secure.everyaction.com
Open in
urlscan Pro
45.60.33.183
Public Scan
Effective URL: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&%3bms=emft&%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9...
Submission: On February 29 via api from BE
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on February 19th 2019. Valid for: 2 years.
This is the only time secure.everyaction.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN19551 (INCAPSULA, US)
click.everyaction.com | |
secure.everyaction.com | |
profile.ngpvan.com | |
fastaction.ngpvan.com | |
secure.ngpvan.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
nvlupin.blob.core.windows.net |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-72.fra50.r.cloudfront.net
js.verygoodvault.com |
ASN16509 (AMAZON-02, US)
d3rse9xjbp8270.cloudfront.net |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-175.fra50.r.cloudfront.net
d1aqhv4sn5kxtx.cloudfront.net |
ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-11.fra2.r.cloudfront.net
payments.braintree-api.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-137-39-162.us-east-2.compute.amazonaws.com
client-analytics.braintreegateway.com |
ASN16625 (AKAMAI-AS, US)
PTR: a88-221-63-221.deploy.static.akamaitechnologies.com
checkout.paypal.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
cloudfront.net
d3rse9xjbp8270.cloudfront.net d1aqhv4sn5kxtx.cloudfront.net |
464 KB |
11 |
google-analytics.com
1 redirects
www.google-analytics.com |
19 KB |
11 |
everyaction.com
1 redirects
click.everyaction.com secure.everyaction.com |
40 KB |
8 |
braintreegateway.com
client-analytics.braintreegateway.com |
3 KB |
4 |
ngpvan.com
profile.ngpvan.com fastaction.ngpvan.com secure.ngpvan.com |
6 KB |
4 |
windows.net
nvlupin.blob.core.windows.net |
202 KB |
3 |
doubleclick.net
stats.g.doubleclick.net |
339 B |
3 |
verygoodvault.com
js.verygoodvault.com |
24 KB |
2 |
visualstudio.com
dc.services.visualstudio.com |
832 B |
2 |
braintree-api.com
payments.braintree-api.com |
1 KB |
2 |
twitter.com
platform.twitter.com |
29 KB |
2 |
facebook.net
connect.facebook.net |
115 KB |
2 |
googletagmanager.com
www.googletagmanager.com |
51 KB |
1 |
paypal.com
checkout.paypal.com |
|
1 |
msecnd.net
az416426.vo.msecnd.net |
22 KB |
1 |
jquery.com
code.jquery.com |
30 KB |
67 | 16 |
Domain | Requested by | |
---|---|---|
11 | www.google-analytics.com |
1 redirects
www.googletagmanager.com
secure.everyaction.com |
10 | secure.everyaction.com |
secure.everyaction.com
az416426.vo.msecnd.net |
9 | d3rse9xjbp8270.cloudfront.net |
secure.everyaction.com
d3rse9xjbp8270.cloudfront.net www.google-analytics.com |
8 | client-analytics.braintreegateway.com |
az416426.vo.msecnd.net
|
4 | nvlupin.blob.core.windows.net |
secure.everyaction.com
d3rse9xjbp8270.cloudfront.net |
3 | d1aqhv4sn5kxtx.cloudfront.net |
www.googletagmanager.com
secure.everyaction.com |
3 | stats.g.doubleclick.net |
secure.everyaction.com
|
3 | js.verygoodvault.com |
secure.everyaction.com
js.verygoodvault.com |
2 | dc.services.visualstudio.com |
az416426.vo.msecnd.net
|
2 | payments.braintree-api.com |
az416426.vo.msecnd.net
|
2 | profile.ngpvan.com |
d3rse9xjbp8270.cloudfront.net
az416426.vo.msecnd.net |
2 | platform.twitter.com |
secure.everyaction.com
platform.twitter.com |
2 | connect.facebook.net |
secure.everyaction.com
connect.facebook.net |
2 | www.googletagmanager.com |
secure.everyaction.com
d3rse9xjbp8270.cloudfront.net |
1 | checkout.paypal.com |
d3rse9xjbp8270.cloudfront.net
|
1 | secure.ngpvan.com |
az416426.vo.msecnd.net
|
1 | fastaction.ngpvan.com |
d3rse9xjbp8270.cloudfront.net
|
1 | az416426.vo.msecnd.net |
secure.everyaction.com
|
1 | code.jquery.com |
secure.everyaction.com
|
1 | click.everyaction.com | 1 redirects |
67 | 20 |
This site contains links to these domains. Also see Links.
Domain |
---|
fastaction.ngpvan.com |
jewishvoiceforpeace.org |
jvp.org |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.everyaction.com Sectigo RSA Domain Validation Secure Server CA |
2019-02-19 - 2021-02-18 |
2 years | crt.sh |
jquery.org COMODO RSA Domain Validation Secure Server CA |
2018-10-17 - 2020-10-16 |
2 years | crt.sh |
*.blob.core.windows.net Microsoft IT TLS CA 1 |
2020-01-28 - 2022-01-28 |
2 years | crt.sh |
*.verygoodvault.com Amazon |
2019-05-15 - 2020-06-15 |
a year | crt.sh |
*.cloudfront.net DigiCert Global CA G2 |
2019-07-17 - 2020-07-05 |
a year | crt.sh |
*.vo.msecnd.net Microsoft IT TLS CA 2 |
2018-03-30 - 2020-03-30 |
2 years | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-02-12 - 2020-05-06 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-01-16 - 2020-04-15 |
3 months | crt.sh |
*.twimg.com DigiCert SHA2 High Assurance Server CA |
2019-11-12 - 2020-11-18 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2020-02-12 - 2020-05-06 |
3 months | crt.sh |
*.ngpvan.com RapidSSL RSA CA 2018 |
2018-02-08 - 2021-02-07 |
3 years | crt.sh |
payments.braintree-api.com DigiCert SHA2 Extended Validation Server CA |
2019-03-04 - 2021-03-08 |
2 years | crt.sh |
dc.services.visualstudio.com Microsoft IT TLS CA 5 |
2019-11-18 - 2021-11-18 |
2 years | crt.sh |
client-analytics.braintreegateway.com DigiCert Global CA G2 |
2018-06-18 - 2020-06-17 |
2 years | crt.sh |
checkout.paypal.com DigiCert SHA2 Extended Validation Server CA |
2019-07-31 - 2021-09-29 |
2 years | crt.sh |
This page contains 5 frames:
Primary Page:
https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&%3bms=emft&%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&%3bceid=197022
Frame ID: C7E363EB8021785293BC33FF4CFDC6B7
Requests: 65 HTTP requests in this frame
Frame:
https://platform.twitter.com/widgets/widget_iframe.7aeb03ce9f308997020e5998720fbbf7.html?origin=https%3A%2F%2Fsecure.everyaction.com
Frame ID: FF44FCCAF587595A0E5EF9693C075DCD
Requests: 1 HTTP requests in this frame
Frame:
https://js.verygoodvault.com/vgs-collect/1/lib/index.html?autoComplete=cc-number&env=bGl2ZQ%3D%3D&fieldId=randomId2909477950490809215&formId=randomId2903692211761570394&name=Account&placeholder=%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2&tnt=dG50dzFwem5sYW0%3D&type=card-number&validations=validCardNumber&validations=required
Frame ID: 0FC13D7695877FA3A6E7139D8A1CF30A
Requests: 1 HTTP requests in this frame
Frame:
https://js.verygoodvault.com/vgs-collect/1/lib/index.html?autoComplete=cc-exp&env=bGl2ZQ%3D%3D&fieldId=randomId2906278151199243664&formId=randomId2903692211761570394&name=ExpirationDate&placeholder=MM%20%2F%20YY&serializers=W3sibmFtZSI6InNlcGFyYXRlIiwib3B0aW9ucyI6eyJtb250aE5hbWUiOiJFeHBpcmF0aW9uTW9udGgiLCJ5ZWFyTmFtZSI6IkV4cGlyYXRpb25ZZWFyIn19XQ%3D%3D&tnt=dG50dzFwem5sYW0%3D&type=card-expiration-date&validations=validCardExpirationDate&validations=required
Frame ID: 8C32A3058748D2555DD7E72410911433
Requests: 1 HTTP requests in this frame
Frame:
https://checkout.paypal.com/web/3.44.2/html/dispatch-frame.min.html
Frame ID: 143094F254C4BB6FBF390250F1FC5719
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://click.everyaction.com/k/15558899/164298652/352585387?sourceid=1000437&ms=emft&contactdata=...
HTTP 302
https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&%3bms=emft&%3bcontactdata=Ilc... Page URL
Detected technologies
Facebook (Widgets) ExpandDetected patterns
- script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Twitter (Widgets) Expand
Detected patterns
- script /\/\/platform\.twitter\.com\/widgets\.js/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
12 Outgoing links
These are links going to different origins than the main page.
Title: ?
Search URL Search Domain Scan URL
Title: more info
Search URL Search Domain Scan URL
Title: Click here to give if you live outside the US or are having problems donating.
Search URL Search Domain Scan URL
Title: Sign up with your email address
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: terms of service
Search URL Search Domain Scan URL
Title: privacy policy.
Search URL Search Domain Scan URL
Title: Log in with your email address
Search URL Search Domain Scan URL
Title: Read about our Donor Privacy Policy and Core Principles.
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Terms of Use
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://click.everyaction.com/k/15558899/164298652/352585387?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO/PH5vMut7N7anWHOi8tBriJynZfJAgCi/GpRZ8AWyERwThAZX/sAnkyyk/yEieW4yHQPyOBcVj3pww==&nvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ==&hmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0=&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
HTTP 302
https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&%3bms=emft&%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&%3bceid=197022 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 39- https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1608355203&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsecure.everyaction.com%2Ft6ef7KnOvkW67sqaq4-H1g2%3Fsourceid%3D1000437%26amp%253bms%3Demft%26amp%253bcontactdata%3DIlckwnR9Kqh3WXQ9ucCqMh9N1DL0q%2B8%2Bvvl%2BM3SUJk5z1vc9xyArYnV3%2Bdre9TlzMvi5RJmO%252fPH5vMut7N7anWHOi8tBriJynZfJAgCi%252fGpRZ8AWyERwThAZX%252fsAnkyyk%252fyEieW4yHQPyOBcVj3pww%253d%253d%26amp%253bnvep%3Dew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%253d%253d%26amp%253bhmac%3D9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%253d%26amp%253bemci%3D9ca44310-095b-ea11-a94c-00155d039e74%26amp%253bemdi%3D5eef219a-0a5b-ea11-a94c-00155d039e74%26amp%253bceid%3D197022&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=ContributionForm&ea=Form%20Load&el=Accelerator&ev=18&_u=aGHAAEAB~&jid=1482386519&gjid=868234540&cid=1915080780.1583001988&tid=UA-28243511-20&_gid=1816134648.1583001988&_r=1>m=2wg2j05L2FSL&cd2=ngpvan%3A%2F%2Fvan%2FJVP%2FJVP%2F1%2F61881&cd4=1000437&cd5=%5BC3%5DMembership%20Donate%20Page&cd6=t6ef7KnOvkW67sqaq4-H1g2&z=697193861 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-28243511-20&cid=1915080780.1583001988&jid=1482386519&_gid=1816134648.1583001988&gjid=868234540&_v=j81&z=697193861
67 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
t6ef7KnOvkW67sqaq4-H1g2
secure.everyaction.com/ Redirect Chain
|
17 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.2.1.min.js
code.jquery.com/ |
85 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
EA_Callbacks_Embed_Donate.js
nvlupin.blob.core.windows.net/images/van/JVP/JVP/1/61881/images/themes/ |
23 KB 24 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
script-error
secure.everyaction.com/js/ |
228 B 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
full-width-elena-holding-hands.jpg
nvlupin.blob.core.windows.net/images/van/JVP/JVP/1/61881/images/ |
149 KB 150 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jvp-logo_full.svg
nvlupin.blob.core.windows.net/images/van/JVP/JVP/1/61881/images/ |
5 KB 6 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
AC2nt8erbFu3svSWxmyTZr1b.js
js.verygoodvault.com/vgs-collect/1/ |
76 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
at.js
d3rse9xjbp8270.cloudfront.net/ |
805 KB 228 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
base-js.gif
secure.everyaction.com/Content/images/ |
35 B 324 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
_Incapsula_Resource
secure.everyaction.com/ |
124 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ai.0.js
az416426.vo.msecnd.net/scripts/a/ |
94 KB 22 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
85 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/en_US/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
widgets.js
platform.twitter.com/ |
96 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/en_US/ |
389 KB 113 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
44 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 106 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
stats.g.doubleclick.net/r/ |
35 B 113 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
with-js.gif
secure.everyaction.com/Content/images/ |
35 B 324 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
widget_iframe.7aeb03ce9f308997020e5998720fbbf7.html
platform.twitter.com/widgets/ Frame FF44 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
_Incapsula_Resource
secure.everyaction.com/ |
1 B 123 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
identity
profile.ngpvan.com/ |
72 B 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
74 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
at.min.css
d3rse9xjbp8270.cloudfront.net/ |
111 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
extra.min.css
d3rse9xjbp8270.cloudfront.net/ |
92 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
t6ef7KnOvkW67sqaq4-H1g2
secure.everyaction.com/v1/Forms/ |
21 KB 8 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sweetspot.js
d1aqhv4sn5kxtx.cloudfront.net/actiontag/ |
8 KB 9 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nvtag
profile.ngpvan.com/v2/data/wtUWuKO00l1q806kRMS39K0t/ |
2 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
identity
fastaction.ngpvan.com/api/v1/ |
186 B 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
73 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
glyphicons-regular.woff2
d3rse9xjbp8270.cloudfront.net/assets/fonts/ |
94 KB 95 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gtmtools.js
d1aqhv4sn5kxtx.cloudfront.net/actiontag/ |
4 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
intl-tel.input.utils.js
d3rse9xjbp8270.cloudfront.net/assets/js/ |
229 KB 52 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
784 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flags.png
d3rse9xjbp8270.cloudfront.net/assets/images/ |
20 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cc.png
d3rse9xjbp8270.cloudfront.net/assets/images/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
t6ef7KnOvkW67sqaq4-H1g2
secure.everyaction.com/PayPalClientToken/ |
2 KB 3 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
paypal-logo.png
d3rse9xjbp8270.cloudfront.net/assets/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Digital-Logo-Horizontal.png
nvlupin.blob.core.windows.net/images/van/JVP/JVP/1/61881/images/Logos/ |
23 KB 24 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/r/ |
35 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
stats.g.doubleclick.net/r/ Redirect Chain
|
35 B 113 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 100 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
stats.g.doubleclick.net/r/ |
35 B 113 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 100 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
t6ef7KnOvkW67sqaq4-H1g2
secure.everyaction.com/v1/Track/ |
0 611 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
paypal-logo.png
d1aqhv4sn5kxtx.cloudfront.net/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fast-action.svg
d3rse9xjbp8270.cloudfront.net/assets/images/ |
9 KB 9 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 100 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 100 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 100 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 100 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wtUWuKO00l1q806kRMS39K0t
secure.everyaction.com/Databag/Profile/ |
0 725 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wtUWuKO00l1q806kRMS39K0t
secure.ngpvan.com/Databag/Profile/ |
0 1 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.html
js.verygoodvault.com/vgs-collect/1/lib/ Frame 0FC1 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.html
js.verygoodvault.com/vgs-collect/1/lib/ Frame 8C32 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 106 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
graphql
payments.braintree-api.com/ |
0 401 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
track
dc.services.visualstudio.com/v2/ |
0 311 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
graphql
payments.braintree-api.com/ |
1 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
yxvcxx5ksxm985d2
client-analytics.braintreegateway.com/ |
0 340 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
yxvcxx5ksxm985d2
client-analytics.braintreegateway.com/ |
0 340 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dispatch-frame.min.html
checkout.paypal.com/web/3.44.2/html/ Frame 1430 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
yxvcxx5ksxm985d2
client-analytics.braintreegateway.com/ |
0 340 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
track
dc.services.visualstudio.com/v2/ |
98 B 521 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
yxvcxx5ksxm985d2
client-analytics.braintreegateway.com/ |
0 328 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
yxvcxx5ksxm985d2
client-analytics.braintreegateway.com/ |
0 340 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
yxvcxx5ksxm985d2
client-analytics.braintreegateway.com/ |
0 328 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
yxvcxx5ksxm985d2
client-analytics.braintreegateway.com/ |
0 328 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
yxvcxx5ksxm985d2
client-analytics.braintreegateway.com/ |
0 328 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
105 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| $ function| jQuery string| loc boolean| contribForm boolean| optback number| elem boolean| split object| mntAmts object| URLamts object| URLndx number| ttlAmts boolean| mntPre number| x boolean| interests boolean| giftmem string| URLms number| scid function| rearrangeFields object| nvtag_callbacks string| memChx function| myPostRender function| myAlterFill boolean| copied boolean| upsold boolean| lbclosed boolean| popped undefined| upAmt function| myPostFill string| memStat boolean| recurring number| userAmt function| myAlterErrors string| eml string| fn string| newStat string| newExp boolean| gdone string| recipName boolean| fn_check boolean| ln_check object| appInsights function| handleScriptLoadError object| dataLayer function| fbAsyncInit object| twttr object| FB object| google_tag_manager string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData number| _rollbarStartTime function| rollbar boolean| _rollbarDidLoad object| VgForm object| SecureForm object| VGSCollect function| _ object| CSSModal object| intlTelInputGlobals function| intlTelInput object| nvtag object| __twttrll object| __twttr object| AI object| Microsoft function| __extends function| _endsWith object| Backbone function| _jqjsp object| atLayer object| _gaq object| user object| nvtag_plugins function| cardFromNumber function| cardFromType function| luhnCheck function| hasTextSelected function| safeVal function| replaceFullWidthChars function| reFormatNumeric function| reFormatCardNumber function| formatCardNumber function| formatBackCardNumber function| reFormatExpiry function| formatExpiry function| formatForwardExpiry function| formatForwardSlashAndSpace function| formatBackExpiry function| reFormatCVC function| restrictNumeric function| restrictCardNumber function| restrictExpiry function| restrictCVC function| setCardType function| transactionFilter function| oldPush boolean| sweetSpotEnabled object| formview object| param object| intlTelInputUtils20 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.everyaction.com/ | Name: ProfileDatabagId Value: wtUWuKO00l1q806kRMS39K0t |
|
.everyaction.com/ | Name: _dc_gtm_UA-28243511-20 Value: 1 |
|
.everyaction.com/ | Name: _gat_UA-28243511-20 Value: 1 |
|
.everyaction.com/ | Name: _gid Value: GA1.2.1816134648.1583001988 |
|
.everyaction.com/ | Name: _gat_UA-28243511-22 Value: 1 |
|
secure.everyaction.com/ | Name: ai_session Value: lljwz|1583001988632.815|1583001988632.815 |
|
secure.everyaction.com/ | Name: ai_user Value: I2ry0|2020-02-29T18:46:28.355Z |
|
.secure.everyaction.com/ | Name: _dc_gtm_UA-62682497-4 Value: 1 |
|
.everyaction.com/ | Name: incap_ses_766_1392949 Value: Ete0R7kMrVl2kR4i/2GhCoKxWl4AAAAAJf4ftmaj/XwoKshp69pcaw== |
|
.secure.everyaction.com/ | Name: _gid Value: GA1.3.1816134648.1583001988 |
|
secure.everyaction.com/ | Name: Value: |
|
.secure.everyaction.com/ | Name: x-ms-routing-name Value: self |
|
.everyaction.com/ | Name: visid_incap_823975 Value: eojVLRziSOSaUYhDBnT/MYKxWl4AAAAAQUIPAAAAAAA3Mh2n9yMfuXLMv0NGhKeD |
|
.secure.everyaction.com/ | Name: TiPMix Value: 59.2981129229526 |
|
.everyaction.com/ | Name: incap_ses_766_823975 Value: Ug2nQAwbgBGnkR4i/2GhCoKxWl4AAAAAE1rSHfAJHDEPRArgPTx6dw== |
|
.everyaction.com/ | Name: nlbi_1392949 Value: d+ImLUA21RPkxKymuiPdvwAAAABJN4oJkbAqPtjmn7XAcsBQ |
|
.secure.everyaction.com/ | Name: _ga Value: GA1.3.1915080780.1583001988 |
|
.everyaction.com/ | Name: _ga Value: GA1.2.1915080780.1583001988 |
|
.everyaction.com/ | Name: visid_incap_1392949 Value: 0EfXndETSiSQUHN61E30w4KxWl4AAAAAQUIPAAAAAABLZHomWwME7hoJw0xdTk9p |
|
.everyaction.com/ | Name: nlbi_823975 Value: vsuCfThb8zrSRa4GOu0ZEgAAAACO3HW342snejybUbvCe7hZ |
26 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src * 'unsafe-eval' 'unsafe-inline' data: blob: |
Strict-Transport-Security | max-age=31536000 |
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
az416426.vo.msecnd.net
checkout.paypal.com
click.everyaction.com
client-analytics.braintreegateway.com
code.jquery.com
connect.facebook.net
d1aqhv4sn5kxtx.cloudfront.net
d3rse9xjbp8270.cloudfront.net
dc.services.visualstudio.com
fastaction.ngpvan.com
js.verygoodvault.com
nvlupin.blob.core.windows.net
payments.braintree-api.com
platform.twitter.com
profile.ngpvan.com
secure.everyaction.com
secure.ngpvan.com
stats.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
13.224.194.11
143.204.101.72
143.204.98.175
152.199.19.160
2001:4de0:ac19::1:b:3a
2600:9000:20eb:3a00:12:303c:8700:21
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:81a::200e
2a00:1450:4001:81c::2008
2a00:1450:400c:c00::9d
2a03:2880:f02d:12:face:b00c:0:3
3.137.39.162
45.60.33.183
51.140.6.23
52.239.157.138
88.221.63.221
02d1bfc3fb8b4eff4d80613794e94142267895398d35dbca72e8ca7ddb62ab54
0e536a139bbeaa0fb9d847a1a53a4704dc91fa6cb7faf4524984993d7dad9eca
178472c41d58ab292d43b56d6ca6c8d014522b947af4e0252a012a333fa06e0a
1e14deb2749e1521aac0ebcb8f99739494f4918fc07649ac6f51a2985085d756
1e52d749ca33a4900f7618270d0832249e4f892c31ee1f3051d93d3533617a17
3c88defaf4bcd1430396d74e3cdc4d4a366b775b709e948d351ee61da249cdc3
41016289e5a7829fb7eaf56232ae725d65264bfbfda98bb094effb883c671bf8
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
47eaed42f703bb0f06ba33a785d63b4fcb7e88eac47cc217a70dc2c7ccefea72
4bfc0ee0755966465d8c3c47bc1c72680e0955320aeca408a279c78e836d5ca2
51fa3b98f0d6164e770706af798f652d08622376f78bb682332cbef7f4244cec
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
58dd92b26521eecae86002911ed654348aa10eb962dc3854582caa5643e792ef
62c8512b27ff9cbb23f96fd433e159b270bf3a75571a76b8428a4effc21effe0
68ecf5b9378d0039f59383754118ff3836aa300e83122d7db90209342e09048b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8c57eeba2aae51f847e739a3eb70428490dec74fea781b653cb8b5e345cc7b3a
8deef07a5609f678e89f2354c5617c22165f03ead7e0bd3428b8e800b5667f6e
8e56bfbe35470230925fd927d16342b3f18d1bc0751b1405c2c26999440426b0
9256cf3a8810fee8eebf019c2e818fdc4b0b17a3f0bd886561938616c9123da4
9d3027bdc2a09d45d2398cc69aaecccb13cae262460a5d502e6ea289f421f1db
ab8122460b24a6f0076ca9d12295ca427d186a4071abe3671b40480a187f9c2f
adf6b1919f467d8f58e8b886461a1ff02fef71d3249a97dad499874f101ee739
b0c43063e9e97811ce1c929675bd32811eb674f0e154e3d816ac24da71800c41
b60497a77afdcb315e270ec5f6fe3d53797c486032fc6752523aa8c65be7b985
d2219782bf808672e486c65601b5bd41e52041c592ba9bfde1030a820f257baf
d32edd2deab9a90a989acdfb16d6fcf57bbe15acb7716c3d851e10f1fcfc1163
d972cb3eb8727e4f2ea30aed262d195a0e504e8d63359e268139931f0c64d253
dd16b17e257a3a57a00efd5f2d1dc5ac0de934728ec3d44981eab67aa95bc591
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b0cb17862dc210b7118bc21e60db77fae45fe6ebce128b0427bca031fd3010
e46cbb8f63b007fb660300b70d94f706b7467ab2699640ddef774f4b35d44e62
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
f22c6ae24b608e03249eb0be489e3a53d748b3190582772405ffb93ed12a70b8
f6f7a8acc64a0c3bd7b7536000c96f8cfaec36a676f27d08847e97f33348b538
fb90c26ada2b084026ba27cddc8182f381ec667afbd5b5ff98f27c38c05142ab
fe62bab84590322ae4bfcde20dfb50a72c1b68b330c2a7f1b0aefb65999f16bc