give.victorypassport.com
Open in
urlscan Pro
2600:9000:2047:2800:17:ecf9:140:93a1
Public Scan
Effective URL: https://give.victorypassport.com/nrcc/mug-and-shirt-bundle-cc/?recurring=true&amount=50&utm_source=PCC-1001&utm_medium=EmailProsp...
Submission: On July 08 via manual from IN
Summary
TLS certificate: Issued by Amazon on February 5th 2019. Valid for: a year.
This is the only time give.victorypassport.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-236-121-132.compute-1.amazonaws.com
links.conservativeintel.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
give.victorypassport.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
mystique.victorypassport.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-157-46.fra53.r.cloudfront.net
js.honeybadger.io |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com |
ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com |
ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com |
ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com |
ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com |
ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net |
ASN15169 (GOOGLE - Google LLC, US)
www.google.com |
ASN15169 (GOOGLE - Google LLC, US)
www.google.de |
ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s11-in-f2.1e100.net
www.googleadservices.com |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-203-70-128.compute-1.amazonaws.com
s.crowdskout.com | |
a.crowdskout.com |
ASN54113 (FASTLY - Fastly, US)
static.ads-twitter.com |
ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com |
ASN15169 (GOOGLE - Google LLC, US)
googleads.g.doubleclick.net |
ASN15169 (GOOGLE - Google LLC, US)
www.youtube.com |
ASN15169 (GOOGLE - Google LLC, US)
s.ytimg.com |
Domain | Requested by | |
---|---|---|
9 | www.google-analytics.com |
2 redirects
mystique.victorypassport.com
www.googletagmanager.com give.victorypassport.com |
9 | mystique.victorypassport.com |
give.victorypassport.com
mystique.victorypassport.com |
7 | connect.facebook.net |
give.victorypassport.com
connect.facebook.net |
6 | www.facebook.com |
mystique.victorypassport.com
give.victorypassport.com |
6 | www.google.de |
mystique.victorypassport.com
give.victorypassport.com |
6 | www.google.com |
4 redirects
give.victorypassport.com
|
4 | fonts.gstatic.com |
mystique.victorypassport.com
|
4 | js.stripe.com |
mystique.victorypassport.com
js.stripe.com |
3 | a.crowdskout.com |
s.crowdskout.com
give.victorypassport.com |
3 | googleads.g.doubleclick.net |
1 redirects
www.googleadservices.com
|
3 | stats.g.doubleclick.net | 3 redirects |
3 | www.googletagmanager.com |
mystique.victorypassport.com
www.googletagmanager.com |
3 | give.victorypassport.com |
give.victorypassport.com
|
2 | fonts.googleapis.com |
mystique.victorypassport.com
|
2 | s3.amazonaws.com |
mystique.victorypassport.com
give.victorypassport.com |
1 | analytics.twitter.com |
static.ads-twitter.com
|
1 | s.ytimg.com |
www.youtube.com
|
1 | fast.wistia.net |
s.crowdskout.com
|
1 | www.youtube.com |
s.crowdskout.com
|
1 | t.co |
give.victorypassport.com
|
1 | static.ads-twitter.com |
give.victorypassport.com
|
1 | s.yimg.com |
give.victorypassport.com
|
1 | s.crowdskout.com |
give.victorypassport.com
|
1 | www.googleadservices.com |
www.googletagmanager.com
|
1 | js.honeybadger.io |
mystique.victorypassport.com
|
1 | links.conservativeintel.com | 1 redirects |
70 | 26 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.victorypassport.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.victorypassport.com Amazon |
2019-02-05 - 2020-03-05 |
a year | crt.sh |
js.honeybadger.io COMODO RSA Domain Validation Secure Server CA |
2014-07-10 - 2019-07-09 |
5 years | crt.sh |
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA |
2019-05-21 - 2019-09-03 |
3 months | crt.sh |
s3.amazonaws.com DigiCert Baltimore CA-2 G2 |
2018-12-03 - 2019-10-25 |
a year | crt.sh |
*.googleapis.com Google Internet Authority G3 |
2019-06-18 - 2019-09-10 |
3 months | crt.sh |
*.google-analytics.com Google Internet Authority G3 |
2019-06-18 - 2019-09-10 |
3 months | crt.sh |
*.google.com Google Internet Authority G3 |
2019-06-11 - 2019-09-03 |
3 months | crt.sh |
www.google.de Google Internet Authority G3 |
2019-06-11 - 2019-09-03 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2019-06-06 - 2019-09-04 |
3 months | crt.sh |
www.googleadservices.com Google Internet Authority G3 |
2019-06-18 - 2019-09-10 |
3 months | crt.sh |
*.crowdskout.com Go Daddy Secure Certificate Authority - G2 |
2019-02-07 - 2021-02-22 |
2 years | crt.sh |
*.yahoo.com DigiCert SHA2 High Assurance Server CA |
2019-06-27 - 2019-08-11 |
a month | crt.sh |
ads-twitter.com DigiCert SHA2 High Assurance Server CA |
2018-08-16 - 2019-08-21 |
a year | crt.sh |
*.g.doubleclick.net Google Internet Authority G3 |
2019-06-11 - 2019-09-03 |
3 months | crt.sh |
www.google.com Google Internet Authority G3 |
2019-06-18 - 2019-09-10 |
3 months | crt.sh |
t.co DigiCert SHA2 High Assurance Server CA |
2019-03-07 - 2020-03-07 |
a year | crt.sh |
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3 |
2019-04-10 - 2020-03-21 |
a year | crt.sh |
*.twitter.com DigiCert SHA2 High Assurance Server CA |
2019-04-09 - 2020-04-01 |
a year | crt.sh |
This page contains 5 frames:
Primary Page:
https://give.victorypassport.com/nrcc/mug-and-shirt-bundle-cc/?recurring=true&amount=50&utm_source=PCC-1001&utm_medium=EmailProspect&utm_campaign=20190705_PCC-1001_ShippingUpdateviaNRCC&utm_content=20190705_mugandshirtbundle
Frame ID: 6E9B7528FF968C082E9F030585CBE0FF
Requests: 42 HTTP requests in this frame
Frame:
https://mystique.victorypassport.com/pages/nrcc/america-first-mug-shirt-bundle-cc?location=https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fmug-and-shirt-bundle-cc&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vbnJjYy9tdWctYW5kLXNoaXJ0LWJ1bmRsZS1jYy8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTUwJnV0bV9zb3VyY2U9UENDLTEwMDEmdXRtX21lZGl1bT1FbWFpbFByb3NwZWN0JnV0bV9jYW1wYWlnbj0yMDE5MDcwNV9QQ0MtMTAwMV9TaGlwcGluZ1VwZGF0ZXZpYU5SQ0MmdXRtX2NvbnRlbnQ9MjAxOTA3MDVfbXVnYW5kc2hpcnRidW5kbGUj
Frame ID: 41F66C50C64636CC090254F6969EB195
Requests: 27 HTTP requests in this frame
Frame:
https://js.stripe.com/v2/m/outer.html
Frame ID: 694C0B7D3EE312AD7F6499B5FC46F90A
Requests: 1 HTTP requests in this frame
Frame:
https://js.stripe.com/v3/controller-3750e20eb7811c174a4e9d27ed010f69.html
Frame ID: 2D416A4B2C6E9E3AD19CC5EE395F4D80
Requests: 1 HTTP requests in this frame
Frame:
https://js.stripe.com/v3/elements-inner-card-f6d4daf53ab44ddc4b9f013359f4c42c.html
Frame ID: 5AEF48A8B63020CA8AFE30D1F752376D
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://links.conservativeintel.com/u/click?_t=06987e4dc3184376a5094bb3854429ac&_m=144001f61a3546f2ae97d1a738351...
HTTP 303
https://give.victorypassport.com/nrcc/mug-and-shirt-bundle-cc/?recurring=true&amount=50&utm_source=PCC-1001&u... Page URL
Detected technologies
Pure CSS (Web Frameworks) ExpandDetected patterns
- html /<div[^>]+class="[^"]*pure-u-(?:sm-|md-|lg-|xl-)?\d-\d/i
Amazon Web Services (PaaS) Expand
Detected patterns
- headers via /\(CloudFront\)$/i
- headers server /^AmazonS3$/i
Amazon Cloudfront (CDN) Expand
Detected patterns
- headers via /\(CloudFront\)$/i
Amazon S3 (Miscellaneous) Expand
Detected patterns
- headers server /^AmazonS3$/i
Facebook (Widgets) Expand
Detected patterns
- script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Terms of Service
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://links.conservativeintel.com/u/click?_t=06987e4dc3184376a5094bb3854429ac&_m=144001f61a3546f2ae97d1a738351605&_e=e15ed6j3qQOwNZnxH3vcPiD9H6t-kH82s0-_NECFR13fz_QO38TIE597_8zSW3gBEMs4gk69UjPv1TWrAS_vR7RjL4dIYYQ0qDetZlDsk6xj4BwPCm0HTqIqWv9uFRup8Q9pZFzvAU8NpsyTmOoibUEHPX7fW4jd4UYrSL2uFaNHQFf4_stmhz6nIQL6xQcQL2acLVKjsj3etspiFwJjp7Q6oMRmyagnY3pXE78yGRAVP_riwPL-Wk-CG5HVKRBDx43NYDpRxfrm-UQ5zI5Ft8OS7u-28PtxiAPeJ3lM38lcbN4ANF4ZOBtU8aP1geydiA1bXtSD3jsoeeESI1b4h4CKeN4O0ggSDVISNPPxpGl-mVBwJu7c9WlKU6v9JUy88nWYEU3ImuWvy2ERm4ofBXdLVYxgK5L8ihxiuH30IkfK2E4ZW_I-BeRDeFwe9Wbvgb2bAJzVa3NmHSf15iDTq_1_Pr7vkUhz7Oi0QHKsaXobmw3WSbjLs7WaggEts8NWSJtwqR_I6mpc0Yegbgy5YA%3D%3D
HTTP 303
https://give.victorypassport.com/nrcc/mug-and-shirt-bundle-cc/?recurring=true&amount=50&utm_source=PCC-1001&utm_medium=EmailProspect&utm_campaign=20190705_PCC-1001_ShippingUpdateviaNRCC&utm_content=20190705_mugandshirtbundle Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 26- https://www.google-analytics.com/r/collect?v=1&_v=j77&a=160764288&t=pageview&_s=1&dl=https%3A%2F%2Fmystique.victorypassport.com%2Fpages%2Fnrcc%2Famerica-first-mug-shirt-bundle-cc%3Flocation%3Dhttps%253A%252F%252Fgive.victorypassport.com%252Fnrcc%252Fmug-and-shirt-bundle-cc%26location_url%3DaHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vbnJjYy9tdWctYW5kLXNoaXJ0LWJ1bmRsZS1jYy8%252FcmVjdXJyaW5nPXRydWUmYW1vdW50PTUwJnV0bV9zb3VyY2U9UENDLTEwMDEmdXRtX21lZGl1bT1FbWFpbFByb3NwZWN0JnV0bV9jYW1wYWlnbj0yMDE5MDcwNV9QQ0MtMTAwMV9TaGlwcGluZ1VwZGF0ZXZpYU5SQ0MmdXRtX2NvbnRlbnQ9MjAxOTA3MDVfbXVnYW5kc2hpcnRidW5kbGUj&dr=https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fmug-and-shirt-bundle-cc%2F%3Frecurring%3Dtrue%26amount%3D50%26utm_source%3DPCC-1001%26utm_medium%3DEmailProspect%26utm_campaign%3D20190705_PCC-1001_ShippingUpdateviaNRCC%26utm_content%3D20190705_mugandshirtbundle&ul=en-us&de=UTF-8&dt=Mystique&sd=24-bit&sr=1600x1200&vp=1585x1467&je=0&_u=IEBAAEAB~&jid=636655903&gjid=500020067&cid=1624679415.1562562315&tid=UA-10463545-15&_gid=692441543.1562562315&_r=1&z=233773520 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-10463545-15&cid=1624679415.1562562315&jid=636655903&_gid=692441543.1562562315&gjid=500020067&_v=j77&z=233773520 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10463545-15&cid=1624679415.1562562315&jid=636655903&_v=j77&z=233773520 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10463545-15&cid=1624679415.1562562315&jid=636655903&_v=j77&z=233773520&slf_rd=1&random=1102654786
- https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j77&tid=UA-10463545-9&cid=1624679415.1562562315&jid=1629072243&gjid=432535392&_gid=692441543.1562562315&_u=aGDAgEAB~&z=565046195 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10463545-9&cid=1624679415.1562562315&jid=1629072243&_v=j77&z=565046195 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10463545-9&cid=1624679415.1562562315&jid=1629072243&_v=j77&z=565046195&slf_rd=1&random=3282659833
- https://googleads.g.doubleclick.net/pagead/viewthroughconversion/762936632/?random=1562562315026&cv=9&fst=1562562315026&num=1&fmt=3&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0>m=2wg6k2&sendb=1&frm=0&url=https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fmug-and-shirt-bundle-cc%2F%3Frecurring%3Dtrue%26amount%3D50%26utm_source%3DPCC-1001%26utm_medium%3DEmailProspect%26utm_campaign%3D20190705_PCC-1001_ShippingUpdateviaNRCC%26utm_content%3D20190705_mugandshirtbundle&tiba=Donate%20Today&async=1 HTTP 302
- https://www.google.com/pagead/1p-user-list/762936632/?random=1562562315026&cv=9&fst=1562562000000&num=1&fmt=3&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0>m=2wg6k2&sendb=1&frm=0&url=https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fmug-and-shirt-bundle-cc%2F%3Frecurring%3Dtrue%26amount%3D50%26utm_source%3DPCC-1001%26utm_medium%3DEmailProspect%26utm_campaign%3D20190705_PCC-1001_ShippingUpdateviaNRCC%26utm_content%3D20190705_mugandshirtbundle&tiba=Donate%20Today&async=1&cdct=2&is_vtc=1&random=3263168669&resp=GooglemKTybQhCsO HTTP 302
- https://www.google.de/pagead/1p-user-list/762936632/?random=1562562315026&cv=9&fst=1562562000000&num=1&fmt=3&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0>m=2wg6k2&sendb=1&frm=0&url=https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fmug-and-shirt-bundle-cc%2F%3Frecurring%3Dtrue%26amount%3D50%26utm_source%3DPCC-1001%26utm_medium%3DEmailProspect%26utm_campaign%3D20190705_PCC-1001_ShippingUpdateviaNRCC%26utm_content%3D20190705_mugandshirtbundle&tiba=Donate%20Today&async=1&cdct=2&is_vtc=1&random=3263168669&resp=GooglemKTybQhCsO&ipr=y
- https://www.google-analytics.com/r/collect?v=1&_v=j77&a=160764288&t=event&_s=2&dl=https%3A%2F%2Fmystique.victorypassport.com%2Fpages%2Fnrcc%2Famerica-first-mug-shirt-bundle-cc%3Flocation%3Dhttps%253A%252F%252Fgive.victorypassport.com%252Fnrcc%252Fmug-and-shirt-bundle-cc%26location_url%3DaHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vbnJjYy9tdWctYW5kLXNoaXJ0LWJ1bmRsZS1jYy8%252FcmVjdXJyaW5nPXRydWUmYW1vdW50PTUwJnV0bV9zb3VyY2U9UENDLTEwMDEmdXRtX21lZGl1bT1FbWFpbFByb3NwZWN0JnV0bV9jYW1wYWlnbj0yMDE5MDcwNV9QQ0MtMTAwMV9TaGlwcGluZ1VwZGF0ZXZpYU5SQ0MmdXRtX2NvbnRlbnQ9MjAxOTA3MDVfbXVnYW5kc2hpcnRidW5kbGUj&dr=https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fmug-and-shirt-bundle-cc%2F%3Frecurring%3Dtrue%26amount%3D50%26utm_source%3DPCC-1001%26utm_medium%3DEmailProspect%26utm_campaign%3D20190705_PCC-1001_ShippingUpdateviaNRCC%26utm_content%3D20190705_mugandshirtbundle&ul=en-us&de=UTF-8&dt=Mystique&sd=24-bit&sr=1600x1200&vp=1585x1467&je=0&ec=Donation%20Form%20NRCC&ea=single&el=donation-amount-50&_u=aGDAAEAB~&jid=1360716351&gjid=1034595483&cid=1624679415.1562562315&tid=UA-10463545-15&_gid=692441543.1562562315&_r=1&z=1490125116 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-10463545-15&cid=1624679415.1562562315&jid=1360716351&_gid=692441543.1562562315&gjid=1034595483&_v=j77&z=1490125116 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10463545-15&cid=1624679415.1562562315&jid=1360716351&_v=j77&z=1490125116 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10463545-15&cid=1624679415.1562562315&jid=1360716351&_v=j77&z=1490125116&slf_rd=1&random=3166649968
70 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
give.victorypassport.com/nrcc/mug-and-shirt-bundle-cc/ Redirect Chain
|
3 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
site-6c167e01.css
give.victorypassport.com/nrcc/mug-and-shirt-bundle-cc/stylesheets/ |
29 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all-4abf6d7e.js
give.victorypassport.com/nrcc/mug-and-shirt-bundle-cc/javascripts/ |
0 303 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jigsaw_initial
mystique.victorypassport.com/scripts/ |
813 B 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jigsaw.css
mystique.victorypassport.com/styles/ |
789 B 926 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jigsaw
mystique.victorypassport.com/scripts/ |
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
america-first-mug-shirt-bundle-cc
mystique.victorypassport.com/pages/nrcc/ Frame 41F6 |
22 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
application-699debf42ab7586933d3e1dbd037e5e6a017ecfdb03c20128fd9d95e3f75b8a5.css
mystique.victorypassport.com/assets/jackal/ |
20 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
application-8943e86fe85ef49329362e2269c234f280ac59f88d7e072dd16511193d57215d.js
mystique.victorypassport.com/assets/jackal/ |
42 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
circles-cda90b57321e88549d90dc2492ee86043bd080f154107d931c065dea54f8fb2c.jpg
mystique.victorypassport.com/assets/ |
444 B 811 B |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
application-d177d9c3a84c650b7f3d14bac7854b3469182f5afb605dd8c2249d44556246df.css
mystique.victorypassport.com/assets/donation_form/ Frame 41F6 |
575 KB 102 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
application-e5e8e846c5cf9537b3d9e0acff4679e446150adb7d5f81d1b7723b0dbd8983b1.js
mystique.victorypassport.com/assets/donation_form/ Frame 41F6 |
606 KB 166 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
honeybadger.min.js
js.honeybadger.io/v0.3/ Frame 41F6 |
12 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
js.stripe.com/v3/ Frame 41F6 |
145 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
large_4604fa6d-ac50-4561-9156-ec56b0d1a537.png
s3.amazonaws.com/mystique.victorypassport.com/donation_page/5869/page_image/ Frame 41F6 |
79 KB 79 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ Frame 41F6 |
3 KB 567 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ Frame 41F6 |
14 KB 911 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ Frame 41F6 |
55 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ Frame 41F6 |
43 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v16/ Frame 41F6 |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v16/ Frame 41F6 |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v15/ Frame 41F6 |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v15/ Frame 41F6 |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 41F6 |
1 KB 1 KB |
Font
application/x-font-ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
102 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
43 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
VictoryPassport.ttf
s3.amazonaws.com/assets.victorypassport.com/fonts/ |
11 KB 11 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ Frame 41F6 Redirect Chain
|
42 B 374 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ Frame 41F6 |
43 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ Frame 41F6 |
53 KB 16 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ Frame 41F6 |
35 B 133 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ Frame 41F6 Redirect Chain
|
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/r/ Frame 41F6 |
35 B 101 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 93 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
65 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
23 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
53 KB 16 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
s.crowdskout.com/ |
27 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ytc.js
s.yimg.com/wi/ |
16 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uwt.js
static.ads-twitter.com/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1278724555535987
connect.facebook.net/signals/config/ Frame 41F6 |
229 KB 61 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
298860036983510
connect.facebook.net/signals/config/ |
228 KB 60 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
inferredEvents.js
connect.facebook.net/signals/plugins/ Frame 41F6 |
1 KB 909 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
inferredEvents.js
connect.facebook.net/signals/plugins/ |
1 KB 896 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ Frame 41F6 |
44 B 322 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
316720908987052
connect.facebook.net/signals/config/ |
229 KB 60 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 199 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 99 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/815133722/ |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/815133722/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/762936632/ Redirect Chain
|
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/815133722/ |
42 B 113 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/815133722/ |
42 B 156 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/815133722/ |
42 B 113 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/815133722/ |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 145 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 99 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
t.co/i/ |
43 B 486 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ Frame 41F6 |
44 B 245 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
outer.html
js.stripe.com/v2/m/ Frame 694C |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
skout.js
a.crowdskout.com/ |
548 B 574 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iframe_api
www.youtube.com/ |
859 B 923 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
E-v1.js
fast.wistia.net/assets/external/ |
564 KB 108 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
www-widgetapi.js
s.ytimg.com/yts/jsbin/www-widgetapi-vflPBjLfx/ |
21 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
page-view
a.crowdskout.com/v1-1/ |
0 364 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
page-view
a.crowdskout.com/v1-1/ |
2 B 168 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
controller-3750e20eb7811c174a4e9d27ed010f69.html
js.stripe.com/v3/ Frame 2D41 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
elements-inner-card-f6d4daf53ab44ddc4b9f013359f4c42c.html
js.stripe.com/v3/ Frame 5AEF |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 41F6 |
1 KB 1 KB |
Font
application/x-font-ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ Frame 41F6 Redirect Chain
|
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 99 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
analytics.twitter.com/i/ |
31 B 378 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
73 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask object| styleJigsaw string| styleJgsawUrl string| JSLink object| JSElement function| _classCallCheck function| _inherits object| vp function| _createClass function| VPModal function| _get function| VPAuthorizeDialog function| VPBaseForm function| VPEventProcessor function| VPForgotPasswordForm function| VPLoginDialog function| VPLoginForm function| VPParentLocation function| VPPublishAnalytics function| VPRegistrationForm function| VPScrollToTop function| VPToolbar function| Messages function| DOMUtils function| VPUpdateBackgroundImage function| VPUpdateFrameHeight function| VPUpdateToolbar function| Utils object| vpToolbar object| vpEventProcessor boolean| ieVersion object| Mustache object| dataLayer string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| postscribe object| google_tag_manager function| fbq function| _fbq function| cs number| sourceId number| clientId number| organizationId object| dotq function| twq function| gtag object| YAHOO undefined| I13N_Conf undefined| YWA_Global_Conf function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| twttr boolean| csApiLoaded boolean| csaLoaded object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| Wistia string| _wistiaElemId object| _wq object| wistiaEmbeds number| csid0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
a.crowdskout.com
analytics.twitter.com
connect.facebook.net
fast.wistia.net
fonts.googleapis.com
fonts.gstatic.com
give.victorypassport.com
googleads.g.doubleclick.net
js.honeybadger.io
js.stripe.com
links.conservativeintel.com
mystique.victorypassport.com
s.crowdskout.com
s.yimg.com
s.ytimg.com
s3.amazonaws.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.youtube.com
104.244.42.3
104.244.42.5
151.101.112.157
151.101.112.176
172.217.16.162
2600:9000:2047:2800:17:ecf9:140:93a1
2600:9000:2047:8200:14:71e7:1f40:93a1
2a00:1288:f03d:1fa::4000
2a00:1450:4001:808::2003
2a00:1450:4001:809::2008
2a00:1450:4001:814::2002
2a00:1450:4001:816::200a
2a00:1450:4001:81c::2003
2a00:1450:4001:81d::200e
2a00:1450:4001:81f::2004
2a00:1450:4001:820::200e
2a00:1450:4001:821::200e
2a00:1450:400c:c0a::9b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:1b::622
52.203.70.128
52.216.232.69
52.222.157.46
54.236.121.132
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
07c0b84459f23df61ab4296e30c170bf652299641c4caa2c7256009f5e0b976c
0ec54a58d35ac36a9f5917750661e0addae1fd94087ede2bb0fcb26d781be049
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14215d33e006c9c8a5f17912c23a3eb8fee42f409980ac0eb592c287e92e49e8
1719f6580a787e2868d91118ce6ba052eb179160a5e9cec05d846079a8d29b94
1f0a166a9d871f1e11e7f24c885812e39ece64afa502c72bfbb766568bc8013d
240dd8a0969d89bc944fd8e34dd6c4cbd774102c2ecc43868f5c0fdbf40d1965
24b8df93ce3f800e0b7c6994e3d6f6dc215753c10551144830b96f15d4801d80
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
340ab97b4ab045fd48b41921cd0b16e8de0172d7ea629de882ef478b69d640e6
49bf33406a4c537fdd117019dbd788a4d2704846d4fd9b503b0c43bdc7504e6e
49d0ca70ce057d0e38764641a45fadee0c6f2b59a4047a0e6ce4625a1ad6cc60
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5a5d46c872394dad63492e5196d0d7d0b31cfcedafd3237598cea519ded79f7d
5afd97cc0b9bc308b7c50fe3567df3fd19cf2c5be5ec4ac4febe17f6412aaad1
5c192079ad17031eb73f38cfa4e3d894db33b39e8496e61a0975535b2a7b5ac2
657f79c4d5a6ea502202651151811d195b49cf9cf22fd7f8edaeefe2f8cc8fc4
699debf42ab7586933d3e1dbd037e5e6a017ecfdb03c20128fd9d95e3f75b8a5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8519db57ed867c7ab66b77bb8ca09c1af0d409c57eb91f4b48023b5951991fda
855ccd60eaf5bda8f6227dc53ff7be4b33ed7fd242452ccdf51b9cdcc6fc0280
86aec3313e0fff75c162c1e00067c56506072ecd5694fb7ba0de3dae1a392d5d
87f07c950fc6225d6186aecfc5a59b2de45724dd85fceb1dc736c081294279c0
8943e86fe85ef49329362e2269c234f280ac59f88d7e072dd16511193d57215d
922b1a9e55a608170fe69526b851d1d810b88fc573bb0faacb4bcd93be1e8fde
996c2f3b37d8ce06a98471c8632023902ee873e8ee375893d06f4b7a128231a6
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
9da3b89bfcae29501b4102166e80a86f8d3bd0d8c50023c9c78bc4e73857ee93
a4883cce814b6793c5bd6dd3639d6048ecab39a93a90b560d39a9fd0aff6e263
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a56750711f686dc5230b156e553d078d1338f88994eae45fdba46392c1e71286
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b4af9d19a7f1afb74f1629dd49d9b73246a878f9fe6cd55f075652a85d98a6c7
bd0be439382896efa9951981bb35906a21cd6519d3d6451985c6bebec417b3c6
be217e8379199bbfaa9badbe7696c4cd90c18df390a7c4cae53f7096e15e650e
c8889eb5f9be34000a702b99ca7622748d1cf5b8c8c18a96e7ea1d500ad37da1
c9fb91a687ea40064e4ef783e525d4d700c8f2fc59c644581492d6ec979ecc73
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
cda90b57321e88549d90dc2492ee86043bd080f154107d931c065dea54f8fb2c
d11fd91db43252c1eeb2deda11934a4cd6fc44d366b587726c7acb7ee2bae2d5
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5e8e846c5cf9537b3d9e0acff4679e446150adb7d5f81d1b7723b0dbd8983b1
e79ed5247c32fef2049edc969ffb9445cc0ece8397a790e47e679a977afcb8f7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1e6382aa070301007ee92dbaaef83c9f6075f9d86ee3632c82a609f02c6fc1f
fd051984e710bba8327da7e4ed6c82e0cfd0498df33f85ee23acdd02b5477146