www.ducks.org
Open in
urlscan Pro
104.214.108.93
Public Scan
Effective URL: https://www.ducks.org/support/donateOnlineSecureN2-BDC.aspx?promokey=BlackoutDuckCall&ID=9574&poe=9-20ENews
Submission: On September 09 via manual from US
Summary
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on October 24th 2018. Valid for: 2 years.
This is the only time www.ducks.org was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN174 (COGENT-174, US)
PTR: portal.cisend.com
portal.criticalimpact.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.ducks.org |
ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-12.deploy.static.akamaitechnologies.com
eae3e26d6cce6d2421f2-d0bf394c81120104918c3f1bbeb3098c.ssl.cf1.rackcdn.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16625 (AKAMAI-AS, US)
PTR: a23-37-57-124.deploy.static.akamaitechnologies.com
c3321060.ssl.cf0.rackcdn.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
duckscdn.blob.core.windows.net |
ASN15169 (GOOGLE, US)
PTR: fra16s20-in-f2.1e100.net
www.googleadservices.com |
ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f6.1e100.net
10231870.fls.doubleclick.net | |
5083104.fls.doubleclick.net |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN16625 (AKAMAI-AS, US)
PTR: a23-210-248-216.deploy.static.akamaitechnologies.com
s.adroll.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-28-111.eu-west-1.compute.amazonaws.com
d.adroll.mgr.consensu.org | |
d.adroll.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-30-61.compute-1.amazonaws.com
nextroll.com |
Domain | Requested by | |
---|---|---|
14 | www.ducks.org |
www.ducks.org
|
5 | s.adroll.com |
1 redirects
www.ducks.org
s.adroll.com |
5 | duckscdn.blob.core.windows.net |
www.ducks.org
|
5 | c3321060.ssl.cf0.rackcdn.com |
www.ducks.org
|
3 | fonts.gstatic.com |
fonts.googleapis.com
|
3 | www.google.de |
www.ducks.org
|
3 | www.google.com |
1 redirects
www.ducks.org
|
2 | 5083104.fls.doubleclick.net |
1 redirects
www.googletagmanager.com
|
2 | www.facebook.com |
www.ducks.org
|
2 | px.ads.linkedin.com |
1 redirects
www.ducks.org
|
2 | googleads.g.doubleclick.net |
www.googleadservices.com
|
2 | snap.licdn.com |
www.ducks.org
snap.licdn.com |
2 | connect.facebook.net |
www.ducks.org
connect.facebook.net |
2 | 10231870.fls.doubleclick.net |
1 redirects
www.googletagmanager.com
|
2 | stats.g.doubleclick.net |
1 redirects
www.ducks.org
|
2 | my.hellobar.com |
www.ducks.org
my.hellobar.com |
1 | nextroll.com | |
1 | d.adroll.com | |
1 | d.adroll.mgr.consensu.org | 1 redirects |
1 | ssl.mousestats.com |
www.ducks.org
|
1 | www.linkedin.com | 1 redirects |
1 | www.googleadservices.com |
www.googletagmanager.com
|
1 | fonts.googleapis.com |
www.ducks.org
|
1 | www.googletagmanager.com |
www.ducks.org
|
1 | cdnjs.cloudflare.com |
www.ducks.org
|
1 | eae3e26d6cce6d2421f2-d0bf394c81120104918c3f1bbeb3098c.ssl.cf1.rackcdn.com |
www.ducks.org
|
1 | ajax.googleapis.com |
www.ducks.org
|
1 | portal.criticalimpact.com | 1 redirects |
59 | 28 |
This site contains links to these domains. Also see Links.
Domain |
---|
duckscdn.blob.core.windows.net |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.ducks.org DigiCert SHA2 Secure Server CA |
2018-10-24 - 2020-12-09 |
2 years | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-08-19 - 2020-11-11 |
3 months | crt.sh |
*.ssl.cf1.rackcdn.com DigiCert SHA2 Secure Server CA |
2020-04-19 - 2021-07-19 |
a year | crt.sh |
*.hellobar.com DigiCert SHA2 Secure Server CA |
2017-10-26 - 2020-12-07 |
3 years | crt.sh |
cdnjs.cloudflare.com DigiCert ECC Secure Server CA |
2020-08-12 - 2022-08-17 |
2 years | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-08-19 - 2020-11-11 |
3 months | crt.sh |
*.ssl.cf0.rackcdn.com DigiCert SHA2 Secure Server CA |
2020-02-06 - 2021-05-07 |
a year | crt.sh |
*.blob.core.windows.net Microsoft IT TLS CA 5 |
2020-07-18 - 2022-07-18 |
2 years | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2020-08-19 - 2020-11-11 |
3 months | crt.sh |
www.google.de GTS CA 1O1 |
2020-08-19 - 2020-11-11 |
3 months | crt.sh |
*.doubleclick.net GTS CA 1O1 |
2020-08-19 - 2020-11-11 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-07-21 - 2020-10-12 |
3 months | crt.sh |
*.licdn.com DigiCert SHA2 Secure Server CA |
2019-04-01 - 2021-05-07 |
2 years | crt.sh |
px.ads.linkedin.com DigiCert SHA2 Secure Server CA |
2020-08-05 - 2021-02-05 |
6 months | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-08-19 - 2020-11-11 |
3 months | crt.sh |
*.google.com GTS CA 1O1 |
2020-08-19 - 2020-11-11 |
3 months | crt.sh |
*.google.de GTS CA 1O1 |
2020-08-19 - 2020-11-11 |
3 months | crt.sh |
*.adroll.com DigiCert SHA2 Secure Server CA |
2020-01-29 - 2021-04-29 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-07-24 - 2021-07-24 |
a year | crt.sh |
adroll.mgr.consensu.org Amazon |
2019-11-06 - 2020-12-06 |
a year | crt.sh |
nextroll.com Let's Encrypt Authority X3 |
2020-09-02 - 2020-12-01 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://www.ducks.org/support/donateOnlineSecureN2-BDC.aspx?promokey=BlackoutDuckCall&ID=9574&poe=9-20ENews
Frame ID: 1717F16434C825E8DC8E28631F3B7CAE
Requests: 57 HTTP requests in this frame
Frame:
https://10231870.fls.doubleclick.net/activityi;dc_pre=CJ_Vrsqu2-sCFcTiuwgdlbwCag;src=10231870;type=pagev0;cat=allpa0;ord=1;num=3258227595347;gtm=2wg8q1;auiddc=877840814.1599630124;~oref=https%3A%2F%2Fwww.ducks.org%2Fsupport%2FdonateOnlineSecureN2-BDC.aspx%3Fpromokey%3DBlackoutDuckCall%26ID%3D9574%26poe%3D9-20ENews
Frame ID: 673D8ADE54CF5FFE1901E0E3A6956700
Requests: 1 HTTP requests in this frame
Frame:
https://5083104.fls.doubleclick.net/activityi;dc_pre=COyS48qu2-sCFY7nuwgdm8IFLA;src=5083104;type=gener0;cat=gener0;ord=3662502718972;gtm=2wg8q1;auiddc=877840814.1599630124;~oref=https%3A%2F%2Fwww.ducks.org%2Fsupport%2FdonateOnlineSecureN2-BDC.aspx%3Fpromokey%3DBlackoutDuckCall%26ID%3D9574%26poe%3D9-20ENews
Frame ID: B83A88B4A0FBBA9904C73F53B7006979
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://portal.criticalimpact.com/go/1/ce7bd55de6db241aa6473c7b9fa19141/25997/300770c60462b25f/3275aad60812945...
HTTP 302
https://www.ducks.org/support/donateOnlineSecureN2-BDC.aspx?promokey=BlackoutDuckCall&ID=9574&poe=... Page URL
Detected technologies
Windows Server (Operating Systems) ExpandDetected patterns
- headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
IIS (Web Servers) Expand
Detected patterns
- headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: DU Blackout Acrylic Duck Call
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://portal.criticalimpact.com/go/1/ce7bd55de6db241aa6473c7b9fa19141/25997/300770c60462b25f/3275aad60812945aa6473c7b9fa19141/25997
HTTP 302
https://www.ducks.org/support/donateOnlineSecureN2-BDC.aspx?promokey=BlackoutDuckCall&ID=9574&poe=9-20ENews Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 28- https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=634853098&utmhn=www.ducks.org&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=DU%20Blackout%20Duck%20Call&utmhid=395616468&utmr=-&utmp=%2Fsupport%2FdonateOnlineSecureN2-BDC.aspx%3Fpromokey%3DBlackoutDuckCall%26ID%3D9574%26poe%3D9-20ENews&utmht=1599630123673&utmac=UA-171220-3&utmcc=__utma%3D263391129.804141507.1599630124.1599630124.1599630124.1%3B%2B__utmz%3D263391129.1599630124.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1185851616&utmredir=3&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-171220-3&cid=804141507.1599630124&jid=1185851616&_v=5.7.2dc&z=634853098 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-171220-3&cid=804141507.1599630124&jid=1185851616&_v=5.7.2dc&z=634853098&slf_rd=1&random=4236444806
- https://10231870.fls.doubleclick.net/activityi;src=10231870;type=pagev0;cat=allpa0;ord=1;num=3258227595347;gtm=2wg8q1;auiddc=877840814.1599630124;~oref=https%3A%2F%2Fwww.ducks.org%2Fsupport%2FdonateOnlineSecureN2-BDC.aspx%3Fpromokey%3DBlackoutDuckCall%26ID%3D9574%26poe%3D9-20ENews HTTP 302
- https://10231870.fls.doubleclick.net/activityi;dc_pre=CJ_Vrsqu2-sCFcTiuwgdlbwCag;src=10231870;type=pagev0;cat=allpa0;ord=1;num=3258227595347;gtm=2wg8q1;auiddc=877840814.1599630124;~oref=https%3A%2F%2Fwww.ducks.org%2Fsupport%2FdonateOnlineSecureN2-BDC.aspx%3Fpromokey%3DBlackoutDuckCall%26ID%3D9574%26poe%3D9-20ENews
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=432634&url=https%3A%2F%2Fwww.ducks.org%2Fsupport%2FdonateOnlineSecureN2-BDC.aspx%3Fpromokey%3DBlackoutDuckCall%26ID%3D9574%26poe%3D9-20ENews&time=1599630123729 HTTP 302
- https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D432634%26url%3Dhttps%253A%252F%252Fwww.ducks.org%252Fsupport%252FdonateOnlineSecureN2-BDC.aspx%253Fpromokey%253DBlackoutDuckCall%2526ID%253D9574%2526poe%253D9-20ENews%26time%3D1599630123729%26liSync%3Dtrue HTTP 302
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=432634&url=https%3A%2F%2Fwww.ducks.org%2Fsupport%2FdonateOnlineSecureN2-BDC.aspx%3Fpromokey%3DBlackoutDuckCall%26ID%3D9574%26poe%3D9-20ENews&time=1599630123729&liSync=true
- https://5083104.fls.doubleclick.net/activityi;src=5083104;type=gener0;cat=gener0;ord=3662502718972;gtm=2wg8q1;auiddc=877840814.1599630124;~oref=https%3A%2F%2Fwww.ducks.org%2Fsupport%2FdonateOnlineSecureN2-BDC.aspx%3Fpromokey%3DBlackoutDuckCall%26ID%3D9574%26poe%3D9-20ENews HTTP 302
- https://5083104.fls.doubleclick.net/activityi;dc_pre=COyS48qu2-sCFY7nuwgdm8IFLA;src=5083104;type=gener0;cat=gener0;ord=3662502718972;gtm=2wg8q1;auiddc=877840814.1599630124;~oref=https%3A%2F%2Fwww.ducks.org%2Fsupport%2FdonateOnlineSecureN2-BDC.aspx%3Fpromokey%3DBlackoutDuckCall%26ID%3D9574%26poe%3D9-20ENews
- https://s.adroll.com/j/exp/Q436PDLHZJCSPKEHSGJZ52/index.js HTTP 302
- https://s.adroll.com/j/exp/index.js
- https://d.adroll.mgr.consensu.org/consent/iabcheck/Q436PDLHZJCSPKEHSGJZ52?_s=3bb4265913686db38f56c3b71001f396&_b=2 HTTP 302
- https://d.adroll.com/consent/check/Q436PDLHZJCSPKEHSGJZ52/?_s=3bb4265913686db38f56c3b71001f396&_b=2
59 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
donateOnlineSecureN2-BDC.aspx
www.ducks.org/support/ Redirect Chain
|
70 KB 33 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ |
84 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
swiper.min.js
www.ducks.org/support/resources/js/ |
107 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-color.js
eae3e26d6cce6d2421f2-d0bf394c81120104918c3f1bbeb3098c.ssl.cf1.rackcdn.com/fundraising-legacy/ |
19 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6b3a1a5d169fdb4d107f86a6269a5d3cebceb605.js
my.hellobar.com/ |
52 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.range.css
www.ducks.org/support/resources/css/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.css
www.ducks.org/Portals/_default/Skins/Ducks.org/css/ |
118 KB 27 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
skin.css
www.ducks.org/Portals/_default/Skins/Ducks.org/ |
72 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
swiper.min.css
www.ducks.org/support/resources/css/ |
17 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fundraising.css
www.ducks.org/support/resources/css/ |
23 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
poc-n2-2019.css
www.ducks.org/support/resources/css/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.js
www.ducks.org/support/resources/js/ |
36 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
classie.js
www.ducks.org/support/resources/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
skin.js
www.ducks.org/support/resources/js/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Chart.bundle.min.js
cdnjs.cloudflare.com/ajax/libs/Chart.js/2.5.0/ |
197 KB 50 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fundraising.js
www.ducks.org/support/resources/js/ |
69 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.range-min.js
www.ducks.org/support/resources/js/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
date.js
www.ducks.org/support/resources/js/ |
38 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
88 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
large_2020813122423242.jpg
c3321060.ssl.cf0.rackcdn.com/fundraising/media/images/ |
17 KB 17 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
large_2020813122627905.jpg
c3321060.ssl.cf0.rackcdn.com/fundraising/media/images/ |
13 KB 14 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
large_2020813122654174.jpg
c3321060.ssl.cf0.rackcdn.com/fundraising/media/images/ |
17 KB 18 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
large_20208171228839.jpg
c3321060.ssl.cf0.rackcdn.com/fundraising/media/images/ |
40 KB 41 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ccTypes.png
c3321060.ssl.cf0.rackcdn.com/fundraising/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bdc-rhs.png
duckscdn.blob.core.windows.net/imagescontainer/landing-pages/fundraising/poc-n2-2020/ |
66 KB 66 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bdc-rhs-more.png
duckscdn.blob.core.windows.net/imagescontainer/landing-pages/fundraising/poc-n2-2020/ |
35 KB 36 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
6 KB 882 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dc.js
stats.g.doubleclick.net/ |
45 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bdc-bg.jpg
duckscdn.blob.core.windows.net/imagescontainer/landing-pages/fundraising/poc-n2-2020/ |
63 KB 63 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 106 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
29 KB 11 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
activityi;dc_pre=CJ_Vrsqu2-sCFcTiuwgdlbwCag;src=10231870;type=pagev0;cat=allpa0;ord=1;num=3258227595347;gtm=2wg8q1;auiddc=877840814.1599630124;~oref=https%3A%2F%2Fwww.ducks.org%2Fsupport%2FdonateOn...
10231870.fls.doubleclick.net/ Frame 673D Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
135 KB 34 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
insight.min.js
snap.licdn.com/li.lms-analytics/ |
964 B 759 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1431799027060769
connect.facebook.net/signals/config/ |
524 KB 132 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
insight.old.min.js
snap.licdn.com/li.lms-analytics/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/976631994/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1040837785/ |
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
px.ads.linkedin.com/ Redirect Chain
|
0 63 B |
Image
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-green-on-white.jpg
duckscdn.blob.core.windows.net/imagescontainer/landing-pages/fundraising/poc-n2-2019/ |
47 KB 48 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lock.png
duckscdn.blob.core.windows.net/imagescontainer/landing-pages/fundraising/poc-n2-2019/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
u-4-0qaujRI2Pbsn2NhnsS5mew.woff2
fonts.gstatic.com/s/halant/v8/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
/
www.google.com/pagead/1p-user-list/976631994/ |
42 B 88 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
/
www.google.de/pagead/1p-user-list/976631994/ |
42 B 65 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
/
www.google.com/pagead/1p-user-list/1040837785/ |
42 B 65 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
/
www.google.de/pagead/1p-user-list/1040837785/ |
42 B 88 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 258 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modules-v60.js
my.hellobar.com/ |
141 KB 39 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
roundtrip.js
s.adroll.com/j/ |
38 KB 12 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5160370059471224765.js
ssl.mousestats.com/js/5/1/ |
23 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
activityi;dc_pre=COyS48qu2-sCFY7nuwgdm8IFLA;src=5083104;type=gener0;cat=gener0;ord=3662502718972;gtm=2wg8q1;auiddc=877840814.1599630124;~oref=https%3A%2F%2Fwww.ducks.org%2Fsupport%2FdonateOnlineSec...
5083104.fls.doubleclick.net/ Frame B83A Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.js
s.adroll.com/j/exp/ Redirect Chain
|
28 B 747 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.js
s.adroll.com/j/pre/Q436PDLHZJCSPKEHSGJZ52/GILUZAHEEFAFPJFNHN3ZBH/ |
1 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
d.adroll.com/consent/check/Q436PDLHZJCSPKEHSGJZ52/ Redirect Chain
|
385 B 477 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
consent_tcfv2.js
s.adroll.com/j/ |
388 KB 53 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon-32x32.png
nextroll.com/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 146 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
168 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| trustedTypes object| dataLayer function| $ function| jQuery function| Swiper object| mediaItemsClientArray number| totalPossibleSizeSelections string| totalQuantitySelected string| selectedSizes boolean| isAparrel string| allowMultipleSizesClass number| recurringSliderMin number| recurringSliderMax number| recurringSliderStep number| recurringBillDateDayRange string| recurringCurrentDate number| recurringNextBillDayDefaultDay boolean| isPoc string| defaultWebApi string| currentDonateID string| minDon object| _gaq object| theForm function| __doPostBack object| classie number| vpw number| vph string| bp boolean| isInEdit function| Init function| IsInEditMode function| AnimateHeader function| SetMobileMenuHeight function| CreateRibbons function| GetBreakpoint function| Color function| Chart boolean| isDuEfficienctChartActivated undefined| friendlyBillDate object| longMonths boolean| isCanada number| socialProofScrollThreshTop boolean| isSocialProofAboveThresh object| dfHomeStr number| quantitySelectedIndex function| UpdateUrlToComplete function| SetPaymentDetailMode boolean| isStarted boolean| isStopped function| DoSocialProof function| DoSocialProofNext function| DoSocialProofDisplay function| getRandomInt function| PopulateSwiper function| initPocMap function| ConfirmationMap function| geocodeAddress function| DisableButton function| UpdateSubmitButtonText function| NumbersOnly function| SwitchGiftAmount function| SetCountryView function| ShowRequired function| SetPremiumOptOutView function| OptOutFreeGift function| OnHonorMemoryClick function| CheckCreditCard function| GetCreditCardType function| AdditionalAmountListener function| AddAdditionalAmount function| RemoveAdditionalAmount function| AddUpsell function| RemoveItem function| HtmlEncode function| HtmlDecode function| GetSizes function| GetUpsellAmount function| SideMediaSwitch number| numberOfImages function| ModalMediaSwitch function| AttachModalPrev function| AttachModalNext function| StopVideo function| AdjustSizeOptions number| currentMediaItemIndex function| InitMediaItemsViewer function| ShowMediaItem function| HideMediaItem function| GetNextMediaItemIndex function| DrawMediaItemsNavGlance function| toggleReadMore function| showModal function| parseSizeSelectionsForDisplay function| ShowEditSizesModal function| ToggleRecurringDaySelection function| SetBillDay function| CalculateNextBillingDate function| UpdateRecurringInfoBlurb function| ToggleRecurringInfoBlurb function| ShowRecurringModal function| CheckRecurringOtherAmount function| RemoveRecurringOtherAmount function| ShowRecurringModalStep function| ToggleAlternateShipping function| ShowShippingAddressInformation function| PopulateConfirmMediaItem function| InitGiftView function| ShowOtherAmount function| PdToggle function| animateDuEfficiencyChart function| ToggleHonorMemory function| showHmsaFormSection function| CountCharacterLength function| openFeedbackModal function| SubmitFeedback function| GetMapStyle function| DonorWall function| RemoveDonor function| GetNewJson object| _gat object| gaGlobal object| google_tag_manager object| google_tag_data function| fbq function| _fbq string| _linkedin_partner_id object| _linkedin_data_partner_ids function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| lintrk boolean| _already_called_lintrk string| adroll_adv_id string| adroll_pix_id object| MouseStats_Commands number| width function| bootstrap object| hellobarSiteSettings object| script function| hellobar boolean| __adroll_loaded string| adroll_sid object| __adroll boolean| adroll_optout object| adroll_ext_network object| adroll_callbacks function| adroll_tpc_callback string| mousestats_project string| mousestats_playbackProject object| mousestats_formAnalyticsProject string| mousestats_microSurveysProject string| mousestats_Site string| mousestats_xadd object| MouseStatsSharedControl object| MouseStatsVisitorPlaybacks object| __adroll_consent boolean| __adroll_consent_is_gdpr object| __adroll_consent_data string| __adroll_consent_user_country string| __adroll_consent_adv_country object| adroll_exp_list function| __cmp object| $jscomp string| BANNER_VERSION string| TCF_VERSION string| IABWRITE_NO_COOKIE object| __adroll_consent_banner boolean| __adroll_consent_prev_lastchild10 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.ducks.org/ | Name: _gcl_au Value: 1.1.877840814.1599630124 |
|
.ducks.org/ | Name: __utmt Value: 1 |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUkx3f2wtLlaRR7VCxNSxw_PeIbQjDcIESLz3xR88wjf1cvttLFcmkKP5qbf |
|
.ducks.org/ | Name: __utmz Value: 263391129.1599630124.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none) |
|
.ducks.org/ | Name: __utmc Value: 263391129 |
|
.ducks.org/ | Name: __utma Value: 263391129.804141507.1599630124.1599630124.1599630124.1 |
|
www.ducks.org/ | Name: ReferringUrl Value: UNKNOWN |
|
.ducks.org/ | Name: _fbp Value: fb.1.1599630123881.1383502410 |
|
.ducks.org/ | Name: __utmb Value: 263391129.1.10.1599630124 |
|
www.ducks.org/ | Name: ASP.NET_SessionId Value: ypm5zszjlbxgogtm2w0tckxh |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
10231870.fls.doubleclick.net
5083104.fls.doubleclick.net
ajax.googleapis.com
c3321060.ssl.cf0.rackcdn.com
cdnjs.cloudflare.com
connect.facebook.net
d.adroll.com
d.adroll.mgr.consensu.org
duckscdn.blob.core.windows.net
eae3e26d6cce6d2421f2-d0bf394c81120104918c3f1bbeb3098c.ssl.cf1.rackcdn.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
my.hellobar.com
nextroll.com
portal.criticalimpact.com
px.ads.linkedin.com
s.adroll.com
snap.licdn.com
ssl.mousestats.com
stats.g.doubleclick.net
www.ducks.org
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
104.214.108.93
13.85.88.16
172.217.16.134
199.167.225.41
216.58.206.2
23.210.248.216
23.210.249.12
23.37.57.124
2600:9000:20e8:b800:0:93e4:a640:93a1
2606:4700:3033::681b:84f9
2606:4700::6811:4f6b
2620:1ec:21::14
2a00:1450:4001:809::200a
2a00:1450:4001:816::2002
2a00:1450:4001:819::2003
2a00:1450:4001:81a::2003
2a00:1450:4001:81a::2004
2a00:1450:4001:81f::200a
2a00:1450:4001:821::2002
2a00:1450:4001:824::2008
2a00:1450:400c:c06::9b
2a02:26f0:10c:483::25ea
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:f500:11:101::b93f:9005
3.233.30.61
3.248.28.111
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
097afea517679d2e0b986d77cb3fe7808026882b52ca074a050e03e7a4a6996b
0c49a890489b75167901340adf3db2204dd3d9af88cc6527f0b7e593a8ddd65e
0f9c77eef5e149e99f64985b7c67d53db1d4f97f62aa3985aa1232ac9344266a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14199bb4d5b09f1bc4cb4bcad0e9b6a329041b01d0117b969f575ef82a38a2fd
25ecf03ec3b77049b11f235e4e60432c838e1ef5ed72bf25b70ac816cfcece53
2b33bc559e5636b42f716e519d3998a33da2d87f578158de5cd83c93041d2cd0
2ea635f3c4ffb4506299ca4adeb465c9a59a27ff6b571e71620bb2c226857f93
360b7c7104f3633ebc82558ee87194889fc4c1d1d18d7c1b337d3819b54114d8
3661bde0404473b362b4ce5ac6ba980422e82714d808be044ebb59f9473c5a09
366e8f4a9ecc3d2568db8582d767159ea0bbba1ae6c614081e4692c05ec875c0
3ef6ff8a92054b101d68757604edc25bf231cc564709a51d720b983ef17d09cb
3f5f1aa65e811a2dd034e30613e65f20a4804e14a8e98c7e27393e1e04bffec9
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
51402974e40b7091594b01afbc8cc5c39caf93874c1d5649be69eb7b245ff1da
51e16db90f9008657977b095468c11bb0b6c5635303bfa1b622b8c7d6730b5ca
54cd8a9f09dd010ca56dda0b12c36aac67aa03d40d8920a01098a002e84f7b58
5a4a5359110a773bd154da94c48ffd6a6233a29dfd5a9314555f5ae6c3e47459
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
6c9459a6400a8cf7ef815379f9316dc26aeec43bcc48da1d1bd58d99a6109f7b
7128340f4f9a3de9a1c9763d288ae489e3a35f04544afa839ee557c50a96f582
7208726b45ea71ca7fe9918b832539eda83d416c73416fe61a44447d3d667709
727060473e40d9ef493781629c2b84e142d46e913a0dc74c00d23a15a01aaef2
72d7795249e304f1ba1e96505806d7408567414719d4cfb3f1a72a97dffff87f
73074930d19640a2f88965311c28cd164a94e210115f8ec0072c61faa9351b43
7c7569024ef38577ce00ba8c23e759d5c26aa07df6b5cb8b65ebfa810ef69485
7cec0fbdf8527b5bd28c2c491871e05bdf74942a983a2a1de0aff5a6fc11c140
8142dca6f4072965c36ee9a356b02ef96954ca083995b26a8f440b2bc556f432
82682917607b08fa8f3c9e7d41860061f5574402649f47913e3bde84b40eed1c
880de7665b1aaa840303313deca3352af257d55aed4584d5e17f0fbffe0fde01
8cea32ba72200abe3237f21e07dd29ebf51e7fb9e5a57f7953a45689de4b484d
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
b1f659d75904fae6afd32155aef4791660e816f16cb4e718b4bc56ea03ae8752
b5840616d8bf9540bbe45a42f6841f92b78c70dabd3b8ee60abb51e79c47d5d6
ba54a8059a9da828adc4dbbeb3fe3f9ef92f10e89049ad6297936c9de133961e
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355
c3ebf376fe7cb7bbb0091e63e85ae1953031e11adb4639f6c4547a0967a80a4c
ca82421bd97a43b629a377b4c01e185a67814df47c5b4697c597e95742bca4d1
cbce85e96b7752208ce15a09ea4d5a58b792edc9e77f1c5ccf46c01935970f9d
ce9c653f2e9d790d0f5befe0dcdab464b58e0b1e0593703dc43d868e5721d616
d4a661cb0efd5f36bfe10e439dd26e3afccf8ff470b28dcec75f1713a7d51b27
ddb0a90ca932749f0c824edeee4db365e3d6b96f7bfa47b5b30e2f22ee2e6236
e3707edca98715fc3fe7ea36b15c506641b4c380e7e6c4d8ebb9e288f1438ff8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5a9f6da3b3c07d28e3a87f88ea1a30f0bb6b0cf4d6bc8f0056630a5dbf266c6
eb86f2640168b112589e84e40aa5425eaeb33d0afeedad6eee4bdce7dd992bda
ec06b9f253be4289dabb1de931009e356885fdcad0902fce011f49b9f7f680c2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
faaf9d1824ab55b7a3777303bb32472ac936797778b05e5760431f3d9b0e9d81