urlscan.io logo urlscan.io
SecurityTrails logo

petitions.signforgood.com Open in urlscan Pro
52.7.241.46  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://links.dga.mkt6018.com/ctt?kn=1&ms=MTcyMjk1NTcS1&r=NTMwODc2NjcwMzk4S0&b=0&j=MTg2MDg4MzcyMgS2&mt=1&rt=0
Effective URL: https://petitions.signforgood.com/Thank-Dem-Govs?code=email|jtk6400|NN_P_HC_NL_WN&firstName=&lastName=&email=ckennedy@nm.org&zip=6...
Submission: On April 16 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 8 domains to perform 24 HTTP transactions. The main IP is 52.7.241.46, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is petitions.signforgood.com.
TLS certificate: Issued by Amazon on February 10th 2020. Valid for: a year.
This is the only time petitions.signforgood.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    74.112.69.44 (United States)

ASN19795 (SILVERPOP-ATL, US)
PTR: recp.rm02.net
links.dga.mkt6018.com
10    52.7.241.46 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-241-46.compute-1.amazonaws.com
petitions.signforgood.com
2    2a00:1450:4001:81f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    152.199.19.160 (United States)

ASN15133 (EDGECAST, US)
ajax.aspnetcdn.com
4    2600:9000:21a1:3000:3:c04e:c780:93a1 (United States)

ASN16509 (AMAZON-02, US)
ws.sharethis.com
2    2a00:1450:4001:819::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2600:9000:2156:6a00:c:a9b7:ddc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
c.sharethis.mgr.consensu.org
2    3.124.133.106 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-133-106.eu-central-1.compute.amazonaws.com
l.sharethis.com
Domain Requested by
10 petitions.signforgood.com petitions.signforgood.com
ajax.googleapis.com
4 ws.sharethis.com petitions.signforgood.com
ws.sharethis.com
2 l.sharethis.com ws.sharethis.com
2 connect.facebook.net petitions.signforgood.com
connect.facebook.net
2 www.google-analytics.com petitions.signforgood.com
2 ajax.googleapis.com petitions.signforgood.com
1 c.sharethis.mgr.consensu.org ws.sharethis.com
1 ajax.aspnetcdn.com petitions.signforgood.com
1 links.dga.mkt6018.com 1 redirects
24 9

This site contains no links.

Subject Issuer Validity Valid
petitions.signforgood.com
Amazon		 2020-02-10 -
2021-03-10		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-04-01 -
2020-06-24		 3 months crt.sh
*.vo.msecnd.net
Microsoft IT TLS CA 2		 2020-03-18 -
2022-03-18		 2 years crt.sh
*.sharethis.com
Go Daddy Secure Certificate Authority - G2		 2017-09-26 -
2020-09-29		 3 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-04-01 -
2020-06-24		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-03-01 -
2020-05-30		 3 months crt.sh
*.sharethis.mgr.consensu.org
Go Daddy Secure Certificate Authority - G2		 2018-05-21 -
2020-05-21		 2 years crt.sh

This page contains 3 frames:

Primary Page: https://petitions.signforgood.com/Thank-Dem-Govs?code=email|jtk6400|NN_P_HC_NL_WN&firstName=&lastName=&email=ckennedy@nm.org&zip=60629&ask=1&amounts=1%2C5%2C25%2C50%2C100%2C250&redirect=http%3A%2F%2Fsurveys.signforgood.com%2Fdga-thank-dem-govs%3Fcode%3Demail%7Cjtk6400%7CNN_P_HC_NL_WN%26abpage%3DDGA%26donor%3DN
Frame ID: A63539F2EE50D1C28B3ACEF99A5EC2A4
Requests: 22 HTTP requests in this frame

Frame: https://c.sharethis.mgr.consensu.org/portal-v2.html
Frame ID: 4847A735A1AE010DE721CEAEB7858E9B
Requests: 1 HTTP requests in this frame

Frame: https://ws.sharethis.com/secure5x/index.html
Frame ID: 54E56EAF703C9585F17B4CB2114D26A1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://links.dga.mkt6018.com/ctt?kn=1&ms=MTcyMjk1NTcS1&r=NTMwODc2NjcwMzk4S0&b=0&j=MTg2MDg4MzcyMgS2&mt=1&rt=0 HTTP 302
    https://petitions.signforgood.com/Thank-Dem-Govs?code=email|jtk6400|NN_P_HC_NL_WN&firstName=&lastName=&email=c... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
  • script /jquery-ui.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
  • script /jquery-ui.*\.js/i

Page Statistics

24
Requests

100 %
HTTPS

56 %
IPv6

8
Domains

9
Subdomains

8
IPs

3
Countries

607 kB
Transfer

1241 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://links.dga.mkt6018.com/ctt?kn=1&ms=MTcyMjk1NTcS1&r=NTMwODc2NjcwMzk4S0&b=0&j=MTg2MDg4MzcyMgS2&mt=1&rt=0 HTTP 302
    https://petitions.signforgood.com/Thank-Dem-Govs?code=email|jtk6400|NN_P_HC_NL_WN&firstName=&lastName=&email=ckennedy@nm.org&zip=60629&ask=1&amounts=1%2C5%2C25%2C50%2C100%2C250&redirect=http%3A%2F%2Fsurveys.signforgood.com%2Fdga-thank-dem-govs%3Fcode%3Demail%7Cjtk6400%7CNN_P_HC_NL_WN%26abpage%3DDGA%26donor%3DN Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Thank-Dem-Govs
petitions.signforgood.com/
Redirect Chain
  • http://links.dga.mkt6018.com/ctt?kn=1&ms=MTcyMjk1NTcS1&r=NTMwODc2NjcwMzk4S0&b=0&j=MTg2MDg4MzcyMgS2&mt=1&rt=0
  • https://petitions.signforgood.com/Thank-Dem-Govs?code=email|jtk6400|NN_P_HC_NL_WN&firstName=&lastName=&email=ckennedy@nm.org&zip=60629&ask=1&amounts=1%2C5%2C25%2C50%2C100%2C250&redirect=http%3A%2F%...
9 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://petitions.signforgood.com/Thank-Dem-Govs?code=email|jtk6400|NN_P_HC_NL_WN&firstName=&lastName=&email=ckennedy@nm.org&zip=60629&ask=1&amounts=1%2C5%2C25%2C50%2C100%2C250&redirect=http%3A%2F%2Fsurveys.signforgood.com%2Fdga-thank-dem-govs%3Fcode%3Demail%7Cjtk6400%7CNN_P_HC_NL_WN%26abpage%3DDGA%26donor%3DN
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.241.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-241-46.compute-1.amazonaws.com
Software
nginx/1.12.1 / Express
Resource Hash
fab241a3a9d291c39d28f68e4737e1e78a1c6b97fc01c222ef06ee0bc3e18f22

Request headers

Host
petitions.signforgood.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
text/html; charset=utf-8
Date
Thu, 16 Apr 2020 19:43:17 GMT
ETag
W/"23e7-hJpyLV3dzhvsqI/fTYLPWQ"
Server
nginx/1.12.1
X-Powered-By
Express
Content-Length
9191
Connection
keep-alive

Redirect headers

Date
Thu, 16 Apr 2020 19:43:16 GMT
Location
https://petitions.signforgood.com/Thank-Dem-Govs?code=email|jtk6400|NN_P_HC_NL_WN&firstName=&lastName=&email=ckennedy@nm.org&zip=60629&ask=1&amounts=1%2C5%2C25%2C50%2C100%2C250&redirect=http%3A%2F%2Fsurveys.signforgood.com%2Fdga-thank-dem-govs%3Fcode%3Demail%7Cjtk6400%7CNN_P_HC_NL_WN%26abpage%3DDGA%26donor%3DN
Content-Length
0
Connection
close
Content-Type
text/plain; charset=UTF-8
styles.css
petitions.signforgood.com/static/css/ 		23 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://petitions.signforgood.com/static/css/styles.css
Requested by
Host: petitions.signforgood.com
URL: https://petitions.signforgood.com/Thank-Dem-Govs?code=email|jtk6400|NN_P_HC_NL_WN&firstName=&lastName=&email=ckennedy@nm.org&zip=60629&ask=1&amounts=1%2C5%2C25%2C50%2C100%2C250&redirect=http%3A%2F%2Fsurveys.signforgood.com%2Fdga-thank-dem-govs%3Fcode%3Demail%7Cjtk6400%7CNN_P_HC_NL_WN%26abpage%3DDGA%26donor%3DN
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.241.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-241-46.compute-1.amazonaws.com
Software
nginx/1.12.1 / Express
Resource Hash
f1eb09ac4e8ef4ddbbe5abd8f34c7e84cd38a3f914d613dca96c3f2e597f502b

Request headers

Referer
https://petitions.signforgood.com/Thank-Dem-Govs?code=email|jtk6400|NN_P_HC_NL_WN&firstName=&lastName=&email=ckennedy@nm.org&zip=60629&ask=1&amounts=1%2C5%2C25%2C50%2C100%2C250&redirect=http%3A%2F%2Fsurveys.signforgood.com%2Fdga-thank-dem-govs%3Fcode%3Demail%7Cjtk6400%7CNN_P_HC_NL_WN%26abpage%3DDGA%26donor%3DN
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 16 Apr 2020 19:43:17 GMT
Last-Modified
Tue, 19 Nov 2019 17:31:35 GMT
Server
nginx/1.12.1
X-Powered-By
Express
ETag
W/"5a46-16e84b834d8"
Content-Type
text/css; charset=UTF-8
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23110
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Requested by
Host: petitions.signforgood.com
URL: https://petitions.signforgood.com/Thank-Dem-Govs?code=email|jtk6400|NN_P_HC_NL_WN&firstName=&lastName=&email=ckennedy@nm.org&zip=60629&ask=1&amounts=1%2C5%2C25%2C50%2C100%2C250&redirect=http%3A%2F%2Fsurveys.signforgood.com%2Fdga-thank-dem-govs%3Fcode%3Demail%7Cjtk6400%7CNN_P_HC_NL_WN%26abpage%3DDGA%26donor%3DN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://petitions.signforgood.com/Thank-Dem-Govs?code=email|jtk6400|NN_P_HC_NL_WN&firstName=&lastName=&email=ckennedy@nm.org&zip=60629&ask=1&amounts=1%2C5%2C25%2C50%2C100%2C250&redirect=http%3A%2F%2Fsurveys.signforgood.com%2Fdga-thank-dem-govs%3Fcode%3Demail%7Cjtk6400%7CNN_P_HC_NL_WN%26abpage%3DDGA%26donor%3DN
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 04 Apr 2020 15:16:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1052830
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
33507
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 04 Apr 2021 15:16:07 GMT
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.8.13/ 		195 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.13/jquery-ui.min.js
Requested by
Host: petitions.signforgood.com
URL: https://petitions.signforgood.com/Thank-Dem-Govs?code=email|jtk6400|NN_P_HC_NL_WN&firstName=&lastName=&email=ckennedy@nm.org&zip=60629&ask=1&amounts=1%2C5%2C25%2C50%2C100%2C250&redirect=http%3A%2F%2Fsurveys.signforgood.com%2Fdga-thank-dem-govs%3Fcode%3Demail%7Cjtk6400%7CNN_P_HC_NL_WN%26abpage%3DDGA%26donor%3DN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d87043ac816dbfadae73fcc32f84eadb9a665cf97ae938bea9702a27d3e9a54a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://petitions.signforgood.com/Thank-Dem-Govs?code=email|jtk6400|NN_P_HC_NL_WN&firstName=&lastName=&email=ckennedy@nm.org&zip=60629&ask=1&amounts=1%2C5%2C25%2C50%2C100%2C250&redirect=http%3A%2F%2Fsurveys.signforgood.com%2Fdga-thank-dem-govs%3Fcode%3Demail%7Cjtk6400%7CNN_P_HC_NL_WN%26abpage%3DDGA%26donor%3DN
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 04 Apr 2020 07:04:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1082331
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
51711
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 04 Apr 2021 07:04:26 GMT
jquery.validate.min.js
ajax.aspnetcdn.com/ajax/jquery.validate/1.14.0/ 		21 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.aspnetcdn.com/ajax/jquery.validate/1.14.0/jquery.validate.min.js
Requested by
Host: petitions.signforgood.com
URL: https://petitions.signforgood.com/Thank-Dem-Govs?code=email|jtk6400|NN_P_HC_NL_WN&firstName=&lastName=&email=ckennedy@nm.org&zip=60629&ask=1&amounts=1%2C5%2C25%2C50%2C100%2C250&redirect=http%3A%2F%2Fsurveys.signforgood.com%2Fdga-thank-dem-govs%3Fcode%3Demail%7Cjtk6400%7CNN_P_HC_NL_WN%26abpage%3DDGA%26donor%3DN
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8B65) /
Resource Hash
2e3e3b2660cbfaac5febf7a50b31d0494159989626a84102b2c3792cffe27d13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://petitions.signforgood.com/Thank-Dem-Govs?code=email|jtk6400|NN_P_HC_NL_WN&firstName=&lastName=&email=ckennedy@nm.org&zip=60629&ask=1&amounts=1%2C5%2C25%2C50%2C100%2C250&redirect=http%3A%2F%2Fsurveys.signforgood.com%2Fdga-thank-dem-govs%3Fcode%3Demail%7Cjtk6400%7CNN_P_HC_NL_WN%26abpage%3DDGA%26donor%3DN
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 16 Apr 2020 19:43:17 GMT
x-content-type-options
nosniff
last-modified
Mon, 31 Oct 2016 23:42:30 GMT
server
ECAcc (ama/8B65)
age
23480285
etag
"54f11b72d033d21:0"
status
200
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
21090
x-xss-protection
1; mode=block
modernizr.custom.45138.js
petitions.signforgood.com/static/js/modernizr/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://petitions.signforgood.com/static/js/modernizr/modernizr.custom.45138.js
Requested by
Host: petitions.signforgood.com
URL: https://petitions.signforgood.com/Thank-Dem-Govs?code=email|jtk6400|NN_P_HC_NL_WN&firstName=&lastName=&email=ckennedy@nm.org&zip=60629&ask=1&amounts=1%2C5%2C25%2C50%2C100%2C250&redirect=http%3A%2F%2Fsurveys.signforgood.com%2Fdga-thank-dem-govs%3Fcode%3Demail%7Cjtk6400%7CNN_P_HC_NL_WN%26abpage%3DDGA%26donor%3DN
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.241.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-241-46.compute-1.amazonaws.com
Software
nginx/1.12.1 / Express
Resource Hash
7db3c445760c43f809f076da6a4f6b249ac93b442ab6b1631e5c09a64d524092

Request headers

Referer
https://petitions.signforgood.com/Thank-Dem-Govs?code=email|jtk6400|NN_P_HC_NL_WN&firstName=&lastName=&email=ckennedy@nm.org&zip=60629&ask=1&amounts=1%2C5%2C25%2C50%2C100%2C250&redirect=http%3A%2F%2Fsurveys.signforgood.com%2Fdga-thank-dem-govs%3Fcode%3Demail%7Cjtk6400%7CNN_P_HC_NL_WN%26abpage%3DDGA%26donor%3DN
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 16 Apr 2020 19:43:17 GMT
Last-Modified
Tue, 19 Nov 2019 17:31:35 GMT
Server
nginx/1.12.1
X-Powered-By
Express
ETag
W/"1f23-16e84b834d8"
Content-Type
application/javascript
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7971
mailcheck.min.js
petitions.signforgood.com/static/js/mailcheck/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://petitions.signforgood.com/static/js/mailcheck/mailcheck.min.js
Requested by
Host: petitions.signforgood.com
URL: https://petitions.signforgood.com/Thank-Dem-Govs?code=email|jtk6400|NN_P_HC_NL_WN&firstName=&lastName=&email=ckennedy@nm.org&zip=60629&ask=1&amounts=1%2C5%2C25%2C50%2C100%2C250&redirect=http%3A%2F%2Fsurveys.signforgood.com%2Fdga-thank-dem-govs%3Fcode%3Demail%7Cjtk6400%7CNN_P_HC_NL_WN%26abpage%3DDGA%26donor%3DN
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.241.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-241-46.compute-1.amazonaws.com
Software
nginx/1.12.1 / Express
Resource Hash
7090005d203e5e17807ca94e1992fd57076443c8a0aad133803acdc40a1a13ed

Request headers

Referer
https://petitions.signforgood.com/Thank-Dem-Govs?code=email|jtk6400|NN_P_HC_NL_WN&firstName=&lastName=&email=ckennedy@nm.org&zip=60629&ask=1&amounts=1%2C5%2C25%2C50%2C100%2C250&redirect=http%3A%2F%2Fsurveys.signforgood.com%2Fdga-thank-dem-govs%3Fcode%3Demail%7Cjtk6400%7CNN_P_HC_NL_WN%26abpage%3DDGA%26donor%3DN
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 16 Apr 2020 19:43:17 GMT
Last-Modified
Tue, 19 Nov 2019 17:31:35 GMT
Server
nginx/1.12.1
X-Powered-By
Express
ETag
W/"8f9-16e84b834d8"
Content-Type
application/javascript
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2297
main.js
petitions.signforgood.com/static/js/prefab_main/ 		8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://petitions.signforgood.com/static/js/prefab_main/main.js
Requested by
Host: petitions.signforgood.com
URL: https://petitions.signforgood.com/Thank-Dem-Govs?code=email|jtk6400|NN_P_HC_NL_WN&firstName=&lastName=&email=ckennedy@nm.org&zip=60629&ask=1&amounts=1%2C5%2C25%2C50%2C100%2C250&redirect=http%3A%2F%2Fsurveys.signforgood.com%2Fdga-thank-dem-govs%3Fcode%3Demail%7Cjtk6400%7CNN_P_HC_NL_WN%26abpage%3DDGA%26donor%3DN
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.241.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-241-46.compute-1.amazonaws.com
Software
nginx/1.12.1 / Express
Resource Hash
86646598f05c2f7c128c1200637e090ebf50123a4b50ba96b868da0a0de6bb44

Request headers

Referer
https://petitions.signforgood.com/Thank-Dem-Govs?code=email|jtk6400|NN_P_HC_NL_WN&firstName=&lastName=&email=ckennedy@nm.org&zip=60629&ask=1&amounts=1%2C5%2C25%2C50%2C100%2C250&redirect=http%3A%2F%2Fsurveys.signforgood.com%2Fdga-thank-dem-govs%3Fcode%3Demail%7Cjtk6400%7CNN_P_HC_NL_WN%26abpage%3DDGA%26donor%3DN
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 16 Apr 2020 19:43:17 GMT
Last-Modified
Tue, 19 Nov 2019 17:31:35 GMT
Server
nginx/1.12.1
X-Powered-By
Express
ETag
W/"21ad-16e84b834d8"
Content-Type
application/javascript
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8621
buttons.js
ws.sharethis.com/button/ 		56 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ws.sharethis.com/button/buttons.js
Requested by
Host: petitions.signforgood.com
URL: https://petitions.signforgood.com/Thank-Dem-Govs?code=email|jtk6400|NN_P_HC_NL_WN&firstName=&lastName=&email=ckennedy@nm.org&zip=60629&ask=1&amounts=1%2C5%2C25%2C50%2C100%2C250&redirect=http%3A%2F%2Fsurveys.signforgood.com%2Fdga-thank-dem-govs%3Fcode%3Demail%7Cjtk6400%7CNN_P_HC_NL_WN%26abpage%3DDGA%26donor%3DN
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21a1:3000:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
50fa6c5f9d256f799a7e12a654b5a9073782074ed18cd2fdfa1a22a511ed4a6e

Request headers

Referer
https://petitions.signforgood.com/Thank-Dem-Govs?code=email|jtk6400|NN_P_HC_NL_WN&firstName=&lastName=&email=ckennedy@nm.org&zip=60629&ask=1&amounts=1%2C5%2C25%2C50%2C100%2C250&redirect=http%3A%2F%2Fsurveys.signforgood.com%2Fdga-thank-dem-govs%3Fcode%3Demail%7Cjtk6400%7CNN_P_HC_NL_WN%26abpage%3DDGA%26donor%3DN
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 15 Apr 2020 06:08:14 GMT
content-encoding
gzip
server
nginx/1.16.1
age
135303
etag
"5e864446-de90"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=259200
x-amz-cf-pop
MUC51-C1
x-robots-tag
noindex, nofollow
x-amz-cf-id
fmADSmEbTYdWB5ulh-5gwA3E8dyOMmhgKLUwmI-pJUm7TBoDZKyLCA==
via
1.1 7187cfd76669785d6cdaa648abee3065.cloudfront.net (CloudFront)
expires
Sat, 18 Apr 2020 06:08:14 GMT
intlTelInput.css
petitions.signforgood.com/intl-tel-input/css/ 		27 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://petitions.signforgood.com/intl-tel-input/css/intlTelInput.css
Requested by
Host: petitions.signforgood.com
URL: https://petitions.signforgood.com/Thank-Dem-Govs?code=email|jtk6400|NN_P_HC_NL_WN&firstName=&lastName=&email=ckennedy@nm.org&zip=60629&ask=1&amounts=1%2C5%2C25%2C50%2C100%2C250&redirect=http%3A%2F%2Fsurveys.signforgood.com%2Fdga-thank-dem-govs%3Fcode%3Demail%7Cjtk6400%7CNN_P_HC_NL_WN%26abpage%3DDGA%26donor%3DN
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.241.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-241-46.compute-1.amazonaws.com
Software
nginx/1.12.1 / Express
Resource Hash
437e649ff48cf805b99a8b0abe1f5c7687d66765d940408f1542d55afe0b07a5

Request headers

Referer
https://petitions.signforgood.com/Thank-Dem-Govs?code=email|jtk6400|NN_P_HC_NL_WN&firstName=&lastName=&email=ckennedy@nm.org&zip=60629&ask=1&amounts=1%2C5%2C25%2C50%2C100%2C250&redirect=http%3A%2F%2Fsurveys.signforgood.com%2Fdga-thank-dem-govs%3Fcode%3Demail%7Cjtk6400%7CNN_P_HC_NL_WN%26abpage%3DDGA%26donor%3DN
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 16 Apr 2020 19:43:17 GMT
Last-Modified
Tue, 04 Apr 2017 22:17:54 GMT
Server
nginx/1.12.1
X-Powered-By
Express
ETag
W/"6d39-15b3b0bb250"
Content-Type
text/css; charset=UTF-8
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27961
intlTelInput.min.js
petitions.signforgood.com/intl-tel-input/js/ 		23 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://petitions.signforgood.com/intl-tel-input/js/intlTelInput.min.js
Requested by
Host: petitions.signforgood.com
URL: https://petitions.signforgood.com/Thank-Dem-Govs?code=email|jtk6400|NN_P_HC_NL_WN&firstName=&lastName=&email=ckennedy@nm.org&zip=60629&ask=1&amounts=1%2C5%2C25%2C50%2C100%2C250&redirect=http%3A%2F%2Fsurveys.signforgood.com%2Fdga-thank-dem-govs%3Fcode%3Demail%7Cjtk6400%7CNN_P_HC_NL_WN%26abpage%3DDGA%26donor%3DN
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.241.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-241-46.compute-1.amazonaws.com
Software
nginx/1.12.1 / Express
Resource Hash
afa256c4c0c2f29087fcb97123cb12b51d9af01263cdda68e6d11a0088b25049

Request headers

Referer
https://petitions.signforgood.com/Thank-Dem-Govs?code=email|jtk6400|NN_P_HC_NL_WN&firstName=&lastName=&email=ckennedy@nm.org&zip=60629&ask=1&amounts=1%2C5%2C25%2C50%2C100%2C250&redirect=http%3A%2F%2Fsurveys.signforgood.com%2Fdga-thank-dem-govs%3Fcode%3Demail%7Cjtk6400%7CNN_P_HC_NL_WN%26abpage%3DDGA%26donor%3DN
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 16 Apr 2020 19:43:17 GMT
Last-Modified
Thu, 01 Mar 2018 10:51:56 GMT
Server
nginx/1.12.1
X-Powered-By
Express
ETag
W/"5afe-161e130a0e0"
Content-Type
application/javascript
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23294
utils.js
petitions.signforgood.com/intl-tel-input/js/ 		221 KB
222 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://petitions.signforgood.com/intl-tel-input/js/utils.js
Requested by
Host: petitions.signforgood.com
URL: https://petitions.signforgood.com/Thank-Dem-Govs?code=email|jtk6400|NN_P_HC_NL_WN&firstName=&lastName=&email=ckennedy@nm.org&zip=60629&ask=1&amounts=1%2C5%2C25%2C50%2C100%2C250&redirect=http%3A%2F%2Fsurveys.signforgood.com%2Fdga-thank-dem-govs%3Fcode%3Demail%7Cjtk6400%7CNN_P_HC_NL_WN%26abpage%3DDGA%26donor%3DN
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.241.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-241-46.compute-1.amazonaws.com
Software
nginx/1.12.1 / Express
Resource Hash
fc5d3634a35396df921415c955f1e37292a681beb68ebfb24cce7e86546890f8

Request headers

Referer
https://petitions.signforgood.com/Thank-Dem-Govs?code=email|jtk6400|NN_P_HC_NL_WN&firstName=&lastName=&email=ckennedy@nm.org&zip=60629&ask=1&amounts=1%2C5%2C25%2C50%2C100%2C250&redirect=http%3A%2F%2Fsurveys.signforgood.com%2Fdga-thank-dem-govs%3Fcode%3Demail%7Cjtk6400%7CNN_P_HC_NL_WN%26abpage%3DDGA%26donor%3DN
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 16 Apr 2020 19:43:17 GMT
Last-Modified
Thu, 01 Mar 2018 10:51:13 GMT
Server
nginx/1.12.1
X-Powered-By
Express
ETag
W/"374f2-161e12ff8e8"
Content-Type
application/javascript
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
226546
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: petitions.signforgood.com
URL: https://petitions.signforgood.com/Thank-Dem-Govs?code=email|jtk6400|NN_P_HC_NL_WN&firstName=&lastName=&email=ckennedy@nm.org&zip=60629&ask=1&amounts=1%2C5%2C25%2C50%2C100%2C250&redirect=http%3A%2F%2Fsurveys.signforgood.com%2Fdga-thank-dem-govs%3Fcode%3Demail%7Cjtk6400%7CNN_P_HC_NL_WN%26abpage%3DDGA%26donor%3DN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://petitions.signforgood.com/Thank-Dem-Govs?code=email|jtk6400|NN_P_HC_NL_WN&firstName=&lastName=&email=ckennedy@nm.org&zip=60629&ask=1&amounts=1%2C5%2C25%2C50%2C100%2C250&redirect=http%3A%2F%2Fsurveys.signforgood.com%2Fdga-thank-dem-govs%3Fcode%3Demail%7Cjtk6400%7CNN_P_HC_NL_WN%26abpage%3DDGA%26donor%3DN
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
283
date
Thu, 16 Apr 2020 19:38:34 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
18174
expires
Thu, 16 Apr 2020 21:38:34 GMT
async-buttons.js
ws.sharethis.com/button/ 		89 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ws.sharethis.com/button/async-buttons.js
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/buttons.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21a1:3000:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
602510db47352dc2e1571a888f1e78bb7f1f742b64b7156798391dd121a6acd4

Request headers

Referer
https://petitions.signforgood.com/Thank-Dem-Govs?code=email|jtk6400|NN_P_HC_NL_WN&firstName=&lastName=&email=ckennedy@nm.org&zip=60629&ask=1&amounts=1%2C5%2C25%2C50%2C100%2C250&redirect=http%3A%2F%2Fsurveys.signforgood.com%2Fdga-thank-dem-govs%3Fcode%3Demail%7Cjtk6400%7CNN_P_HC_NL_WN%26abpage%3DDGA%26donor%3DN
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 14 Apr 2020 11:36:47 GMT
content-encoding
gzip
server
nginx/1.16.1
age
201990
etag
W/"5e864575-162e8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=259200
x-amz-cf-pop
MUC51-C1
x-robots-tag
noindex, nofollow
x-amz-cf-id
bCRc-C-8dJLVSWxj6fqI-U6O8nWk_Ia4anRVmVow6-NvK6hZ82Pltg==
via
1.1 7187cfd76669785d6cdaa648abee3065.cloudfront.net (CloudFront)
expires
Fri, 17 Apr 2020 11:36:47 GMT
collect
www.google-analytics.com/r/ 		35 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j81&a=574927522&t=pageview&_s=1&dl=https%3A%2F%2Fpetitions.signforgood.com%2FThank-Dem-Govs%3Fcode%3Demail%7Cjtk6400%7CNN_P_HC_NL_WN%26firstName%3D%26lastName%3D%26email%3Dckennedy%40nm.org%26zip%3D60629%26ask%3D1%26amounts%3D1%252C5%252C25%252C50%252C100%252C250%26redirect%3Dhttp%253A%252F%252Fsurveys.signforgood.com%252Fdga-thank-dem-govs%253Fcode%253Demail%257Cjtk6400%257CNN_P_HC_NL_WN%2526abpage%253DDGA%2526donor%253DN&ul=en-us&de=UTF-8&dt=SIGN%20THE%20CARD%3A%20Thank%20you%2C%20Democratic%20governors%2C%20for%20your%20tireless%20leadership!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=459260558&gjid=1972588184&cid=50706204.1587066198&tid=UA-9499230-25&_gid=1886430924.1587066198&_r=1&z=707092601
Requested by
Host: petitions.signforgood.com
URL: https://petitions.signforgood.com/Thank-Dem-Govs?code=email|jtk6400|NN_P_HC_NL_WN&firstName=&lastName=&email=ckennedy@nm.org&zip=60629&ask=1&amounts=1%2C5%2C25%2C50%2C100%2C250&redirect=http%3A%2F%2Fsurveys.signforgood.com%2Fdga-thank-dem-govs%3Fcode%3Demail%7Cjtk6400%7CNN_P_HC_NL_WN%26abpage%3DDGA%26donor%3DN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://petitions.signforgood.com/Thank-Dem-Govs?code=email|jtk6400|NN_P_HC_NL_WN&firstName=&lastName=&email=ckennedy@nm.org&zip=60629&ask=1&amounts=1%2C5%2C25%2C50%2C100%2C250&redirect=http%3A%2F%2Fsurveys.signforgood.com%2Fdga-thank-dem-govs%3Fcode%3Demail%7Cjtk6400%7CNN_P_HC_NL_WN%26abpage%3DDGA%26donor%3DN
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Apr 2020 19:43:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
buttons-secure.css
ws.sharethis.com/button/css/ 		23 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ws.sharethis.com/button/css/buttons-secure.css
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21a1:3000:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05

Request headers

Referer
https://petitions.signforgood.com/Thank-Dem-Govs?code=email|jtk6400|NN_P_HC_NL_WN&firstName=&lastName=&email=ckennedy@nm.org&zip=60629&ask=1&amounts=1%2C5%2C25%2C50%2C100%2C250&redirect=http%3A%2F%2Fsurveys.signforgood.com%2Fdga-thank-dem-govs%3Fcode%3Demail%7Cjtk6400%7CNN_P_HC_NL_WN%26abpage%3DDGA%26donor%3DN
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 16 Apr 2020 19:20:56 GMT
content-encoding
gzip
last-modified
Thu, 02 Apr 2020 20:05:09 GMT
server
nginx/1.16.1
age
1341
etag
W/"5e864575-5a76"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
status
200
x-amz-cf-pop
MUC51-C1
x-robots-tag
noindex, nofollow
content-length
3851
via
1.1 7187cfd76669785d6cdaa648abee3065.cloudfront.net (CloudFront)
x-amz-cf-id
XhFY63ETjk9nGCEAiVQuvTJXpSx8yHWkfGhRWTFg2HfUIqPn6hGqVA==
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: petitions.signforgood.com
URL: https://petitions.signforgood.com/Thank-Dem-Govs?code=email|jtk6400|NN_P_HC_NL_WN&firstName=&lastName=&email=ckennedy@nm.org&zip=60629&ask=1&amounts=1%2C5%2C25%2C50%2C100%2C250&redirect=http%3A%2F%2Fsurveys.signforgood.com%2Fdga-thank-dem-govs%3Fcode%3Demail%7Cjtk6400%7CNN_P_HC_NL_WN%26abpage%3DDGA%26donor%3DN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
527e39d2a1d619bd49ce6f8ae4e98c22afda95fa9f053af325d150bfbef7fb99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://petitions.signforgood.com/Thank-Dem-Govs?code=email|jtk6400|NN_P_HC_NL_WN&firstName=&lastName=&email=ckennedy@nm.org&zip=60629&ask=1&amounts=1%2C5%2C25%2C50%2C100%2C250&redirect=http%3A%2F%2Fsurveys.signforgood.com%2Fdga-thank-dem-govs%3Fcode%3Demail%7Cjtk6400%7CNN_P_HC_NL_WN%26abpage%3DDGA%26donor%3DN
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
T5UEj/WSpVA4gtXixhrz3A==
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
1780
etag
"543f608e2a6fa056587a6382e0feb5b7"
x-fb-debug
ZfVT7ITZLJrBjTD0Pgdl3T0YU9GkT2h1k93HVg7Va851aISqowLvj/WygOWRQU7CEX791MSiIAfzWmUOKcKR7w==
x-fb-trip-id
1850256238
x-fb-content-md5
81e7844150990793add3cb0ab8e0e16e
x-frame-options
DENY
date
Thu, 16 Apr 2020 19:43:18 GMT, Thu, 16 Apr 2020 19:43:18 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 16 Apr 2020 19:51:36 GMT
body_bg_blue.png
petitions.signforgood.com/static/css/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://petitions.signforgood.com/static/css/img/body_bg_blue.png
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.241.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-241-46.compute-1.amazonaws.com
Software
nginx/1.12.1 / Express
Resource Hash
59ccdf841a0b3074ca25b5960be3f450be320ff7b9e5a081a0810d080d1f0f4e

Request headers

Referer
https://petitions.signforgood.com/static/css/styles.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 16 Apr 2020 19:43:18 GMT
Last-Modified
Tue, 19 Nov 2019 17:31:35 GMT
Server
nginx/1.12.1
X-Powered-By
Express
ETag
W/"a4c-16e84b834d8"
Content-Type
image/png
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2636
submit_red.png
petitions.signforgood.com/static/css/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://petitions.signforgood.com/static/css/img/submit_red.png
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.241.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-241-46.compute-1.amazonaws.com
Software
nginx/1.12.1 / Express
Resource Hash
9cf30d86cb809ce49f7b1b13533bc42e6d57c407c85dd790d4e41b0dde86659e

Request headers

Referer
https://petitions.signforgood.com/static/css/styles.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 16 Apr 2020 19:43:18 GMT
Last-Modified
Tue, 19 Nov 2019 17:31:35 GMT
Server
nginx/1.12.1
X-Powered-By
Express
ETag
W/"b25-16e84b834d8"
Content-Type
image/png
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2853
portal-v2.html
c.sharethis.mgr.consensu.org/ Frame 4847 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://c.sharethis.mgr.consensu.org/portal-v2.html
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/buttons.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:6a00:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

:method
GET
:authority
c.sharethis.mgr.consensu.org
:scheme
https
:path
/portal-v2.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://petitions.signforgood.com/Thank-Dem-Govs?code=email|jtk6400|NN_P_HC_NL_WN&firstName=&lastName=&email=ckennedy@nm.org&zip=60629&ask=1&amounts=1%2C5%2C25%2C50%2C100%2C250&redirect=http%3A%2F%2Fsurveys.signforgood.com%2Fdga-thank-dem-govs%3Fcode%3Demail%7Cjtk6400%7CNN_P_HC_NL_WN%26abpage%3DDGA%26donor%3DN
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://petitions.signforgood.com/Thank-Dem-Govs?code=email|jtk6400|NN_P_HC_NL_WN&firstName=&lastName=&email=ckennedy@nm.org&zip=60629&ask=1&amounts=1%2C5%2C25%2C50%2C100%2C250&redirect=http%3A%2F%2Fsurveys.signforgood.com%2Fdga-thank-dem-govs%3Fcode%3Demail%7Cjtk6400%7CNN_P_HC_NL_WN%26abpage%3DDGA%26donor%3DN

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
max-age=600, public
edge-control
cache-maxage=60m,downstream-ttl=60m
accept-ranges
bytes
last-modified
Mon, 06 Apr 2020 18:33:25 GMT
etag
W/"39db-17150c4c508"
content-encoding
gzip
date
Thu, 16 Apr 2020 19:36:48 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
k-tkTyk5bu1053LblMrJJQIRQ5e2phP4EE4boqx6RF4YOdXjszsFMQ==
age
390
sdk.js
connect.facebook.net/en_US/ 		390 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=e2cd727f521e9185f50c62a91eddcf22&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c73765e93e7a8a6a0557576bb8cade2fc0793ecafd2ebb8866cfebf230edb0bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://petitions.signforgood.com/Thank-Dem-Govs?code=email|jtk6400|NN_P_HC_NL_WN&firstName=&lastName=&email=ckennedy@nm.org&zip=60629&ask=1&amounts=1%2C5%2C25%2C50%2C100%2C250&redirect=http%3A%2F%2Fsurveys.signforgood.com%2Fdga-thank-dem-govs%3Fcode%3Demail%7Cjtk6400%7CNN_P_HC_NL_WN%26abpage%3DDGA%26donor%3DN
Origin
https://petitions.signforgood.com

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
f/n5tfI0EMsrTqvsW7hlYQ==
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
116012
etag
"5e37d5884fd1e58afa4f3ffec37afb94"
x-fb-debug
7SbdzRCEVB2G/BnOtDvKyaq2CsR2O2YEsQJY62mlv657BajttNgcZFtwDYzGNLwvbYLTB5lD1yeJ4m5qDHKWNQ==
x-fb-trip-id
1850256238
x-fb-content-md5
86e2b599f1eab7145588e056ad60e36b
x-frame-options
DENY
date
Thu, 16 Apr 2020 19:43:18 GMT, Thu, 16 Apr 2020 19:43:18 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Fri, 16 Apr 2021 19:31:36 GMT
pview
l.sharethis.com/ 		0
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&fpc=e1711f2-17184845726-15a587a6-1&sessionID=1587066197799.57387&hostname=petitions.signforgood.com&location=%2FThank-Dem-Govs&product=widget&stid=&fcmp=false&publisher=5a49780e-b518-424c-abec-d511b5253dcb&refDomain=&refQuery=&shareHash=sthash.AePjcaSa&incomingHash=&bsamesite=true&consentDomain=.consensu.org&gdpr_domain=.consensu.org&gdpr_domain_v1=.consensu.org&url=https%3A%2F%2Fpetitions.signforgood.com%2FThank-Dem-Govs%3Fcode%3Demail%7Cjtk6400%7CNN_P_HC_NL_WN%26firstName%3D%26lastName%3D%26email%3Dckennedy%40nm.org%26zip%3D60629%26ask%3D1%26amounts%3D1%252C5%252C25%252C50%252C100%252C250%26redirect%3Dhttp%253A%252F%252Fsurveys.signforgood.com%252Fdga-thank-dem-govs%253Fcode%253Demail%7Cjtk6400%7CNN_P_HC_NL_WN%2526abpage%253DDGA%2526donor%253DN%23sthash.AePjcaSa&sharURL=&buttonType=ERROR&destination=ERROR&source=ERROR&title=SIGN%20THE%20CARD%3A%20Thank%20you%2C%20Democratic%20governors%2C%20for%20your%20tireless%20leadership!&ts1587066197799.0=&sop=false
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/buttons.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.133.106 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-133-106.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://petitions.signforgood.com/Thank-Dem-Govs?code=email|jtk6400|NN_P_HC_NL_WN&firstName=&lastName=&email=ckennedy@nm.org&zip=60629&ask=1&amounts=1%2C5%2C25%2C50%2C100%2C250&redirect=http%3A%2F%2Fsurveys.signforgood.com%2Fdga-thank-dem-govs%3Fcode%3Demail%7Cjtk6400%7CNN_P_HC_NL_WN%26abpage%3DDGA%26donor%3DN
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 16 Apr 2020 19:43:18 GMT
Access-Control-Max-Age
1728000
Access-Control-Allow-Origin
https://petitions.signforgood.com
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
pview
l.sharethis.com/ 		0
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&fpc=e1711f2-17184845726-15a587a6-1&sessionID=1587066197799.57387&hostname=petitions.signforgood.com&location=%2FThank-Dem-Govs&product=widget&stid=&fcmp=false&publisher=5a49780e-b518-424c-abec-d511b5253dcb&refDomain=&refQuery=&shareHash=sthash.AePjcaSa&incomingHash=&bsamesite=true&consentDomain=.consensu.org&gdpr_domain=.consensu.org&gdpr_domain_v1=.consensu.org&url=https%3A%2F%2Fpetitions.signforgood.com%2FThank-Dem-Govs%3Fcode%3Demail%7Cjtk6400%7CNN_P_HC_NL_WN%26firstName%3D%26lastName%3D%26email%3Dckennedy%40nm.org%26zip%3D60629%26ask%3D1%26amounts%3D1%252C5%252C25%252C50%252C100%252C250%26redirect%3Dhttp%253A%252F%252Fsurveys.signforgood.com%252Fdga-thank-dem-govs%253Fcode%253Demail%7Cjtk6400%7CNN_P_HC_NL_WN%2526abpage%253DDGA%2526donor%253DN%23sthash.AePjcaSa&sharURL=&buttonType=ERROR&destination=ERROR&source=ERROR&title=SIGN%20THE%20CARD%3A%20Thank%20you%2C%20Democratic%20governors%2C%20for%20your%20tireless%20leadership!&ts1587066197799.0=&sop=false&img_pview=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.133.106 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-133-106.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://petitions.signforgood.com/Thank-Dem-Govs?code=email|jtk6400|NN_P_HC_NL_WN&firstName=&lastName=&email=ckennedy@nm.org&zip=60629&ask=1&amounts=1%2C5%2C25%2C50%2C100%2C250&redirect=http%3A%2F%2Fsurveys.signforgood.com%2Fdga-thank-dem-govs%3Fcode%3Demail%7Cjtk6400%7CNN_P_HC_NL_WN%26abpage%3DDGA%26donor%3DN
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 16 Apr 2020 19:43:18 GMT
Access-Control-Max-Age
1728000
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
index.html
ws.sharethis.com/secure5x/ Frame 54E5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ws.sharethis.com/secure5x/index.html
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21a1:3000:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash

Request headers

:method
GET
:authority
ws.sharethis.com
:scheme
https
:path
/secure5x/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://petitions.signforgood.com/Thank-Dem-Govs?code=email|jtk6400|NN_P_HC_NL_WN&firstName=&lastName=&email=ckennedy@nm.org&zip=60629&ask=1&amounts=1%2C5%2C25%2C50%2C100%2C250&redirect=http%3A%2F%2Fsurveys.signforgood.com%2Fdga-thank-dem-govs%3Fcode%3Demail%7Cjtk6400%7CNN_P_HC_NL_WN%26abpage%3DDGA%26donor%3DN
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://petitions.signforgood.com/Thank-Dem-Govs?code=email|jtk6400|NN_P_HC_NL_WN&firstName=&lastName=&email=ckennedy@nm.org&zip=60629&ask=1&amounts=1%2C5%2C25%2C50%2C100%2C250&redirect=http%3A%2F%2Fsurveys.signforgood.com%2Fdga-thank-dem-govs%3Fcode%3Demail%7Cjtk6400%7CNN_P_HC_NL_WN%26abpage%3DDGA%26donor%3DN

Response headers

status
200
content-type
text/html
content-length
4080
content-encoding
gzip
last-modified
Thu, 02 Apr 2020 20:05:09 GMT
server
nginx/1.16.1
x-robots-tag
noindex, nofollow
date
Thu, 16 Apr 2020 08:37:09 GMT
etag
"5e864575-390f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 7187cfd76669785d6cdaa648abee3065.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC51-C1
x-amz-cf-id
KtjKjSD8D9PqVN9FYNikE_ytpAUcOD5UnUWiG93EsCBUq_qyurfOdA==
age
39972

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery function| DP_jQuery_1587066197647 object| html5 object| Modernizr function| yepnope object| Kicksend function| initializeValidation object| Base64 function| Base64DecodeUrl function| repopulateForm function| movePartnersDiv object| jQuery111308873498693037092 string| GoogleAnalyticsObject function| ga boolean| switchTo5x object| stlib function| _$d function| _$d0 function| _$d_ function| _$d1 function| _$d2 function| _$de function| _$dt object| _all_services boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus string| customProduct string| stWidgetVersion object| stButtons object| stWidget boolean| sop_pview_logged object| ShareThisEvent object| stLight boolean| st_showing object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| init_hash boolean| showHoverbarReskinned boolean| isEsiLoaded boolean| stShowNewMobileWidget boolean| isMobileButtonLoaded boolean| stRecentServices boolean| iswhatsappCustomButton boolean| isKikCustomButton boolean| stIsLoggedIn object| servicesLoggedIn object| stFastShareObj boolean| useFastShare object| stButtonsLib function| Shareable function| shareLog string| __stPubGA object| async_buttons function| foursquareCallback function| __stgetPubGA function| plusoneCallback object| intlTelInputUtils function| fbAsyncInit string| arg string| baseURL object| FB string| messageSet

4 Cookies

Domain/Path Name / Value
.signforgood.com/ Name: __unam
Value: e1711f2-17184845726-15a587a6-2
.signforgood.com/ Name: _gat
Value: 1
.signforgood.com/ Name: _gid
Value: GA1.2.1886430924.1587066198
.signforgood.com/ Name: _ga
Value: GA1.2.50706204.1587066198

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
ajax.googleapis.com
c.sharethis.mgr.consensu.org
connect.facebook.net
l.sharethis.com
links.dga.mkt6018.com
petitions.signforgood.com
ws.sharethis.com
www.google-analytics.com
152.199.19.160
2600:9000:2156:6a00:c:a9b7:ddc0:93a1
2600:9000:21a1:3000:3:c04e:c780:93a1
2a00:1450:4001:819::200e
2a00:1450:4001:81f::200a
2a03:2880:f02d:12:face:b00c:0:3
3.124.133.106
52.7.241.46
74.112.69.44
2e3e3b2660cbfaac5febf7a50b31d0494159989626a84102b2c3792cffe27d13
437e649ff48cf805b99a8b0abe1f5c7687d66765d940408f1542d55afe0b07a5
50fa6c5f9d256f799a7e12a654b5a9073782074ed18cd2fdfa1a22a511ed4a6e
527e39d2a1d619bd49ce6f8ae4e98c22afda95fa9f053af325d150bfbef7fb99
59ccdf841a0b3074ca25b5960be3f450be320ff7b9e5a081a0810d080d1f0f4e
602510db47352dc2e1571a888f1e78bb7f1f742b64b7156798391dd121a6acd4
7090005d203e5e17807ca94e1992fd57076443c8a0aad133803acdc40a1a13ed
7db3c445760c43f809f076da6a4f6b249ac93b442ab6b1631e5c09a64d524092
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86646598f05c2f7c128c1200637e090ebf50123a4b50ba96b868da0a0de6bb44
95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05
9cf30d86cb809ce49f7b1b13533bc42e6d57c407c85dd790d4e41b0dde86659e
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
afa256c4c0c2f29087fcb97123cb12b51d9af01263cdda68e6d11a0088b25049
c73765e93e7a8a6a0557576bb8cade2fc0793ecafd2ebb8866cfebf230edb0bf
d87043ac816dbfadae73fcc32f84eadb9a665cf97ae938bea9702a27d3e9a54a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
f1eb09ac4e8ef4ddbbe5abd8f34c7e84cd38a3f914d613dca96c3f2e597f502b
fab241a3a9d291c39d28f68e4737e1e78a1c6b97fc01c222ef06ee0bc3e18f22
fc5d3634a35396df921415c955f1e37292a681beb68ebfb24cce7e86546890f8