.org%2F&advertisable=WO7Z5FJGMBAPXKFSGBNZCT HTTP 302
- https://ib.adnxs.com/setuid?entity=172&code=NmQ5Y2RmZWVkNWNkMjc0NTFjY2NjMGQ5NmQzODFkMTg HTTP 307
- https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNmQ5Y2RmZWVkNWNkMjc0NTFjY2NjMGQ5NmQzODFkMTg
- https://d.adroll.com/cm/l/out?adroll_fpc=0cb16cfa07a9adb2338e02f1340ff83d-1656698623679&arrfrr=https%3A%2F%2Fshop.nwtf.org%2F&advertisable=WO7Z5FJGMBAPXKFSGBNZCT HTTP 302
- https://idsync.rlcdn.com/377928.gif?partner_uid=6d9cdfeed5cd27451cccc0d96d381d18 HTTP 307
- https://idsync.rlcdn.com/1000.gif?memo=CMiIFxIrCicIARDqIhogNmQ5Y2RmZWVkNWNkMjc0NTFjY2NjMGQ5NmQzODFkMTgQABoNCIDu_JUGEgUI6AcQAEIASgA HTTP 307
- https://pippio.com/api/sync?pid=5324&it=1&iv=39e3016977a9af5be901225980e784677907be0813de862518a94da1188ef164791426b5417dce21&_=2 HTTP 307
- https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAzOWUzMDE2OTc3YTlhZjViZTkwMTIyNTk4MGU3ODQ2Nzc5MDdiZTA4MTNkZTg2MjUxOGE5NGRhMTE4OGVmMTY0NzkxNDI2YjU0MTdkY2UyMRAAGgwIgO78lQYSBAgCEABCAEoA HTTP 302
- https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAzOWUzMDE2OTc3YTlhZjViZTkwMTIyNTk4MGU3ODQ2Nzc5MDdiZTA4MTNkZTg2MjUxOGE5NGRhMTE4OGVmMTY0NzkxNDI2YjU0MTdkY2UyMRAAGgwIgO78lQYSBAgCEABCAEoA&google_error=3 HTTP 307
- https://usermatch.krxd.net/um/v2?partner=liveramp_identity HTTP 302
- https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=liveramp_identity
- https://d.adroll.com/cm/o/out?adroll_fpc=0cb16cfa07a9adb2338e02f1340ff83d-1656698623679&arrfrr=https%3A%2F%2Fshop.nwtf.org%2F&advertisable=WO7Z5FJGMBAPXKFSGBNZCT HTTP 302
- https://us-u.openx.net/w/1.0/sd?id=537103138&val=6d9cdfeed5cd27451cccc0d96d381d18&gdpr=0&gdpr_consent= HTTP 302
- https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=6d9cdfeed5cd27451cccc0d96d381d18&gdpr=0&gdpr_consent=
- https://d.adroll.com/cm/g/out?adroll_fpc=0cb16cfa07a9adb2338e02f1340ff83d-1656698623679&arrfrr=https%3A%2F%2Fshop.nwtf.org%2F&advertisable=WO7Z5FJGMBAPXKFSGBNZCT&google_nid=adroll5 HTTP 302
- https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=bZzf7tXNJ0UczMDZbTgdGA HTTP 302
- https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=bZzf7tXNJ0UczMDZbTgdGA&google_tc= HTTP 302
- https://d.adroll.com/cm/g/in
89 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
shop.nwtf.org/ Redirect Chain
|
62 KB 63 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gr-v6dsjveife2kqakzpo7iwyx6zmyojm6jdh3jfvty.min.css
shop.nwtf.org/bundles/ |
202 KB 203 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
k2g0upeemszs54ck5wbik7krrb0nisbipfajckojkqy.min.js
shop.nwtf.org/bundles/ |
85 KB 86 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
otn0pwk.css
use.typekit.net/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ptx.css
shop.nwtf.org/Themes/Uptown/Content/CSS/ |
58 KB 58 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
MyFontsWebfontsKit.css
shop.nwtf.org/Themes/Uptown/Content/CSS/ |
940 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
blank.gif
shop.nwtf.org/images/ |
1 KB 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
0000251.png
shop.nwtf.org/images/thumbs/ |
6 KB 6 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
0000591.jpeg
shop.nwtf.org/images/thumbs/ |
66 KB 66 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
0000590.jpeg
shop.nwtf.org/images/thumbs/ |
110 KB 110 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
mens.jpg
shop.nwtf.org/images/ |
25 KB 25 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
womens.jpg
shop.nwtf.org/images/ |
22 KB 23 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
headwear.jpg
shop.nwtf.org/images/ |
28 KB 28 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
accessories.jpg
shop.nwtf.org/images/ |
26 KB 26 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
0000253.png
shop.nwtf.org/images/thumbs/ |
9 KB 9 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
hello.js
hello.zonos.com/ |
97 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
embed.php
ptg-nwtf.activehosted.com/f/ |
25 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
f_ymtttjpmwbsydranw0-j62kys4gmvthe6d6w6_96q.min.js
shop.nwtf.org/bundles/ |
561 KB 562 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ga.js
ssl.google-analytics.com/ |
45 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
3fd6c2
hello.myfonts.net/count/ |
0 353 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
37 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
p.css
p.typekit.net/ |
5 B 181 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
header-social-2.png
shop.nwtf.org/Themes/Uptown/Content/img/ |
1 KB 1 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
header-selectors-arrow_2.png
shop.nwtf.org/Themes/Uptown/Content/img/ |
96 B 138 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Montserrat-Regular.woff
shop.nwtf.org/Themes/Uptown/Content/fonts/ |
17 KB 17 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
new-search.png
shop.nwtf.org/Themes/Uptown/Content/img/ |
218 B 260 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
loading.gif
shop.nwtf.org/Plugins/SevenSpikes.Nop.Plugins.AnywhereSliders/Themes/Uptown/Content/nivo/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
subscribe-button-footer-2.png
shop.nwtf.org/Themes/Uptown/Content/img/ |
134 B 177 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
social_sprite_hover_2.png
shop.nwtf.org/Themes/Uptown/Content/img/ |
1 KB 1 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
social_sprite_hover.png
shop.nwtf.org/Themes/Uptown/Content/img/ |
1 KB 1 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
payment_sprite_2.png
shop.nwtf.org/Themes/Uptown/Content/img/ |
1 KB 1 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Montserrat-Bold.woff
shop.nwtf.org/Themes/Uptown/Content/fonts/ |
17 KB 17 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
font.woff2
shop.nwtf.org/Themes/Uptown/Content/fonts/QuincyCFRegular/ |
39 KB 39 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ga-audiences
www.google.com/ads/ Redirect Chain
|
42 B 501 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
country
hello.zonos.com/api/ |
2 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
l
use.typekit.net/af/32b0e4/00000000000000007735a185/30/ |
44 KB 45 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
l
use.typekit.net/af/73dbad/00000000000000007735a197/30/ |
46 KB 46 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
l
use.typekit.net/af/ca31c7/00000000000000007735a18d/30/ |
47 KB 47 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
app.js
acsbapp.com/apps/app/dist/js/ |
426 KB 139 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
diffuser.js
diffuser-cdn.app-us1.com/diffuser/ |
24 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css2
fonts.googleapis.com/ |
5 KB 797 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bronto-email-logo.png
ac-image.s3.amazonaws.com/2/5/2/8/2/0/7/home/admin/ Redirect Chain
|
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
esfkyjh1u_forms-close-dark.png
d226aj4ao1t61q.cloudfront.net/ |
279 B 741 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
GetAjaxCartButtonsAjax
shop.nwtf.org/NopAjaxCart/ |
4 KB 5 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
RetrieveProductRibbons
shop.nwtf.org/ |
955 B 994 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
product-wishlist.png
shop.nwtf.org/Themes/Uptown/Content/img/ |
164 B 207 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
product-compare.png
shop.nwtf.org/Themes/Uptown/Content/img/ |
230 B 295 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
product-add-to-cart.png
shop.nwtf.org/Themes/Uptown/Content/img/ |
186 B 229 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
l
use.typekit.net/af/c4a610/00000000000000007735a18b/30/ |
44 KB 45 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
RetrieveProductRibbons
shop.nwtf.org/ |
955 B 994 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
GetAjaxCartButtonsAjax
shop.nwtf.org/NopAjaxCart/ |
8 KB 8 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v24/ |
12 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
prism.app-us1.com/ |
251 B 397 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
translation
hello.zonos.com/api/ |
15 KB 4 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
US.png
hello.zonos.com/images/flags/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
t_prism_sitemessages.php
trackcmp.net/ |
0 362 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
wp-controller.js
wp-ui.app-us1.com/ |
23 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
config.json
cdn.acsbapp.com/cache/app/shop.nwtf.org/ |
159 B 346 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
personalize
personalization-wp-service.cluster.app-us1.com/ |
32 B 346 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
slider-arrow-left.png
shop.nwtf.org/Plugins/SevenSpikes.Nop.Plugins.AnywhereSliders/Themes/Uptown/Content/nivo/ |
150 B 209 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
slider-arrow-right.png
shop.nwtf.org/Plugins/SevenSpikes.Nop.Plugins.AnywhereSliders/Themes/Uptown/Content/nivo/ |
152 B 194 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
0000561.jpeg
shop.nwtf.org/images/thumbs/ |
51 KB 51 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
0000562.jpeg
shop.nwtf.org/images/thumbs/ |
106 KB 106 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
0000563.jpeg
shop.nwtf.org/images/thumbs/ |
40 KB 40 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
0000564.jpeg
shop.nwtf.org/images/thumbs/ |
61 KB 61 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
0000557.jpeg
shop.nwtf.org/images/thumbs/ |
56 KB 56 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
0000558.jpeg
shop.nwtf.org/images/thumbs/ |
237 KB 237 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
0000559.jpeg
shop.nwtf.org/images/thumbs/ |
53 KB 53 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
0000560.jpeg
shop.nwtf.org/images/thumbs/ |
120 KB 120 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
roundtrip.js
s.adroll.com/j/ |
52 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
en.build.json
cdn.acsbapp.com/cache/app/ |
236 KB 25 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
index.js
s.adroll.com/j/exp/ Redirect Chain
|
28 B 785 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
index.js
s.adroll.com/j/pre/ Redirect Chain
|
0 756 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
index.js
s.adroll.com/j/pre/WO7Z5FJGMBAPXKFSGBNZCT/AXZWV2537NDG7KQZEP5PTO/ |
4 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
WO7Z5FJGMBAPXKFSGBNZCT
d.adroll.com/consent/check/ |
442 B 911 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
66C3N64HAVHQZOZGLMTJP3.js
s.adroll.com/pixel/WO7Z5FJGMBAPXKFSGBNZCT/AXZWV2537NDG7KQZEP5PTO/ Redirect Chain
|
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
v1
ads.yahoo.com/cms/ Redirect Chain
|
0 194 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sync
x.bidswitch.net/ul_cb/ Redirect Chain
|
43 B 510 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bounce
ib.adnxs.com/ Redirect Chain
|
43 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
usermatch.gif
beacon.krxd.net/ Redirect Chain
|
0 337 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
sd
us-u.openx.net/w/1.0/ Redirect Chain
|
43 B 61 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
in
d.adroll.com/cm/g/ Redirect Chain
|
42 B 538 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
0000591.jpeg
shop.nwtf.org/images/thumbs/ |
66 KB 66 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
0000561.jpeg
shop.nwtf.org/images/thumbs/ |
51 KB 51 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
0000590.jpeg
shop.nwtf.org/images/thumbs/ |
110 KB 110 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
0000557.jpeg
shop.nwtf.org/images/thumbs/ |
56 KB 56 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
0000561.jpeg
shop.nwtf.org/images/thumbs/ |
51 KB 51 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
0000557.jpeg
shop.nwtf.org/images/thumbs/ |
56 KB 56 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
86 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| _gaq function| $ function| jQuery object| _gat object| gaGlobal object| zonos string| adroll_adv_id string| adroll_pix_id string| visitorGlobalObjectAlias function| vgo object| cfields function| _show_thank_you function| _show_error function| _load_script function| OpenWindow function| setLocation function| displayAjaxLoading function| displayPopupNotification function| displayPopupContentFromUrl function| displayBarNotification function| htmlEncode function| htmlDecode function| addAntiForgeryToken undefined| barNotificationTimeout object| AjaxCart object| kendo object| sevenSpikesCore object| nopAjaxCart object| nopProductRibbons object| footable object| sevenSpikesEx object| themeSettings string| prismGlobalObjectAlias object| visitorGlobalObject function| _toConsumableArray function| _nonIterableSpread function| _iterableToArray function| _arrayWithoutHoles function| _typeof function| _0x326e function| _createForOfIteratorHelper function| _0x25fc function| _unsupportedIterableToArray function| _arrayLikeToArray object| AJS object| AccessiBe object| acsb object| acsbJS object| EJSEventListeners object| wpGlobalObject boolean| __adroll_loaded function| EJSCustomEvent object| elementSrcMap object| transformationObserver string| adroll_sid object| dataLayer object| adroll object| __adroll boolean| adroll_optout object| adroll_ext_network object| adroll_callbacks undefined| adroll_tpc_callback object| __adroll_consent_data object| adroll_exp_list function| __cmp function| __tcfapi boolean| __adroll_consent boolean| __adroll_consent_is_gdpr string| __adroll_consent_user_country string| __adroll_consent_adv_country number| adroll_lex33_called object| adroll_currency object| adroll_conversion_value object| adroll_conversion_value_in_dollars string| adroll_seg_eid boolean| adroll_sendrolling_cross_device object| adroll_form_fields string| adroll_rule_type37 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| send.nwtf.net/ | Name: CFID Value: 214758921 |
|
| send.nwtf.net/ | Name: JSESSIONID Value: 42B0D9FC56A5D58E4EF63D58CC846C26.cfusion |
|
| send.nwtf.net/ | Name: CFTOKEN Value: ae14143b7d35b8f8%2D4D507748%2DDCFC%2DF882%2D123B15B0EB395DDD |
|
| send.nwtf.net/ | Name: NSC_WJQ-UsbdlPqfot2Ofx-80 Value: ffffffff09b4be4745525d5f4f58455e445a4a423660 |
|
| .magnetmail.net/ | Name: _rm_tk Value: Livt8ThctJU |
|
| .magnetmail.net/ | Name: _rm_ts Value: Livt8ThctJU |
|
| tracking.magnetmail.net/ | Name: NSC_WJQ-BqjNB-443 Value: ffffffff09b4bffa45525d5f4f58455e445a4a42378b |
|
| shop.nwtf.org/ | Name: .Nop.Session Value: CfDJ8DyU15iIwjVGno3cxVgmJ3TVhWWva%2FJGI8fufY1z2ySyHuMjUIVnmobsWkv%2FYYHbppkxhsVRr68wIrUA%2BP87txsS4a7JHvtLlb%2FOzq807D746tDRfb3yUk48AIJ0F2N0mMOjC4pWVv8zsh1sUm%2FAUif2N%2B43MCddI6ETzqSz16f5 |
|
| .myfonts.net/ | Name: __cf_bm Value: GtFop5KY7HENYhzYQ7SpPjR7CbdDkWPnu4sppT0kkgU-1656698622-0-AT4fEKM0ruyLzX6Y/AgxMsYsi3Hkp8uXlAPArHOzF0GReaMpJO1aDZNQbdG6rT/+sBItiPHqU+4T5FKdU2ofqF0= |
|
| .shop.nwtf.org/ | Name: __utma Value: 36816482.42354723.1656698622.1656698622.1656698622.1 |
|
| .shop.nwtf.org/ | Name: __utmc Value: 36816482 |
|
| .shop.nwtf.org/ | Name: __utmz Value: 36816482.1656698622.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none) |
|
| .shop.nwtf.org/ | Name: __utmt Value: 1 |
|
| .shop.nwtf.org/ | Name: __utmb Value: 36816482.1.10.1656698622 |
|
| .nwtf.org/ | Name: zCountry Value: US |
|
| .nwtf.org/ | Name: zHello Value: 1 |
|
| prism.app-us1.com/ | Name: prism_477417897 Value: f56cd0f5-5c34-4941-8e04-75db2e26154e |
|
| .nwtf.org/ | Name: prism_477417897 Value: f56cd0f5-5c34-4941-8e04-75db2e26154e |
|
| shop.nwtf.org/ | Name: .Nop.Customer Value: 40188ca2-e4c0-409b-bc79-35e398e07cde |
|
| .shop.nwtf.org/ | Name: __adroll_fpc Value: 0cb16cfa07a9adb2338e02f1340ff83d-1656698623679 |
|
| .shop.nwtf.org/ | Name: __ar_v4 Value: %7CWO7Z5FJGMBAPXKFSGBNZCT%3A20220631%3A1%7CAXZWV2537NDG7KQZEP5PTO%3A20220631%3A1%7C66C3N64HAVHQZOZGLMTJP3%3A20220631%3A1 |
|
| .openx.net/ | Name: i Value: 075f4315-4671-472e-8cf6-840863528fc6|1656698623 |
|
| .rlcdn.com/ | Name: rlas3 Value: v8f3v/LErZH8UNMaCZRiy8Q9mojofvFoT4fyvJKoH8U= |
|
| .bidswitch.net/ | Name: tuuid Value: 4a2b4272-d25a-4279-90fc-661e2f81b8c1 |
|
| .bidswitch.net/ | Name: c Value: 1656698624 |
|
| .bidswitch.net/ | Name: tuuid_lu Value: 1656698624 |
|
| .adnxs.com/ | Name: uuid2 Value: 7106260932305706085 |
|
| .rlcdn.com/ | Name: pxrc Value: CIDu/JUGEgUI6AcQABIFCOhHEAA= |
|
| .adnxs.com/ | Name: anj Value: dTM7k!M4/rD>6NRF']wIg2HaLpRCW%!@wnfH1Ya.O4]7Q=E?-^hsx3!0t[Z@2HHn83EEI=kyb<_2Q$<o3Cdx4hpMr<orZ5ur5Q6Di1%NP@(T(?!2>h9/+0J2!!5f73eZ4V |
|
| .pippio.com/ | Name: did Value: 48Huna_Zqkhjrmpg |
|
| .pippio.com/ | Name: didts Value: 1656698624 |
|
| .pippio.com/ | Name: nnls Value: |
|
| .doubleclick.net/ | Name: IDE Value: AHWqTUlLbgc-gZx4FeGw_R8bfQFyl5HcFb0XTmdvKohGVy_w2KPRZj1MAlB-lJ5DExk |
|
| d.adroll.com/ | Name: __adroll Value: 6d9cdfeed5cd27451cccc0d96d381d18-g_1656698624-a_1656698623 |
|
| .adroll.com/ | Name: __adroll_shared Value: 6d9cdfeed5cd27451cccc0d96d381d18-g_1656698624-a_1656698623 |
|
| .pippio.com/ | Name: pxrc Value: CIDu/JUGEgQIAhAAEgYI3awrEAA= |
|
| .krxd.net/ | Name: _kuid_ Value: O7n004vA |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Content-Security-Policy | default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; |
| Strict-Transport-Security | max-age=31536000; includeSubDomains |
| X-Content-Type-Options | nosniff |
| X-Frame-Options | SAMEORIGIN |
| X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ac-image.s3.amazonaws.com
acsbapp.com
ads.yahoo.com
beacon.krxd.net
cdn.acsbapp.com
cm.g.doubleclick.net
d.adroll.com
d226aj4ao1t61q.cloudfront.net
diffuser-cdn.app-us1.com
fonts.googleapis.com
fonts.gstatic.com
hello.myfonts.net
hello.zonos.com
ib.adnxs.com
idsync.rlcdn.com
p.typekit.net
personalization-wp-service.cluster.app-us1.com
pippio.com
prism.app-us1.com
ptg-nwtf.activehosted.com
ptg-nwtf.img-us3.com
s.adroll.com
send.nwtf.net
shop.nwtf.org
ssl.google-analytics.com
stats.g.doubleclick.net
trackcmp.net
tracking.magnetmail.net
us-u.openx.net
use.typekit.net
usermatch.krxd.net
wp-ui.app-us1.com
www.google.com
x.bidswitch.net
100.24.249.189
107.178.254.65
138.128.247.123
142.250.81.226
143.204.146.58
147.185.239.105
2001:4998:14:800::1000
205.201.46.12
205.201.46.25
208.67.80.166
23.20.221.206
2600:141b:13::17d7:82c8
2600:141b:13::17d7:82d1
2600:9000:2140:7000:6:9280:1080:93a1
2606:4700:4400::ac40:9197
2606:4700::6811:596d
2606:4700::6811:915b
2606:4700::6811:f349
2607:f8b0:4004:c19::9d
2607:f8b0:4006:807::2004
2607:f8b0:4006:80b::2008
2607:f8b0:4006:80d::200a
2607:f8b0:4006:823::2003
34.206.225.93
34.98.64.218
35.190.60.146
35.211.178.172
52.216.85.227
52.44.76.68
54.85.64.183
68.67.179.155
99.84.126.77
99.84.47.13
00b116929ad81a2e19c741b0335a5fffffbdb91c6fdcdee6481c58660d2e56d2
0607cb91601e0526cbb61468a468433726f1606904b984af895cc25625dc912e
07af6e9c5a381d0d857cdefc3e906418a05feedc70d099ce318af3cd87bd5077
0a6ec4d80b161323b10a799ff54edb456867dbcfc3145a31bbc735c77f3eaf4f
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
13c0c0922523917b1f08aee8e0889a68daa1fc6c4f0b1be2bf7ec778b42e6433
158a1ac070e5a39c02d7d86586cd1bb70715e4afa12d18c0eb2d0e043e8ad6b5
15eb202865d1d835fae2eff61bb922fa91fb4064a1fb850ebadab1f190782648
1a18479c47b834559abf2e11cb12af7f727dc7c47abf602fd742758338343c15
1bfa26ad2b08763d84cef9cd3a8bff41a3a0818d716173bf38e40634d68b17e9
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1c1a2c3a902a70b29c00ec5e07c2f35647bc4aabef7fa8f6cba8f66e653401ae
1df2fb7642b151b6db804853235d614bfa15716d09822d86c51ba14914a75d57
229e6f95b683896c2565cda96b885186ac551e5442b9a0ce5022698e495174d1
24ebdc6ba66d482eb8ac3ead0755cc82bafb7eea373515c34bb9f2f446faed60
2540509a5d6cbd7c0a12c0924e157f3df2b01e2e7011b0bb061b2f10600e8698
2848350db1d67b85eae8143e8ea84b05581d57db4a0c83380aa67502814654e0
286510628699abe85b04dfbb3cb7fe9f1050f87d91fd87a488c06368b6072774
2fd20efc49bfde5fff826e14300aed58164d547624d930318be9fe1760e3a04d
36319fb0a19eea1f8c9ca1806d013f66fc1f00a985ace7ce93de987bd1347134
37f36ce1e5b5592f4986a9a0a19ad2f5eb3c84511fc1c6acc595170ed5320a50
3c7f1515ef582d8c9730e046767d496baa2b27a6408245fa517e715a9409b538
3cec9146433efcaea56ca5e879c5da6c192a23d05df002d6dba5def0d6c0529e
41f1e9970b646aadac0f40543bb08b21e49990bf1b09392d1ef4d71b275069ea
434580155b5a5b67c3213a9298c351b60c06525f5f71b0da1bf9e4404dc940a3
4a670c9e6a8cbd231858931c4253d27b8caefafa6b173975631127aece5bbb08
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d1bd82ce9d46884ceaa3bf455166ffab9738d8c974f3bef0fce6960b602543d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e89b367fdf4a6c559581a4319391c4c1f1b7dc1128bab138d942f1ceef37bc4
4f8059cfd6739160b9073e937833a58c728a9791b380f27fcf2d047d76951155
50e7e687e2e8e596f1abf929f3e3ade82e2abeeb63dd4fa2cee580c195cd47df
51689c1e9f53e2ddc1c1d129d6f73f91d4c11a4dac061f820fa67bad74354143
533cb2afd49fc197a66d42b4069e029669853544d261510c66760b929235b626
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54dea0eda149bb4cbe0de250a34cbd1bd38bcb62b905dbadf37e4b0d1243ce67
58cd826b076143078d3d69850567b163c3a9791c1ce0d226428d671b753ff698
59d09721ef5d6a8a6aa8cf8100a1eaa2ef1644bd196fc1a788ad31e16a505734
5a11319852feb644bd3c627df5cdb0e3405e6da7f7d95a57c9cae3ef8e6a89ac
5e7ccb72cc164e5e3ec33b203bfde217a3ff82d2bc64ee63d8b06ea566d6feae
6e0e0ff568868829f35d36b7b2fdd1ee32cd916bab10980868b86119d09ea20a
74da11a20b9c2f4dbfbc961fee6768d0c73267a7d46f6f753203fb4e311c2941
796164c3e2cc258209a44bace11b0d80da9d04b3f4c5c4c8ec5dd1b9b2b0bf4e
81f243c1ca464f48267bf5730d532282a44e60211b61c62c9e17d882c00eb437
863cd28904fa71a374c73a162beec200b94d579610c26fb23ad9c61c6fd9775b
8f67af3a52d3fe445d0f5fa403a487eaf22c9d5a6a150677d1b5669aa0884630
91f47739c7e06cd8a4eb9becc3e6e7c1d36a90075bfd76fcab8cb0996979ec2a
920235ca050478882a6ef5d070ff46be662e87d56f6232d1dbc71cd5ffe1a6f7
92bd868a5bf849e2ab0ba745c987afce7d56755f2ecf27320c5589bb4e7f9c1b
98f2aab543b86cfebf67b91619c316da824cd4e72320e3f31424317a08b9761e
99eca466de76ebff0d12a24ea8bc51e4e03dc064992e65ea3818b6d309a6aa38
9cee8917f1b55b4ec6ae250b74f1af3640ef4a047289acd6a33887d0a5517ebd
9db9265f8119cc29e3011eb69fb5d9bfb6b2b715890351480ac0904059af7f02
a6185133b08c1815fa0cb8ea9ce93ba67ca614f89444639b16de4046950e8f53
ab52068d7e479ae84437eac67509ec7a9ed61d148d25923f42ef20ddd050facc
b3aeb0f36c240df415eeb2b1b768e5f9dd0033643eed062867d5ce188a1dda14
b7021bc90140ae03cb5a305142a06ba26fa07e7e102797cd9fa2669a0ff7ccf7
b83fcbf3c9484802048dacf9a1d7d8673134f4648777e48490124af3a80dc309
b99ee11e59a9c84bc1eb4e3cfe9690224014b50438a5020d1f5a448fbb2e76cd
ba29be1c355e5164d03899c41b11ac44143bf1f7e4f2af0e6d2ada85c5e249be
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc5747550a5472a9637318a18b81233bad76454d97844d58d0adc19065dbf917
bec209adcf425f5fdd306fbae2da80f735f40244249e4e67237401fa748f3583
c13494808a380c6561696a1994489a4c83e126a3fe5562076d06215b7ae3c3a2
c1405870e0ad4029b3c546318044effd93d7bfd97eaef60b52c05ea73742270a
c5dad9c5b3cd36d75e8f85030fc3c2e9adb119d23bc7b8b4d3e989c26a3d9095
c83d6bcfd4744f02c9d72663941054940ae5d89ef4f88483953509ae117a6b77
cbfad94369d42c856550d4aab9706e9196d7d3347145d2fc869de4f3dd887f90
d4cf766efcd76c034da218a579758ee84f551e8968ebd00dd15e36b7e659075d
dfedb72bf173b1757da4ad58411a89a29f2c39664411a39f1bc526dd32968e58
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eba85fa537f8c573d11eea8139c3f4e78bc764e7b98d9d385a63d195c2789a0f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6f2df6bf08a8a6815c7bca8af3a8f00ab0275588d27f00fb17a88167cb731ba
fcc5852833c3c5dd76a38dfd596328e0b26380f386653d0b8a1cd78fc0b9654d