fortunadrawsco.wpcomstaging.com
Open in
urlscan Pro
192.0.78.20
Public Scan
Submitted URL: https://wickedwhimsy.blog/
Effective URL: https://fortunadrawsco.wpcomstaging.com/
Submission Tags: phishingrod
Submission: On December 11 via api from DE — Scanned from DE
Effective URL: https://fortunadrawsco.wpcomstaging.com/
Submission Tags: phishingrod
Submission: On December 11 via api from DE — Scanned from DE
Summary
This website contacted 13 IPs
in 3 countries
across 8 domains to perform 80 HTTP transactions.
The main IP is 192.0.78.20, located in
San Francisco, United States and
belongs to AUTOMATTIC, US.
The main domain is fortunadrawsco.wpcomstaging.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 25th 2023. Valid for: a year.
This is the only time fortunadrawsco.wpcomstaging.com was scanned on urlscan.io!
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 25th 2023. Valid for: a year.
This is the only time fortunadrawsco.wpcomstaging.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 1 | 3.67.181.148 3.67.181.148 | 16509 (AMAZON-02) (AMAZON-02) | |
| 34 | 192.0.78.20 192.0.78.20 | 2635 (AUTOMATTIC) (AUTOMATTIC) | |
| 16 | 192.0.77.37 192.0.77.37 | 2635 (AUTOMATTIC) (AUTOMATTIC) | |
| 6 | 192.0.76.3 192.0.76.3 | 2635 (AUTOMATTIC) (AUTOMATTIC) | |
| 7 | 2a00:1450:400... 2a00:1450:4001:827::2002 | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 192.0.77.2 192.0.77.2 | 2635 (AUTOMATTIC) (AUTOMATTIC) | |
| 1 | 192.0.77.32 192.0.77.32 | 2635 (AUTOMATTIC) (AUTOMATTIC) | |
| 4 | 34.253.242.220 34.253.242.220 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 | 192.0.77.38 192.0.77.38 | 2635 (AUTOMATTIC) (AUTOMATTIC) | |
| 2 | 2a00:1450:400... 2a00:1450:4001:829::2002 | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 192.0.77.48 192.0.77.48 | 2635 (AUTOMATTIC) (AUTOMATTIC) | |
| 3 | 2a00:1450:400... 2a00:1450:4001:81c::2001 | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:813::2004 | 15169 (GOOGLE) (GOOGLE) | |
| 80 | 13 |
1
3.67.181.148
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-181-148.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-181-148.eu-central-1.compute.amazonaws.com
| wickedwhimsy.blog |
34
192.0.78.20
(San Francisco, United States)
ASN2635 (AUTOMATTIC, US)
ASN2635 (AUTOMATTIC, US)
| fortunadrawsco.wpcomstaging.com |
7
2a00:1450:4001:827::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| pagead2.googlesyndication.com |
4
34.253.242.220
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-242-220.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-242-220.eu-west-1.compute.amazonaws.com
| s.pubmine.com |
1
192.0.77.38
(San Francisco, United States)
ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com
ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com
| c0.pubmine.com |
2
2a00:1450:4001:829::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| googleads.g.doubleclick.net |
3
2a00:1450:4001:81c::2001
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| tpc.googlesyndication.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 34 |
wpcomstaging.com
fortunadrawsco.wpcomstaging.com |
239 KB |
| 24 |
wp.com
c0.wp.com — Cisco Umbrella Rank: 8588 stats.wp.com — Cisco Umbrella Rank: 2814 i0.wp.com — Cisco Umbrella Rank: 3858 s0.wp.com — Cisco Umbrella Rank: 7928 pixel.wp.com — Cisco Umbrella Rank: 2796 |
267 KB |
| 10 |
googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148 |
224 KB |
| 5 |
pubmine.com
s.pubmine.com — Cisco Umbrella Rank: 15582 c0.pubmine.com — Cisco Umbrella Rank: 34089 |
60 KB |
| 2 |
doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 |
5 KB |
| 1 |
google.com
www.google.com — Cisco Umbrella Rank: 2 |
1 KB |
| 1 |
w.org
s.w.org — Cisco Umbrella Rank: 3043 |
647 B |
| 1 |
wickedwhimsy.blog
1 redirects
wickedwhimsy.blog |
338 B |
| 80 | 8 |
| Domain | Requested by | |
|---|---|---|
| 34 | fortunadrawsco.wpcomstaging.com |
fortunadrawsco.wpcomstaging.com
|
| 16 | c0.wp.com |
fortunadrawsco.wpcomstaging.com
|
| 7 | pagead2.googlesyndication.com |
fortunadrawsco.wpcomstaging.com
pagead2.googlesyndication.com tpc.googlesyndication.com |
| 4 | s.pubmine.com |
fortunadrawsco.wpcomstaging.com
c0.pubmine.com |
| 3 | tpc.googlesyndication.com |
pagead2.googlesyndication.com
tpc.googlesyndication.com |
| 3 | pixel.wp.com |
fortunadrawsco.wpcomstaging.com
|
| 3 | stats.wp.com |
fortunadrawsco.wpcomstaging.com
|
| 2 | googleads.g.doubleclick.net |
pagead2.googlesyndication.com
|
| 1 | www.google.com |
tpc.googlesyndication.com
|
| 1 | s.w.org |
fortunadrawsco.wpcomstaging.com
|
| 1 | c0.pubmine.com |
fortunadrawsco.wpcomstaging.com
|
| 1 | s0.wp.com |
fortunadrawsco.wpcomstaging.com
|
| 1 | i0.wp.com |
fortunadrawsco.wpcomstaging.com
|
| 1 | wickedwhimsy.blog | 1 redirects |
| 80 | 14 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.cookieyes.com |
| www.etsy.com |
| patreon.com |
| www.facebook.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.wpcomstaging.com Sectigo RSA Domain Validation Secure Server CA |
2023-10-25 - 2024-11-24 |
a year | crt.sh |
| *.wp.com Sectigo ECC Domain Validation Secure Server CA |
2023-11-28 - 2024-12-28 |
a year | crt.sh |
| *.g.doubleclick.net GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
| s.pubmine.com Sectigo RSA Domain Validation Secure Server CA |
2023-10-02 - 2024-10-02 |
a year | crt.sh |
| c0.pubmine.com Sectigo RSA Domain Validation Secure Server CA |
2023-04-04 - 2024-05-04 |
a year | crt.sh |
| *.w.org Sectigo ECC Domain Validation Secure Server CA |
2022-12-06 - 2024-01-06 |
a year | crt.sh |
| tpc.googlesyndication.com GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
| www.google.com GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
This page contains 5 frames:
Primary Page:
https://fortunadrawsco.wpcomstaging.com/
Frame ID: EC5B6C202E17BECC2E122609E79FDF2D
Requests: 73 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/zrt_lookup_fy2021.html?hello=world
Frame ID: ED1EA849AEC2C7BDF3D5E36C528C2F0F
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062325093792871&output=html&adk=1812271804&adf=3025194257&lmt=1702299392&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x675_l%7C260x675_r&format=0x0&url=https%3A%2F%2Ffortunadrawsco.wpcomstaging.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702299392183&bpp=2&bdt=4271&idt=238&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5613023395492&frm=20&pv=2&ga_vid=917115784.1702299392&ga_sid=1702299392&ga_hid=226467025&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079865%2C31079928%2C44809003%2C31080064%2C95320884&oid=2&pvsid=3958334096607248&tmod=1355088813&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=251
Frame ID: 20114BD8C4C6978CA243A0D1842D51EA
Requests: 1 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A074E2C82321D648B55D82AD8302A159
Requests: 3 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/aframe
Frame ID: E45692A833B6D3322F290F0A66825250
Requests: 2 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://wickedwhimsy.blog/
HTTP 301
https://fortunadrawsco.wpcomstaging.com/ Page URL
Detected technologies
WooCommerce
(Ecommerce)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /woocommerce(?:\.min)?\.js(?:\?ver=([0-9.]+))?
WordPress
(CMS)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
- <link[^>]+s\d+\.wp\.com
- /wp-(?:content|includes)/
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google AdSense
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googlesyndication\.com/
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery Migrate
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
URL: https://www.cookieyes.com/product/cookie-consent
Search URL Search Domain Scan URL
URL: https://www.etsy.com/shop/WickedWhimsyArts
Title: etsy
Title: etsy
Search URL Search Domain Scan URL
URL: https://patreon.com/wickedandwhimsy
Title: patreon
Title: patreon
Search URL Search Domain Scan URL
URL: https://www.facebook.com/wickedwhimsyarts
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://wickedwhimsy.blog/
HTTP 301
https://fortunadrawsco.wpcomstaging.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
80 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
fortunadrawsco.wpcomstaging.com/ Redirect Chain
|
134 KB 29 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET BLOB |
fa4b86e0-aee5-43eb-acb1-e44513dca5fd
https://fortunadrawsco.wpcomstaging.com/ |
1 KB 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
blocks-checkout.css
fortunadrawsco.wpcomstaging.com/wp-content/plugins/woocommerce-payments/dist/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
style.css
fortunadrawsco.wpcomstaging.com/wp-content/plugins/gutenberg/build/block-library/blocks/navigation/ |
16 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
all.min.css
fortunadrawsco.wpcomstaging.com/wp-content/plugins/download-manager/assets/fontawesome/css/ |
101 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.min.css
fortunadrawsco.wpcomstaging.com/wp-content/plugins/download-manager/assets/bootstrap/css/ |
57 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
front.css
fortunadrawsco.wpcomstaging.com/wp-content/plugins/download-manager/assets/css/ |
64 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
app.css
fortunadrawsco.wpcomstaging.com/wp-content/plugins/patron-plugin-pro/plugin/lib/patreon-connect/assets/css/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
style.css
fortunadrawsco.wpcomstaging.com/wp-content/plugins/woo-coupon-usage/css/ |
31 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
woocommerce_gift_cards_lite-public.css
fortunadrawsco.wpcomstaging.com/wp-content/plugins/woo-gift-cards-lite/public/css/ |
4 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dashicons.min.css
c0.wp.com/c/6.4.2/wp-includes/css/ |
58 KB 35 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
thickbox.css
c0.wp.com/c/6.4.2/wp-includes/js/thickbox/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
woocommerce-layout.css
c0.wp.com/p/woocommerce/8.3.1/assets/css/ |
17 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
woocommerce-smallscreen.css
c0.wp.com/p/woocommerce/8.3.1/assets/css/ |
7 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
woocommerce.css
c0.wp.com/p/woocommerce/8.3.1/assets/css/ |
73 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
woocommerce-blocktheme.css
c0.wp.com/p/woocommerce/8.3.1/assets/css/ |
9 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gateway.css
fortunadrawsco.wpcomstaging.com/wp-content/plugins/woocommerce-paypal-payments/modules/ppcp-button/assets/css/ |
238 B 551 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ponyfill.css
fortunadrawsco.wpcomstaging.com/wp-content/themes/blockbase-premium/assets/ |
30 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
masterbar.css
fortunadrawsco.wpcomstaging.com/wp-content/mu-plugins/wpcomsh/vendor/automattic/wc-calypso-bridge/store-on-wpcom/assets/css/ |
728 B 759 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
style.css
fortunadrawsco.wpcomstaging.com/wp-content/plugins/patron-plugin-pro/plugin/lib/patron-button-and-widgets-by-codebard/plugin/templates/default/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
style.css
fortunadrawsco.wpcomstaging.com/wp-content/plugins/patron-plugin-pro/plugin/templates/default/ |
2 KB 839 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jetpack.css
fortunadrawsco.wpcomstaging.com/wp-content/plugins/jetpack/css/ |
99 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
wp-polyfill-inert.min.js
c0.wp.com/c/6.4.2/wp-includes/js/dist/vendor/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
regenerator-runtime.min.js
c0.wp.com/c/6.4.2/wp-includes/js/dist/vendor/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
wp-polyfill.min.js
c0.wp.com/c/6.4.2/wp-includes/js/dist/vendor/ |
112 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
index.min.js
fortunadrawsco.wpcomstaging.com/wp-content/plugins/gutenberg/build/hooks/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
w.js
stats.wp.com/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
script.min.js
fortunadrawsco.wpcomstaging.com/wp-content/plugins/cookie-law-info/lite/frontend/js/ |
18 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
index.min.js
fortunadrawsco.wpcomstaging.com/wp-content/plugins/gutenberg/build/i18n/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.js
c0.wp.com/c/6.4.2/wp-includes/js/jquery/ |
86 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-migrate.min.js
c0.wp.com/c/6.4.2/wp-includes/js/jquery/ |
13 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
popper.min.js
fortunadrawsco.wpcomstaging.com/wp-content/plugins/download-manager/assets/bootstrap/js/ |
21 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.min.js
fortunadrawsco.wpcomstaging.com/wp-content/plugins/download-manager/assets/bootstrap/js/ |
61 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
front.js
fortunadrawsco.wpcomstaging.com/wp-content/plugins/download-manager/assets/js/ |
39 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
woo-coupon-usage.js
fortunadrawsco.wpcomstaging.com/wp-content/plugins/woo-coupon-usage/js/ |
8 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.blockUI.min.js
c0.wp.com/p/woocommerce/8.3.1/assets/js/jquery-blockui/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
add-to-cart.min.js
c0.wp.com/p/woocommerce/8.3.1/assets/js/frontend/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js.cookie.min.js
c0.wp.com/p/woocommerce/8.3.1/assets/js/js-cookie/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
woocommerce.min.js
c0.wp.com/p/woocommerce/8.3.1/assets/js/frontend/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
s-202350.js
stats.wp.com/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ |
147 KB 51 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
image.jpg
i0.wp.com/fortunadrawsco.wpcomstaging.com/wp-content/uploads/2023/07/ |
115 KB 115 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bilmur.min.js
s0.wp.com/wp-content/js/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gifting-banner.css
fortunadrawsco.wpcomstaging.com/wp-content/mu-plugins/wpcomsh/frontend-notices/gifting-banner/css/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jetpack-carousel.min.js
fortunadrawsco.wpcomstaging.com/wp-content/plugins/jetpack/_inc/build/carousel/ |
24 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
image-cdn.js
fortunadrawsco.wpcomstaging.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-image-cdn/dist/ |
701 B 689 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.form.min.js
c0.wp.com/c/6.4.2/wp-includes/js/jquery/ |
16 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
app.js
fortunadrawsco.wpcomstaging.com/wp-content/plugins/patron-plugin-pro/plugin/lib/patreon-connect/assets/js/ |
354 B 678 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
button.js
fortunadrawsco.wpcomstaging.com/wp-content/plugins/woocommerce-paypal-payments/modules/ppcp-button/assets/js/ |
201 KB 51 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
e-202350.js
stats.wp.com/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gifting-banner.js
fortunadrawsco.wpcomstaging.com/wp-content/mu-plugins/wpcomsh/frontend-notices/gifting-banner/js/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
g.gif
pixel.wp.com/ |
50 B 153 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
conf
s.pubmine.com/ |
2 KB 986 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ata.js
c0.pubmine.com/2.39.01695837358837/ |
216 KB 58 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/ |
399 KB 135 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/ Frame ED1E |
9 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
g.gif
pixel.wp.com/ |
50 B 153 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
wp-emoji-release.min.js
fortunadrawsco.wpcomstaging.com/wp-includes/js/ |
18 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
revisit.svg
fortunadrawsco.wpcomstaging.com/wp-content/plugins/cookie-law-info/lite/frontend/images/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
close.svg
fortunadrawsco.wpcomstaging.com/wp-content/plugins/cookie-law-info/lite/frontend/images/ |
1 KB 992 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
poweredbtcky.svg
fortunadrawsco.wpcomstaging.com/wp-content/plugins/cookie-law-info/lite/frontend/images/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
/
fortunadrawsco.wpcomstaging.com/ |
94 B 520 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1f381.svg
s.w.org/images/core/emoji/14.0.0/svg/ |
656 B 647 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
b.gif
pixel.wp.com/ |
43 B 146 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gridicons-help-outline.svg
fortunadrawsco.wpcomstaging.com/wp-content/mu-plugins/wpcomsh/frontend-notices/gifting-banner/images/ |
402 B 718 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
pixel
s.pubmine.com/ |
43 B 286 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET BLOB |
6d6450d0-ef63-424d-8274-2ac4f93607ea
https://fortunadrawsco.wpcomstaging.com/ |
2 KB 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
adconf
s.pubmine.com/ |
9 B 331 B |
XHR
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
adjr
s.pubmine.com/ |
119 B 492 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ads
googleads.g.doubleclick.net/pagead/ Frame 2011 |
603 B 245 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
gen_204
pagead2.googlesyndication.com/pagead/ |
0 20 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sodar
pagead2.googlesyndication.com/getconfig/ |
16 KB 12 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sodar2.js
tpc.googlesyndication.com/sodar/ |
17 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A074 |
13 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
aframe
www.google.com/recaptcha/api2/ Frame E456 |
829 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame A074 |
39 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ Frame E456 |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
generate_204
tpc.googlesyndication.com/ Frame A074 |
0 10 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
boom.gif
pixel.wp.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- pixel.wp.com
- URL
- https://pixel.wp.com/boom.gif?bilmur=1&cumulative_layout_shift=0.035&largest_contentful_paint=9934&batcache_hit=0&provider=wordpress.com&service=atomic&effective_connection_type=4g&rtt=0&downlink=9500&host_name=fortunadrawsco.wpcomstaging.com&url_path=%2F&nt_fetchStart=3514&nt_domainLookupStart=3524&nt_domainLookupEnd=3524&nt_connectStart=3524&nt_connectEnd=3541&nt_secureConnectionStart=3529&nt_requestStart=3541&nt_responseStart=6007&nt_responseEnd=6135&nt_domLoading=6009&nt_domInteractive=10314&nt_domContentLoadedEventStart=10317&nt_domContentLoadedEventEnd=10325&nt_domComplete=10706&nt_loadEventStart=10706&nt_loadEventEnd=10706&nt_redirectCount=0&nt_nextHopProtocol=h2&nt_api_level=2&start_render=9934&first_contentful_paint=9934&resource_size=1539246&resource_transferred=516267&resource_cache_percent=0&js_size=819578&js_transferred=255624&js_cache_percent=0&blocking_size=988387&blocking_transferred=265539&blocking_cache_percent=0&last_resource_end=12286
Verdicts & Comments Add Verdict or Comment
91 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| documentPictureInPicture object| _wca object| _wpemojiSettings object| runtime object| regeneratorRuntime object| wp object| wpcom object| _tkq object| _stq object| _ckyConfig object| _ckyStyles object| cookieyes function| _revisitCkyConsent function| revisitCkyConsent function| sprintf function| vsprintf undefined| $ function| jQuery function| Popper object| bootstrap object| wpdm_url object| wpdm_js object| wpdm_strings undefined| allps undefined| pss string| wpdm_pass_target object| WPDM function| _PopupCenter function| generatepass function| hideLockFrame function| wpdm_bootModal function| wpdm_boot_popup function| wpdm_iframe_modal function| wcusage_copyToClipboard function| wcu_reset_copy function| wcu_copy_embed_code function| wcuCopyToClipboard object| wc_add_to_cart_params object| woocommerce_params object| wcpayAssets object| __ATA_PP object| __ATA function| callback__lq0x3t52_1 object| jetpackSwiperLibraryPath object| jetpackCarouselStrings object| PayPalCommerceGateway object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter object| widgetBuilder object| ppcpWidgetBuilder object| ppcpResources string| google_user_agent_client_hint object| gifting_banner object| adNode string| selector object| relocateNode function| Cookies function| st_go function| linktracker_init object| $formcontrol object| wpATAJsonpFunction function| postScrollValues function| callback object| observer object| twemoji function| google_sa_impl object| google_image_requests number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| fortunadrawsco.wpcomstaging.com/ | Name: __wpdm_client Value: 87ce22e2ed2f5b1ad2adcf2c711488a9 |
|
| .wpcomstaging.com/ | Name: tk_or Value: %22%22 |
|
| .wpcomstaging.com/ | Name: tk_r3d Value: %22%22 |
|
| .wpcomstaging.com/ | Name: tk_lr Value: %22%22 |
|
| fortunadrawsco.wpcomstaging.com/ | Name: cookieyes-consent Value: consentid:bVRTQkRlc1dFZEVzMVpPRGRpMXY4RGc3SWxEaHVVY1c,consent:no,action:,necessary:yes,functional:no,analytics:no,performance:no,advertisement:no |
|
| .doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
c0.pubmine.com
c0.wp.com
fortunadrawsco.wpcomstaging.com
googleads.g.doubleclick.net
i0.wp.com
pagead2.googlesyndication.com
pixel.wp.com
s.pubmine.com
s.w.org
s0.wp.com
stats.wp.com
tpc.googlesyndication.com
wickedwhimsy.blog
www.google.com
pixel.wp.com
192.0.76.3
192.0.77.2
192.0.77.32
192.0.77.37
192.0.77.38
192.0.77.48
192.0.78.20
2a00:1450:4001:813::2004
2a00:1450:4001:81c::2001
2a00:1450:4001:827::2002
2a00:1450:4001:829::2002
3.67.181.148
34.253.242.220
0041fa29afe7225f752448478bf5fd1c2b28de45b5d70a07c4b4cba227d42660
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0200bc38d986631f9cc4680084d7d263ccf17fa4a3c627b26ff347e0cfcf1d47
05a6562177e8e5f89852e08f7bbd6b62597b35d70c92238fcab4d6674ec76048
072efd25c604061beb445678b152f362eb0f48c8b9593e073306a60cdf5e857d
088ecacefccfb1da9a5e43dccfa8f7a44c896263ed4b6ea46af53320d80b739b
0b5a02b205cf11add478a0a10a56eb54319b10b12b4d4fb6dfbab4bb586da7fc
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
11a8e12f0cac103af82e6dd1b6fbdc3b85b818658654fe2cd55c3c564aff20da
1533d5bc82424a9a3ac37a7fe543925909d25715d16938b9e02c728c86fd86e8
1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
20e55371456161b5004fbc29fc4133976710acdee4a135ed7cd55a4c74bd5636
20f071e1ab12579059429c87bb90fb5713d7e6892c7ab62e91b5843891cec71d
216728e33a7de4be9b784eff527c6ccf1658319ea78fe66a7864c0b923200252
21887c5b83211b384496919a3ede8fc99cd6d6bab068bd714b00eb05cec0c056
2757dd03ec5bddf7b89a46e39df349ab43eb60f5ad54d5e8c5991de13313a2fe
27dd9b075cc59cf5f3c0f6ee075f4bd113782d81ce30a4f16aac669ecfdc4fa2
28f99d234841f4704cc9b9ccbf3fe244f05085538b37c3badf70c356070ba98d
401373c6cddfc333e45314482184906a357ae96d1fccd5ef6c40d8b7656e7349
452505d859be1f526ec45492acb695a3d822f50e56f93e1928948233b246cda0
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4a3f0c034f2c1b99ea4390f44141857c15afeb0485ce6e856777b4acb2719b00
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
50bb7c36ecca26ef05a1d308ca06ca7f60740c7e95d20a8971909303f4fa8657
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
585d4af3a08847a4604f8796b4841ebf7eaec7211606cc954f88dc9f27c72b28
60d933619ad39f876cba41d788083b8971646802fa74aade7fba906ece34c36f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
695902fecfa33180f05f871e4f74dac4eaec8bb69fb656b8c1795652c4632ee2
6a360e4e3e7c65709b0ffefc54e4f116ea6d8c9909e68ff4578284ebaf07c5f1
7028ef6262d35db7dc22b05df3cbb3e93595ce90cd340fdc356620d961b01224
761c4ef72f1aa7bcaf50a6562e915e33d2713aefa1384d6ee1d77a3a07fb7be3
7a049f0c9709c89fd23a27e5e2246fbbb0dd2ab2f0db074ab08a125bd816c7f6
7bb4c0174e6662be620961c2f4694f6cfc7616cf830a33885143c889d405c635
8c0b5e384ae00c512f4bb1ba5e2fe622fab4bfc541c99555df38c19c329d3fe6
911f58b8d14bd6f73a83fd774e44bec97e896317c7093dc83e96921e64f1fbd5
92b4feff9bb6c863075d35cd38d989cc254f99489f574338def1949904027d42
9c32dd3b4e3dd5cbd29f1c5022bb4c1187506a5bef554a47cfa6f7ce9e6bcb84
9ddaa48947691f4edbd85d83e34061cdf5eaabf0b10b59b3922d95233b8950ee
a049e1abe441835a2bcf35258936072189a0a52d0000c4ed2094e59d2afd189b
a44fc800e479a071294416020b12e437693806d0055593771b956a724e644f33
b02c7b6dd337d3d137687162728bde2258c1733aa5f2daa0c9a978486b6d2170
b32ac08ac704f56f164eca7ed8dbc4ff2c50dff8f9e3527d2c52c93081672b02
b33670fef3f66715b0d434f56731a5f6f62d76a308e3c68cc0c4363afa1de82e
b390a3efe231d9f38b3a706a5765a2a2f0817e761f60a27556171e9a276980e3
b7b02a0caae9c8f6fc66e213763092100d79178bd32346c0148748c98f979262
bd86481b9cb374db069dd8d2f01242fe8dbeab25b6ced21b32e978679690f0a2
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c5124efb06cc9c7d2258aae87d49c307c18c9a0650063892065ba7b59422977c
c5964852604fae6fb0997a80858f9f2ee0cb6159896741625306a3a9654d9f78
c6f921178c04e85a2499b306b750c3404727a71e251c88d8d4b905aba13545ee
ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf8348b31a13262e3862e878203d8ea20b80c1dac9a777150c10c3834694a06b
d151f8c0b2659cfb63704d68654ad8d9437ae9da4410536f63ddec21689a0620
d4b871632dabf963ede00c8fa507035ef1398d658d9a5ffca414015bab172973
d92c0cb8715f872b995e9166602b68fd389905b7942fe245ce0eaf9ae9743686
da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8
dbd755232e8db5c719967555d9ed83a25353d901292c6177b56cb3cc3ad5ab3d
dc869996cbc8f47cab9aeb9523f81a7f420207a2601cce9ba45e9b7e0e261452
dce8a9bedac0886faa5d93f6e79a9f4d0c2940004d201e6d0d885b6f4d543629
dea4938fd93fead735a94821e8dc3b4baaacd832483e266463227f5ba7a82e2d
e0c12d0d6958285d255b55ab406f724ec01274fd1a403b9d2570cc58bc142f00
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed7c487f915432d9464e2af0a83002ee93596e86e076f3c917e439e5b844d08b
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f74baea0bde9b10445de40e7b063dde9c0b752e8ecc65068809385f66b81c59e
f7d4c54dc556bce61c6a59150788149f9310dcf3f1deba151612334afd20e726
f9a11de8987b50cf10160989e7776c91d174cfe246f520aa724c93b1280a3cb6
ff30a90f41391a7e739f33e65e9897edac18167a15c77305fbe2cb98486af4a4