![](/screenshots/d10043c7-e640-419e-a63d-10f81793e2a2.png)
secured.heritage.org
Open in
urlscan Pro
104.20.41.240
Public Scan
Effective URL: https://secured.heritage.org/_2018/join-heritage/?utm_source=Daly&utm_medium=emailprospecting&utm_campaign=2018membershipcard...
Submission: On May 07 via manual from US
Summary
TLS certificate: Issued by Thawte EV RSA CA 2018 on April 12th 2018. Valid for: a year.
This is the only time secured.heritage.org was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 54.71.200.178 54.71.200.178 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
31 | 104.20.41.240 104.20.41.240 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 | 172.227.105.112 172.227.105.112 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
3 | 216.58.206.10 216.58.206.10 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
3 | 209.197.3.15 209.197.3.15 | 20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group) | |
2 | 104.108.42.122 104.108.42.122 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
1 | 172.217.23.162 172.217.23.162 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
3 | 151.101.12.176 151.101.12.176 | 54113 (FASTLY) (FASTLY - Fastly) | |
1 | 172.227.15.150 172.227.15.150 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
2 | 23.21.81.173 23.21.81.173 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
2 | 157.240.20.19 157.240.20.19 | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
3 | 216.58.206.14 216.58.206.14 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
6 | 216.58.206.3 216.58.206.3 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 157.240.20.35 157.240.20.35 | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
1 | 173.194.76.154 173.194.76.154 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 216.58.206.8 216.58.206.8 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 216.58.206.2 216.58.206.2 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 74.125.206.157 74.125.206.157 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 199.15.213.207 199.15.213.207 | 53580 (MARKETO) (MARKETO - MARKETO) | |
1 | 216.58.206.4 216.58.206.4 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 52.2.151.92 52.2.151.92 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
68 | 20 |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-71-200-178.us-west-2.compute.amazonaws.com
paracom.paramountcommunication.com |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
secured.heritage.org |
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a172-227-105-112.deploy.static.akamaitechnologies.com
cdn.optimizely.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s20-in-f10.1e100.net
fonts.googleapis.com |
ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip0x00f.map2.ssl.hwcdn.net
maxcdn.bootstrapcdn.com | |
netdna.bootstrapcdn.com |
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-108-42-122.deploy.static.akamaitechnologies.com
munchkin.marketo.net |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s22-in-f162.1e100.net
www.googleadservices.com |
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a172-227-15-150.deploy.static.akamaitechnologies.com
cdn3.optimizely.com |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-23-21-81-173.compute-1.amazonaws.com
7353093442.log.optimizely.com |
ASN32934 (FACEBOOK - Facebook, Inc., US)
PTR: xx-fbcdn-shv-02-frt3.fbcdn.net
connect.facebook.net |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s20-in-f14.1e100.net
www.google-analytics.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s20-in-f3.1e100.net
fonts.gstatic.com | |
www.google.nl |
ASN32934 (FACEBOOK - Facebook, Inc., US)
PTR: edge-star-mini-shv-02-frt3.facebook.com
www.facebook.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: ws-in-f154.1e100.net
stats.g.doubleclick.net |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s20-in-f8.1e100.net
www.googletagmanager.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s20-in-f2.1e100.net
googleads.g.doubleclick.net |
ASN15169 (GOOGLE - Google LLC, US)
PTR: wk-in-f157.1e100.net
bid.g.doubleclick.net |
ASN53580 (MARKETO - MARKETO, Inc., US)
824-mht-304.mktoresp.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s20-in-f4.1e100.net
www.google.com |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-2-151-92.compute-1.amazonaws.com
errors.client.optimizely.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
31 |
heritage.org
secured.heritage.org |
375 KB |
6 |
optimizely.com
cdn.optimizely.com cdn3.optimizely.com 7353093442.log.optimizely.com errors.client.optimizely.com |
173 KB |
5 |
gstatic.com
fonts.gstatic.com |
130 KB |
3 |
doubleclick.net
stats.g.doubleclick.net googleads.g.doubleclick.net bid.g.doubleclick.net |
1 KB |
3 |
google-analytics.com
www.google-analytics.com |
14 KB |
3 |
stripe.com
js.stripe.com |
21 KB |
3 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com netdna.bootstrapcdn.com |
58 KB |
3 |
googleapis.com
fonts.googleapis.com |
1019 B |
2 |
facebook.com
www.facebook.com |
348 B |
2 |
facebook.net
connect.facebook.net |
27 KB |
2 |
marketo.net
munchkin.marketo.net |
5 KB |
1 |
google.nl
www.google.nl |
107 B |
1 |
google.com
www.google.com |
111 B |
1 |
mktoresp.com
824-mht-304.mktoresp.com |
623 B |
1 |
googletagmanager.com
www.googletagmanager.com |
24 KB |
1 |
googleadservices.com
www.googleadservices.com |
7 KB |
1 |
paramountcommunication.com
1 redirects
paracom.paramountcommunication.com |
620 B |
68 | 17 |
Domain | Requested by | |
---|---|---|
31 | secured.heritage.org |
secured.heritage.org
|
5 | fonts.gstatic.com |
secured.heritage.org
|
3 | www.google-analytics.com |
secured.heritage.org
|
3 | js.stripe.com |
secured.heritage.org
js.stripe.com |
3 | fonts.googleapis.com |
secured.heritage.org
|
2 | errors.client.optimizely.com |
cdn.optimizely.com
|
2 | www.facebook.com |
secured.heritage.org
|
2 | connect.facebook.net |
secured.heritage.org
connect.facebook.net |
2 | 7353093442.log.optimizely.com |
cdn.optimizely.com
|
2 | netdna.bootstrapcdn.com |
secured.heritage.org
|
2 | munchkin.marketo.net |
secured.heritage.org
munchkin.marketo.net |
1 | www.google.nl |
secured.heritage.org
|
1 | www.google.com |
secured.heritage.org
|
1 | 824-mht-304.mktoresp.com |
munchkin.marketo.net
|
1 | bid.g.doubleclick.net |
www.googleadservices.com
|
1 | googleads.g.doubleclick.net |
www.googleadservices.com
|
1 | www.googletagmanager.com |
secured.heritage.org
|
1 | stats.g.doubleclick.net |
secured.heritage.org
|
1 | cdn3.optimizely.com |
cdn.optimizely.com
|
1 | www.googleadservices.com |
secured.heritage.org
|
1 | maxcdn.bootstrapcdn.com |
secured.heritage.org
|
1 | cdn.optimizely.com |
secured.heritage.org
|
1 | paracom.paramountcommunication.com | 1 redirects |
68 | 23 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.myheritage.org |
heritageaction.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
secured.heritage.org Thawte EV RSA CA 2018 |
2018-04-12 - 2019-06-11 |
a year | crt.sh |
*.g.doubleclick.net Google Internet Authority G3 |
2018-04-17 - 2018-07-10 |
3 months | crt.sh |
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA |
2018-02-09 - 2018-05-31 |
4 months | crt.sh |
This page contains 4 frames:
Primary Page:
https://secured.heritage.org/_2018/join-heritage/?utm_source=Daly&utm_medium=emailprospecting&utm_campaign=2018membershipcard&utm_content=Daly040318
Frame ID: ECE859667BE308C099422655CCA7D7BD
Requests: 65 HTTP requests in this frame
Frame:
https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Frame ID: 3FD61FC90A364584A415327338C453A6
Requests: 1 HTTP requests in this frame
Frame:
https://js.stripe.com/v2/channel.html?stripe_xdm_e=https%3A%2F%2Fsecured.heritage.org&stripe_xdm_c=default533480&stripe_xdm_p=1
Frame ID: 34E0A23312E7E242A41A570B1C1ED9A1
Requests: 1 HTTP requests in this frame
Frame:
https://js.stripe.com/v2/m/outer.html
Frame ID: 1041A143C29C63A4D9B33E7BF7E3FFA9
Requests: 1 HTTP requests in this frame
Screenshot
![](/screenshots/d10043c7-e640-419e-a63d-10f81793e2a2.png)
Page URL History Show full URLs
-
http://paracom.paramountcommunication.com/ct/47110046:s2R5dDVYN:m:1:1931604546:5B8BF491D096501188847A8FD1C6165C:r
HTTP 302
https://secured.heritage.org/_2018/join-heritage/?utm_source=Daly&utm_medium=emailprospecting&utm_campaig... Page URL
Detected technologies
Detected patterns
- html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
- script /\/wp-includes\//i
- meta generator /WordPress( [\d.]+)?/i
Detected patterns
- html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
- script /\/wp-includes\//i
- meta generator /WordPress( [\d.]+)?/i
![](/vendor/wappa/icons/VideoJS.png)
Detected patterns
- env /^VideoJS$/i
![](/vendor/wappa/icons/Stripe.png)
Detected patterns
- env /^Stripe$/i
Detected patterns
- headers server /cloudflare/i
Detected patterns
- script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
- env /^gaGlobal$/i
![](/vendor/wappa/icons/Google Font API.png)
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
![](/vendor/wappa/icons/Google Tag Manager.png)
Detected patterns
- env /^google_tag_manager$/i
![](/vendor/wappa/icons/Marketo.png)
Detected patterns
- env /^Munchkin$/i
Detected patterns
- script /modernizr(?:-([\d.]*[\d]))?.*\.js/i
- env /^Modernizr$/i
![](/vendor/wappa/icons/Optimizely.png)
Detected patterns
- script /optimizely\.com.*\.js/i
- env /^optimizely$/i
Twitter Emoji (Twemoji) (Miscellaneous) Expand
Detected patterns
- env /^twemoji$/i
Detected patterns
- script /jquery.*\.js/i
- env /^jQuery$/i
Twitter Bootstrap () Expand
Detected patterns
- html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i
- script /(?:twitter\.github\.com\/bootstrap|bootstrap(?:\.js|\.min\.js))/i
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: State Registration Disclosures
Search URL Search Domain Scan URL
Title: State Registration Disclosures
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://paracom.paramountcommunication.com/ct/47110046:s2R5dDVYN:m:1:1931604546:5B8BF491D096501188847A8FD1C6165C:r
HTTP 302
https://secured.heritage.org/_2018/join-heritage/?utm_source=Daly&utm_medium=emailprospecting&utm_campaign=2018membershipcard&utm_content=Daly040318 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
68 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
secured.heritage.org/_2018/join-heritage/ Redirect Chain
|
48 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
7353093442.js
cdn.optimizely.com/js/ |
572 KB 171 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
css
fonts.googleapis.com/ |
730 B 330 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
secured.heritage.org/wp-content/themes/secured/_css/ |
114 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
secured.heritage.org/wp-content/themes/secured/ |
76 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
css
fonts.googleapis.com/ |
498 B 338 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
css
fonts.googleapis.com/ |
883 B 351 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
video-js.min.css
secured.heritage.org/wp-content/plugins/videojs-html5-player/videojs/ |
32 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
plugin.styles.css
secured.heritage.org/wp-content/plugins/wp-comment-fields/ |
22 B 101 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap-grid.css
secured.heritage.org/wp-content/plugins/wp-comment-fields/assets/css/ |
52 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
parallax.min.js
secured.heritage.org/wp-content/themes/secured/_js/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.js
secured.heritage.org//wp-includes/js/jquery/ |
95 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-migrate.min.js
secured.heritage.org//wp-includes/js/jquery/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.2/js/ |
35 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modernizr.js
secured.heritage.org/wp-content/themes/secured/_js/ |
49 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.combobox.js
secured.heritage.org/wp-content/themes/secured/_js/ |
22 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
master.js
secured.heritage.org/wp-content/themes/secured/_js/ |
25 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
frontend.min.js
secured.heritage.org/wp-content/plugins/google-analytics-for-wordpress/assets/js/ |
7 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.js
secured.heritage.org/wp-content/plugins/wp-comment-fields/js/ |
749 B 514 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-thf.png
secured.heritage.org/wp-content/themes/secured/_img/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
THF-MemberCard-2018-1-300x189.jpg
secured.heritage.org/wp-content/uploads/2018/01/ |
27 KB 27 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
card2.png
secured.heritage.org/wp-content/uploads/2015/10/ |
21 KB 22 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
member_briefing.jpg
secured.heritage.org/wp-content/uploads/2015/10/ |
14 KB 14 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
morningbell.jpg
secured.heritage.org/wp-content/uploads/2015/10/ |
26 KB 26 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
munchkin.js
munchkin.marketo.net/ |
1 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
conversion.js
www.googleadservices.com/pagead/ |
18 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap-formhelpers.min.css
secured.heritage.org/wp-content/plugins/stripe-donation-form/_css/ |
28 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
font-awesome.css
netdna.bootstrapcdn.com/font-awesome/3.2.1/css/ |
27 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
stripe-form.css
secured.heritage.org/wp-content/plugins/stripe-donation-form/_css/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
video.min.js
secured.heritage.org/wp-content/plugins/videojs-html5-player/videojs/ |
218 KB 52 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wp-embed.min.js
secured.heritage.org//wp-includes/js/ |
1 KB 823 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
h5f.js
secured.heritage.org/wp-content/plugins/stripe-donation-form/_js/ |
13 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap-validator.min.js
secured.heritage.org/wp-content/plugins/stripe-donation-form/_js/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap-formhelpers.min.js
secured.heritage.org/wp-content/plugins/stripe-donation-form/_js/ |
284 KB 73 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
/
js.stripe.com/v2/ |
62 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
stripe-form-functions.js
secured.heritage.org/wp-content/plugins/stripe-donation-form/_js/ |
14 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utmna.js
secured.heritage.org/wp-content/plugins/stripe-donation-form/_js/ |
7 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
stripe-applepay.js
secured.heritage.org/wp-content/plugins/stripe-donation-form/_js/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
geo2.js
cdn3.optimizely.com/js/ |
294 B 701 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
event
7353093442.log.optimizely.com/ |
2 B 688 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
fbevents.js
connect.facebook.net/en_US/ |
39 KB 13 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
analytics.js
www.google-analytics.com/ |
34 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wp-emoji-release.min.js
secured.heritage.org/wp-includes/js/ |
12 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
mem8YaGs126MiZpBA-UFVZ0e.ttf
fonts.gstatic.com/s/opensans/v15/ |
26 KB 18 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
event
7353093442.log.optimizely.com/ |
2 B 420 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
493332274159836
connect.facebook.net/signals/config/ |
55 KB 14 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
/
www.facebook.com/tr/ |
44 B 247 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
collect
www.google-analytics.com/ |
35 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
collect
stats.g.doubleclick.net/r/ |
35 B 102 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
gtm.js
www.googletagmanager.com/ |
67 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
S6uyw4BMUTPHjx4wWw.ttf
fonts.gstatic.com/s/lato/v14/ |
59 KB 29 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
checkbox.png
secured.heritage.org/wp-content/themes/secured/_img/ |
635 B 744 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
JTURjIg1_i6t8kCHKm45_dJE3gnD-w.ttf
fonts.gstatic.com/s/montserrat/v12/ |
45 KB 23 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
S6u9w4BMUTPHh6UVSwiPHA.ttf
fonts.gstatic.com/s/lato/v14/ |
57 KB 29 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
S6u8w4BMUTPHjxsAXC-v.ttf
fonts.gstatic.com/s/lato/v14/ |
59 KB 31 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
munchkin.js
munchkin.marketo.net/153/ |
8 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/975702554/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel
bid.g.doubleclick.net/xbbe/ Frame 3FD6 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fontawesome-webfont.woff
netdna.bootstrapcdn.com/font-awesome/3.2.1/font/ |
43 KB 43 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
channel.html
js.stripe.com/v2/ Frame 34E0 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
visitWebPage
824-mht-304.mktoresp.com/webevents/ |
43 B 623 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
/
www.google.com/ads/user-lists/975702554/ |
42 B 111 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
/
www.google.nl/ads/user-lists/975702554/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
collect
www.google-analytics.com/r/ |
35 B 111 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
/
www.facebook.com/tr/ |
44 B 101 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
log
errors.client.optimizely.com/ |
13 B 412 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
outer.html
js.stripe.com/v2/m/ Frame 1041 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
log
errors.client.optimizely.com/ |
0 246 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
122 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| geolocation object| optly undefined| $ function| jQuery object| optimizely object| optimizelyProjectJS undefined| _ object| optimizely2 function| fbq function| _fbq string| disableStr function| __gaTrackerIsOptedOut function| __gaTrackerOptout string| GoogleAnalyticsObject function| __gaTracker object| _wpemojiSettings object| jQuery112405503022196934573 object| html5 object| Modernizr string| campaign string| medium string| content string| source function| KimbiaOnShow function| stripe_on_complete function| KimbiaOnComplete function| gaTriggerIndex function| stripe_on_beforesubmit function| duplicate_to_stripe function| duplicate_to_kimbia function| KimbiaOnBeforeSubmit function| KimbiaOnPlatformSubmissionResponse function| getValueByLabel function| convertKimbiaName function| getDataFromKimbia function| getUrlParam function| setMetaData function| createCookie function| readCookie function| eraseCookie function| RecurConfirm function| RecurFancybox function| ChangeButtonText object| monsterinsights_frontend object| twemoji object| wp object| gaplugins object| gaGlobal object| gaData function| MonsterInsights object| MonsterInsightsObject object| wpcomments_vars function| doPost function| get_option object| dataLayer function| RearrangeKimbiaForm function| mktoMunchkinFunction object| Munchkin function| mktoMunchkin object| google_conversion_id object| google_conversion_label object| google_custom_params object| google_remarketing_only function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_remarketing_for_search object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_evaluemrc object| google_conversion_currency object| google_conversion_domain object| google_conversion_color object| google_disable_viewthrough object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_disable_merchant_reported_conversions function| videojs object| vttjs function| VTTRegion function| WebVTT object| H5F object| BFHCountriesList object| BFHCurrenciesList object| BFHMonthsList object| BFHDaysList number| BFHDayOfWeekStart object| BFHFontsList object| BFHFontSizesList object| BFHGoogleFontsList object| BFHLanguagesList object| BFHPhoneFormatList object| BFHStatesList string| BFHTimePickerDelimiter object| BFHTimePickerModes object| BFHTimezonesList function| Stripe object| ajax_object function| stripe_response_handler function| get_cookie object| $form object| MunchkinTracker object| google_tag_manager17 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
.secured.heritage.org/ | Name: __stripe_sid Value: 04c10cd2-a49d-4c3f-88a0-603480942605 |
|
.secured.heritage.org/ | Name: __stripe_mid Value: 2c856492-6e87-445b-82b8-75f922bedbe2 |
|
.secured.heritage.org/ | Name: _gid Value: GA1.3.2145587937.1525697726 |
|
.secured.heritage.org/ | Name: _ga Value: GA1.3.119002202.1525697726 |
|
.secured.heritage.org/ | Name: _gat_UA-1393129-94 Value: 1 |
|
.heritage.org/ | Name: _mkto_trk Value: id:824-MHT-304&token:_mch-heritage.org-1525697726571-69947 |
|
.heritage.org/ | Name: _utmna Value: utmcsr=Daly|utmccn=2018membershipcard|utmcmd=emailprospecting|utmctr=Daly040318 |
|
.heritage.org/ | Name: optimizelySegments Value: %7B%227592490140%22%3A%222018membershipcard%22%2C%227385160362%22%3A%22gc%22%2C%227398880436%22%3A%22false%22%2C%227404220244%22%3A%22campaign%22%7D |
|
.heritage.org/ | Name: optimizelyBuckets Value: %7B%7D |
|
.heritage.org/ | Name: _gat Value: 1 |
|
.heritage.org/ | Name: _ga Value: GA1.2.119002202.1525697726 |
|
.heritage.org/ | Name: optimizelyPendingLogEvents Value: %5B%5D |
|
.heritage.org/ | Name: optimizelyEndUserId Value: oeu1525697725088r0.027617112599715554 |
|
.heritage.org/ | Name: _gid Value: GA1.2.2145587937.1525697726 |
|
secured.heritage.org/ | Name: LB-Persist Value: !D6+B7wiuypkdXlPsRjndrbgI2S90RXq1LTf4G4Wv260N9qNHbrBg37LJeybllVqAFmTqQ6vrrcTVeA== |
|
.heritage.org/ | Name: __cfduid Value: d8523f35fa603594d4e0683e2cf3ddb6f1525697724 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
7353093442.log.optimizely.com
824-mht-304.mktoresp.com
bid.g.doubleclick.net
cdn.optimizely.com
cdn3.optimizely.com
connect.facebook.net
errors.client.optimizely.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js.stripe.com
maxcdn.bootstrapcdn.com
munchkin.marketo.net
netdna.bootstrapcdn.com
paracom.paramountcommunication.com
secured.heritage.org
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.nl
www.googleadservices.com
www.googletagmanager.com
104.108.42.122
104.20.41.240
151.101.12.176
157.240.20.19
157.240.20.35
172.217.23.162
172.227.105.112
172.227.15.150
173.194.76.154
199.15.213.207
209.197.3.15
216.58.206.10
216.58.206.14
216.58.206.2
216.58.206.3
216.58.206.4
216.58.206.8
23.21.81.173
52.2.151.92
54.71.200.178
74.125.206.157
07fcd4f0a4d27c83589748e10580f37fc364c1874c7209c29b65a6c6e17c9b6a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
112560223d7dcf6f78bd1f4f1271590233b6cd02adf7a10f896b0f628c2c4d24
16961ec7272232d01db03cd766fad4ef963ae01123736c29680b332c2e546c5c
16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12
18e6b5ff511b90edf098e62ac45ed9d6673a3eee10165d0de4164d4d02a3a77f
1ac2bdea24dcd262d3e883021b574b011d8625bfd779b675f5ddc5ffc2865859
2218bbf47b340278b7b696dbe3af4eed89edffa709c19abd6747b18147c3a675
22a22e76f4de930e54dd33af00c71b68828847409e5e79787df5224dd9776c6f
23941ad2251c35265baba97eef46e43b7ba2341a9d3b4e13f69b41eddb61c2e9
2e4af50a58bd36bad305833e914c57fb90d95df5062304f4beb167f0da9f16e9
3d77ffa18764e98bed1fe2b7a7423a58ce0d67c294c60ffd881f0f690bbbf4ee
3ff0ddf97840f70e1c20ddc2f032733d631f729a9414bf3b3ca2470d71ddfba4
40d3161773774e4310edeeed63150f24fd9a64eaa3882649fc26f4f722b818f0
4397da54a5121573dd91c7c25231c4402facbd0bf14718e9d5f955af9d443a3c
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45da177c4ae54ffa4b2b69669b10f08bbd9cdc09db261d88ec0229cf6a476cbf
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4b092c8a67fdd759d52efbb39acf4ced9fcc6f9c8050ae52bbccd89dc116d7ef
50f191ec66df4e73113742a33325902dac85cdcf65c896ba5af8f83644c1ae0d
6208d3930f086283a1f056f19c107d480cb51b6d0b67887717e6e221c06d3354
6d61154171452eed40f90e9b79a7a17b6ce0249ce12b45ac8958b857ad76914d
6eef5103ddf91dc485c90ce917a57ebe1b4ae5ab6bbc9800d760cdc014e712e9
7b2bac10fdc474b60f996a1888b98af94858966f2396a85431ad2f66166086f6
7efbd86cc7b38ff4073967d7ec290934fc421eb2ed25ed3ec1592d79826e610c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86bdbde5ce7a2e589e95eff481c974aad8d832cae88fb1caeb23fd4ee99f8011
88694454a2bc3241a6531d725aa9f7f53725d43f59eb07418753f8f819ec46b5
888afff96dd0a95f218b946dddbbad94aef17657f73e97ae266f097a9ae6c884
8a0806b27670215b5dccf33b2ad02bd9eba253a8273841fc42e67add16187d30
8aba07f7375655d01848106ca04a8131e8b1dce7706fdf8cb769d6357977e3b8
927658fe940c899225567ad7885c40a7871dee09c2b9f00d31f7ca62d1f424fc
96bf35b6085e3a7ee102e56310a49020056aef7e2a8b5d80f68b93b57efe05d6
9c4590446dbf83edae05be4ca28ef789ee50a01ef2cb8f1b51c5937d029cac76
9cc39c759cd72b2f53c5c177a239eec038cf2a6614a686f150fdd59435df222f
9f478a91163c4b569e5bc2a46a2ca28bff93e2772912aa186f8ab0e4778c7172
a6b774d1722b797b51d8acde49b44e031bcc5800ce07d431aa016dbdbb96b083
a74ed85c97537594bfe3272093ee95f5181de9c38990b3e41ffe9b833b28fd96
ab5dfa77f939596e5a14505b7c5e72885716de98303173f6c2c4717ee2b6786d
b551b157d9201f6a43d292cc07e01f3a5242a5a6c5c1418eb2635b19956b7db9
bbe3bd0cb79c46e8c538921ca15b8ed864fb7a269e8378347e34f2af3b23cdf7
c1f1036a3e1edd4fe0090a0c5f8b29cf7eaef22b41b15a1c11a509a344542b17
c74df86ae345eccf090750cb36f92165650c3fddd0ba2493401d4db661196d7b
c811b1eb3de1ee33d4e97f6545465cfbadac7ac0e59501d2cbdbe217ffedff38
c8eeec83fe8bf655eeeda291466d268770436dde4e3e40416a85d05d3893e892
cbbd42bb1d88693e6805bd9d676840424af5ecf3e13d874fd06e6b57d53d8d40
cc58f389596fca7bf0b80a914df1ed2ca6cb46564afce1a59647c5a411670225
cc6880fba87ca0bbed9120fdb568155ee14e22d2baa736657ed5859f96390712
d0a1018454b3cddc918dd9fbb35f67303c1e6fdf656b715d58b7bd346fd80774
d435ce830b4d4ff926b21d76a83d852f1d077013da2f05b887ebb2602c93be09
dba6b80aceb1267fd1ed564e08a983730d272813e9b3aff85dc365c65333dd66
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9ed55e76e18c41069e635a88c37648b50b8cb39fb5862fa2d129661931b6705
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f29309e14adbdcaadd663b5bc217e53652e66881eca20e7972e6addfeae18d89
f5f27684cdabf14f880903abadbda42e6fb03a46508596923ad5d412ac123410
f7e7ed4c52f9c6ccf3cb933ff71470a623039b87f5f17a840f44082a8c5ea8b0
fa9824e6c6f541143c069014c1b24a90aeb2b801f582cf624c282c215bb11684
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e