![](/screenshots/fcf166cd-a26a-4ec4-ba3e-31622dcd2f61.png)
members.aprespass.ca
Open in
urlscan Pro
168.62.224.13
Public Scan
Effective URL: https://members.aprespass.ca/page/login
Submission: On December 22 via api from US — Scanned from CA
Summary
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on December 9th 2023. Valid for: 6 months.
This is the only time members.aprespass.ca was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 6 | 168.62.224.13 168.62.224.13 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
3 | 152.195.19.97 152.195.19.97 | 15133 (EDGECAST) (EDGECAST) | |
2 | 20.40.202.12 20.40.202.12 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
2 | 104.17.24.14 104.17.24.14 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
7 | 52.239.153.4 52.239.153.4 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
3 | 142.251.16.97 142.251.16.97 | 15169 (GOOGLE) (GOOGLE) | |
3 | 142.251.163.95 142.251.163.95 | 15169 (GOOGLE) (GOOGLE) | |
2 | 151.101.2.159 151.101.2.159 | 54113 (FASTLY) (FASTLY) | |
6 | 216.239.34.178 216.239.34.178 | 15169 (GOOGLE) (GOOGLE) | |
2 | 13.107.213.38 13.107.213.38 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
7 | 18.154.206.27 18.154.206.27 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 157.240.244.1 157.240.244.1 | 32934 (FACEBOOK) (FACEBOOK) | |
3 | 20.120.65.166 20.120.65.166 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
2 | 54.244.180.221 54.244.180.221 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 157.240.244.35 157.240.244.35 | 32934 (FACEBOOK) (FACEBOOK) | |
10 | 44.229.152.84 44.229.152.84 | 16509 (AMAZON-02) (AMAZON-02) | |
1 2 | 20.125.209.212 20.125.209.212 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 1 | 204.79.197.200 204.79.197.200 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
2 | 35.167.177.33 35.167.177.33 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 13.249.39.24 13.249.39.24 | 16509 (AMAZON-02) (AMAZON-02) | |
62 | 19 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
members.aprespass.ca |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
control.peoplevine.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
peoplevine.blob.core.windows.net |
ASN15169 (GOOGLE, US)
PTR: bl-in-f97.1e100.net
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
PTR: wv-in-f95.1e100.net
fonts.googleapis.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-154-206-27.lax50.r.cloudfront.net
connect.podium.com |
ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-mty2.fbcdn.net
connect.facebook.net |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
l.clarity.ms |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-244-180-221.us-west-2.compute.amazonaws.com
lab.analyticspodium.com |
ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-mty2.facebook.com
www.facebook.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-44-229-152-84.us-west-2.compute.amazonaws.com
mind-flayer.podium.com |
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net
c.bing.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-35-167-177-33.us-west-2.compute.amazonaws.com
api2.analyticspodium.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-249-39-24.iad89.r.cloudfront.net
assets.podium.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
podium.com
connect.podium.com — Cisco Umbrella Rank: 29489 mind-flayer.podium.com — Cisco Umbrella Rank: 29908 assets.podium.com — Cisco Umbrella Rank: 49683 |
380 KB |
7 |
clarity.ms
1 redirects
www.clarity.ms — Cisco Umbrella Rank: 796 l.clarity.ms — Cisco Umbrella Rank: 50737 c.clarity.ms — Cisco Umbrella Rank: 1377 |
28 KB |
7 |
windows.net
peoplevine.blob.core.windows.net — Cisco Umbrella Rank: 549372 |
409 KB |
6 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27 |
21 KB |
6 |
aprespass.ca
3 redirects
members.aprespass.ca |
87 KB |
5 |
peoplevine.com
storage.peoplevine.com control.peoplevine.com |
447 KB |
4 |
analyticspodium.com
lab.analyticspodium.com — Cisco Umbrella Rank: 29198 api2.analyticspodium.com — Cisco Umbrella Rank: 33331 |
6 KB |
3 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29 |
2 KB |
3 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36 |
217 KB |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 168 |
89 KB |
2 |
gibbonswhistler.com
gibbonswhistler.com |
36 KB |
2 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 204 |
88 KB |
1 |
bing.com
1 redirects
c.bing.com — Cisco Umbrella Rank: 228 |
765 B |
1 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 98 |
185 B |
62 | 14 |
Domain | Requested by | |
---|---|---|
10 | mind-flayer.podium.com |
connect.podium.com
|
7 | connect.podium.com |
www.googletagmanager.com
connect.podium.com |
7 | peoplevine.blob.core.windows.net |
members.aprespass.ca
|
6 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com members.aprespass.ca |
6 | members.aprespass.ca |
3 redirects
members.aprespass.ca
|
3 | l.clarity.ms |
www.clarity.ms
|
3 | fonts.googleapis.com |
members.aprespass.ca
control.peoplevine.com |
3 | www.googletagmanager.com |
members.aprespass.ca
www.googletagmanager.com |
3 | storage.peoplevine.com |
members.aprespass.ca
|
2 | api2.analyticspodium.com |
connect.podium.com
|
2 | c.clarity.ms | 1 redirects |
2 | lab.analyticspodium.com |
connect.podium.com
|
2 | connect.facebook.net |
members.aprespass.ca
connect.facebook.net |
2 | www.clarity.ms |
members.aprespass.ca
www.clarity.ms |
2 | gibbonswhistler.com |
peoplevine.blob.core.windows.net
|
2 | cdnjs.cloudflare.com |
members.aprespass.ca
cdnjs.cloudflare.com |
2 | control.peoplevine.com |
members.aprespass.ca
|
1 | assets.podium.com | |
1 | c.bing.com | 1 redirects |
1 | www.facebook.com |
members.aprespass.ca
|
62 | 20 |
This site contains links to these domains. Also see Links.
Domain |
---|
aprespass.ca |
www.facebook.com |
www.instagram.com |
www.peoplevine.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
members.aprespass.ca GeoTrust Global TLS RSA4096 SHA256 2022 CA1 |
2023-12-09 - 2024-06-09 |
6 months | crt.sh |
sni10875gl.wpc.edgecastcdn.net DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-08-18 - 2024-09-17 |
a year | crt.sh |
*.control.peoplevine.com Go Daddy Secure Certificate Authority - G2 |
2023-09-01 - 2024-10-02 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-07-03 - 2024-07-02 |
a year | crt.sh |
*.blob.core.windows.net Microsoft RSA TLS CA 01 |
2023-09-27 - 2024-09-27 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
gibbonswhistler.com R3 |
2023-12-20 - 2024-03-19 |
3 months | crt.sh |
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1 |
2023-12-07 - 2024-12-07 |
a year | crt.sh |
*.podium.com Amazon RSA 2048 M02 |
2023-05-24 - 2024-06-21 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2023-09-30 - 2023-12-29 |
3 months | crt.sh |
a.clarity.ms Microsoft Azure TLS Issuing CA 06 |
2023-02-13 - 2024-02-08 |
a year | crt.sh |
*.analyticspodium.com Amazon RSA 2048 M01 |
2023-01-26 - 2024-02-24 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://members.aprespass.ca/page/login
Frame ID: 16C75A9FEFD9ACA828A65A2D8C8EAB31
Requests: 48 HTTP requests in this frame
Frame:
https://connect.podium.com/styles.css
Frame ID: 7BA31D35D9D40BA9ACDAE857CEF96F77
Requests: 3 HTTP requests in this frame
Frame:
https://connect.podium.com/styles.css
Frame ID: D15E44A38C2D2527E6F07D9E2D707227
Requests: 4 HTTP requests in this frame
Screenshot
![](/screenshots/fcf166cd-a26a-4ec4-ba3e-31622dcd2f61.png)
Page Title
Login to the Membership PortalPage URL History Show full URLs
-
http://members.aprespass.ca/
HTTP 302
https://members.aprespass.ca/ HTTP 302
https://members.aprespass.ca/login HTTP 302
https://members.aprespass.ca/page/login Page URL
Detected technologies
Detected patterns
- /wp-(?:content|includes)/
![](/vendor/wappa/icons/Bootstrap.png)
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
![](/vendor/wappa/icons/Microsoft ASP.NET.png)
Detected patterns
- <input[^>]+name="__VIEWSTATE
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
![](/vendor/wappa/icons/Font Awesome.png)
Detected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
![](/vendor/wappa/icons/Google Tag Manager.png)
Detected patterns
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
Title: Contact Us
Search URL Search Domain Scan URL
Title: About Us
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: Instagram
Search URL Search Domain Scan URL
Title: PeopleVine
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://members.aprespass.ca/
HTTP 302
https://members.aprespass.ca/ HTTP 302
https://members.aprespass.ca/login HTTP 302
https://members.aprespass.ca/page/login Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 40- https://c.clarity.ms/c.gif HTTP 302
- https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=7228D1E901FD451F9510698EA01D20DB&RedC=c.clarity.ms&MXFR=0F72973A3F74669C0B5684D53B7468DF HTTP 302
- https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7228D1E901FD451F9510698EA01D20DB&MUID=10EC557E6E946A1D06AA46916FBE6BFF
62 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
login
members.aprespass.ca/page/ Redirect Chain
|
38 KB 28 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
storage.peoplevine.com/media/361/portal/assets/bootstrap/4.5.0/css/ |
157 KB 157 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bundle.min.css
members.aprespass.ca/css/ |
93 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shared.min.css
control.peoplevine.com/assets-ui-update/css/ |
522 KB 74 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
peoplevine-styles.min.css
control.peoplevine.com/assets-ui-update/css/ |
480 KB 71 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/ |
58 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
apres-main-styles.css
peoplevine.blob.core.windows.net/media/1073/ |
2 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
apres-script.js
peoplevine.blob.core.windows.net/media/1073/ |
37 B 507 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1435_override_css.css
peoplevine.blob.core.windows.net/files/1073/style/ |
485 B 949 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
174 KB 64 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1435_css.min.css
peoplevine.blob.core.windows.net/files/1073/style/ |
349 KB 350 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bundle.min.js
members.aprespass.ca/scripts/ |
56 KB 22 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
34114_page_css.min.css
peoplevine.blob.core.windows.net/files/1073/style/ |
1 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
storage.peoplevine.com/media/361/portal/assets/bootstrap/4.5.0/js/ |
59 KB 59 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
apres-pass-blackout.js
peoplevine.blob.core.windows.net/media/1073/js/ |
370 B 841 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
storage.peoplevine.com/media/361/portal/assets/jQuery/default/ |
85 KB 85 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
4 KB 988 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
4 KB 637 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
4 KB 637 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
194 KB 70 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MuseoSans_700.woff2
gibbonswhistler.com/wp-content/themes/gibbons/fonts/MuseoSans/ |
18 KB 18 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MuseoSans_500.woff2
gibbonswhistler.com/wp-content/themes/gibbons/fonts/MuseoSans/ |
18 KB 18 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Logos_New-copy-32-1.png
peoplevine.blob.core.windows.net/media/1073/ |
53 KB 53 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/webfonts/ |
77 KB 77 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
241 KB 84 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ctgxnktg7g
www.clarity.ms/tag/ |
1018 B 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
widget.js
connect.podium.com/ |
665 KB 188 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
202 KB 54 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/g/ |
0 174 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
1 B 91 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
3 B 70 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clarity.js
www.clarity.ms/s/0.7.20/ |
60 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
collect
www.google-analytics.com/ |
35 B 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
592885532606877
connect.facebook.net/signals/config/ |
133 KB 35 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
collect
l.clarity.ms/ |
0 300 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vardata
lab.analyticspodium.com/sdk/ |
5 KB 5 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
vardata
lab.analyticspodium.com/sdk/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 185 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
graphql
mind-flayer.podium.com/ |
60 B 447 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
graphql
mind-flayer.podium.com/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c.gif
c.clarity.ms/ Redirect Chain
|
42 B 442 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
graphql
mind-flayer.podium.com/ |
2 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
graphql
mind-flayer.podium.com/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
graphql
mind-flayer.podium.com/ |
38 B 425 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
graphql
mind-flayer.podium.com/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.css
connect.podium.com/ Frame 7BA3 |
64 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
graphql
mind-flayer.podium.com/ |
38 B 425 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
graphql
mind-flayer.podium.com/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
d2271df8467ecc4941f02087d61c1c1e.woff2
connect.podium.com/ Frame 7BA3 |
34 KB 34 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
434b2574637d4adc6a5a30864e8c6b3e.woff2
connect.podium.com/ Frame 7BA3 |
30 KB 30 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
collect
l.clarity.ms/ |
0 300 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
httpapi
api2.analyticspodium.com/2/ |
94 B 365 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
httpapi
api2.analyticspodium.com/2/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
graphql
mind-flayer.podium.com/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
graphql
mind-flayer.podium.com/ |
38 B 425 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.css
connect.podium.com/ Frame D15E |
64 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
defaultWebchatPinkAvatar.png
assets.podium.com/images/ Frame D15E |
39 KB 39 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
d2271df8467ecc4941f02087d61c1c1e.woff2
connect.podium.com/ Frame D15E |
34 KB 34 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
434b2574637d4adc6a5a30864e8c6b3e.woff2
connect.podium.com/ Frame D15E |
30 KB 30 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/g/ |
0 17 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
collect
l.clarity.ms/ |
0 300 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
88 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| documentPictureInPicture object| userData object| siteData string| curPath object| curObj object| curQ object| vars object| company function| $ function| jQuery object| dataLayer function| gtag function| returnSocialShareBlock function| logActivity function| calculateShipping function| payWithPoints function| returnProduct function| returnTime function| digits function| currency function| percent function| addDays function| setActive function| toDate function| toMMDDYYYY function| datetime function| today function| fixed function| returnCartSubTotal function| returnCartTotalItems function| getCookie function| getCookieValue function| setCookie function| createCookie function| readCookie function| eraseCookie function| getQuery function| setTimezoneCookie function| loadTranslations function| loopThroughTranslations function| setContentValue function| requestData function| doAjax function| copyURL function| imgError function| isNumericInput function| isModifierKey function| enforceFormat function| formatToPhone function| loadBusinessToolPageCreate function| pageTypeChanged function| loadBusinessToolSurveyView function| surveyNotes function| applicationStatusChanged function| surveyStatusChanged object| userExit object| monthNames object| dayNames function| HAPIform function| DatepickerHelper function| CustomFileInput object| v function| pvReady object| pvAlert object| user object| SETTINGS object| bootstrap object| selectOption object| myApp object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| clarity function| fbq function| _fbq function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData object| webpackChunkdemogorgon object| regeneratorRuntime object| env boolean| podiumWebsiteWidgetLoaded object| analyticsConnectorInstances object| PodiumWebChat29 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
members.aprespass.ca/ | Name: ASP.NET_SessionId Value: vcvk4v1e2mcl2nxfnueprxau |
|
members.aprespass.ca/ | Name: cartInfo Value: session_id=NjNhZjc2YWMtNmU0MC00MTNjLTgzNDYtMDA2Mzk2ZGJhYTUy |
|
members.aprespass.ca/ | Name: domain Value: domain=eyJjb25maWciOiIiLCJtZW1iZXJfcGFnZV9zdHlsZV9ubyI6MTQ4OCwiYXV0aGVudGljYXRlZF9wYWdlX3N0eWxlX25vIjotMSwicGF5bWVudF9wcm9jZXNzb3Jfbm8iOjAsInBhZ2Vfc3R5bGVfbm8iOi0xLCJwYXNzd29yZF9wcm90ZWN0ZWQiOiJOIiwiZGVmYXVsdF91cmwiOiJZIiwicmVmZXJlbmNlX3R5cGUiOiJnZW5lcmFsIiwicmVmZXJlbmNlX25vIjotOSwiZG9tYWluX3R5cGUiOiJwb3J0YWwiLCJpbmNsdWRlU2V0dGluZ3MiOltdLCJkb21haW5fbm8iOjExODUxLCJkb21haW5fbmFtZSI6Im1lbWJlcnMuYXByZXNwYXNzLmNhIiwiYWxsb3dfc3NsIjoiWSIsImNvbXBhbnlfbm8iOjEwNzN9&lastUpdated=202312220456 |
|
.members.aprespass.ca/ | Name: ARRAffinity Value: 57e549ae065cc3e8c700120416d97756a80309fed8a45de812bfbd42c2cda496 |
|
members.aprespass.ca/ | Name: data Value: domainStyle=ZmFsc2U=&activityTracking=VHJ1ZQ==&last_page=&prev_page=Lw== |
|
members.aprespass.ca/ | Name: locale Value: currency=Q0FE&label-state=Region&label-city=City&label-address2=Apt&label-zip_code=Postal Code&label-ach_routing=Routing Number/Sort Code&placeholder-ach_routing=Enter 9 digits&disabled-state=false |
|
members.aprespass.ca/ | Name: companyMain Value: serial=eyJjb21wYW55X21hcCI6Imh0dHBzOi8vcGVvcGxldmluZS5ibG9iLmNvcmUud2luZG93cy5uZXQvbWVkaWEvMTA3My9jb21wYW55LzEwNzMvbWFwL21hcF9wYXRoXzEwNzMucG5nIiwiZW5hYmxlXzJmYSI6dHJ1ZSwiYWRkaXRpb25hbF9saW5lIjoiIiwidXJscyI6W3sia2V5IjoibWVtYmVyX2NoZWNraW5fcXIiLCJ2YWx1ZSI6Imh0dHBzOi8vbWVtYmVycy5hcHJlc3Bhc3MuY2EvbWVtYmVyL2NoZWNraW4vcXIifSx7ImtleSI6Imd1ZXN0X2NoZWNraW5fcXIiLCJ2YWx1ZSI6Imh0dHBzOi8vbWVtYmVycy5hcHJlc3Bhc3MuY2EvZ3Vlc3QvY2hlY2tpbi9xciJ9LHsia2V5IjoibWVtYmVyX2NoZWNraW4iLCJ2YWx1ZSI6Imh0dHBzOi8vbWVtYmVycy5hcHJlc3Bhc3MuY2EvbWVtYmVyL2NoZWNraW4ifSx7ImtleSI6Imd1ZXN0X2NoZWNraW4iLCJ2YWx1ZSI6Imh0dHBzOi8vbWVtYmVycy5hcHJlc3Bhc3MuY2EvZ3Vlc3QvY2hlY2tpbiJ9XSwiZ2VuX3ZlcnNpb24iOjMsInVwZGF0ZUZpZWxkcyI6IiIsImVuYWJsZUFjdGl2aXR5VHJhY2tpbmciOnRydWUsImF1dGhzIjpbXSwicGFyZW50X2NvbXBhbnlfbm8iOjAsImRvbWFpbl9uYW1lIjoibWVtYmVycy5hcHJlc3Bhc3MuY2EiLCJ0aW1lem9uZV9pZCI6IlBhY2lmaWMgU3RhbmRhcmQgVGltZSIsInRpbWV6b25lX29mZnNldCI6LTgsInNldHRpbmdzIjpbXSwic3Vic2NyaXB0aW9uX25vIjoxMzE4NDgsImN1c3RvbWVyX25vIjoyNDY3MTQ5LCJjb21wYW55X2xvZ29fYnl0ZSI6bnVsbCwiY29tcGFueV9pY29uX2J5dGUiOm51bGwsInVzZXJfbm8iOjMwMCwiY29tcGFueV9ubyI6MTA3MywiZm9yZWdyb3VuZGNvbG9yIjoiMDAwMDAwIiwiYmFja2dyb3VuZGNvbG9yIjoiRkZGRkZGIiwiY29tcGFueV9uYW1lIjoiQXByw6hzIFBhc3MiLCJjb21wYW55X2xvZ28iOiJodHRwczovL3Blb3BsZXZpbmUuYmxvYi5jb3JlLndpbmRvd3MubmV0L2NvbXBhbnkvMTA3My9jb21wYW55L2xvZ28ucG5nIiwiY29tcGFueV9pY29uIjoiaHR0cHM6Ly9wZW9wbGV2aW5lLmJsb2IuY29yZS53aW5kb3dzLm5ldC9jb21wYW55LzEwNzMvY29tcGFueS9pY29uLnBuZyIsImNvbXBhbnlfYmlvIjoiIiwid2ViX3NpdGUiOiJodHRwczovL2FwcmVzcGFzcy5jYSIsImNvbXBhbnlfZW1haWwiOiJpbmZvQGFwcmVzcGFzcy5jYSIsImNvbXBhbnlfcGhvbmUiOiI4ODg4MjM3OTMyIiwiYWRkcmVzcyI6IjQyOTMgTW91bnRhaW4gU3F1YXJlIiwiYWRkcmVzczIiOiJTdWl0ZSAyMTEiLCJjaXR5IjoiV2hpc3RsZXIiLCJzdGF0ZSI6IkJDIiwiemlwX2NvZGUiOiJWOEUgMUI4IiwiY291bnRyeSI6IkNBIiwiZmFjZWJvb2tfdXJsIjoiaHR0cHM6Ly93d3cuZmFjZWJvb2suY29tL2FwcmVzLnBhc3MiLCJnb29nbGVfdXJsIjoiIiwidHdpdHRlcl9oYW5kbGUiOiIiLCJjcmVhdGVkX29uIjoiXC9EYXRlKDE2MDE2NzMxMDkwMjcpXC8ifQ== |
|
members.aprespass.ca/ | Name: pageStyle Value: page_style_no=MTQzNQ==&jq=default&bs=4.5.0&fa=&v=width%3Ddevice-width%2C%20initial-scale%3D1.0&pt=&mk=&md=&fv=https%3A%2F%2Fpeoplevine.blob.core.windows.net%2Ffiles%2F1073%2Ffavicon%2FFavicon-31.png&hs=False&mo=202306262127 |
|
members.aprespass.ca/ | Name: settings Value: payment_processor_no=MA== |
|
.control.peoplevine.com/ | Name: ARRAffinitySameSite Value: 052b94cc4103b1e78b547575b3eba34f9549b35c335180840236ab0615424ce8 |
|
members.aprespass.ca/ | Name: timezoneoffset Value: 480 |
|
.aprespass.ca/ | Name: _ga_Q5L18QHVW9 Value: GS1.1.1703221002.1.0.1703221002.0.0.0 |
|
.aprespass.ca/ | Name: _ga Value: GA1.2.1578989579.1703221003 |
|
.aprespass.ca/ | Name: _gid Value: GA1.2.464370188.1703221003 |
|
.aprespass.ca/ | Name: _gat_gtag_UA_222588210_1 Value: 1 |
|
.aprespass.ca/ | Name: _gat_UA-222588210-1 Value: 1 |
|
www.clarity.ms/ | Name: CLID Value: 81309a755006404dab9e0e811210bd53.20231222.20241221 |
|
.aprespass.ca/ | Name: _clck Value: 1l78vbc%7C2%7Cfhr%7C0%7C1451 |
|
.aprespass.ca/ | Name: _clsk Value: 1r5c2yu%7C1703221002956%7C1%7C1%7Cl.clarity.ms%2Fcollect |
|
.aprespass.ca/ | Name: AMP_MKTG_16a5c84b5b Value: JTdCJTdE |
|
.aprespass.ca/ | Name: AMP_16a5c84b5b Value: JTdCJTIyZGV2aWNlSWQlMjIlM0ElMjJiODQ0ZmQ3MS1kYTY0LTRhZDktYjNmNy1lOWFmZmQxN2UyYmYlMjIlMkMlMjJzZXNzaW9uSWQlMjIlM0ExNzAzMjIxMDAyOTc4JTJDJTIyb3B0T3V0JTIyJTNBZmFsc2UlMkMlMjJsYXN0RXZlbnRUaW1lJTIyJTNBMTcwMzIyMTAwMjk5MSU3RA== |
|
.aprespass.ca/ | Name: _fbp Value: fb.1.1703221003000.1560034217 |
|
.bing.com/ | Name: MUID Value: 10EC557E6E946A1D06AA46916FBE6BFF |
|
.c.bing.com/ | Name: MR Value: 0 |
|
.c.bing.com/ | Name: SRM_B Value: 10EC557E6E946A1D06AA46916FBE6BFF |
|
.c.clarity.ms/ | Name: SM Value: C |
|
.clarity.ms/ | Name: MUID Value: 10EC557E6E946A1D06AA46916FBE6BFF |
|
.c.clarity.ms/ | Name: MR Value: 0 |
|
.c.clarity.ms/ | Name: ANONCHK Value: 0 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src https: 'unsafe-inline' 'unsafe-eval'; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com; img-src * 'self' data: https:; font-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; connect-src https: wss: 'self'; |
Public-Key-Pins | |
X-Content-Type-Options | nosniff |
X-Frame-Options | DENY |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api2.analyticspodium.com
assets.podium.com
c.bing.com
c.clarity.ms
cdnjs.cloudflare.com
connect.facebook.net
connect.podium.com
control.peoplevine.com
fonts.googleapis.com
gibbonswhistler.com
l.clarity.ms
lab.analyticspodium.com
members.aprespass.ca
mind-flayer.podium.com
peoplevine.blob.core.windows.net
storage.peoplevine.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
104.17.24.14
13.107.213.38
13.249.39.24
142.251.16.97
142.251.163.95
151.101.2.159
152.195.19.97
157.240.244.1
157.240.244.35
168.62.224.13
18.154.206.27
20.120.65.166
20.125.209.212
20.40.202.12
204.79.197.200
216.239.34.178
35.167.177.33
44.229.152.84
52.239.153.4
54.244.180.221
143a1f4be7dcde066d98045f77d517b36c0711b7fbed20c51652995b28634f68
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1613f9734db63b9c5c539a6f0269067689cd7086da5035794a1ea415789a9f72
190a5550e9785ee177526fc7e0a2e7a5f347136b21ff917c807c29a1abdbb1b1
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1edbab3b32d1748ab14e6dfb9f30128ae7ea1e8188ff2afb35c0f6e225bb3a62
1ff65b5735b5585371479d0f182b0ac46ac8662ad88a874a7ce4c282631e395f
29ddef4ca49d2c57b2169e36047602e133c31117a51ada4c584e7564ee2661ce
2e15b8e7affc22e36107779b5d1f2ef7cedf0da9cb2d022ab993d0c41c17e5b9
2f97a5d23b7e9c9506990d320194701d4ba9ffdc60bdf079bfbcf7018d1b6f2f
309499d9289bfc7f8ab25c86e4b7377eb18988dc8864d1b857063237f86f6ccb
3191923a61403986f9070df684f8f9f3d451f782e5fbb02f20d9ed518cd780ee
3741ed1f5788054b880d9b5831fec4f0fdb4cca16d8257fe016c90d6742b81c4
38544024da1a0fc2f706be6582557b5722d17f48ad9a8073594a0cf928e2e3ff
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
5055162c51d0ee6012603e61c1e3a4274766fd3b75edefc0b7462f017ac0c71f
5cb71ef74144a122d18eaf7b25f04dbef04caf92deff72a24789b3ee5aabee3b
5ccb86c5cca20d69f5da56707c66f6e0c2656ae43fe626f94ca2fc1a46b5026a
60464b92964a4b0559ed134d29a828bb943283a891510cf0df67391b908835c2
680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c
68e4a9c70eb7752383a7deccedef50261f02bd2ce1e17292d47d6ed8fffdb0ae
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
791984c37c91bba9f4b1f1edd880391fc269af0616451bb834fd25defe658c45
7a4fb22778f4aa17c61f4d9a83fff238bf20ca02711a0ff44bdb0d57fce1182c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8a78824e0e4e78e9e0797e8b3e147d290c7e164e8715b6f983efc924214f9f76
948f61b9df742d494f3249577e3e9f4bfc32083bc345a4e37704a39917072844
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ed82c10d295bf4793cb1720a2eb9c973b59db5bd598be2679fae8b80ac4e9cf
ac6e8dbcf906b5d78b6538eea0df8d50e34fdd4ba6a3932bfbf38d4a085e2797
ad9bb0925961e419aed1dd031aac0bc66e4023dc1eda85672c1611a6e2d053b0
ae5fe6d1348fec1450528bdd64251fdd03e7857054bc1f152d71d85523b3f3f5
bb03359b5f8b6d2b2056dc684bbd8f664718c126abdbb1fd59808c9bca000c37
ca2efc3619b4ceef103e5f85b21b14c025ce5dbe30968412be38cc7334e8466e
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d
d85bc3fbbd4a389a2ba6820a72f8f5ed47c05c80a67b4701da1c3c821d4067aa
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df1f17e2f3830a74f58437e63a0b0ef2012a8e1ee38ae541057a4d3487f7d7fd
e2f1d313563bd57648065ec08b09be8c99a0fc83f515e0cd330f1e104e88d13d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f59bf9cee21cb2fd9f510abfab25c4cc865634ce4cc878ebd84fa583e81ab3
ed14a11b075ce49fd1f08617afbe12b18edf1eaa8e98af4ab701703d0405c8e5
f2c789f4d4f48d2115ef57ec27b8e838bc12d7604d0323a4678e21307f425be5