command-presence-training.regfox.com
Open in
urlscan Pro
104.18.32.180
Public Scan
Effective URL: https://command-presence-training.regfox.com/lwor-parma-oh---sept-6-2023
Submission: On August 23 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 18th 2023. Valid for: a year.
This is the only time command-presence-training.regfox.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN16625 (AKAMAI-AS, US)
PTR: a2-19-224-115.deploy.static.akamaitechnologies.com
s7.addthis.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-79.fra60.r.cloudfront.net
cdn.uploads.webconnex.com |
ASN16509 (AMAZON-02, US)
images.webconnex.com |
ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-44-228-31-6.us-west-2.compute.amazonaws.com
bouncer.webconnex.com |
ASN30286 (THM, US)
ncwzrc4k5djihesm5ronew56fyx3sbiajcwl4bqs07e8e75357efca8eam1.e.aa.online-metrix.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
wepay.com
static.wepay.com — Cisco Umbrella Rank: 98621 t.wepay.com — Cisco Umbrella Rank: 59470 |
115 KB |
15 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 45 maps.googleapis.com — Cisco Umbrella Rank: 379 |
210 KB |
12 |
regfox.com
1 redirects
command-presence-training.regfox.com |
709 KB |
6 |
webconnex.com
cdn.uploads.webconnex.com — Cisco Umbrella Rank: 197803 images.webconnex.com — Cisco Umbrella Rank: 185462 bouncer.webconnex.com — Cisco Umbrella Rank: 224061 |
2 MB |
4 |
gstatic.com
maps.gstatic.com fonts.gstatic.com |
123 KB |
3 |
online-metrix.net
h.online-metrix.net — Cisco Umbrella Rank: 2686 ncwzrc4k5djihesm5ronew56fyx3sbiajcwl4bqs07e8e75357efca8eam1.e.aa.online-metrix.net |
16 KB |
3 |
twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1014 syndication.twitter.com — Cisco Umbrella Rank: 1273 |
131 KB |
3 |
bootstrapcdn.com
netdna.bootstrapcdn.com — Cisco Umbrella Rank: 3589 |
100 KB |
2 |
google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2412 |
322 B |
2 |
typekit.net
use.typekit.net — Cisco Umbrella Rank: 485 p.typekit.net — Cisco Umbrella Rank: 610 |
1 KB |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 48 |
124 KB |
1 |
google.com
www.google.com — Cisco Umbrella Rank: 2 |
1 KB |
1 |
github.io
purecatamphetamine.github.io — Cisco Umbrella Rank: 48161 |
912 B |
1 |
addthis.com
s7.addthis.com — Cisco Umbrella Rank: 2866 |
362 B |
1 |
onpdr.com
1 redirects
campaigns-events.was-1.onpdr.com |
652 B |
69 | 15 |
Domain | Requested by | |
---|---|---|
14 | t.wepay.com |
static.wepay.com
t.wepay.com |
13 | maps.googleapis.com |
www.google.com
maps.googleapis.com |
12 | command-presence-training.regfox.com |
1 redirects
command-presence-training.regfox.com
|
3 | fonts.gstatic.com |
fonts.googleapis.com
|
3 | cdn.uploads.webconnex.com |
command-presence-training.regfox.com
|
3 | netdna.bootstrapcdn.com |
command-presence-training.regfox.com
netdna.bootstrapcdn.com |
2 | h.online-metrix.net |
t.wepay.com
|
2 | platform.twitter.com |
command-presence-training.regfox.com
platform.twitter.com |
2 | region1.google-analytics.com |
www.googletagmanager.com
|
2 | images.webconnex.com |
command-presence-training.regfox.com
|
2 | www.googletagmanager.com |
command-presence-training.regfox.com
www.googletagmanager.com |
2 | fonts.googleapis.com |
command-presence-training.regfox.com
|
1 | ncwzrc4k5djihesm5ronew56fyx3sbiajcwl4bqs07e8e75357efca8eam1.e.aa.online-metrix.net | |
1 | syndication.twitter.com |
platform.twitter.com
|
1 | bouncer.webconnex.com |
command-presence-training.regfox.com
|
1 | maps.gstatic.com |
www.google.com
|
1 | www.google.com |
command-presence-training.regfox.com
|
1 | p.typekit.net |
use.typekit.net
|
1 | use.typekit.net |
command-presence-training.regfox.com
|
1 | purecatamphetamine.github.io |
command-presence-training.regfox.com
|
1 | s7.addthis.com |
command-presence-training.regfox.com
|
1 | static.wepay.com |
command-presence-training.regfox.com
|
1 | campaigns-events.was-1.onpdr.com | 1 redirects |
69 | 23 |
This site contains links to these domains. Also see Links.
Domain |
---|
s3.amazonaws.com |
www.commandpresence.net |
maps.google.com |
www.bing.com |
mapq.st |
www.regfox.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
regfox.com Cloudflare Inc ECC CA-3 |
2023-08-18 - 2024-08-17 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-08-07 - 2023-10-30 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-12-30 - 2023-12-30 |
a year | crt.sh |
static.wepay.com DigiCert SHA2 Extended Validation Server CA |
2023-01-23 - 2024-02-23 |
a year | crt.sh |
odc-addthis-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-02-07 - 2024-02-07 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-08-07 - 2023-10-30 |
3 months | crt.sh |
cdn.uploads.webconnex.com Amazon RSA 2048 M02 |
2023-07-12 - 2024-08-10 |
a year | crt.sh |
*.github.io DigiCert TLS RSA SHA256 2020 CA1 |
2023-02-21 - 2024-03-20 |
a year | crt.sh |
*.webconnex.com Amazon RSA 2048 M01 |
2023-07-31 - 2024-08-29 |
a year | crt.sh |
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-09-14 - 2023-10-15 |
a year | crt.sh |
www.google.com GTS CA 1C3 |
2023-08-07 - 2023-10-30 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-08-07 - 2023-10-30 |
3 months | crt.sh |
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-07-21 - 2024-08-20 |
a year | crt.sh |
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2023-02-05 - 2024-02-05 |
a year | crt.sh |
t.wepay.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-08-03 - 2024-09-02 |
a year | crt.sh |
h.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1 |
2023-01-09 - 2024-01-23 |
a year | crt.sh |
*.e.aa.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1 |
2023-06-14 - 2024-07-01 |
a year | crt.sh |
This page contains 7 frames:
Primary Page:
https://command-presence-training.regfox.com/lwor-parma-oh---sept-6-2023
Frame ID: F0FCE34E04B25087615A6D8A3F647194
Requests: 46 HTTP requests in this frame
Frame:
https://www.google.com/maps/embed/v1/place?key=AIzaSyAICPCnHw8T-1yubIeR3zomoIF4M3LtVa0&q=6200%20Pearl%20Rd.%2C%20Parma%20Heights%20OH%2044130%20US
Frame ID: 0D01FC243BB0722D8F018A9F29A52712
Requests: 15 HTTP requests in this frame
Frame:
https://command-presence-training.regfox.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js
Frame ID: 1C7E8172045C0DC33E8AA8E96D798BE5
Requests: 2 HTTP requests in this frame
Frame:
https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fcommand-presence-training.regfox.com
Frame ID: B6F26DC447072D88D57D0ACEE3B1DED3
Requests: 2 HTTP requests in this frame
Frame:
https://t.wepay.com/fp/ls_fp.html;CIS3SID=185EC5882716E1F537A58DF8DA9FCB20?org_id=ncwzrc4k&session_id=4228b5f0-bc7d-4cc6-8e4c-c2f5628d79d8&nonce=07e8e75357efca8e
Frame ID: 07781C705E60979311DFA0B71C534A30
Requests: 3 HTTP requests in this frame
Frame:
https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=185EC5882716E1F537A58DF8DA9FCB20?org_id=ncwzrc4k&session_id=4228b5f0-bc7d-4cc6-8e4c-c2f5628d79d8&nonce=07e8e75357efca8e
Frame ID: DD064A5522CFD34FC6E65A7A67F82152
Requests: 2 HTTP requests in this frame
Frame:
https://t.wepay.com/fp/top_fp.html;CIS3SID=185EC5882716E1F537A58DF8DA9FCB20?org_id=ncwzrc4k&session_id=4228b5f0-bc7d-4cc6-8e4c-c2f5628d79d8&nonce=07e8e75357efca8e
Frame ID: 76802F283EDE6D586726DF69A1F41020
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
LWOR - Parma, OH - Sept 6, 2023Page URL History Show full URLs
-
https://campaigns-events.was-1.onpdr.com/track/link/p0o5ng1pdr/7rxetl3cvhpn6ogvrlyxu0wun/4bw9x5k0n7
HTTP 302
https://command-presence-training.regfox.com/lwor-parma-oh---sept-6-2023 Page URL
Detected technologies
Google Maps (Maps) ExpandDetected patterns
- //maps\.google(?:apis)?\.com/maps/api/js
Bootstrap (Web Frameworks) Expand
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
AddThis (Widgets) Expand
Detected patterns
- addthis\.com/js/
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Analytics (Analytics) Expand
Detected patterns
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
Twitter (Widgets) Expand
Detected patterns
- //platform\.twitter\.com/widgets\.js
Page Statistics
7 Outgoing links
These are links going to different origins than the main page.
Title: Download Class Flyer
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Google
Search URL Search Domain Scan URL
Title: Bing
Search URL Search Domain Scan URL
Title: MapQuest
Search URL Search Domain Scan URL
Title: Terms of Service and Cancellation Policy
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://campaigns-events.was-1.onpdr.com/track/link/p0o5ng1pdr/7rxetl3cvhpn6ogvrlyxu0wun/4bw9x5k0n7
HTTP 302
https://command-presence-training.regfox.com/lwor-parma-oh---sept-6-2023 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 30- https://command-presence-training.regfox.com/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
- https://command-presence-training.regfox.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js
69 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
lwor-parma-oh---sept-6-2023
command-presence-training.regfox.com/ Redirect Chain
|
123 KB 24 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
24 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
netdna.bootstrapcdn.com/bootstrap/3.0.3/css/ |
97 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
netdna.bootstrapcdn.com/font-awesome/4.7.0/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.css
command-presence-training.regfox.com/css/ |
525 KB 111 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scrollPaddingTop.js
command-presence-training.regfox.com/lib/ |
1 KB 670 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
risk.js
static.wepay.com/min/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
addthis_widget.js
s7.addthis.com/js/300/ |
56 B 362 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
107 KB 42 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
new%20logo%202023.png
cdn.uploads.webconnex.com/116690/ |
55 KB 56 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
US.svg
purecatamphetamine.github.io/country-flag-icons/3x2/ |
1 KB 912 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
regfox-black.svg
images.webconnex.com/bacon/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
email-decode.min.js
command-presence-training.regfox.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ |
1 KB 847 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bundle.js
command-presence-training.regfox.com/js/ |
2 MB 555 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
addthisevent.min.js
command-presence-training.regfox.com/lib/ |
34 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iframeResizer.contentWindow.min.js
command-presence-training.regfox.com/lib/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
eix8uwn.css
use.typekit.net/ |
3 KB 897 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p.css
p.typekit.net/ |
5 B 172 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
place
www.google.com/maps/embed/v1/ Frame 0D01 |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
235 KB 82 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 268 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
maps.googleapis.com/maps/api/ Frame 0D01 |
174 KB 60 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
gen_204
maps.googleapis.com/maps/api/mapsjs/ Frame 0D01 |
3 B 46 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
init_embed.js
maps.gstatic.com/maps-api-v3/embed/js/54/1/intl/de_ALL/ Frame 0D01 |
230 KB 61 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
metrics.gif
command-presence-training.regfox.com/images/ |
42 B 178 B |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1086.js
command-presence-training.regfox.com/js/chunks/ |
5 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
take
bouncer.webconnex.com/queue/d3006753d46a43c38f9867d706af6a08/ |
13 B 171 B |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fontawesome-webfont.woff2
netdna.bootstrapcdn.com/font-awesome/4.7.0/fonts/ |
75 KB 76 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
widgets.js
platform.twitter.com/ |
91 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
invisible.js
command-presence-training.regfox.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/ Frame 1C7E Redirect Chain
|
7 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
7fb539a85fcf18e9
command-presence-training.regfox.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 1C7E |
0 292 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html
platform.twitter.com/widgets/ Frame B6F2 |
320 KB 103 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
settings
syndication.twitter.com/ Frame B6F2 |
869 B 658 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
parma%20logo.png
cdn.uploads.webconnex.com/116690/ |
2 MB 2 MB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vic%20head%20shot.jpeg
cdn.uploads.webconnex.com/116690/ |
8 KB 8 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
222 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
221 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cc-sprite.png
images.webconnex.com/bacon/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ |
30 KB 30 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common.js
maps.googleapis.com/maps-api-v3/api/js/54/1/intl/de_ALL/ Frame 0D01 |
252 KB 56 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
util.js
maps.googleapis.com/maps-api-v3/api/js/54/1/intl/de_ALL/ Frame 0D01 |
154 KB 49 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
map.js
maps.googleapis.com/maps-api-v3/api/js/54/1/intl/de_ALL/ Frame 0D01 |
71 KB 23 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
overlay.js
maps.googleapis.com/maps-api-v3/api/js/54/1/intl/de_ALL/ Frame 0D01 |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 0D01 |
6 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
StaticMapService.GetMapImage
maps.googleapis.com/maps/api/js/ Frame 0D01 |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
onion.js
maps.googleapis.com/maps-api-v3/api/js/54/1/intl/de_ALL/ Frame 0D01 |
26 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
search_impl.js
maps.googleapis.com/maps-api-v3/api/js/54/1/intl/de_ALL/ Frame 0D01 |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H3 |
GetViewportInfo
maps.googleapis.com/$rpc/google.internal.maps.mapsjs.v1.MapsJsInternalService/ Frame |
0 0 |
Preflight
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
GetViewportInfo
maps.googleapis.com/$rpc/google.internal.maps.mapsjs.v1.MapsJsInternalService/ Frame 0D01 |
7 KB 1 KB |
XHR
application/json+protobuf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
AuthenticationService.Authenticate
maps.googleapis.com/maps/api/js/ Frame 0D01 |
62 B 84 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
QuotaService.RecordEvent
maps.googleapis.com/maps/api/js/ Frame 0D01 |
62 B 83 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
check.js
t.wepay.com/fp/ |
451 KB 82 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clear.png
t.wepay.com/fp/ |
81 B 475 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clear.png
t.wepay.com/fp/ |
81 B 475 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clear.png
t.wepay.com/fp/ |
81 B 552 B |
XHR
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ls_fp.html;CIS3SID=185EC5882716E1F537A58DF8DA9FCB20
t.wepay.com/fp/ Frame 0778 |
92 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clear.png
t.wepay.com/fp/ |
0 387 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
es.js
t.wepay.com/fp/ |
134 B 653 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sid_fp.html;CIS3SID=185EC5882716E1F537A58DF8DA9FCB20
h.online-metrix.net/fp/ Frame DD06 |
103 KB 15 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
top_fp.html;CIS3SID=185EC5882716E1F537A58DF8DA9FCB20
t.wepay.com/fp/ Frame 7680 |
89 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clear.png
t.wepay.com/fp/ |
0 218 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clear.png
ncwzrc4k5djihesm5ronew56fyx3sbiajcwl4bqs07e8e75357efca8eam1.e.aa.online-metrix.net/fp/ |
81 B 438 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clear.png
t.wepay.com/fp/ Frame 0778 |
0 387 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
es.js
t.wepay.com/fp/ Frame 0778 |
134 B 655 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clear1.png;CIS3SID=185EC5882716E1F537A58DF8DA9FCB20
t.wepay.com/fp/ |
0 400 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clear1.png;CIS3SID=9D640A2F8B920321872E5CACD874FEEC
h.online-metrix.net/fp/ Frame DD06 |
0 400 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clear3.png;CIS3SID=185EC5882716E1F537A58DF8DA9FCB20
t.wepay.com/fp/ |
0 218 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clear.png
t.wepay.com/fp/ |
0 387 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 54 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
274 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| documentPictureInPicture object| WePay object| addthis_share function| gtag object| dataLayer object| __BOOTSTRAP__ object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| webpackChunk_webconnex_bacon function| sprintf function| vsprintf object| DD_LOGS function| JSEncrypt function| $ function| jQuery function| $d object| addeventatc boolean| ate_touch_capable function| addeventReady object| hdx object| twttr object| __twttrll object| __twttr object| td_5V function| td_3x function| td_5Y function| td_0U function| td_0z function| td_2K function| td_R function| td_2L function| td_2J function| td_4V function| td_2z function| td_E6 function| td_4U object| td_1n function| td_5e string| td_3o string| td_2T string| td_3S string| td_0c string| td_1g undefined| td_3l string| td_4t string| td_2x string| td_1j object| td_vT object| td_5N object| td_5h object| td_0a object| td_4i object| td_2j object| td_4S object| td_5p string| td_4a string| td_3V string| td_0P undefined| td_5O undefined| td_1X undefined| td_1f string| td_0j string| td_2X string| td_3A undefined| td_4z undefined| td_4r undefined| td_2M string| td_5C string| td_1h string| td_3F undefined| td_2Z string| td_2y string| td_4f undefined| td_2l string| td_2v object| td_3t undefined| td_hP function| td_3G function| td_3d function| td_0H function| td_1w function| td_1a number| td_3N function| td_2p object| td_2V object| td_3E function| td_Qd function| td_CX function| td_Oy function| td_vq function| td_Ze function| td_uz function| td_w7 function| td_Z0 function| td_rv function| td_sA function| td_kr function| td_oT function| td_AB function| td_nk function| td_zc function| td_uJ function| td_sW function| td_4j function| td_1B function| td_0Q string| td_3g function| td_3a function| td_0k number| td_cz function| td_1k function| td_2C function| td_md function| td_FF function| td_Bs string| td_4o string| td_0l string| td_4M string| td_5v string| td_5j string| td_0i string| td_I string| td_Q string| td_1L string| td_2o string| td_3f string| td_0O string| td_3T string| td_k string| td_2d string| td_2w string| td_4v string| td_0Z string| td_0p string| td_1D string| td_1O string| td_0N string| td_3n string| td_i string| td_2r string| td_0y string| td_4m string| td_h string| td_q string| td_U string| td_V number| td_c number| td_O function| td_2S function| td_d function| td_v function| td_r function| td_0b function| td_L function| td_B function| td_o function| td_w object| td_2I object| td_0v number| td_u number| td_F number| td_n number| td_Z number| td_z object| td_1t function| td_5m function| td_x function| td_A function| td_a function| td_p function| td_4c function| td_4e function| td_G function| td_C function| td_Y function| td_y function| td_4p function| td_1J function| td_1F function| td_5q function| td_D function| td_g function| td_3P function| td_J function| td_0g function| td_3W object| td_4F object| td_2u function| td_5g function| td_5L function| td_3y function| td_0s function| td_2h function| td_2g object| td_4u function| td_0D function| td_1i string| td_xE string| td_do string| td_ve object| td_T2 object| td_oV boolean| td_sD function| td_5I function| td_I8 function| td_LF function| td_x5 function| td_rs function| td_MV function| td_ZW function| td_Vw function| td_Sm function| td_b9 function| td_sN function| td_vj function| td_FM function| td_GM function| td_wL function| td_3I function| td_0W function| td_3R function| td_0h function| td_4n object| td_fM object| td_HM object| td_OM boolean| td_Js boolean| td_NA boolean| td_Lu function| td_hQ function| td_1I function| td_HR function| td_hX function| td_dx function| td_Mk function| td_Tf function| td_wD function| td_LY object| td_sg undefined| td_B2 function| td_ci function| td_0Y function| td_QB function| td_2c function| td_1K function| td_1v function| td_4d number| td_2k string| td_1c string| td_1T string| td_2O string| td_3L string| td_3K string| td_4x string| td_2a string| td_0E string| td_4X string| td_5y string| td_3Z string| td_5o string| td_4T string| td_1x string| td_5T object| instance object| retVal9 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.onpdr.com/ | Name: __cf_bm Value: iScwKYgoLPFAbU8gEOPGWf8bM8XkJII3K9KAgafvrqw-1692813313-0-AS2vwVxXBndwhsYLBqgWyZAWHyob7AaitpPqjmPNYqO/hQr86+TiZlk/wIVpDYgyuX74NRuDhBrYYMa7JCy4PBk= |
|
.command-presence-training.regfox.com/ | Name: __cf_bm Value: ASBaq9d_TmKTsPgwQxlZOjnVwOzvQdBYdVSUZSvBcWs-1692813313-0-AXcfELnwixgKidYlQVfIyc6wcYYWOszqYIgBfndlXJ2eUI7jj0yOK9XquwpZHWQJOkeL+bPDB8/7xDDJ8PD1l3E= |
|
.regfox.com/ | Name: _ga Value: GA1.1.671642171.1692813314 |
|
.regfox.com/ | Name: _ga_75ZWMV4Z4P Value: GS1.1.1692813314.1.0.1692813314.0.0.0 |
|
command-presence-training.regfox.com/ | Name: _dd_s Value: logs=1&id=1ac6a47b-bd84-4b5d-a449-2aad126d6d35&created=1692813315716&expire=1692814215716 |
|
command-presence-training.regfox.com/ | Name: d3006753d46a43c38f9867d706af6a08 Value: 1692813315730 |
|
command-presence-training.regfox.com/ | Name: token Value: bef08888fd684c0d9a2b7798c66e4bf2 |
|
.command-presence-training.regfox.com/ | Name: cf_clearance Value: h1TyaZ_vi8Bm3UgSEwZBjbhuOCI_GX9nJnN.LIuEw7U-1692813316-0-1-2b620093.587ed710.7c635f73-0.2.1692813316 |
|
t.wepay.com/ | Name: thx_guid Value: 9aa18da33fb14ee8921e211c35014637 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bouncer.webconnex.com
campaigns-events.was-1.onpdr.com
cdn.uploads.webconnex.com
command-presence-training.regfox.com
fonts.googleapis.com
fonts.gstatic.com
h.online-metrix.net
images.webconnex.com
maps.googleapis.com
maps.gstatic.com
ncwzrc4k5djihesm5ronew56fyx3sbiajcwl4bqs07e8e75357efca8eam1.e.aa.online-metrix.net
netdna.bootstrapcdn.com
p.typekit.net
platform.twitter.com
purecatamphetamine.github.io
region1.google-analytics.com
s7.addthis.com
static.wepay.com
syndication.twitter.com
t.wepay.com
use.typekit.net
www.google.com
www.googletagmanager.com
104.18.32.180
104.244.42.200
146.75.116.157
151.101.66.123
18.66.147.79
2.19.224.115
2001:4860:4802:34::36
2600:9000:214f:e800:2:cf6c:5100:93a1
2606:4700::6812:30b
2606:4700::6812:bcf
2606:50c0:8003::153
2a00:1450:4001:806::2003
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:80e::200a
2a00:1450:4001:82a::2008
2a00:1450:4001:82f::200a
2a02:26f0:3500:16::215:1495
2a02:26f0:780::210:a469
44.228.31.6
91.235.132.130
91.235.133.182
91.235.134.131
0368f33db1cc70ef5eee2a5de99571b65d394d8964f4824ce3919d45998775c0
0bc1dbe9cca5286a91a9126e01077405cbbb5fad90106967f2dfc4932acf16b4
0c55c774914181fa23997227cb2f018037f315b00d3a58829ef141c74fe21c50
0c812e735c786372b48d6523fbac9216caa8515196a6c5305ab576dd8911153d
0f55de775c01d95b378617999eda21a740c442aa4547742ea5092a31184cae4c
11a73eb9b19bcd636ffcd60201be41d7a6eee7821a66d83aeddafc827dcf3563
1375c2978866433083025fc54f36e4910b5d29aca674207c55dc793d9f4b42ee
18fa6467364c846b33461cb88476c0e6772c637fbd80617bb706f380c854b7cd
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
24fbd58bef9bb543dd529985901dba8daa9338a53b0a9767a51b1dd60cb57c6d
2545100bcf1d86bda227862860b536a2054ed4832c820888a872ad4b4f41ff2a
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
3e743cd26e0a059de265f03a7e95dc1f055e1004607f20f73cb705eeeffc0581
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
415e7658ca2f7e76754ef476ad39a5a3284fc7158ca0d8146127eb8945cd7475
421d5a1ce1bf3ce2d16cb9c3749e55af2bc72bae1eaa6c18fb2c05b3a830b19b
46a2de362f54e3c988cc8c9fbf68fe12018c8ae42fe11509a747f52f17834466
4e1d611d096738ea6d39dd5f851ad36f79147e414f3e0864ebec62886301550d
4e2d487dc59eea73d7d4abf89dae6a71aa44ff784dd55a9372a0790c69547e1f
505ed475a764b3e56ebefb5252f4ca2999595071c023d3933e1632e9d23ea0a4
63ca9156ccb8151d305687ae6c6ff43caf78a3643a633aa0f8fec026f72b3b2a
67dddc804ee5388e12b4c08fd14e7f5b2ae3589413a8f0ad83b007c8d6172f60
6abc971165c6d83f7944969232111c1f5f64dcd50b32c603f8d7e36f962adfef
6e44c5fce0a28576a8efa122a5e9f2143dcd402d97cc5d4ca3ae5668ac1d1981
7026bc937f9d13fcf6b0eb20f9bd8792d64b781cec0684d4da2a2769752d7cc5
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
80c9cf1805f37aadca215182e49e02a7a9c7775232b99383d088fa937c182fd8
8178b6fb52f43bdcabbf202c867a03d720825650874d1bff6bde9473ac104013
8c34e49812cc3472a835405ba2acbd563082652d08fe5e9586563fd1a2e63fb3
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
a5cc72d472fb21a442453f0bfd1d9c43528ab46d3da0837f0a070540747ca928
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b0044d91b724bb429337d6dcd9d2332e855bc0b4452c1d3fc9beea9973017521
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b070c0982e2aeeca6860d3b0f7f7373517e21e800cc32a76d86069a61ecc158b
b482ca9abbcc007c314235cb08a9a1fe297a6548dbaf346acae03aab20a93859
b805c50bd761db5d2c6de14a08ca6a5cfc38f060838415c1937ec943c5901c4b
bb2bbbe0b72f9049acac8fac9cea40fe11c44be3425a45f67304112c3f29425a
bd4a08ee1b016c53e2a9221e418d7fa94478b650c58b757a6dde72748cd803f4
bf61130e380316d1308aa54222e456fb2901b300bf3a677afac176636b0edd67
c32e45088ff0d6649ff82d20c0573bdc50c18fd6dee506cb149ab62d255bb528
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb67b4706be6431c521aa99a746bd67e33c12c04886db02e164ce883d6b4867a
ccac65f34a5a71419b8f15cb9b87e2699919f86064f4369fc75024be633f2b2e
d9d360e4a9ffa22a014272dd7f8fe5de387b69cefab7b3a75a39378fec8f7bd1
e08970b6236a97d8dcff37c3c5e038388f7f5d55e5d2cc212d8de3abdfc0b8e4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4dea9e7d52dcc204f0674d1243db2959d9107b29a3ab71326f7542d121ee96b
e7f0c72a0ce17ca77f93669294b4ae10f8bb10b0bbcf3d06ffb122650eaa2570
ea46cee3ab6c648b2dd8fdc31b2b167b2a716c867d07a230426af3e1a210376b
ee4449e61a8245c7983466776579f421f3807158efdb451037e3edf0e183e99c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f684931b8d31cca6bd41f073a6ae49b0ee127c4b9dc9a2805cd3b0898128ef2a
fc533a6877a40051d87fe7259ec4f31929c9dce223222d5f0846fca932d70342