donate.natureconservancy.ca
Open in
urlscan Pro
67.22.104.175
Public Scan
Effective URL: https://donate.natureconservancy.ca/page/25744/donate/1?utm_medium=email&utm_source=eblast&utm_campaign=AB_Leaflet_0120&utm_content=...
Submission: On January 23 via manual from IN
Summary
TLS certificate: Issued by RapidSSL RSA CA 2018 on May 3rd 2018. Valid for: 2 years.
This is the only time donate.natureconservancy.ca was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN19234 (CANADAWEBHOSTING-AS, CA)
PTR: www.e-activist.com
e-activist.com | |
www.e-activist.com |
ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-119.deploy.static.akamaitechnologies.com
aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com |
ASN16625 (AKAMAI-AS, US)
PTR: a95-100-67-47.deploy.static.akamaitechnologies.com
use.typekit.net | |
p.typekit.net |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
PTR: fra15s22-in-f166.1e100.net
5525645.fls.doubleclick.net | |
8253854.fls.doubleclick.net |
ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress1
static.hotjar.com | |
script.hotjar.com | |
vars.hotjar.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
rackcdn.com
aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com |
2 MB |
6 |
doubleclick.net
4 redirects
stats.g.doubleclick.net 5525645.fls.doubleclick.net 8253854.fls.doubleclick.net |
2 KB |
6 |
google-analytics.com
1 redirects
www.google-analytics.com |
22 KB |
6 |
typekit.net
use.typekit.net p.typekit.net |
199 KB |
5 |
google.com
2 redirects
www.google.com |
900 B |
5 |
facebook.net
connect.facebook.net |
339 KB |
4 |
natureconservancy.ca
donate.natureconservancy.ca |
64 KB |
3 |
hotjar.com
static.hotjar.com script.hotjar.com vars.hotjar.com |
72 KB |
3 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com |
47 KB |
2 |
facebook.com
1 redirects
www.facebook.com |
578 B |
2 |
google.de
www.google.de |
218 B |
2 |
googletagmanager.com
www.googletagmanager.com |
66 KB |
2 |
e-activist.com
1 redirects
e-activist.com www.e-activist.com |
3 KB |
1 |
atdmt.com
cx.atdmt.com |
468 B |
1 |
gstatic.com
www.gstatic.com |
92 KB |
1 |
googleapis.com
ajax.googleapis.com |
30 KB |
56 | 16 |
Domain | Requested by | |
---|---|---|
16 | aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com |
donate.natureconservancy.ca
|
6 | www.google-analytics.com |
1 redirects
www.googletagmanager.com
www.google-analytics.com donate.natureconservancy.ca |
5 | www.google.com |
2 redirects
donate.natureconservancy.ca
www.gstatic.com |
5 | connect.facebook.net |
donate.natureconservancy.ca
connect.facebook.net |
5 | use.typekit.net |
donate.natureconservancy.ca
use.typekit.net |
4 | donate.natureconservancy.ca |
donate.natureconservancy.ca
|
3 | maxcdn.bootstrapcdn.com |
donate.natureconservancy.ca
|
2 | www.facebook.com |
1 redirects
donate.natureconservancy.ca
|
2 | 8253854.fls.doubleclick.net |
1 redirects
www.googletagmanager.com
|
2 | 5525645.fls.doubleclick.net |
1 redirects
www.googletagmanager.com
|
2 | www.google.de |
donate.natureconservancy.ca
|
2 | stats.g.doubleclick.net | 2 redirects |
2 | www.googletagmanager.com |
donate.natureconservancy.ca
|
1 | cx.atdmt.com | |
1 | vars.hotjar.com |
static.hotjar.com
|
1 | script.hotjar.com |
static.hotjar.com
|
1 | static.hotjar.com |
donate.natureconservancy.ca
|
1 | www.gstatic.com |
www.google.com
|
1 | p.typekit.net |
donate.natureconservancy.ca
|
1 | www.e-activist.com |
donate.natureconservancy.ca
|
1 | ajax.googleapis.com |
donate.natureconservancy.ca
|
1 | e-activist.com | 1 redirects |
56 | 22 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.natureconservancy.ca |
act.natureconservancy.ca |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.natureconservancy.ca RapidSSL RSA CA 2018 |
2018-05-03 - 2020-07-01 |
2 years | crt.sh |
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA |
2019-09-14 - 2020-10-13 |
a year | crt.sh |
*.storage.googleapis.com GTS CA 1O1 |
2020-01-07 - 2020-03-31 |
3 months | crt.sh |
*.ssl.cf5.rackcdn.com DigiCert SHA2 Secure Server CA |
2019-01-12 - 2020-04-12 |
a year | crt.sh |
*.typekit.net DigiCert SHA2 Secure Server CA |
2019-12-06 - 2021-12-10 |
2 years | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2019-12-06 - 2020-03-05 |
3 months | crt.sh |
*.e-activist.com RapidSSL RSA CA 2018 |
2018-02-09 - 2021-04-09 |
3 years | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-01-07 - 2020-03-31 |
3 months | crt.sh |
www.google.com GTS CA 1O1 |
2019-12-20 - 2020-03-13 |
3 months | crt.sh |
*.google.com GTS CA 1O1 |
2019-12-20 - 2020-03-13 |
3 months | crt.sh |
www.google.de GTS CA 1O1 |
2019-12-20 - 2020-03-13 |
3 months | crt.sh |
*.doubleclick.net GTS CA 1O1 |
2019-12-20 - 2020-03-13 |
3 months | crt.sh |
static.hotjar.com Let's Encrypt Authority X3 |
2019-12-05 - 2020-03-04 |
3 months | crt.sh |
script.hotjar.com Let's Encrypt Authority X3 |
2019-12-05 - 2020-03-04 |
3 months | crt.sh |
vars.hotjar.com Let's Encrypt Authority X3 |
2019-12-05 - 2020-03-04 |
3 months | crt.sh |
*.atlassolutions.com DigiCert SHA2 High Assurance Server CA |
2019-12-06 - 2020-03-04 |
3 months | crt.sh |
This page contains 6 frames:
Primary Page:
https://donate.natureconservancy.ca/page/25744/donate/1?utm_medium=email&utm_source=eblast&utm_campaign=AB_Leaflet_0120&utm_content=Leaflet+0120+AB&ea.url.id=4529910&forwarded=true
Frame ID: 6E1EF3C4F8CDBC0BCEFC9D004653CDB0
Requests: 51 HTTP requests in this frame
Frame:
https://5525645.fls.doubleclick.net/activityi;dc_pre=CLbCu-6bmucCFQOhewodRLcEXw;src=5525645;type=invmedia;cat=i8vjpo82;ord=474327603900;gtm=2wg181;auiddc=1719506510.1579799530;~oref=https%3A%2F%2Fdonate.natureconservancy.ca%2Fpage%2F25744%2Fdonate%2F1%3Futm_medium%3Demail%26utm_source%3Deblast%26utm_campaign%3DAB_Leaflet_0120%26utm_content%3DLeaflet%2B0120%2BAB%26ea.url.id%3D4529910%26forwarded%3Dtrue
Frame ID: E974AB2FA4C2C8D19423A089A031E6DB
Requests: 1 HTTP requests in this frame
Frame:
https://8253854.fls.doubleclick.net/activityi;dc_pre=CKfOvO6bmucCFQw84Aodbw4DFw;src=8253854;type=pagev0;cat=accou0;ord=2219470433187;gtm=2wg181;auiddc=1719506510.1579799530;~oref=https%3A%2F%2Fdonate.natureconservancy.ca%2Fpage%2F25744%2Fdonate%2F1%3Futm_medium%3Demail%26utm_source%3Deblast%26utm_campaign%3DAB_Leaflet_0120%26utm_content%3DLeaflet%2B0120%2BAB%26ea.url.id%3D4529910%26forwarded%3Dtrue
Frame ID: 2AC33890E5D81CCEA09812FD7842729D
Requests: 1 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjFAUTAAAAAOR0XkVp_ORlGPrlOB_WMer01f2H&co=aHR0cHM6Ly9kb25hdGUubmF0dXJlY29uc2VydmFuY3kuY2E6NDQz&hl=en&v=RDiPdrU_gv1XhhWy6nqfMf9O&size=normal&cb=2l94njhzk4j4
Frame ID: C114BF851CD3131ACF4E7E9B44E53C06
Requests: 1 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/bframe?hl=en&v=RDiPdrU_gv1XhhWy6nqfMf9O&k=6LdjFAUTAAAAAOR0XkVp_ORlGPrlOB_WMer01f2H&cb=ga47tzdw2uyj
Frame ID: 8F9DEED7A59070BB91F91970B34A25AD
Requests: 1 HTTP requests in this frame
Frame:
https://vars.hotjar.com/box-b736908ce6b0e933fad3a2e45df61b38.html
Frame ID: 3B709A33A8C0ADC7837168143C7CC5FF
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://e-activist.com/ea-action/enclick?ea.url.id=4529910&clid=1803&ea.campaigner.email=HJuJczCY2I...
HTTP 302
https://donate.natureconservancy.ca/page/25744/donate/1?utm_medium=email&utm_source=eblast&utm_campaign=AB_Leafl... Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
- script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Facebook (Widgets) Expand
Detected patterns
- script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
- script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i
Google Analytics Enhanced eCommerce (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
reCAPTCHA (Captchas) Expand
Detected patterns
- script /\/recaptcha\/api\.js/i
Page Statistics
6 Outgoing links
These are links going to different origins than the main page.
Title:
Search URL Search Domain Scan URL
Title: Interested in e-cards, corporate giving, or other ways to give? Click here.
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Legal Notice
Search URL Search Domain Scan URL
Title: NCC Home
Search URL Search Domain Scan URL
Title: clicking here
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://e-activist.com/ea-action/enclick?ea.url.id=4529910&clid=1803&ea.campaigner.email=HJuJczCY2IHig2Sn%2B%2BmDkfNVqWnwfgPEURKQ3UxCEoI=&ea.campaigner.id=Gv0IM8HQ%2FkgqJI2ZMf1z3w==
HTTP 302
https://donate.natureconservancy.ca/page/25744/donate/1?utm_medium=email&utm_source=eblast&utm_campaign=AB_Leaflet_0120&utm_content=Leaflet+0120+AB&ea.url.id=4529910&forwarded=true Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 42- https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-2430383-19&cid=1678978668.1579799530&jid=634596170&gjid=1268262017&_gid=1035848292.1579799530&_u=aGBAgAAr~&z=1157099349 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2430383-19&cid=1678978668.1579799530&jid=634596170&_v=j79&z=1157099349 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2430383-19&cid=1678978668.1579799530&jid=634596170&_v=j79&z=1157099349&slf_rd=1&random=3261180126
- https://5525645.fls.doubleclick.net/activityi;src=5525645;type=invmedia;cat=i8vjpo82;ord=474327603900;gtm=2wg181;auiddc=1719506510.1579799530;~oref=https%3A%2F%2Fdonate.natureconservancy.ca%2Fpage%2F25744%2Fdonate%2F1%3Futm_medium%3Demail%26utm_source%3Deblast%26utm_campaign%3DAB_Leaflet_0120%26utm_content%3DLeaflet%2B0120%2BAB%26ea.url.id%3D4529910%26forwarded%3Dtrue HTTP 302
- https://5525645.fls.doubleclick.net/activityi;dc_pre=CLbCu-6bmucCFQOhewodRLcEXw;src=5525645;type=invmedia;cat=i8vjpo82;ord=474327603900;gtm=2wg181;auiddc=1719506510.1579799530;~oref=https%3A%2F%2Fdonate.natureconservancy.ca%2Fpage%2F25744%2Fdonate%2F1%3Futm_medium%3Demail%26utm_source%3Deblast%26utm_campaign%3DAB_Leaflet_0120%26utm_content%3DLeaflet%2B0120%2BAB%26ea.url.id%3D4529910%26forwarded%3Dtrue
- https://8253854.fls.doubleclick.net/activityi;src=8253854;type=pagev0;cat=accou0;ord=2219470433187;gtm=2wg181;auiddc=1719506510.1579799530;~oref=https%3A%2F%2Fdonate.natureconservancy.ca%2Fpage%2F25744%2Fdonate%2F1%3Futm_medium%3Demail%26utm_source%3Deblast%26utm_campaign%3DAB_Leaflet_0120%26utm_content%3DLeaflet%2B0120%2BAB%26ea.url.id%3D4529910%26forwarded%3Dtrue HTTP 302
- https://8253854.fls.doubleclick.net/activityi;dc_pre=CKfOvO6bmucCFQw84Aodbw4DFw;src=8253854;type=pagev0;cat=accou0;ord=2219470433187;gtm=2wg181;auiddc=1719506510.1579799530;~oref=https%3A%2F%2Fdonate.natureconservancy.ca%2Fpage%2F25744%2Fdonate%2F1%3Futm_medium%3Demail%26utm_source%3Deblast%26utm_campaign%3DAB_Leaflet_0120%26utm_content%3DLeaflet%2B0120%2BAB%26ea.url.id%3D4529910%26forwarded%3Dtrue
- https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1829066344&t=pageview&_s=1&dl=https%3A%2F%2Fdonate.natureconservancy.ca%2Fpage%2F25744%2Fdonate%2F1%3Futm_medium%3Demail%26utm_source%3Deblast%26utm_campaign%3DAB_Leaflet_0120%26utm_content%3DLeaflet%2B0120%2BAB%26ea.url.id%3D4529910%26forwarded%3Dtrue&ul=en-us&de=UTF-8&dt=Nature%20Conservancy%20Canada&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGDACEArB~&jid=1537535409&gjid=478397832&cid=1678978668.1579799530&tid=UA-100072296-9&_gid=1035848292.1579799530&_r=1>m=2wg1815XBRMDT&z=764485214 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-100072296-9&cid=1678978668.1579799530&jid=1537535409&_gid=1035848292.1579799530&gjid=478397832&_v=j79&z=764485214 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-100072296-9&cid=1678978668.1579799530&jid=1537535409&_v=j79&z=764485214 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-100072296-9&cid=1678978668.1579799530&jid=1537535409&_v=j79&z=764485214&slf_rd=1&random=131150927
- https://www.facebook.com/tr/?id=1388997341215675&ev=Microdata&dl=https%3A%2F%2Fdonate.natureconservancy.ca%2Fpage%2F25744%2Fdonate%2F1%3Futm_medium%3Demail%26utm_source%3Deblast%26utm_campaign%3DAB_Leaflet_0120%26utm_content%3DLeaflet%2B0120%2BAB%26ea.url.id%3D4529910%26forwarded%3Dtrue&rl=&if=false&ts=1579799530699&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Nature%20Conservancy%20Canada%22%2C%22meta%3Adescription%22%3A%22I%20made%20a%20donation%20to%20the%20Nature%20Conservancy%20of%20Canda%20(NCC).%20A%20donation%20to%20NCC%20helps%20protect%20Canada%27s%20most%20sensitive%20natural%20places%20for%20generations%20to%20come.%20Consider%20making%20a%20donation%20to%20NCC%20today!%22%7D&cd[OpenGraph]=%7B%22og%3Adescription%22%3A%22I%20made%20a%20donation%20to%20the%20Nature%20Conservancy%20of%20Canda%20(NCC).%20A%20donation%20to%20NCC%20helps%20protect%20Canada%27s%20most%20sensitive%20natural%20places%20for%20generations%20to%20come.%20Consider%20making%20a%20donation%20to%20NCC%20today!%22%2C%22og%3Aimage%22%3A%5B%22https%3A%2F%2Faaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com%2F1803%2Fsharing.jpg%22%2C%22https%3A%2F%2Faaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com%2F1803%2Fsharing.jpg%22%5D%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fdonate.natureconservancy.ca%2Fpage%2F25744%2Fdonate%2F1%3Flocale%3Den-US%22%2C%22og%3Atitle%22%3A%22Help%20conserve%20Canadian%20nature%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1579799530196.751884419&it=1579799530037&coo=false&es=automatic&tm=3&rqm=GET HTTP 302
- https://cx.atdmt.com/?c=4993257080417322056&f=AYwhyBSc_MQ6_GtKd_amthZXd_tFdyS1E0zA3pjT3U1F5-Wn5CfvDQMfqG9kWU7mJT8bz1s_pguFLpqNLDw8rke2&id=1388997341215675&l=3&v=0
56 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
1
donate.natureconservancy.ca/page/25744/donate/ Redirect Chain
|
110 KB 15 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ |
118 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ |
85 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ |
36 KB 10 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app-postaction.css
aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/1803/ |
11 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
scripts_5_OTM_12_03_2019.js
aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/1803/ |
50 KB 8 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style_b_2_v2.css
aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/1803/ |
14 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/1803/ |
11 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
right-col.css
aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/1803/ |
11 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style_formfields_09_04_2019.css
aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/1803/ |
12 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
upsell.css
aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/1803/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
xop2rnd.js
use.typekit.net/ |
19 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1388997341215675
connect.facebook.net/signals/config/ |
524 KB 137 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
126 KB 30 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.js
connect.facebook.net/en_US/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
enPage.css
donate.natureconservancy.ca/ea-demo/frontend/pbAssets/build/css/ |
35 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pagedata.js
donate.natureconservancy.ca/page/25744/campaigner/0/ |
638 B 836 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
enPage.js
donate.natureconservancy.ca/ea-demo/frontend/pbAssets/build/js/ |
144 KB 41 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
upsell.jpg
aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/1803/ |
36 KB 36 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
stacked_logo_rgb_en.png
aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/1803/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Coyote+winter+Paul+Turbitt.jpg
aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/1803/ |
202 KB 202 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Moose-Photo-by-Ryan-Hagerty-USFWS-cropped.jpg
aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/1803/ |
36 KB 36 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
NAT_Mission_180515_Nature_Cons_Mag_0005.jpg
aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/1803/ |
937 KB 937 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
WoodTurtle_-Ryan-M-Bolton.jpg
aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/1803/ |
174 KB 175 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Grizzly-cub-by-Darren-Colello.jpg
aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/1803/ |
90 KB 91 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Burrowing-owl-Photo-by-Chris-Lorenz.jpg
aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/1803/ |
193 KB 193 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
NCC_chart.V3.jpg
aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/1803/ |
208 KB 208 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
action.retrievefile.do
www.e-activist.com/ea-campaign/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.js
connect.facebook.net/en_US/ |
190 KB 57 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
106 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
glyphicons-halflings-regular.woff2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/fonts/ |
18 KB 18 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/1b1b1e/00000000000000000001709e/27/ |
47 KB 47 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/2e2357/00000000000000000001709f/27/ |
48 KB 48 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/d32e26/00000000000000000001709b/27/ |
48 KB 49 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/cafa63/00000000000000000001709a/27/ |
47 KB 47 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
www.google.com/recaptcha/ |
675 B 536 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
43 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
109 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p.gif
p.typekit.net/ |
35 B 201 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/RDiPdrU_gv1XhhWy6nqfMf9O/ |
257 KB 92 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
linkid.js
www.google-analytics.com/plugins/ua/ |
2 KB 950 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ec.js
www.google-analytics.com/plugins/ua/ |
3 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 98 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 93 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
activityi;dc_pre=CLbCu-6bmucCFQOhewodRLcEXw;src=5525645;type=invmedia;cat=i8vjpo82;ord=474327603900;gtm=2wg181;auiddc=1719506510.1579799530;~oref=https%3A%2F%2Fdonate.natureconservancy.ca%2Fpage%2F...
5525645.fls.doubleclick.net/ Frame E974 Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
activityi;dc_pre=CKfOvO6bmucCFQw84Aodbw4DFw;src=8253854;type=pagev0;cat=accou0;ord=2219470433187;gtm=2wg181;auiddc=1719506510.1579799530;~oref=https%3A%2F%2Fdonate.natureconservancy.ca%2Fpage%2F257...
8253854.fls.doubleclick.net/ Frame 2AC3 Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hotjar-853631.js
static.hotjar.com/c/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1388997341215675
connect.facebook.net/signals/config/ |
447 KB 113 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
anchor
www.google.com/recaptcha/api2/ Frame C114 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modules.4fbc6fa978838a77e880.js
script.hotjar.com/ |
400 KB 70 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bframe
www.google.com/recaptcha/api2/ Frame 8F9D |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 260 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
box-b736908ce6b0e933fad3a2e45df61b38.html
vars.hotjar.com/ Frame 3B70 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
cx.atdmt.com/ Redirect Chain
|
42 B 468 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
32 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| $ function| jQuery object| ncc object| Typekit object| FB object| pageJson object| EngagingNetworks object| dataLayer function| extendable object| val object| google_tag_manager function| postscribe string| GoogleAnalyticsObject function| ga object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| fbq function| _fbq function| hj object| _hjSettings object| recaptcha object| closure_lm_49767 object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled12 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.natureconservancy.ca/ | Name: _gat_UA-100072296-9 Value: 1 |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUnjq8WURQJbg56_kYY2_yWZy66UEXXUEBo2rHRfywReYpYwh5ComdVZwCML |
|
.natureconservancy.ca/ | Name: _gid Value: GA1.2.1035848292.1579799530 |
|
.natureconservancy.ca/ | Name: _hjid Value: 9d91d76f-b9ec-4b45-96c8-6acd2200559e |
|
.natureconservancy.ca/ | Name: _gcl_au Value: 1.1.1719506510.1579799530 |
|
.donate.natureconservancy.ca/ | Name: _dc_gtm_UA-2430383-19 Value: 1 |
|
.natureconservancy.ca/ | Name: _ga Value: GA1.2.1678978668.1579799530 |
|
.donate.natureconservancy.ca/ | Name: _ga Value: GA1.3.1678978668.1579799530 |
|
.natureconservancy.ca/ | Name: _fbp Value: fb.1.1579799530196.751884419 |
|
.natureconservancy.ca/page | Name: en_sessionId Value: 3dbf81df9a414d0c9aa2ef31c19ecfa8-server9796 |
|
.donate.natureconservancy.ca/ | Name: _gid Value: GA1.3.1035848292.1579799530 |
|
donate.natureconservancy.ca/page | Name: JSESSIONID Value: Y_1ap3qckHXg-qh9PnibokaEslOxXp6tdENu_jSv.Server9796 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
5525645.fls.doubleclick.net
8253854.fls.doubleclick.net
aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com
ajax.googleapis.com
connect.facebook.net
cx.atdmt.com
donate.natureconservancy.ca
e-activist.com
maxcdn.bootstrapcdn.com
p.typekit.net
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
use.typekit.net
vars.hotjar.com
www.e-activist.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
147.75.102.13
172.217.23.166
2001:4de0:ac19::1:b:2b
23.210.249.119
2a00:1450:4001:809::200a
2a00:1450:4001:814::2008
2a00:1450:4001:815::200e
2a00:1450:4001:81c::2003
2a00:1450:4001:824::2003
2a00:1450:4001:824::2004
2a00:1450:400c:c0c::9b
2a03:2880:f01c:202:face:b00c:0:8c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
66.11.154.25
67.22.104.175
95.100.67.47
01a88d4a9bef80ea534b9c97f80b84f935b91e0f489cd1c867ca09db53782885
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
07a651614bfef3f3a35d9a2ded0de50adaef4671abda32d38958ac4438b46cb6
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
17a1969eb8502a42105714b59ed6525bed30cd9b76a1c84ff42140eecbc33c29
215b62c61c9764df8ecdfdc162b56e6c89ac8d97655d7db3b5925058aeb6e0bc
2bb8f367785887cb180a52e35ee2f5afc1b8d6a0692abdbe05dfa0fc392fe904
2db38d3b8d31887b3577e1eb1e93807eefba9983f639a13c06bb8a9e8a1ea581
374e4d15e31db96f0ce3b9bd11b326a5222b2b2bb57b32e3e19cf031d9e6048b
38d651e140b36a4a62bcfbd3cbe97de0665933a7c4f2db63f091987781642b53
49872011872ad3f6cf9419db73638884b8ad60273dbd55c50aa47d241b024ccf
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
53f5ef5c0d98d3cf16b1daa132884fcfc207453ca501eafea01834ae4caa48d0
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
63fcb48797a4193f473d4021955bdaf2626c2988bec5c767bd1e4d0889b003d4
64faccfe2ccd132f2a5ba704585915c4543432151036dc9aa094f73e0295fdb9
65ddff059e0b95dea46f033ec29d2953ebdbdf7a233eab6f22dddfb93dfd4f5c
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
71e56785dd7a271c2b9bfe01e3a254e0027aa19eb9d6be526bf371cb782f08ea
755ae062fc4da1ccb582f2d2e153deaea69a05c1e5dd2b63b0e797b855608d86
7cbae7a1f3f291f211189316e8a1d27ef6ac2d1f95a25e97bc2f1a911ae849a1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
837bb5699ff95a84c4b4cd21c4cdb339a96c1e6223547808b60ea4cc25148f7b
9280e883c3560e913e27a6049174373a81070466417ff4936ed56a93b86c7079
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
940b8d150c8f18f6f166421b1736ab6f516817e9ab6b380d5d8e54f0741b7a8a
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
a12c7347a6b6e975b58754a802408d2ccfde8c03cf71d20de9815aa7958e0baf
a79d1a653fc98b939182f1b0149a67f75da8236007f4f1163cacaf6d0ef74d8c
a885609b3db39ca08e4716b51d2bfed932965714674034c2ab24070a776a68c8
a8c7dc9508be4167677ad9405b38cc0a5f88288c3925506cc36f9093d12cd87d
ab91d135543de3146081a7d124b204fc12c2927415d6aba29899a69993ed77bd
aca9f23bb6daf524a311663af8f1ee79e6e6ec82125fbaa3823d877e0d510daf
b2a1d3129ae2973b0ab9b419f9aa35f2ff172bfd05eb86fa7f94e0648e900d3c
b67bd25659c47ef13eeded2f99d919253777547046b53eb2f1a0bfccb35c7ec1
ba302206b7bf4ccd61afae177f8d6da9ab2d947848bb5500707525e70d2d2473
be979b599f6a122de8c42a7e803275432be4af7f842d738279ac01ccff25df3e
d011e33df2071cf29a94e729495f27257604212b6dc2ac8c3d60ef4718b508fd
d9cc6cc9e722336bbf17142e220d49c87186d20117b3ff1c4b93e961aac94933
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e052aa9eb8958d87a461e6dcabf3310d01eb1fcc4d2f216ebca2477f1addf32a
e5fb7ed3df85513f6c44753e267a6c27f9d8c790887125a1d8c3e8996eb18620
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6bbc0219d1075c854c899850c380e4634ddcff45436f0c8a86633049f6c299a
f6c6ba7a90b299ce8f93b063e4985587fd8cc8da2ea0a8bbd7d4ffb06dd04470
f74c83dd35f58988fee07974fe92fbf44f65793a44b8b99a76e12582f128a4ca
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c