secure.nrsc.org
Open in
urlscan Pro
52.207.51.201
Public Scan
Effective URL: https://secure.nrsc.org/donation_page/wh-trump-gold-ornament-special/?recurring=true&fname=Shane&lname=Barney&email=shan...
Submission: On December 04 via manual from US
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on November 4th 2017. Valid for: 3 months.
This is the only time secure.nrsc.org was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 74.121.50.4 74.121.50.4 | 19795 (SILVERPOP...) (SILVERPOP-ATL - IBM) | |
11 | 52.207.51.201 52.207.51.201 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
2 | 92.123.94.15 92.123.94.15 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 199.96.57.6 199.96.57.6 | 13414 (TWITTER) (TWITTER - Twitter Inc.) | |
1 | 2a00:1450:400... 2a00:1450:4001:817::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
5 | 2600:9000:200... 2600:9000:200e:da00:14:71e7:1f40:93a1 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
4 | 23.111.9.35 23.111.9.35 | 54104 (AS-STACKPATH) (AS-STACKPATH - netDNA) | |
2 | 2a00:1450:400... 2a00:1450:4001:811::2008 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 216.58.207.34 216.58.207.34 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 104.244.43.112 104.244.43.112 | 13414 (TWITTER) (TWITTER - Twitter Inc.) | |
2 | 204.79.197.200 204.79.197.200 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation) | |
1 1 | 2a00:1450:400... 2a00:1450:4001:817::2002 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 2 | 2a00:1450:400... 2a00:1450:4001:80b::2004 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 2a00:1450:400... 2a00:1450:4001:811::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
4 | 2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
1 | 104.244.42.136 104.244.42.136 | 13414 (TWITTER) (TWITTER - Twitter Inc.) | |
1 | 52.85.177.242 52.85.177.242 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 | 104.244.42.197 104.244.42.197 | 13414 (TWITTER) (TWITTER - Twitter Inc.) | |
1 5 | 2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
1 | 2a02:26f0:11a... 2a02:26f0:11a:38d::20c1 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2a03:2880:f01... 2a03:2880:f01c:202:face:b00c:0:8c | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
2 3 | 2a00:1450:400... 2a00:1450:4001:80b::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 52.216.129.237 52.216.129.237 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 2 | 2a00:1450:401... 2a00:1450:4013:c00::9b | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 52.207.195.246 52.207.195.246 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
1 | 52.3.37.166 52.3.37.166 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
1 | 104.244.42.3 104.244.42.3 | 13414 (TWITTER) (TWITTER - Twitter Inc.) | |
54 | 25 |
ASN19795 (SILVERPOP-ATL - IBM, US)
PTR: mta3604.silverpop.net
links.targetedvictory.mkt8888.com |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-207-51-201.compute-1.amazonaws.com
secure.nrsc.org |
ASN20940 (AKAMAI-ASN1, US)
PTR: a92-123-94-15.deploy.akamaitechnologies.com
use.typekit.net |
ASN13414 (TWITTER - Twitter Inc., US)
platform.twitter.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
secure.victorypassport.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s24-in-f2.1e100.net
www.googleadservices.com |
ASN13414 (TWITTER - Twitter Inc., US)
static.ads-twitter.com |
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
PTR: a-0001.a-msedge.net
bat.bing.com |
ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net |
ASN13414 (TWITTER - Twitter Inc., US)
syndication.twitter.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-85-177-242.fra6.r.cloudfront.net
b-code.liadm.com |
ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
s3.amazonaws.com |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-207-195-246.compute-1.amazonaws.com
c.liadm.com |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-3-37-166.compute-1.amazonaws.com
c.liadm.com |
ASN13414 (TWITTER - Twitter Inc., US)
analytics.twitter.com |
Domain | Requested by | |
---|---|---|
11 | secure.nrsc.org |
secure.nrsc.org
|
5 | www.facebook.com |
1 redirects
secure.nrsc.org
|
5 | secure.victorypassport.com |
secure.nrsc.org
secure.victorypassport.com |
4 | connect.facebook.net |
secure.nrsc.org
connect.facebook.net |
4 | use.fontawesome.com |
secure.nrsc.org
use.fontawesome.com |
3 | www.google-analytics.com |
2 redirects
secure.victorypassport.com
|
2 | c.liadm.com |
b-code.liadm.com
secure.nrsc.org |
2 | stats.g.doubleclick.net |
1 redirects
secure.nrsc.org
|
2 | www.google.de |
secure.nrsc.org
|
2 | www.google.com | 2 redirects |
2 | bat.bing.com |
www.googletagmanager.com
secure.nrsc.org |
2 | www.googletagmanager.com |
secure.nrsc.org
secure.victorypassport.com |
2 | use.typekit.net |
secure.nrsc.org
use.typekit.net |
1 | analytics.twitter.com |
static.ads-twitter.com
|
1 | s3.amazonaws.com |
www.google-analytics.com
|
1 | cx.atdmt.com |
secure.nrsc.org
|
1 | p.typekit.net |
secure.nrsc.org
|
1 | t.co |
secure.nrsc.org
|
1 | b-code.liadm.com |
www.googletagmanager.com
|
1 | syndication.twitter.com |
platform.twitter.com
|
1 | googleads.g.doubleclick.net | 1 redirects |
1 | static.ads-twitter.com |
www.googletagmanager.com
|
1 | www.googleadservices.com |
www.googletagmanager.com
|
1 | fonts.googleapis.com |
secure.nrsc.org
|
1 | platform.twitter.com |
secure.nrsc.org
platform.twitter.com |
1 | links.targetedvictory.mkt8888.com | 1 redirects |
0 | staticxx.facebook.com Failed |
connect.facebook.net
|
54 | 27 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.nrsc.org |
Subject Issuer | Validity | Valid | |
---|---|---|---|
secure.nrsc.org Let's Encrypt Authority X3 |
2017-11-04 - 2018-02-02 |
3 months | crt.sh |
typekit.net Symantec Class 3 Secure Server CA - G4 |
2017-03-20 - 2018-06-19 |
a year | crt.sh |
platform.twitter.com DigiCert SHA2 High Assurance Server CA |
2017-04-04 - 2018-05-25 |
a year | crt.sh |
*.googleapis.com Google Internet Authority G2 |
2017-11-16 - 2018-02-08 |
3 months | crt.sh |
*.victorypassport.com Amazon |
2016-12-15 - 2018-01-15 |
a year | crt.sh |
*.fontawesome.com DigiCert SHA2 Secure Server CA |
2017-08-10 - 2018-10-17 |
a year | crt.sh |
*.google-analytics.com Google Internet Authority G3 |
2017-11-16 - 2018-02-08 |
3 months | crt.sh |
www.googleadservices.com Google Internet Authority G3 |
2017-11-16 - 2018-02-08 |
3 months | crt.sh |
ads-twitter.com DigiCert SHA2 High Assurance Server CA |
2016-06-08 - 2019-06-13 |
3 years | crt.sh |
www.bing.com Microsoft IT TLS CA 5 |
2017-07-20 - 2019-07-10 |
2 years | crt.sh |
www.google.de Google Internet Authority G3 |
2017-11-16 - 2018-02-08 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2016-12-09 - 2018-01-25 |
a year | crt.sh |
syndication.twitter.com DigiCert SHA2 High Assurance Server CA |
2015-07-30 - 2018-08-03 |
3 years | crt.sh |
*.liadm.com Amazon |
2016-12-09 - 2018-01-09 |
a year | crt.sh |
t.co DigiCert SHA2 Extended Validation Server CA |
2017-07-25 - 2018-11-05 |
a year | crt.sh |
*.atlassolutions.com DigiCert SHA2 High Assurance Server CA |
2017-04-27 - 2018-05-31 |
a year | crt.sh |
s3.amazonaws.com DigiCert Baltimore CA-2 G2 |
2017-09-26 - 2018-09-20 |
a year | crt.sh |
*.g.doubleclick.net Google Internet Authority G3 |
2017-11-21 - 2018-02-13 |
3 months | crt.sh |
*.twitter.com DigiCert SHA2 High Assurance Server CA |
2015-07-30 - 2018-08-03 |
3 years | crt.sh |
This page contains 4 frames:
Primary Page:
https://secure.nrsc.org/donation_page/wh-trump-gold-ornament-special/?recurring=true&fname=Shane&lname=Barney&email=shane.barney@dhs.gov&zip=20837-2180&utm_medium=email&utm_source=TVR&utm_campaign=20171204_32040571_Order-Confirmation@nrsc.org-FSL-PAT&utm_content=body_img_button_request%20now&action=email_click
Frame ID: 25208.1
Requests: 51 HTTP requests in this frame
Frame:
https://secure.victorypassport.com/pages/nrsc/wh-trump-gold-ornament-16
Frame ID: 25208.2
Requests: 1 HTTP requests in this frame
Frame:
https://platform.twitter.com/widgets/twitter_cookies.html?namespace=twttr%3Acookies&origin=https%3A%2F%2Fsecure.nrsc.org
Frame ID: 25208.3
Requests: 1 HTTP requests in this frame
Frame:
https://staticxx.facebook.com/connect/xd_arbiter/r/lY4eZXm_YWu.js?version=42
Frame ID: 25208.4
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://links.targetedvictory.mkt8888.com/ctt?kn=1&ms=MzIwNDA1NzES1&r=NjQ3ODA1OTgyODA1S0&b=0&j=MTE4MDQ4OTg2MQS2&mt=1&rt=0
HTTP 302
https://secure.nrsc.org/donation_page/wh-trump-gold-ornament-special/?recurring=true&fname=Shane&lna... Page URL
Detected technologies
WordPress (CMS) ExpandDetected patterns
- html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
- script /\/wp-includes\//i
PHP (Programming Languages) Expand
Detected patterns
- html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
- script /\/wp-includes\//i
Nginx (Web Servers) Expand
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Yoast SEO (SEO) Expand
Detected patterns
- html /<!-- This site is optimized with the Yoast/i
Facebook (Widgets) Expand
Detected patterns
- script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Font Awesome (Font Scripts) Expand
Detected patterns
- html /<script[^>]* src=[^>]+fontawesome(?:\.js)?/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
Google Font API (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Twitter (Widgets) Expand
Detected patterns
- script /\/\/platform\.twitter\.com\/widgets\.js/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Privacy Policy
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://links.targetedvictory.mkt8888.com/ctt?kn=1&ms=MzIwNDA1NzES1&r=NjQ3ODA1OTgyODA1S0&b=0&j=MTE4MDQ4OTg2MQS2&mt=1&rt=0
HTTP 302
https://secure.nrsc.org/donation_page/wh-trump-gold-ornament-special/?recurring=true&fname=Shane&lname=Barney&email=shane.barney@dhs.gov&zip=20837-2180&utm_medium=email&utm_source=TVR&utm_campaign=20171204_32040571_Order-Confirmation@nrsc.org-FSL-PAT&utm_content=body_img_button_request%20now&action=email_click Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 18- https://googleads.g.doubleclick.net/pagead/viewthroughconversion/863113746/?random=1512422862256&cv=8&fst=1512422862256&num=1&guid=ON&eid=659238990&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=Gbe&frm=0&url=https%3A%2F%2Fsecure.nrsc.org%2Fdonation_page%2Fwh-trump-gold-ornament-special%2F%3Frecurring%3Dtrue%26fname%3DShane%26lname%3DBarney%26email%3Dshane.barney%40dhs.gov%26zip%3D20837-2180%26utm_medium%3Demail%26utm_source%3DTVR%26utm_campaign%3D20171204_32040571_Order-Confirmation%40nrsc.org-FSL-PAT%26utm_content%3Dbody_img_button_request%2520now%26action%3Demail_click&tiba=WH%20Trump%20Gold%20Ornament%20%7C%20NRSC&async=1&rfmt=3&fmt=4 HTTP 302
- https://www.google.com/ads/user-lists/863113746/?random=1512422862256&cv=8&fst=1512421200000&num=1&guid=ON&eid=659238990&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=https%3A%2F%2Fsecure.nrsc.org%2Fdonation_page%2Fwh-trump-gold-ornament-special%2F%3Frecurring%3Dtrue%26fname%3DShane%26lname%3DBarney%26email%3Dshane.barney%40dhs.gov%26zip%3D20837-2180%26utm_medium%3Demail%26utm_source%3DTVR%26utm_campaign%3D20171204_32040571_Order-Confirmation%40nrsc.org-FSL-PAT%26utm_content%3Dbody_img_button_request%2520now%26action%3Demail_click&tiba=WH%20Trump%20Gold%20Ornament%20%7C%20NRSC&async=1&fmt=4&cdct=2&is_vtc=1&random=2415269673 HTTP 302
- https://www.google.de/ads/user-lists/863113746/?random=1512422862256&cv=8&fst=1512421200000&num=1&guid=ON&eid=659238990&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=https%3A%2F%2Fsecure.nrsc.org%2Fdonation_page%2Fwh-trump-gold-ornament-special%2F%3Frecurring%3Dtrue%26fname%3DShane%26lname%3DBarney%26email%3Dshane.barney%40dhs.gov%26zip%3D20837-2180%26utm_medium%3Demail%26utm_source%3DTVR%26utm_campaign%3D20171204_32040571_Order-Confirmation%40nrsc.org-FSL-PAT%26utm_content%3Dbody_img_button_request%2520now%26action%3Demail_click&tiba=WH%20Trump%20Gold%20Ornament%20%7C%20NRSC&async=1&fmt=4&cdct=2&is_vtc=1&random=2415269673&ipr=y&ulfeg=n
- https://www.facebook.com/tr/?id=1877534775869068&ev=Microdata&dl=https%3A%2F%2Fsecure.nrsc.org%2Fdonation_page%2Fwh-trump-gold-ornament-special%2F%3Frecurring%3Dtrue%26fname%3DShane%26lname%3DBarney%26email%3Dshane.barney%40dhs.gov%26zip%3D20837-2180%26utm_medium%3Demail%26utm_source%3DTVR%26utm_campaign%3D20171204_32040571_Order-Confirmation%40nrsc.org-FSL-PAT%26utm_content%3Dbody_img_button_request%2520now%26action%3Demail_click&rl=&if=false&ts=1512422864014&cd[Schema.org]=%5B%5D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Atitle%22%3A%22WH%20Trump%20Gold%20Ornament%20-%20NRSC%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.nrsc.org%2Fdonation_page%2Fwh-trump-gold-ornament-special%2F%22%2C%22og%3Asite_name%22%3A%22NRSC%22%7D&cd[Meta]=%7B%22title%22%3A%22WH%20Trump%20Gold%20Ornament%20%7C%20NRSC%22%7D&v=2.8.1&o=28 HTTP 302
- https://cx.atdmt.com/?c=13187479051908078388&f=AYxbdIE7hNUH87jyUB0hijZiTF7qUu-uStAuKdvdmvgF05kW8ByHo--MfRP_5wgc45DcBvbUid7cvZ22SqiZw6zL&id=1877534775869068&l=3&v=0
- https://www.google-analytics.com/r/collect?v=1&_v=j66&a=424816098&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.nrsc.org%2Fdonation_page%2Fwh-trump-gold-ornament-special%2F%3Frecurring%3Dtrue%26fname%3DShane%26lname%3DBarney%26email%3Dshane.barney%40dhs.gov%26zip%3D20837-2180%26utm_medium%3Demail%26utm_source%3DTVR%26utm_campaign%3D20171204_32040571_Order-Confirmation%40nrsc.org-FSL-PAT%26utm_content%3Dbody_img_button_request%2520now%26action%3Demail_click&ul=en-us&de=UTF-8&dt=WH%20Trump%20Gold%20Ornament%20%7C%20NRSC&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=1620066262&gjid=214937721&cid=1395405847.1512422864&tid=UA-23419263-1&_gid=695530159.1512422864&_r=1&z=1345522953 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-23419263-1&cid=1395405847.1512422864&jid=1620066262&_gid=695530159.1512422864&gjid=214937721&_v=j66&z=1345522953 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-23419263-1&cid=1395405847.1512422864&jid=1620066262&_v=j66&z=1345522953 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-23419263-1&cid=1395405847.1512422864&jid=1620066262&_v=j66&z=1345522953&slf_rd=1&random=398740040
- https://www.google-analytics.com/r/collect?v=1&_v=j66&a=424816098&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.nrsc.org%2Fdonation_page%2Fwh-trump-gold-ornament-special%2F%3Frecurring%3Dtrue%26fname%3DShane%26lname%3DBarney%26email%3Dshane.barney%40dhs.gov%26zip%3D20837-2180%26utm_medium%3Demail%26utm_source%3DTVR%26utm_campaign%3D20171204_32040571_Order-Confirmation%40nrsc.org-FSL-PAT%26utm_content%3Dbody_img_button_request%2520now%26action%3Demail_click&ul=en-us&de=UTF-8&dt=WH%20Trump%20Gold%20Ornament%20%7C%20NRSC&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aEDAAEAB~&jid=1136435090&gjid=651696019&cid=1395405847.1512422864&tid=UA-23419263-11&_gid=695530159.1512422864&_r=1>m=Gbe5WDLTFM&z=2010038343 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-23419263-11&cid=1395405847.1512422864&jid=1136435090&_gid=695530159.1512422864&gjid=651696019&_v=j66&z=2010038343
54 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
secure.nrsc.org/donation_page/wh-trump-gold-ornament-special/ Redirect Chain
|
13 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nnp5tpv.js
use.typekit.net/ |
17 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
widgets.js
platform.twitter.com/ |
121 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
1 KB 423 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
secure.nrsc.org/wp-content/themes/nrsc/assets/css/ |
94 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jigsaw.css
secure.victorypassport.com/styles/ |
789 B 417 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9b6261cc3e.js
use.fontawesome.com/ |
9 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.js
secure.nrsc.org/wp-includes/js/jquery/ |
95 KB 39 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-migrate.min.js
secure.nrsc.org/wp-includes/js/jquery/ |
10 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jigsaw
secure.victorypassport.com/scripts/ |
2 KB 757 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
slidebars.min.js
secure.nrsc.org/wp-content/themes/nrsc/assets/js/ |
3 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
backstretch.min.js
secure.nrsc.org/wp-content/themes/nrsc/assets/js/ |
17 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.matchHeight.min.js
secure.nrsc.org/wp-content/themes/nrsc/assets/js/ |
3 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scripts.js
secure.nrsc.org/wp-content/themes/nrsc/assets/js/ |
229 KB 87 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wp-embed.min.js
secure.nrsc.org/wp-includes/js/ |
1 KB 774 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
63 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
16 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uwt.js
static.ads-twitter.com/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bat.js
bat.bing.com/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/ads/user-lists/863113746/ Redirect Chain
|
43 B 81 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wp-emoji-release.min.js
secure.nrsc.org/wp-includes/js/ |
12 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9b6261cc3e.css
use.fontawesome.com/ |
1 KB 389 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/en_US/ |
209 KB 64 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
wh-trump-gold-ornament-16
secure.victorypassport.com/pages/nrsc/ Frame 2520 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
application-699debf42ab7586933d3e1dbd037e5e6a017ecfdb03c20128fd9d95e3f75b8a5.css
secure.victorypassport.com/assets/jackal/ |
20 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
application-68a741850d8a9fe860882e93a4ba3ce3300b03510aa1ebb4d5200fd973364601.js
secure.victorypassport.com/assets/jackal/ |
42 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cerabasic-regular-webfont.woff2
secure.nrsc.org/wp-content/themes/nrsc/assets/fonts/cera/ |
20 KB 20 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/4d2181/0000000000000000000149c5/27/ |
12 KB 12 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
twitter_cookies.html
platform.twitter.com/widgets/ Frame 2520 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
settings
syndication.twitter.com/ |
74 B 104 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome-css.min.css
use.fontawesome.com/releases/v4.7.0/css/ |
30 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
32 KB 0 |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a-00r9.min.js
b-code.liadm.com/ |
95 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0
bat.bing.com/action/ |
0 0 |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
t.co/i/ |
43 B 74 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1877534775869068
connect.facebook.net/signals/config/ |
39 KB 11 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-webfont.woff2
use.fontawesome.com/releases/v4.7.0/fonts/ |
75 KB 75 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/impression.php/f2142d43b0a2898/ |
43 B 66 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
p.gif
p.typekit.net/ |
35 B 35 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
lY4eZXm_YWu.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame 2520 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 53 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
circles-cda90b57321e88549d90dc2492ee86043bd080f154107d931c065dea54f8fb2c.jpg
secure.victorypassport.com/assets/ |
444 B 462 B |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
cx.atdmt.com/ Redirect Chain
|
42 B 51 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
62 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
35 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
VictoryPassport.ttf
s3.amazonaws.com/assets.victorypassport.com/fonts/ |
11 KB 11 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 60 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
528927697229967
connect.facebook.net/signals/config/ |
39 KB 11 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
stats.g.doubleclick.net/r/ Redirect Chain
|
35 B 53 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 53 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
tp2
c.liadm.com/com.snowplowanalytics.snowplow/ |
0 0 |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 53 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
Cookie set
tp2
c.liadm.com/com.snowplowanalytics.snowplow/ |
2 B 2 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
analytics.twitter.com/i/ |
31 B 66 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- secure.victorypassport.com
- URL
- https://secure.victorypassport.com/pages/nrsc/wh-trump-gold-ornament-16
- Domain
- platform.twitter.com
- URL
- https://platform.twitter.com/widgets/twitter_cookies.html?namespace=twttr%3Acookies&origin=https%3A%2F%2Fsecure.nrsc.org
- Domain
- staticxx.facebook.com
- URL
- https://staticxx.facebook.com/connect/xd_arbiter/r/lY4eZXm_YWu.js?version=42
Verdicts & Comments Add Verdict or Comment
66 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| dataLayer object| google_tag_manager function| twq object| uetq function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| Typekit object| _wpemojiSettings function| __twttrll object| twttr object| __twttr object| google_noFurtherRedirects object| twemoji object| wp object| FontAwesomeCdnConfig string| cssUrl undefined| $ function| jQuery object| urls function| slidebars object| jQuery1124019366498786543773 function| getDevice function| Vue function| Hammer function| filter function| sortBy function| fbq function| _fbq function| UET object| FB object| LI object| Snowplow object| liQ function| _classCallCheck function| _inherits object| vp function| _createClass function| VPModal function| _get function| VPAuthorizeDialog function| VPBaseForm function| VPEventProcessor function| VPForgotPasswordForm function| VPLoginDialog function| VPLoginForm function| VPParentLocation function| VPPublishAnalytics function| VPRegistrationForm function| VPScrollToTop function| VPToolbar function| Messages function| DOMUtils function| VPUpdateBackgroundImage function| VPUpdateFrameHeight function| VPUpdateToolbar function| Utils object| vpToolbar object| vpEventProcessor boolean| ieVersion object| Mustache string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData19 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.secure.victorypassport.com/ | Name: __stripe_sid Value: 7dbdea60-c452-4d51-bc29-183138ee446d |
|
.secure.victorypassport.com/ | Name: __stripe_mid Value: e0b58ff5-1ed5-435b-ba10-61674c324337 |
|
.victorypassport.com/ | Name: _gat_UA-10463545-10 Value: 1 |
|
.victorypassport.com/ | Name: _ga Value: GA1.2.2031990210.1512422864 |
|
secure.victorypassport.com/ | Name: _mystique_session Value: bGtmVWZ6anp2eWx4UkVvYTdjQ1A0SEltNTZkOEc0ajVOZHpGWkFBRGJMeXVsWmpoS2Jod1VsQ3loWndtYVlHQmNFZTJ1WUZGZVBPK280ZGVvRzZDSHVtRWFKaGFoZE5xcml0RkVZQmZhZnJUNWlycC9mVjdsRkxoSTZRMFZKMlJqOXViSjV6R1dhTE4yNjc0eXhFeFhnPT0tLWNSZmhMa0JVbEVnLzJaajZnYUdodEE9PQ%3D%3D--f2f645411f902bf5de55c43bcda3ffa09bcf4601 |
|
.nrsc.org/ | Name: _ga Value: GA1.2.1395405847.1512422864 |
|
secure.nrsc.org/ | Name: _litra_ses.a897 Value: * |
|
.facebook.com/ | Name: fr Value: 03ombpG0Axs6M51KQ..BaJb3P..Fol.1.0.BaJb3P. |
|
secure.nrsc.org/ | Name: _litra_id.a897 Value: a-00r9--a240ec5f-c9d7-460f-81b0-bb6f9735b9dd.1512422864.1.1512422865.1512422864.57321fc8-5c60-4d96-9afc-229be493d66f |
|
.secure.nrsc.org/ | Name: _gid Value: GA1.3.695530159.1512422864 |
|
.nrsc.org/ | Name: _gat Value: 1 |
|
.victorypassport.com/ | Name: _dc_gtm_UA-10463545-9 Value: 1 |
|
.nrsc.org/ | Name: _gid Value: GA1.2.695530159.1512422864 |
|
.victorypassport.com/ | Name: _gat Value: 1 |
|
.secure.nrsc.org/ | Name: _gat_UA-23419263-11 Value: 1 |
|
.secure.nrsc.org/ | Name: _ga Value: GA1.3.1395405847.1512422864 |
|
m.stripe.network/ | Name: nsr Value: 1 |
|
.victorypassport.com/ | Name: _gid Value: GA1.2.176605397.1512422864 |
|
.nrsc.org/ | Name: _uetsid Value: _uet28e31165 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
analytics.twitter.com
b-code.liadm.com
bat.bing.com
c.liadm.com
connect.facebook.net
cx.atdmt.com
fonts.googleapis.com
googleads.g.doubleclick.net
links.targetedvictory.mkt8888.com
p.typekit.net
platform.twitter.com
s3.amazonaws.com
secure.nrsc.org
secure.victorypassport.com
static.ads-twitter.com
staticxx.facebook.com
stats.g.doubleclick.net
syndication.twitter.com
t.co
use.fontawesome.com
use.typekit.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
platform.twitter.com
secure.victorypassport.com
staticxx.facebook.com
104.244.42.136
104.244.42.197
104.244.42.3
104.244.43.112
199.96.57.6
204.79.197.200
216.58.207.34
23.111.9.35
2600:9000:200e:da00:14:71e7:1f40:93a1
2a00:1450:4001:80b::2004
2a00:1450:4001:80b::200e
2a00:1450:4001:811::2003
2a00:1450:4001:811::2008
2a00:1450:4001:817::2002
2a00:1450:4001:817::200a
2a00:1450:4013:c00::9b
2a02:26f0:11a:38d::20c1
2a03:2880:f01c:202:face:b00c:0:8c
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
52.207.195.246
52.207.51.201
52.216.129.237
52.3.37.166
52.85.177.242
74.121.50.4
92.123.94.15
038ab600aeb441d041e0eec590868588b8efb3e8698fbcb9bca9282bc88af8f2
09abca9928d56b9e357bf27dd35659d15d376e8b954fb7ac34e06a242dc1ce8f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12f4322709a5325b098775ca8bc24c7f0e0bafe36d53f8d8198495ec734daee3
17a6616a45c5d4066bc40023623592bd6c4bc4737c454bddef6e34537f66e7bc
205503cc3e945358d64d6fc6e2a56644c0a1c7e145b47b1118e25878f70b7a67
23936f6d600ea91e594a325594f37c3b08fe13a8dadd63f1ce708a57975f2691
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
36c555cb54de9de90a75de86b994cc4023efe001d4da00dd47c03ac03a8efc15
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
496068de24fca470ff19d072ae403d5fd556c04ffd2554c27b1fb64856edf30e
4d22f87893242016b19d07844de2a7b857faab225a744be22fb5e7aa58b22f65
51bfcb8bf99fd66b9b742931ac0e1829033fd677b3f84559aa1e803ea39afb9a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5517e384dacbf9151599383c4965af3f19562148376757092affd1986bab5eb0
565b01c53662a9c1ac55805cf666a2e732d468a9203e00e292c2c5d6d85b54b6
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
64f9b8b4ec697eed1b56da233575d974607ab3ca43d6af461a6874ec796974f7
68a741850d8a9fe860882e93a4ba3ce3300b03510aa1ebb4d5200fd973364601
699debf42ab7586933d3e1dbd037e5e6a017ecfdb03c20128fd9d95e3f75b8a5
6bbc17bc80d6d996bb721ae42f4adda24f75acadf851494465860bd38f890337
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84279fcce9e4c420c0771c1c63c84a3a0cb2a5413c8f976c3a2d74085b948a02
85990e35a1bd9710094c42c86b371a1cb549c880a191aa795b1d6ceb43de8618
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
a36e682505a82eecb181b3d210003c4ce9473280d4eb4fa58ad13a56857feee8
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
afcb1f6c5b300318111c91317309f5cd4e621638628db4aa5beefd622ca8be10
bbfebae5771a0b1ed17b7fc40e9e8cd6dbdca67be9fc227b7b51436e92e4ecbe
be217e8379199bbfaa9badbe7696c4cd90c18df390a7c4cae53f7096e15e650e
c1aaebd3e292905247afcee12242ae79f65b1612353455ae144367fa4868e60e
c5fc00454f9871a72caa18f4a7efe60856ec2894268563fdfa764aa68a641e47
cda90b57321e88549d90dc2492ee86043bd080f154107d931c065dea54f8fb2c
d20129789cf4a26600f32331981523d7f9682c2c94871ed40ec9b068240435ed
dba6b80aceb1267fd1ed564e08a983730d272813e9b3aff85dc365c65333dd66
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e1f244c41a11d32ede57cc0db3c2c2cf6b1cb0fc55a0bdf23130ef607ad80969
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e79ed5247c32fef2049edc969ffb9445cc0ece8397a790e47e679a977afcb8f7
ec66e9623104977ac60bfd82d3c77e4fc3758b60478114da618bbd6d660d1437
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f8ef655ef916e39713ede9c6db56d7ca5618bd82cf5ac991dcd013f05e0fdfc7
fa87904726726364ad19a7c4b2f2b20ee10637325601b5aa88ed8bfdcb7117a7
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e