g-plans.com
Open in
urlscan Pro
34.68.56.245
Public Scan
Submitted URL: http://gardencareadvices.com/0dsd25bcc180fb097jccb2dfc773c22/convertsj25
Effective URL: https://g-plans.com/pages/medication/?affid=3057&tid=1&toclid=TO-6Huhe1s6VSLGDzVH2yGqBo&utm_source=theoffer&utm_camp...
Submission: On August 10 via api from US — Scanned from US
Effective URL: https://g-plans.com/pages/medication/?affid=3057&tid=1&toclid=TO-6Huhe1s6VSLGDzVH2yGqBo&utm_source=theoffer&utm_camp...
Submission: On August 10 via api from US — Scanned from US
Summary
This website contacted 29 IPs
in 2 countries
across 24 domains to perform 108 HTTP transactions.
The main IP is 34.68.56.245, located in
Council Bluffs, United States and
belongs to GOOGLE-CLOUD-PLATFORM, US.
The main domain is g-plans.com.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on September 11th 2023. Valid for: a year.
This is the only time g-plans.com was scanned on urlscan.io!
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on September 11th 2023. Valid for: a year.
This is the only time g-plans.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
1
35.227.247.224
(Kansas City, United States)
ASN15169 (GOOGLE, US)
PTR: 224.247.227.35.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 224.247.227.35.bc.googleusercontent.com
| www.tefye.com |
40
34.68.56.245
(Council Bluffs, United States)
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 245.56.68.34.bc.googleusercontent.com
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 245.56.68.34.bc.googleusercontent.com
| g-plans.com |
16
2606:4700::6812:123e
(United States)
ASN13335 (CLOUDFLARENET, US)
ASN13335 (CLOUDFLARENET, US)
| kit.fontawesome.com | |
| ka-p.fontawesome.com |
1
18.165.83.20
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-18-165-83-20.iad55.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-18-165-83-20.iad55.r.cloudfront.net
| polaris.truevaultcdn.com |
1
99.84.108.50
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-99-84-108-50.iad79.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-99-84-108-50.iad79.r.cloudfront.net
| location.truevaultcdn.com |
1
18.160.41.53
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-18-160-41-53.iad55.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-18-160-41-53.iad55.r.cloudfront.net
| static.hotjar.com |
1
99.84.191.77
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-99-84-191-77.iad89.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-99-84-191-77.iad89.r.cloudfront.net
| script.hotjar.com |
1
3.167.72.96
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-3-167-72-96.iad61.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-3-167-72-96.iad61.r.cloudfront.net
| js.adsrvr.org |
2
2606:4700::6812:895
(United States)
ASN13335 (CLOUDFLARENET, US)
ASN13335 (CLOUDFLARENET, US)
| action.dstillery.com | |
| action.media6degrees.com |
1
172.253.62.157
(United States)
ASN15169 (GOOGLE, US)
PTR: bc-in-f157.1e100.net
ASN15169 (GOOGLE, US)
PTR: bc-in-f157.1e100.net
| googleads.g.doubleclick.net |
2
54.88.71.74
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-71-74.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-71-74.compute-1.amazonaws.com
| sp.analytics.yahoo.com |
2
3.33.220.150
(Seattle, United States)
ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
| insight.adsrvr.org | |
| match.adsrvr.org |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 40 |
g-plans.com
g-plans.com |
3 MB |
| 16 |
fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 3618 ka-p.fontawesome.com — Cisco Umbrella Rank: 6252 |
395 KB |
| 7 |
clarity.ms
1 redirects
www.clarity.ms — Cisco Umbrella Rank: 1114 p.clarity.ms — Cisco Umbrella Rank: 8701 c.clarity.ms — Cisco Umbrella Rank: 1838 |
29 KB |
| 7 |
unpkg.com
4 redirects
unpkg.com — Cisco Umbrella Rank: 1314 |
158 KB |
| 7 |
googleapis.com
storage.googleapis.com — Cisco Umbrella Rank: 492 |
211 KB |
| 6 |
usemoon.com
usemoon.com — Cisco Umbrella Rank: 621621 |
2 KB |
| 3 |
google.com
analytics.google.com — Cisco Umbrella Rank: 238 www.google.com — Cisco Umbrella Rank: 10 |
64 B |
| 3 |
adsrvr.org
1 redirects
js.adsrvr.org — Cisco Umbrella Rank: 2631 insight.adsrvr.org — Cisco Umbrella Rank: 1486 match.adsrvr.org — Cisco Umbrella Rank: 505 |
6 KB |
| 3 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112 |
285 KB |
| 2 |
yahoo.com
sp.analytics.yahoo.com — Cisco Umbrella Rank: 2393 |
916 B |
| 2 |
ip-api.com
pro.ip-api.com — Cisco Umbrella Rank: 6326 |
469 B |
| 2 |
secureoffer.io
api.secureoffer.io — Cisco Umbrella Rank: 761649 |
3 KB |
| 2 |
doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 77 stats.g.doubleclick.net — Cisco Umbrella Rank: 252 |
2 KB |
| 2 |
yimg.com
s.yimg.com — Cisco Umbrella Rank: 1020 |
8 KB |
| 2 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104 |
21 KB |
| 2 |
legitscript.com
static.legitscript.com — Cisco Umbrella Rank: 46263 |
15 KB |
| 2 |
hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 1335 script.hotjar.com — Cisco Umbrella Rank: 2017 |
60 KB |
| 2 |
truevaultcdn.com
polaris.truevaultcdn.com — Cisco Umbrella Rank: 60373 location.truevaultcdn.com — Cisco Umbrella Rank: 64905 |
90 KB |
| 2 |
typekit.net
use.typekit.net — Cisco Umbrella Rank: 1178 p.typekit.net — Cisco Umbrella Rank: 1499 |
1 KB |
| 1 |
bing.com
1 redirects
c.bing.com — Cisco Umbrella Rank: 341 |
774 B |
| 1 |
media6degrees.com
action.media6degrees.com — Cisco Umbrella Rank: 16532 |
607 B |
| 1 |
dstillery.com
1 redirects
action.dstillery.com — Cisco Umbrella Rank: 12871 |
503 B |
| 1 |
tefye.com
1 redirects
www.tefye.com |
802 B |
| 1 |
gardencareadvices.com
1 redirects
gardencareadvices.com |
307 B |
| 108 | 24 |
| Domain | Requested by | |
|---|---|---|
| 40 | g-plans.com |
g-plans.com
|
| 14 | ka-p.fontawesome.com |
kit.fontawesome.com
|
| 7 | unpkg.com |
4 redirects
g-plans.com
|
| 7 | storage.googleapis.com |
g-plans.com
|
| 6 | usemoon.com |
g-plans.com
|
| 3 | p.clarity.ms |
www.clarity.ms
|
| 3 | www.googletagmanager.com |
g-plans.com
www.googletagmanager.com |
| 2 | c.clarity.ms | 1 redirects |
| 2 | sp.analytics.yahoo.com |
g-plans.com
|
| 2 | pro.ip-api.com |
g-plans.com
|
| 2 | api.secureoffer.io |
g-plans.com
|
| 2 | analytics.google.com |
www.googletagmanager.com
|
| 2 | www.clarity.ms |
g-plans.com
www.clarity.ms |
| 2 | s.yimg.com |
g-plans.com
s.yimg.com |
| 2 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
| 2 | static.legitscript.com |
g-plans.com
|
| 2 | kit.fontawesome.com |
g-plans.com
kit.fontawesome.com |
| 1 | match.adsrvr.org |
js.adsrvr.org
|
| 1 | insight.adsrvr.org | 1 redirects |
| 1 | c.bing.com | 1 redirects |
| 1 | www.google.com |
g-plans.com
|
| 1 | stats.g.doubleclick.net |
www.googletagmanager.com
|
| 1 | googleads.g.doubleclick.net |
www.googletagmanager.com
|
| 1 | action.media6degrees.com |
g-plans.com
|
| 1 | action.dstillery.com | 1 redirects |
| 1 | js.adsrvr.org |
www.googletagmanager.com
|
| 1 | script.hotjar.com |
static.hotjar.com
|
| 1 | static.hotjar.com |
g-plans.com
|
| 1 | location.truevaultcdn.com |
polaris.truevaultcdn.com
|
| 1 | p.typekit.net |
use.typekit.net
|
| 1 | polaris.truevaultcdn.com |
g-plans.com
|
| 1 | use.typekit.net |
g-plans.com
|
| 1 | www.tefye.com | 1 redirects |
| 1 | gardencareadvices.com | 1 redirects |
| 108 | 34 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| privacy.g-plans.com |
| openloophealth.com |
| www.ncbi.nlm.nih.gov |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.g-plans.com AlphaSSL CA - SHA256 - G4 |
2023-09-11 - 2024-10-12 |
a year | crt.sh |
| storage.googleapis.com WR2 |
2024-07-30 - 2024-10-22 |
3 months | crt.sh |
| *.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-07-30 - 2025-01-27 |
6 months | crt.sh |
| use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-02-01 - 2025-03-03 |
a year | crt.sh |
| polaris.truevaultcdn.com Amazon RSA 2048 M02 |
2024-03-18 - 2025-04-15 |
a year | crt.sh |
| *.google-analytics.com WR2 |
2024-07-30 - 2024-10-22 |
3 months | crt.sh |
| location.truevaultcdn.com Amazon RSA 2048 M02 |
2024-04-22 - 2025-05-22 |
a year | crt.sh |
| *.hotjar.com Amazon RSA 2048 M03 |
2024-05-22 - 2025-06-20 |
a year | crt.sh |
| legitscript.com WE1 |
2024-08-10 - 2024-11-08 |
3 months | crt.sh |
| usemoon.com WE1 |
2024-07-13 - 2024-10-11 |
3 months | crt.sh |
| *.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA |
2024-07-30 - 2024-09-18 |
2 months | crt.sh |
| *.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020 |
2024-04-23 - 2025-05-25 |
a year | crt.sh |
| www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1 |
2023-12-07 - 2024-12-07 |
a year | crt.sh |
| *.g.doubleclick.net WR2 |
2024-07-30 - 2024-10-22 |
3 months | crt.sh |
| *.google.com WR2 |
2024-07-30 - 2024-10-22 |
3 months | crt.sh |
| secureoffer.io WE1 |
2024-06-24 - 2024-09-22 |
3 months | crt.sh |
| *.ip-api.com Sectigo RSA Domain Validation Secure Server CA |
2023-12-21 - 2025-01-20 |
a year | crt.sh |
| *.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA |
2024-07-30 - 2025-01-22 |
6 months | crt.sh |
| a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08 |
2024-06-23 - 2025-06-18 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://g-plans.com/pages/medication/?affid=3057&tid=1&toclid=TO-6Huhe1s6VSLGDzVH2yGqBo&utm_source=theoffer&utm_campaign=41&sub1=427140&sub2=7ba76c6e126c493f98f174f8f125219c&sub3=gplan_5harsi
Frame ID: AC523D9053800FED5834D16F6159BE61
Requests: 108 HTTP requests in this frame
Frame:
https://static.legitscript.com/seals/13219044.js
Frame ID: AF805F6A1C311F1D6193FD56E88C4A47
Requests: 2 HTTP requests in this frame
Frame:
https://match.adsrvr.org/track/upb/?adv=65aggbs&ref=https%3A%2F%2Fg-plans.com%2Fpages%2Fmedication%2F%3Faffid%3D3057%26tid%3D1%26toclid%3DTO-6Huhe1s6VSLGDzVH2yGqBo%26utm_source%3Dtheoffer%26utm_campaign%3D41%26sub1%3D427140%26sub2%3D7ba76c6e126c493f98f174f8f125219c%26sub3%3Dgplan_5harsi&upid=2eko8m2&upv=1.1.0
Frame ID: 5F46C2F35C59196712ADF70F58E0F622
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
G-Plans | Weight Loss Medication, Telehealth Dieticians and Personalized Diet Plans ProjectPage URL History Show full URLs
-
http://gardencareadvices.com/0dsd25bcc180fb097jccb2dfc773c22/convertsj25
HTTP 307
https://gardencareadvices.com/0dsd25bcc180fb097jccb2dfc773c22/convertsj25 HTTP 302
https://www.tefye.com/TPK1D841/XK7TTKZS/?creative_id=48595&source_id=1&sub1=gplan_5harsi HTTP 302
https://g-plans.com/pages/medication/?affid=3057&tid=1&toclid=TO-6Huhe1s6VSLGDzVH2yGqBo&utm_sour... Page URL
Detected technologies
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- kit\.fontawesome\.com/([0-9a-z]+).js
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Hotjar
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- //static\.hotjar\.com/
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
URL: https://privacy.g-plans.com/privacy-policy?affid=3057&tid=1&toclid=TO-6Huhe1s6VSLGDzVH2yGqBo&utm_source=theoffer&utm_campaign=41&sub1=427140&sub2=7ba76c6e126c493f98f174f8f125219c&sub3=gplan_5harsi
Title: Privacy Policy
Title: Privacy Policy
Search URL Search Domain Scan URL
URL: https://openloophealth.com/privacy-policy?affid=3057&tid=1&toclid=TO-6Huhe1s6VSLGDzVH2yGqBo&utm_source=theoffer&utm_campaign=41&sub1=427140&sub2=7ba76c6e126c493f98f174f8f125219c&sub3=gplan_5harsi
Title: HIPAA Policy
Title: HIPAA Policy
Search URL Search Domain Scan URL
URL: https://privacy.g-plans.com/privacy-policy?affid=3057&tid=1&toclid=TO-6Huhe1s6VSLGDzVH2yGqBo&utm_source=theoffer&utm_campaign=41&sub1=427140&sub2=7ba76c6e126c493f98f174f8f125219c&sub3=gplan_5harsi#california-privacy-notice
Title: | California Privacy Notice |
Title: | California Privacy Notice |
Search URL Search Domain Scan URL
URL: https://privacy.g-plans.com/opt-out?affid=3057&tid=1&toclid=TO-6Huhe1s6VSLGDzVH2yGqBo&utm_source=theoffer&utm_campaign=41&sub1=427140&sub2=7ba76c6e126c493f98f174f8f125219c&sub3=gplan_5harsi
Title: Do Not Sell or Share My Personal Information
Title: Do Not Sell or Share My Personal Information
Search URL Search Domain Scan URL
URL: https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9486455/?affid=3057&tid=1&toclid=TO-6Huhe1s6VSLGDzVH2yGqBo&utm_source=theoffer&utm_campaign=41&sub1=427140&sub2=7ba76c6e126c493f98f174f8f125219c&sub3=gplan_5harsi
Title: See details.
Title: See details.
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://gardencareadvices.com/0dsd25bcc180fb097jccb2dfc773c22/convertsj25
HTTP 307
https://gardencareadvices.com/0dsd25bcc180fb097jccb2dfc773c22/convertsj25 HTTP 302
https://www.tefye.com/TPK1D841/XK7TTKZS/?creative_id=48595&source_id=1&sub1=gplan_5harsi HTTP 302
https://g-plans.com/pages/medication/?affid=3057&tid=1&toclid=TO-6Huhe1s6VSLGDzVH2yGqBo&utm_source=theoffer&utm_campaign=41&sub1=427140&sub2=7ba76c6e126c493f98f174f8f125219c&sub3=gplan_5harsi Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 4- https://unpkg.com/vue@3/dist/vue.global.js HTTP 302
- https://unpkg.com/vue@3.4.37/dist/vue.global.js
- https://unpkg.com/vue3-carousel@latest HTTP 302
- https://unpkg.com/vue3-carousel@0.3.3 HTTP 302
- https://unpkg.com/vue3-carousel@0.3.3/dist/carousel.js
- https://unpkg.com/vue3-carousel@latest/dist/carousel.css HTTP 302
- https://unpkg.com/vue3-carousel@0.3.3/dist/carousel.css
- https://action.dstillery.com/orbserv/nsjs?adv=cl1030212&ns=5613&nc=G-Plans_Site_Visitors&ncv=43 HTTP 302
- https://action.media6degrees.com/orbserv/nsjs?adv=cl1030212&ns=5613&nc=G-Plans_Site_Visitors&ncv=43
- https://c.clarity.ms/c.gif HTTP 302
- https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=6725B185F3D142CD8B0184030CBA2679&RedC=c.clarity.ms&MXFR=25E0770B2FC86ED9235B63DC2BC8605A HTTP 302
- https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=6725B185F3D142CD8B0184030CBA2679&MUID=3E37E1E13475634A3C94F53635E762FB
- https://insight.adsrvr.org/track/up?adv=65aggbs&ref=https%3A%2F%2Fg-plans.com%2Fpages%2Fmedication%2F%3Faffid%3D3057%26tid%3D1%26toclid%3DTO-6Huhe1s6VSLGDzVH2yGqBo%26utm_source%3Dtheoffer%26utm_campaign%3D41%26sub1%3D427140%26sub2%3D7ba76c6e126c493f98f174f8f125219c%26sub3%3Dgplan_5harsi&upid=2eko8m2&upv=1.1.0 HTTP 302
- https://match.adsrvr.org/track/upb/?adv=65aggbs&ref=https%3A%2F%2Fg-plans.com%2Fpages%2Fmedication%2F%3Faffid%3D3057%26tid%3D1%26toclid%3DTO-6Huhe1s6VSLGDzVH2yGqBo%26utm_source%3Dtheoffer%26utm_campaign%3D41%26sub1%3D427140%26sub2%3D7ba76c6e126c493f98f174f8f125219c%26sub3%3Dgplan_5harsi&upid=2eko8m2&upv=1.1.0
108 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
g-plans.com/pages/medication/ Redirect Chain
|
39 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
helper2.css
storage.googleapis.com/gplans-static/media/tips/messages/images/ |
210 KB 211 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
style.css
g-plans.com/pages/static/styles/medication/ |
29 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cfc27a568d.js
kit.fontawesome.com/ |
13 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
mcr8mzd.css
use.typekit.net/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
vue.global.js
unpkg.com/vue@3.4.37/dist/ Redirect Chain
|
513 KB 147 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
carousel.js
unpkg.com/vue3-carousel@0.3.3/dist/ Redirect Chain
|
30 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
carousel.css
unpkg.com/vue3-carousel@0.3.3/dist/ Redirect Chain
|
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
polaris.js
polaris.truevaultcdn.com/static/ |
353 KB 90 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
futurhealth-logo-icon.svg
g-plans.com/pages/static/images/medication/ |
3 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
futurhealth-logo.svg
g-plans.com/pages/static/images/medication/ |
13 KB 6 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sema-hero-image.png
g-plans.com/pages/static/images/medication/ |
265 KB 266 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sema-press-desktop.png
g-plans.com/pages/static/images/medication/ |
17 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sema-press-mobile.png
g-plans.com/pages/static/images/medication/ |
17 KB 17 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
medication.png
g-plans.com/pages/static/images/medication/ |
144 KB 144 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sema-icon-scale.png
g-plans.com/pages/static/images/medication/ |
946 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sema-icon-trophy.png
g-plans.com/pages/static/images/medication/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sema-icon-ring.png
g-plans.com/pages/static/images/medication/ |
959 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sema-icon-down.png
g-plans.com/pages/static/images/medication/ |
834 B 969 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sema-steps-1.png
g-plans.com/pages/static/images/medication/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sema-steps-2.png
g-plans.com/pages/static/images/medication/ |
9 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sema-steps-3.png
g-plans.com/pages/static/images/medication/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sema-test-2.png
g-plans.com/pages/static/images/medication/ |
192 KB 193 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sema-test-3.png
g-plans.com/pages/static/images/medication/ |
187 KB 188 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pen-ozempic.png
g-plans.com/pages/static/images/medication/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pen-mounjaro.png
g-plans.com/pages/static/images/medication/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pen-wegovy.png
g-plans.com/pages/static/images/medication/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pen-fh-bottle.png
g-plans.com/pages/static/images/medication/ |
10 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
meal-plan.png
g-plans.com/pages/static/images/medication/ |
145 KB 146 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
video-placeholder.png
g-plans.com/pages/static/images/ |
100 KB 101 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sema-combo.png
g-plans.com/pages/static/images/medication/ |
35 KB 35 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sema-icon-badge.png
g-plans.com/pages/static/images/medication/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
product-image.png
g-plans.com/pages/static/images/medication/ |
254 KB 254 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sema-hero-image3.1.png
g-plans.com/pages/static/images/medication/ |
164 KB 164 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sema-hero-image3.png
g-plans.com/pages/static/images/medication/ |
165 KB 165 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
retarget.svg
g-plans.com/pages/static/images/ |
2 KB 1003 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
197 KB 72 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gtm.js
www.googletagmanager.com/ |
269 KB 94 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pages.js
g-plans.com/pages/static/scripts/ |
10 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pro.min.css
ka-p.fontawesome.com/releases/v6.6.0/css/ |
1 MB 179 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pro-v4-shims.min.css
ka-p.fontawesome.com/releases/v6.6.0/css/ |
27 KB 4 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pro-v5-font-face.min.css
ka-p.fontawesome.com/releases/v6.6.0/css/ |
50 KB 7 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pro-v4-font-face.min.css
ka-p.fontawesome.com/releases/v6.6.0/css/ |
7 KB 2 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
kit-upload.css
kit.fontawesome.com/cfc27a568d/1395458/ |
0 386 B |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
p.css
p.typekit.net/ |
5 B 172 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
location.truevaultcdn.com/ |
30 B 385 B |
Fetch
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
hotjar-472677.js
static.hotjar.com/c/ |
11 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
13219044.js
static.legitscript.com/seals/ Frame AF80 |
358 B 434 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
slide1.png
g-plans.com/pages/static/images/medication/ |
148 KB 149 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
slide2.png
g-plans.com/pages/static/images/medication/ |
168 KB 168 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
slide3.png
g-plans.com/pages/static/images/medication/ |
183 KB 183 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
slide4.png
g-plans.com/pages/static/images/medication/ |
179 KB 179 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
slide5.png
g-plans.com/pages/static/images/medication/ |
154 KB 155 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
GP%20-%20Testimonial%20Arian%20350x530.mp4
storage.googleapis.com/gplans-assets/video/ |
387 KB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
GP%20-%20Testimonial%20Isabel%20350x530.mp4
storage.googleapis.com/gplans-assets/video/ |
486 KB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
GP%20-%20Testimonial%20Kara%20350x530.mp4
storage.googleapis.com/gplans-assets/video/ |
493 KB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
GP%20-%20Testimonial%20Kerry%20350x530.mp4
storage.googleapis.com/gplans-assets/video/ |
483 KB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
GP%20-%20Testimonial%20Laura%20350x530.mp4
storage.googleapis.com/gplans-assets/video/ |
470 KB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
GP%20-%20Testimonial%20Sarah%20350x530.mp4
storage.googleapis.com/gplans-assets/video/ |
493 KB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
13219044.png
static.legitscript.com/seals/ Frame AF80 |
14 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
modules.8da33a8f469c3b5ffcec.js
script.hotjar.com/ |
223 KB 56 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H3 |
/
usemoon.com/api/v1/split-tests/tests/variant-by-params/ Frame |
0 0 |
Preflight
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
/
usemoon.com/api/v1/split-tests/tests/variant-by-params/ |
0 438 B |
Fetch
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
366 KB 119 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ytc.js
s.yimg.com/wi/ |
19 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
up_loader.1.1.0.js
js.adsrvr.org/ |
12 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
nsjs
action.media6degrees.com/orbserv/ Redirect Chain
|
5 B 607 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jz5cr893ob
www.clarity.ms/tag/ |
637 B 1000 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
www.google-analytics.com/j/ |
1 B 203 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/774287094/ |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
analytics.google.com/g/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 251 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
/
usemoon.com/api/v1/load-master-pixel/ |
1 KB 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H3 |
/
usemoon.com/api/v1/load-master-pixel/ Frame |
0 0 |
Preflight
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
10140037.json
s.yimg.com/wi/config/ |
2 B 478 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
clarity.js
www.clarity.ms/s/0.7.43/ |
62 KB 26 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
/
www.google.com/pagead/1p-user-list/774287094/ |
42 B 64 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
sdk.js
api.secureoffer.io/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
json
pro.ip-api.com/ |
313 B 469 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sp.pl
sp.analytics.yahoo.com/ |
43 B 670 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sp.pl
sp.analytics.yahoo.com/ |
43 B 246 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H/1.1 |
json
pro.ip-api.com/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
collect
p.clarity.ms/ |
0 275 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
/
usemoon.com/api/v1/track-event/ |
165 B 573 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H3 |
/
usemoon.com/api/v1/track-event/ Frame |
0 0 |
Preflight
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
c.gif
c.clarity.ms/ Redirect Chain
|
42 B 466 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
favicon.ico
g-plans.com/pages/static/images/ |
15 KB 3 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
collect
p.clarity.ms/ |
0 275 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
/
api.secureoffer.io/ |
1 KB 1 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
301 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
547 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
552 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
380 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
GreycliffCF-Regular.woff
g-plans.com/pages/static/fonts/ |
36 KB 37 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
GreycliffCF-Bold.woff
g-plans.com/pages/static/fonts/ |
37 KB 37 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
charter_regular.woff2
g-plans.com/pages/static/fonts/ |
21 KB 21 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pro-fa-light-300-0.woff2
ka-p.fontawesome.com/releases/v6.6.0/webfonts/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pro-fa-solid-900-0.woff2
ka-p.fontawesome.com/releases/v6.6.0/webfonts/ |
12 KB 12 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pro-fa-sharp-solid-900-0.woff2
ka-p.fontawesome.com/releases/v6.6.0/webfonts/ |
10 KB 10 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
GreycliffCF-Medium.woff
g-plans.com/pages/static/fonts/ |
33 KB 33 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pro-fa-sharp-light-300-5.woff2
ka-p.fontawesome.com/releases/v6.6.0/webfonts/ |
21 KB 21 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pro-fa-light-300-11.woff2
ka-p.fontawesome.com/releases/v6.6.0/webfonts/ |
33 KB 34 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pro-fa-light-300-16.woff2
ka-p.fontawesome.com/releases/v6.6.0/webfonts/ |
23 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pro-fa-solid-900-17.woff2
ka-p.fontawesome.com/releases/v6.6.0/webfonts/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pro-fa-light-300-6.woff2
ka-p.fontawesome.com/releases/v6.6.0/webfonts/ |
23 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pro-fa-light-300-13.woff2
ka-p.fontawesome.com/releases/v6.6.0/webfonts/ |
17 KB 17 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pro-fa-light-300-21.woff2
ka-p.fontawesome.com/releases/v6.6.0/webfonts/ |
27 KB 27 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
177 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
351 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
242 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
match.adsrvr.org/track/upb/ Frame 5F46 Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
collect
p.clarity.ms/ |
0 275 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
analytics.google.com/g/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST |
collect
p.clarity.ms/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- p.clarity.ms
- URL
- https://p.clarity.ms/collect
Verdicts & Comments Add Verdict or Comment
66 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| FontAwesomeKitConfig object| Vue object| __VUE_HMR_RUNTIME__ object| devtoolsFormatters object| VueCarousel object| polarisOptions object| polarisDNSLink function| __gpp_addFrame function| __gpp_stub function| __gpp_msghandler function| __gpp object| polarisGPPAPI function| __uspapi object| polaris function| hj object| _hjSettings boolean| __VUE__ function| gtag object| dataLayer string| landing object| hjSiteSettings object| hjLazyModules function| hjBootstrap object| hjBootstrapCalled object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| postscribe object| google_tag_manager_external function| setParamsToAllLinks function| showOriginal function| setHrefToAllFunnelsLinks function| setHrefAndRedirect function| loadSplitTestVariant function| randomString function| newSessionId function| lookUpLocation function| validateAffid function| marketingEvent function| loadPixels function| updateMarketingPixelExecuted function| loadMarketingMasterPixel function| trackMarketingEvent function| titleFromParams function| setPromoCode function| readCookie object| dotq function| clarity object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady object| GooglebQhCsO object| YAHOO function| ttd_dom_ready object| ttd_up_api function| TTDUniversalPixelApi object| ttdPixel object| theoffer35 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| www.tefye.com/ | Name: uniqueClick_XK7TTKZS Value: 3f20f4dd-ef53-4e5e-85ab-d49c534f02db:1723303596 |
|
| www.tefye.com/ | Name: transaction_id Value: 7ba76c6e126c493f98f174f8f125219c |
|
| .g-plans.com/ | Name: us_privacy Value: 1YNN |
|
| .g-plans.com/ | Name: _gcl_au Value: 1.1.731354754.1723303599 |
|
| .g-plans.com/ | Name: polaris_consent_settings Value: {"clientId":"ccc5c683-2462-404c-c92e-984f4fd0988b","implicit":true,"analyticsPermitted":true,"personalizationPermitted":true,"adsPermitted":true,"essentialPermitted":true,"notOptedOut":true} |
|
| .g-plans.com/ | Name: _hjSessionUser_472677 Value: eyJpZCI6IjNjMjNiNDU1LTJjYzQtNTc0Ni05NmYwLTU0ZWQwOThhODFlOSIsImNyZWF0ZWQiOjE3MjMzMDM1OTkxNzksImV4aXN0aW5nIjpmYWxzZX0= |
|
| .g-plans.com/ | Name: _hjSession_472677 Value: eyJpZCI6IjZjMDg1NWJkLTk0OTMtNGI1Ny05MmExLWZkZmJjOTEyNTVhOCIsImMiOjE3MjMzMDM1OTkxODEsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0= |
|
| .g-plans.com/ | Name: _gid Value: GA1.2.445491724.1723303599 |
|
| .g-plans.com/ | Name: _gat_gtag_UA_72058812_1 Value: 1 |
|
| .g-plans.com/ | Name: _ga Value: GA1.1.1052295158.1723303599 |
|
| .g-plans.com/ | Name: _ga_LL1EG3X32V Value: GS1.1.1723303599.1.0.1723303599.60.0.0 |
|
| www.clarity.ms/ | Name: CLID Value: b054a9a81cb34cd482121be15907cff8.20240810.20250810 |
|
| .doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
| .media6degrees.com/ | Name: clid Value: 2si0dkf01170t6ktas5yzw610000000167010w01801 |
|
| .media6degrees.com/ | Name: sglst Value: 44yn008k01j26592e |
|
| .media6degrees.com/ | Name: acs Value: 014020i0j0k1si0dkfxzt10xzt10xzt10 |
|
| .g-plans.com/ | Name: _clck Value: 1ob6gvn%7C2%7Cfo7%7C0%7C1683 |
|
| .yahoo.com/ | Name: A3 Value: d=AQABBLCGt2YCEM4NAVaSsrBun8R9hd4saCwFEgEBAQHYuGbBZtwAAAAA_eMAAA&S=AQAAAvFMNGSEgHnfI4KJ7Znx_Es |
|
| .g-plans.com/ | Name: _clsk Value: o9flvb%7C1723303600573%7C1%7C1%7Cp.clarity.ms%2Fcollect |
|
| .bing.com/ | Name: MUID Value: 3E37E1E13475634A3C94F53635E762FB |
|
| .c.bing.com/ | Name: MR Value: 0 |
|
| .c.bing.com/ | Name: SRM_B Value: 3E37E1E13475634A3C94F53635E762FB |
|
| .c.clarity.ms/ | Name: SM Value: C |
|
| .clarity.ms/ | Name: MUID Value: 3E37E1E13475634A3C94F53635E762FB |
|
| .c.clarity.ms/ | Name: MR Value: 0 |
|
| .c.clarity.ms/ | Name: ANONCHK Value: 0 |
|
| .adsrvr.org/ | Name: TDID Value: 975b7def-a7f9-4fa0-a110-3e5f3827914f |
|
| .casalemedia.com/ | Name: CMID Value: ZreGssAoIlAAAE7gA3YhkgAA |
|
| .casalemedia.com/ | Name: CMPS Value: 2031 |
|
| .casalemedia.com/ | Name: CMPRO Value: 2031 |
|
| .rubiconproject.com/ | Name: audit_p Value: 1|FTHOg0ZugZEQmDEx+Had9dldgZeLReBPkwikobWzvGSCZIg+tqclAaaGg+rUScCIlLSRoPUIfsOM1KxoLazIt9i2Wk5FrGos0XY24Ec+XLv4rlxKHHJZOIyqnvUabh82vtgd50Hqvec2WlB0e6erxMiNAHUnqf3ovOPiZcgRZFNbOz6AjJtUa8ZnH3r7x5VAdeodiyl5GGjkt77VmXBK7kiCfUmSYXqD+ohH/uuQN8oOr/S07bYDcYQkZmofZQkSVSwKu1RXSJT0/fhu8/pkBO4VeIulq+4M1TRwmTZWV3Xc6UO785F0Pw== |
|
| .rubiconproject.com/ | Name: khaos Value: LZOAGXT9-S-HKDU |
|
| .rubiconproject.com/ | Name: khaos_p Value: LZOAGXT9-S-HKDU |
|
| .rubiconproject.com/ | Name: audit Value: 1|FTHOg0ZugZEQmDEx+Had9dldgZeLReBPkwikobWzvGSCZIg+tqclAaaGg+rUScCIlLSRoPUIfsOM1KxoLazIt9i2Wk5FrGos0XY24Ec+XLv4rlxKHHJZOIyqnvUabh82vtgd50Hqvec2WlB0e6erxMiNAHUnqf3ovOPiZcgRZFNbOz6AjJtUa8ZnH3r7x5VAdeodiyl5GGjkt77VmXBK7kiCfUmSYXqD+ohH/uuQN8oOr/S07bYDcYQkZmofZQkSVSwKu1RXSJT0/fhu8/pkBO4VeIulq+4M1TRwmTZWV3Xc6UO785F0Pw== |
|
| .adsrvr.org/ | Name: TDCPM Value: CAESFgoHcnViaWNvbhILCPK8seHb1pw9EAUSFQoGZ29vZ2xlEgsI7N2x4dvWnD0QBRIVCgZjYXNhbGUSCwiS_LHh29acPRAFGAUgAigDMgsI1Jy0jvLWnD0QBUIPIg0IARIJCgV0aWVyMxABWgc2NWFnZ2JzYAE. |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
action.dstillery.com
action.media6degrees.com
analytics.google.com
api.secureoffer.io
c.bing.com
c.clarity.ms
g-plans.com
gardencareadvices.com
googleads.g.doubleclick.net
insight.adsrvr.org
js.adsrvr.org
ka-p.fontawesome.com
kit.fontawesome.com
location.truevaultcdn.com
match.adsrvr.org
p.clarity.ms
p.typekit.net
polaris.truevaultcdn.com
pro.ip-api.com
s.yimg.com
script.hotjar.com
sp.analytics.yahoo.com
static.hotjar.com
static.legitscript.com
stats.g.doubleclick.net
storage.googleapis.com
unpkg.com
use.typekit.net
usemoon.com
www.clarity.ms
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.tefye.com
p.clarity.ms
172.217.197.147
172.253.62.157
172.67.156.70
172.67.70.158
18.160.41.53
18.165.83.20
185.80.130.186
20.110.205.119
20.122.63.128
2001:4860:4802:38::181
2001:4998:14:800::1001
208.95.112.2
2600:1408:c400:26::17da:d916
2600:1408:ec00:17::17d7:8a
2606:4700::6811:f5cb
2606:4700::6812:1022
2606:4700::6812:123e
2606:4700::6812:895
2607:f8b0:400d:c01::71
2607:f8b0:400d:c09::9c
2607:f8b0:400d:c0b::61
2607:f8b0:400d:c0e::cf
2620:1ec:bdf::40
2620:1ec:c11::237
3.167.72.96
3.33.220.150
34.68.56.245
35.227.247.224
54.88.71.74
99.84.108.50
99.84.191.77
01838afa4d7607428faea7c9036f59aef1b726845f211a91e3e752b9937f6b3d
076ad8277be329f48d036dc290cd2fd0737427c28f7efaafdda5cff9104285e5
078e76ff17d6adca1afd917bf6f749950624b2df6f98da773091384989229c45
07e7558dd9ffd40f667d932eba1feabfa3a86ced71c713376c9ebdc185cb5d64
0806732094b19ea01d367745963b71ab014e83d4646d111f46bc32458c0eb95b
08b99d2e3e654e15e090d54a61f693a1f14ffb634d7e6c6d4e8e7ab805a64409
0c59e6350dd098092e261b34b4b7e00292d62b5647585c8d7c87f201afba2e5c
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
12ce82fa16d05e5b440e06938d2c3f1f474250914c355a2468e59241c60b16b2
13e90c938b20e2900c62bc448523c98fcd52b308fd5e47db090fd6676587e4fc
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
148aa0bdb25f3c3d2da925019494235ce9ef4213b4f0bd0cec781e8855820732
1771940dd58b4daea8e1ce8119e7d304069d43f85651838a79e918c5c4aa7d95
1a2546c249d862b309b908069c73f6099c81362b9a5e5b4ba5f3c750471b0a76
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1d48a6d593d7b48e16c2f70f8c72f8ac344042e294d30d5138c71e5bd9305a17
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
201ed6cc9bbdaaf3948621331ce415c45cad46c25dc2d18ecf82e4db359f4f80
20b887aa19ff7f22fabe0c5c06024bfa8ab61fccedf880721f72833c69e86842
224b64f70f23669a251095df8b55ed907b7cf5833b02eaab7c70a65717d14c51
238e4df3cd9abbc499962a1e96d716f57589f4a7ae99cde3b5e64f41793348b8
249bb833678f5939c41b9e882de2aa6657e26f248f73eea2ee264cace23e746d
28bbde2d91470060d813859e1adac171492f953ab6e68953c662b617acc85522
2e33b5e7cc1c2551c5401866643747041868ea63323682686bcc2cd9247b77b3
3041b14f6ac41290dcffe0a3ac144599ef401faf47f6e0d39673d694c6469f92
3072ffb9156177e631107efaaaa6ff98ec3e47a33735298da77da8e35fefa24f
32fd033f7a9afd18fadcb65a0d40c7101716a37c129614106d24f45068a14734
338c62489915ad448e889a5c3d3186762fcb3d2298fe78aa206fd1a34bd5aaba
3bc9d8257fb91c97de2d64b3bc1ec7a1ff587738bbe9b6646f7c39dfc0fed36b
3c4bd73e61bca90a177b84fb06f21dcffe87f8c2e3dff7e5033d87ecf5be0109
41704d8589e4826363b6316d6a5e5d6da5f3fdee55723188a25be0524b9399dc
4216ef2f71149a9d9a563cb985d344d981dbdb658d5b4c47a7d9b3620fe96c52
424a3fb863d01189cdf498e692a59c7d084ff90ebeaa6421a3a599684d159a40
42ffeae687ee562cc3d669407321ce1754cc922ed793e3371efac196b33cbf47
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
494449f06de645adc4664e319207777a58c3be1d93cbf4db42c667cd9253caaa
4a01db98ae177a32788519ba5dc32b56c498c5fc3c38280f01c0814be7f52916
4c2a589117aa8601b6fd9d2a8738de8b44b431b12fa9874fbc4ceffb79ecf1da
54879b29c19ca0a3bc54cb2d4e1d15345196f97cbe5123b027cd90501b27dc18
56412aa1785519fd08c9782be3ac2c0f99bd0970bfd7d19fed7483050afd583a
5dba1570e2c1f739e153f9c8d38e73de101eb05a1c3b158b3a267e55c4b545a8
62522546f9d00b4d2749e9521c5669f3f33f2c86147a23cd832580a7a97ccb2d
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
6610ca45f638ddddb73e0ded362a5aca3b7889f5ab3ce375d12f6a6723dfa231
6784f9ac4ae19ed8651c632b214f40cac44abd344870ddd30ff1b93b08ba3103
68485c1de649ab07654b44910ab22b746dab5f400810d107d7995e56d4d88fbf
6a6655ada1976b8afd726e8db21ac95a3a8bbed6c37ff346b080510b617801b7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6fc0ebccf2d2796aff6f943219e1b8dda9b566780c6669516a3b175138db686e
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
74e21a569b3fc4ffad0db3c2705137d38f6e96111b33c13de56cc1544216db67
761cd32796c2326c42af3332531f311cb0bf2a93f544927f9deec9cdbbdb389c
76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14
77679735e7dc251c707513b0166c5f915b9e6887b813bc49ca92cf314a8c1ebd
7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3
8481305a74ac16c359ebbb017736308e1171e1636c6d3fe6ed63dedd523bf6d5
8583fc5f75cab98ea8754f736372a2edd5b9104bff2886857d3d0b253f003409
85b2b3c279859e2208c6376e7c3223ee31415af26c9e98640ecf484c4220d1f6
8f16e028a17488737f5a85c55b9759a1d5120b20968a554da2cdfbe6c27e99f5
9025feddce1a4a3c462a065ba790540331b4315dc0f78076553d212f97aca360
9120d4810650253e40f4038ae091263c729e94b7024ca8a75fdcb9a2b73175b9
9773089bacf1b1f02a5f50fbeaa060aa9313f2f9daec778675d5b5736fc0f3df
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a31d38c533001345ea9c5b4cb2d499698a17436d90661e573773b975badcf395
a952b92419b144144393ed7999c23f0617cfdd4517fc5dfd64790de076381444
aabd7b76710107bbc1ef4f2d22cffae6b18c5c6fabd017b2596f161d98443e0c
ae7c0230749b8a1ac31acdabea1094f958afa5775035ae537cda4a07bf973582
b104e766add0c4fdfd76b3434be9aa8d4a30dfd83c18a3e491449e3e8ab3a6a7
b3149852ce749fdda067975930b55a2e88833f62bfb72a14134f4944bd7177e5
b7bef8e5b4da8547ab8e4cf11095f01c03c77d2e4349a54de38fad7b729f7a72
bdaa47e6ca29b4c93db41ba7b604c44644187eb8c1feb8c8cb5c79b69b9b56e2
bdadb59d92856a1cbe1d6998f103b14ceec6e4e86ac455bd400ac4398a585bd9
cc3072d3858a889b1e377f85e02a67168ef0992906564542902c279f7b8300dd
cd3d8919b91ce20bc4c0989f503a74be945fac03a2a5a396d3af5252c2448912
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d6f515cdef5979110e48ce69af644f641881ae8307dcddd058c138fc3bede5e3
dacb01577c16a58897ec0b2e6e8f6ebaffca81c136eb858e002f95663070a0c2
dada1a8582d118f8afef2259af943a3f4c080191b3afe3634ade62d65f6bcf11
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df790197e64683df0e6a96ff423dc23bd96010b5aa6bee119c148b70f6dc33ca
e21e6ca137d28181aede0391fc1cd75bcde3661ffc61e2810dfb41990bc793f9
e22ec313b674488dad14f4a3f494e7a5155990728385f04dcd216b192f852354
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8b6945dc32b0a7f252d461b0dd8b3e711018de310f50e2a2b1ba59e59540fdb
e92a717a04fdff5c733811ec0713c0e8ce9b5c0acf7b49d88b06b1768fc98a1c
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
eba6b8ad3168acc141b3a57c95dbdd1ef513a28afd38cf8fea3ee75b8f31cf7b
ec415975808c5f31384dbe85e3d2e0ba7c03a5abe1d6ebcca98d7fc14fe09ab4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0fdba09e5424857290d8e5aa6beb9953d22465dd8cd82e760e549a3f0663320
f2fe23b4ea3f5466ed2dbe3ac97320b30ff4a8b6aadfa4e3a5484818d2b13e4e
f4d1e641d47b4af1b6cb7936c59626f4dbab3933473009b447406034c34facb5
fa72726221ca83d885772a09a99998103178a9b9bc38e36ccf6ff2c1256de659
fd30c4a7fb3732d8d1741ce0a3c67d20c67d41332d571931f7bbfc7f7040ed72
ff018baca29dbc9af035e5ca7496e1cdf64848e34de140b4a5a0bf3982d9aa22