www.officeriders.com
Open in
urlscan Pro
2606:4700:3108::ac42:2aee
Public Scan
Submitted URL: https://email.officeriders.fr/e/c/eyJlbWFpbF9pZCI6IlJNeW9CZ01BQVg1TnlOQ0FzZHYxajFSWjlMRDluQT09IiwiaHJlZiI6Imh0dHBzOi8vd3d3Lm9m...
Effective URL: https://www.officeriders.com/blog/work-different/journee-sans-pantalon-activites-officeriders?utm_source=news&utm_medium=news...
Submission: On January 12 via manual from CH — Scanned from FR
Effective URL: https://www.officeriders.com/blog/work-different/journee-sans-pantalon-activites-officeriders?utm_source=news&utm_medium=news...
Submission: On January 12 via manual from CH — Scanned from FR
Summary
This website contacted 16 IPs
in 4 countries
across 15 domains to perform 67 HTTP transactions.
The main IP is 2606:4700:3108::ac42:2aee, located in
United States and
belongs to CLOUDFLARENET, US.
The main domain is www.officeriders.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 10th 2021. Valid for: a year.
This is the only time www.officeriders.com was scanned on urlscan.io!
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 10th 2021. Valid for: a year.
This is the only time www.officeriders.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
2
2a00:1450:4001:801::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
4
2620:1ec:c11::200
(United States)
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| bat.bing.com | |
| c.bing.com |
1
18.66.97.56
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-56.fra56.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-56.fra56.r.cloudfront.net
| widget.intercom.io |
4
18.66.139.109
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-109.fra60.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-109.fra60.r.cloudfront.net
| js.intercomcdn.com |
1
35.227.225.220
(Kansas City, United States)
ASN15169 (GOOGLE, US)
PTR: 220.225.227.35.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 220.225.227.35.bc.googleusercontent.com
| track.customer.io |
1
99.83.219.81
(United States)
ASN16509 (AMAZON-02, US)
PTR: ad8b87a22ce463223.awsglobalaccelerator.com
ASN16509 (AMAZON-02, US)
PTR: ad8b87a22ce463223.awsglobalaccelerator.com
| api-iam.intercom.io |
3
2a00:1450:4001:830::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| googleads.g.doubleclick.net |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 38 |
officeriders.com
www.officeriders.com metrics.officeriders.com |
1 MB |
| 5 |
clarity.ms
1 redirects
d.clarity.ms — Cisco Umbrella Rank: 2050 c.clarity.ms — Cisco Umbrella Rank: 998 |
24 KB |
| 5 |
rsms.me
rsms.me — Cisco Umbrella Rank: 14954 |
416 KB |
| 4 |
intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 2178 |
130 KB |
| 4 |
google.fr
www.google.fr — Cisco Umbrella Rank: 14193 |
693 B |
| 4 |
doubleclick.net
3 redirects
stats.g.doubleclick.net — Cisco Umbrella Rank: 78 googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 |
2 KB |
| 4 |
bing.com
1 redirects
bat.bing.com — Cisco Umbrella Rank: 332 c.bing.com — Cisco Umbrella Rank: 239 |
12 KB |
| 3 |
google.com
3 redirects
www.google.com — Cisco Umbrella Rank: 8 |
2 KB |
| 2 |
intercom.io
1 redirects
widget.intercom.io — Cisco Umbrella Rank: 2169 api-iam.intercom.io — Cisco Umbrella Rank: 2586 |
3 KB |
| 2 |
customer.io
assets.customer.io — Cisco Umbrella Rank: 16694 track.customer.io — Cisco Umbrella Rank: 12798 |
3 KB |
| 2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62 |
111 KB |
| 1 |
cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1229 |
5 KB |
| 1 |
typeform.com
embed.typeform.com — Cisco Umbrella Rank: 26863 |
10 KB |
| 1 |
bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2146 |
21 KB |
| 1 |
officeriders.fr
1 redirects
email.officeriders.fr |
710 B |
| 67 | 15 |
| Domain | Requested by | |
|---|---|---|
| 34 | www.officeriders.com |
www.officeriders.com
static.cloudflareinsights.com |
| 5 | rsms.me |
www.officeriders.com
rsms.me |
| 4 | js.intercomcdn.com |
widget.intercom.io
js.intercomcdn.com |
| 4 | www.google.fr |
www.officeriders.com
|
| 4 | metrics.officeriders.com |
www.googletagmanager.com
|
| 3 | www.google.com | 3 redirects |
| 3 | googleads.g.doubleclick.net | 3 redirects |
| 3 | d.clarity.ms |
bat.bing.com
d.clarity.ms |
| 3 | bat.bing.com |
www.googletagmanager.com
bat.bing.com www.officeriders.com |
| 2 | c.clarity.ms |
1 redirects
www.officeriders.com
|
| 2 | www.googletagmanager.com |
www.officeriders.com
www.googletagmanager.com |
| 1 | api-iam.intercom.io |
js.intercomcdn.com
|
| 1 | track.customer.io | |
| 1 | widget.intercom.io | 1 redirects |
| 1 | c.bing.com | 1 redirects |
| 1 | stats.g.doubleclick.net |
www.googletagmanager.com
|
| 1 | assets.customer.io |
www.officeriders.com
|
| 1 | static.cloudflareinsights.com |
www.officeriders.com
|
| 1 | embed.typeform.com |
www.officeriders.com
|
| 1 | stackpath.bootstrapcdn.com |
www.officeriders.com
|
| 1 | email.officeriders.fr | 1 redirects |
| 67 | 21 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| unsplash.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-06-10 - 2022-06-09 |
a year | crt.sh |
| *.typeform.com Amazon |
2021-10-31 - 2022-11-28 |
a year | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2021-11-29 - 2022-02-21 |
3 months | crt.sh |
| www.bing.com Microsoft RSA TLS CA 01 |
2021-12-22 - 2022-06-22 |
6 months | crt.sh |
| *.customer.io R3 |
2022-01-11 - 2022-04-11 |
3 months | crt.sh |
| metrics.officeriders.com R3 |
2021-11-29 - 2022-02-27 |
3 months | crt.sh |
| *.g.doubleclick.net GTS CA 1C3 |
2021-11-29 - 2022-02-21 |
3 months | crt.sh |
| *.google.fr GTS CA 1C3 |
2021-11-29 - 2022-02-21 |
3 months | crt.sh |
| a.clarity.ms Microsoft RSA TLS CA 01 |
2021-07-27 - 2022-07-27 |
a year | crt.sh |
| api.customer.io GTS CA 1D4 |
2021-11-29 - 2022-02-27 |
3 months | crt.sh |
| *.intercomcdn.com Amazon |
2021-03-01 - 2022-03-30 |
a year | crt.sh |
| *.intercom.com Amazon |
2021-04-15 - 2022-05-14 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.officeriders.com/blog/work-different/journee-sans-pantalon-activites-officeriders?utm_source=news&utm_medium=news-mot&utm_campaign=journ%C3%A9e-sans-pantalon
Frame ID: 1ECC6FC7E81DA34AB086CDDD22E4EFC2
Requests: 63 HTTP requests in this frame
Frame:
https://js.intercomcdn.com/frame-modern.31b8c84c.js
Frame ID: 7579527FD973320EE2292F6D3BB20E04
Requests: 4 HTTP requests in this frame
Screenshot
Page Title
Journée sans pantalon : sortir de son quotidien autrement - OfficeRidersPage URL History Show full URLs
-
https://email.officeriders.fr/e/c/eyJlbWFpbF9pZCI6IlJNeW9CZ01BQVg1TnlOQ0FzZHYxajFSWjlMRDluQT09IiwiaHJlZiI6...
HTTP 302
https://www.officeriders.com/blog/work-different/journee-sans-pantalon-activites-officeriders?utm_source=... Page URL
Detected technologies
WordPress
(CMS)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
- /wp-(?:content|includes)/
- wp-embed\.min\.js\?ver=([\d.]+)
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
AMP
(JavaScript frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link rel="amphtml"
Cloudflare Browser Insights
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
TrackJs
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- tracker\.js
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
prettyPhoto
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- (?:<link [^>]*href="[^"]*prettyPhoto(?:\.min)?\.css|<a [^>]*rel="prettyPhoto)
- jquery\.prettyPhoto\.js
Page Statistics
6 Outgoing links
These are links going to different origins than the main page.
URL: https://unsplash.com/@saliage?utm_source=unsplash&utm_medium=referral&utm_content=creditCopyText
Title: Fengyou Wan
Title: Fengyou Wan
Search URL Search Domain Scan URL
URL: https://unsplash.com/s/photos/magician?utm_source=unsplash&utm_medium=referral&utm_content=creditCopyText
Title: Unsplash
Title: Unsplash
Search URL Search Domain Scan URL
URL: https://unsplash.com/@markuswinkler?utm_source=unsplash&utm_medium=referral&utm_content=creditCopyText
Title: Markus Winkler
Title: Markus Winkler
Search URL Search Domain Scan URL
URL: https://unsplash.com/s/photos/detectives?utm_source=unsplash&utm_medium=referral&utm_content=creditCopyText
Title: Unsplash
Title: Unsplash
Search URL Search Domain Scan URL
URL: https://unsplash.com/@surface?utm_source=unsplash&utm_medium=referral&utm_content=creditCopyText
Title: Surface
Title: Surface
Search URL Search Domain Scan URL
URL: https://unsplash.com/s/photos/meditation?utm_source=unsplash&utm_medium=referral&utm_content=creditCopyText
Title: Unsplash
Title: Unsplash
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://email.officeriders.fr/e/c/eyJlbWFpbF9pZCI6IlJNeW9CZ01BQVg1TnlOQ0FzZHYxajFSWjlMRDluQT09IiwiaHJlZiI6Imh0dHBzOi8vd3d3Lm9mZmljZXJpZGVycy5jb20vYmxvZy93b3JrLWRpZmZlcmVudC9qb3VybmVlLXNhbnMtcGFudGFsb24tYWN0aXZpdGVzLW9mZmljZXJpZGVycz91dG1fc291cmNlPW5ld3NcdTAwMjZ1dG1fbWVkaXVtPW5ld3MtbW90XHUwMDI2dXRtX2NhbXBhaWduPWpvdXJuJUMzJUE5ZS1zYW5zLXBhbnRhbG9uIiwiaW50ZXJuYWwiOiJjY2E4MDYwMmY4Y2IwMWQ5YTAwNSIsImxpbmtfaWQiOjI2MjF9/783e6193899dbd943f48be6aa5308e085ee63dd27107fe1acbb3f86683265f79
HTTP 302
https://www.officeriders.com/blog/work-different/journee-sans-pantalon-activites-officeriders?utm_source=news&utm_medium=news-mot&utm_campaign=journ%C3%A9e-sans-pantalon Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 50- https://c.clarity.ms/c.gif HTTP 302
- https://c.bing.com/c.gif?CtsSyncId=B37356C2C535458A9C282B6590262B02&RedC=c.clarity.ms&MXFR=200BEC0CDD206B901BE7FD26D920651F HTTP 302
- https://c.clarity.ms/c.gif?CtsSyncId=B37356C2C535458A9C282B6590262B02&MUID=37C9C1AC61EB6D4724DAD086606F6C13
- https://widget.intercom.io/widget/d8nedh4o HTTP 302
- https://js.intercomcdn.com/shim.latest.js
- https://googleads.g.doubleclick.net/pagead/viewthroughconversion/878810979/?random=1641991787941&cv=10&fst=1641991787941&fmt=3&bg=ffffff&guid=ON&u_w=1600&u_h=1200>m=3oes1a0&url=https%3A%2F%2Fwww.officeriders.com%2Fblog%2Fwork-different%2Fjournee-sans-pantalon-activites-officeriders%3Futm_source%3Dnews%26utm_medium%3Dnews-mot%26utm_campaign%3Djourn%25C3%25A9e-sans-pantalon&tiba=Journ%C3%A9e%20sans%20pantalon%20%3A%20sortir%20de%20son%20quotidien%20autrement%20-%20OfficeRiders&data=event%3Dpage_view HTTP 302
- https://www.google.com/pagead/1p-user-list/878810979/?random=1641991787941&cv=10&fst=1641988800000&fmt=3&bg=ffffff&guid=ON&u_w=1600&u_h=1200>m=3oes1a0&url=https%3A%2F%2Fwww.officeriders.com%2Fblog%2Fwork-different%2Fjournee-sans-pantalon-activites-officeriders%3Futm_source%3Dnews%26utm_medium%3Dnews-mot%26utm_campaign%3Djourn%25C3%25A9e-sans-pantalon&tiba=Journ%C3%A9e%20sans%20pantalon%20%3A%20sortir%20de%20son%20quotidien%20autrement%20-%20OfficeRiders&data=event%3Dpage_view&is_vtc=1&random=3153817093 HTTP 302
- https://www.google.fr/pagead/1p-user-list/878810979/?random=1641991787941&cv=10&fst=1641988800000&fmt=3&bg=ffffff&guid=ON&u_w=1600&u_h=1200>m=3oes1a0&url=https%3A%2F%2Fwww.officeriders.com%2Fblog%2Fwork-different%2Fjournee-sans-pantalon-activites-officeriders%3Futm_source%3Dnews%26utm_medium%3Dnews-mot%26utm_campaign%3Djourn%25C3%25A9e-sans-pantalon&tiba=Journ%C3%A9e%20sans%20pantalon%20%3A%20sortir%20de%20son%20quotidien%20autrement%20-%20OfficeRiders&data=event%3Dpage_view&is_vtc=1&random=3153817093&ipr=y
- https://googleads.g.doubleclick.net/pagead/viewthroughconversion/878810979/?random=1641991787944&cv=10&fst=1641991787944&fmt=3&bg=ffffff&guid=ON&u_w=1600&u_h=1200>m=3oes1a0&url=https%3A%2F%2Fwww.officeriders.com%2Fblog%2Fwork-different%2Fjournee-sans-pantalon-activites-officeriders%3Futm_source%3Dnews%26utm_medium%3Dnews-mot%26utm_campaign%3Djourn%25C3%25A9e-sans-pantalon&tiba=Journ%C3%A9e%20sans%20pantalon%20%3A%20sortir%20de%20son%20quotidien%20autrement%20-%20OfficeRiders&data=event%3Dlead HTTP 302
- https://www.google.com/pagead/1p-user-list/878810979/?random=1641991787944&cv=10&fst=1641988800000&fmt=3&bg=ffffff&guid=ON&u_w=1600&u_h=1200>m=3oes1a0&url=https%3A%2F%2Fwww.officeriders.com%2Fblog%2Fwork-different%2Fjournee-sans-pantalon-activites-officeriders%3Futm_source%3Dnews%26utm_medium%3Dnews-mot%26utm_campaign%3Djourn%25C3%25A9e-sans-pantalon&tiba=Journ%C3%A9e%20sans%20pantalon%20%3A%20sortir%20de%20son%20quotidien%20autrement%20-%20OfficeRiders&data=event%3Dlead&is_vtc=1&random=2788535750 HTTP 302
- https://www.google.fr/pagead/1p-user-list/878810979/?random=1641991787944&cv=10&fst=1641988800000&fmt=3&bg=ffffff&guid=ON&u_w=1600&u_h=1200>m=3oes1a0&url=https%3A%2F%2Fwww.officeriders.com%2Fblog%2Fwork-different%2Fjournee-sans-pantalon-activites-officeriders%3Futm_source%3Dnews%26utm_medium%3Dnews-mot%26utm_campaign%3Djourn%25C3%25A9e-sans-pantalon&tiba=Journ%C3%A9e%20sans%20pantalon%20%3A%20sortir%20de%20son%20quotidien%20autrement%20-%20OfficeRiders&data=event%3Dlead&is_vtc=1&random=2788535750&ipr=y
- https://googleads.g.doubleclick.net/pagead/viewthroughconversion/806913467/?random=1641991787947&cv=10&fst=1641991787947&fmt=3&bg=ffffff&guid=ON&u_w=1600&u_h=1200>m=3oes1a0&url=https%3A%2F%2Fwww.officeriders.com%2Fblog%2Fwork-different%2Fjournee-sans-pantalon-activites-officeriders%3Futm_source%3Dnews%26utm_medium%3Dnews-mot%26utm_campaign%3Djourn%25C3%25A9e-sans-pantalon&tiba=Journ%C3%A9e%20sans%20pantalon%20%3A%20sortir%20de%20son%20quotidien%20autrement%20-%20OfficeRiders HTTP 302
- https://www.google.com/pagead/1p-user-list/806913467/?random=1641991787947&cv=10&fst=1641988800000&fmt=3&bg=ffffff&guid=ON&u_w=1600&u_h=1200>m=3oes1a0&url=https%3A%2F%2Fwww.officeriders.com%2Fblog%2Fwork-different%2Fjournee-sans-pantalon-activites-officeriders%3Futm_source%3Dnews%26utm_medium%3Dnews-mot%26utm_campaign%3Djourn%25C3%25A9e-sans-pantalon&tiba=Journ%C3%A9e%20sans%20pantalon%20%3A%20sortir%20de%20son%20quotidien%20autrement%20-%20OfficeRiders&is_vtc=1&random=1158062481 HTTP 302
- https://www.google.fr/pagead/1p-user-list/806913467/?random=1641991787947&cv=10&fst=1641988800000&fmt=3&bg=ffffff&guid=ON&u_w=1600&u_h=1200>m=3oes1a0&url=https%3A%2F%2Fwww.officeriders.com%2Fblog%2Fwork-different%2Fjournee-sans-pantalon-activites-officeriders%3Futm_source%3Dnews%26utm_medium%3Dnews-mot%26utm_campaign%3Djourn%25C3%25A9e-sans-pantalon&tiba=Journ%C3%A9e%20sans%20pantalon%20%3A%20sortir%20de%20son%20quotidien%20autrement%20-%20OfficeRiders&is_vtc=1&random=1158062481&ipr=y
67 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
journee-sans-pantalon-activites-officeriders
www.officeriders.com/blog/work-different/ Redirect Chain
|
54 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/3.4.1/css/ |
119 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
style.min.css
www.officeriders.com/blog/wp-includes/css/dist/block-library/ |
53 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
frontend_blocks.css
www.officeriders.com/blog/wp-content/plugins/stackable-ultimate-gutenberg-blocks/dist/ |
90 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
style.css
www.officeriders.com/blog/wp-content/themes/wpex-tetris/ |
43 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
responsive.css
www.officeriders.com/blog/wp-content/themes/wpex-tetris/css/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
prettyPhoto.css
www.officeriders.com/blog/wp-content/themes/wpex-tetris/css/ |
19 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pwaforwp-main.min.css
www.officeriders.com/blog/wp-content/plugins/pwa-for-wp/assets/css/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
frontend_blocks.js
www.officeriders.com/blog/wp-content/plugins/stackable-ultimate-gutenberg-blocks/dist/ |
33 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.js
www.officeriders.com/blog/wp-includes/js/jquery/ |
95 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gtm4wp-form-move-tracker.js
www.officeriders.com/blog/wp-content/plugins/duracelltomi-google-tag-manager/js/ |
1 KB 652 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
embed.js
embed.typeform.com/next/ |
38 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
logo-or.svg
www.officeriders.com/blog/wp-content/images/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
related.css
www.officeriders.com/blog/wp-content/plugins/yet-another-related-posts-plugin/style/ |
495 B 876 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
superfish.min.js
www.officeriders.com/blog/wp-content/themes/wpex-tetris/js/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
hoverIntent.min.js
www.officeriders.com/blog/wp-includes/js/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
jquery.prettyPhoto.js
www.officeriders.com/blog/wp-content/themes/wpex-tetris/js/ |
21 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
jquery.flexslider.js
www.officeriders.com/blog/wp-content/themes/wpex-tetris/js/ |
22 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
jquery.fitvids.js
www.officeriders.com/blog/wp-content/themes/wpex-tetris/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
imagesloaded.min.js
www.officeriders.com/blog/wp-includes/js/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
jquery.isotope.js
www.officeriders.com/blog/wp-content/themes/wpex-tetris/js/ |
40 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
jquery.slicknav.js
www.officeriders.com/blog/wp-content/themes/wpex-tetris/js/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
global.js
www.officeriders.com/blog/wp-content/themes/wpex-tetris/js/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
comment-reply.min.js
www.officeriders.com/blog/wp-includes/js/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
pwa-register-sw.js
www.officeriders.com/blog/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
wp-embed.min.js
www.officeriders.com/blog/wp-includes/js/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ |
14 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
wp-emoji-release.min.js
www.officeriders.com/blog/wp-includes/js/ |
14 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
inter.css
rsms.me/inter/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gtm.js
www.googletagmanager.com/ |
140 KB 49 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
Inter-Regular.woff2
rsms.me/inter/font-files/ |
97 KB 97 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
Inter-Medium.woff2
rsms.me/inter/font-files/ |
103 KB 104 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
Inter-Light.woff2
rsms.me/inter/font-files/ |
102 KB 103 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
Inter-LightItalic.woff2
rsms.me/inter/font-files/ |
109 KB 110 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
Guislainn.jpeg
www.officeriders.com/blog/wp-content/uploads/ |
277 KB 278 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
886550.jpeg
www.officeriders.com/blog/wp-content/uploads/ |
169 KB 169 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
WOOM-P10.jpeg
www.officeriders.com/blog/wp-content/uploads/ |
209 KB 209 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
01-WOOMPARIS-1024x683.jpg
www.officeriders.com/blog/wp-content/uploads/ |
137 KB 138 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
28-WOOMPARIS-1024x683.jpg
www.officeriders.com/blog/wp-content/uploads/ |
129 KB 130 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
fengyou-wan-F6fH11GoGfs-unsplash.jpg
www.officeriders.com/blog/wp-content/uploads/ |
70 KB 71 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
patricia-1-1024x563.jpeg
www.officeriders.com/blog/wp-content/uploads/ |
123 KB 124 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
Patricia2-1024x547.jpeg
www.officeriders.com/blog/wp-content/uploads/ |
98 KB 99 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
js
www.googletagmanager.com/gtag/ |
170 KB 62 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bat.js
bat.bing.com/ |
36 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
track.js
assets.customer.io/assets/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
25091463.js
bat.bing.com/p/action/ |
727 B 748 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
0
bat.bing.com/action/ |
0 150 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
collect
metrics.officeriders.com/g/ |
2 KB 2 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 350 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ga-audiences
www.google.fr/ads/ |
42 B 501 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
clarity.js
d.clarity.ms/s/0.6.31/ |
52 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
c.gif
c.clarity.ms/ Redirect Chain
|
42 B 392 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
shim.latest.js
js.intercomcdn.com/ Redirect Chain
|
18 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
page.gif
track.customer.io/events/ |
35 B 210 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
rum
www.officeriders.com/cdn-cgi/ |
0 169 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
d.clarity.ms/ |
0 73 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
frame-modern.31b8c84c.js
js.intercomcdn.com/ Frame 7579 |
294 KB 79 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
vendor-modern.aed2a635.js
js.intercomcdn.com/ Frame 7579 |
125 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
ping
api-iam.intercom.io/messenger/web/ Frame 7579 |
8 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
/
www.google.fr/pagead/1p-user-list/878810979/ Redirect Chain
|
42 B 64 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
/
www.google.fr/pagead/1p-user-list/878810979/ Redirect Chain
|
42 B 64 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
/
www.google.fr/pagead/1p-user-list/806913467/ Redirect Chain
|
42 B 64 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
_set_cookie
metrics.officeriders.com/ |
0 150 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
_set_cookie
metrics.officeriders.com/ |
0 171 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
_set_cookie
metrics.officeriders.com/ |
0 153 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
locale-fr-json-modern.347805a9.js
js.intercomcdn.com/ Frame 7579 |
18 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
d.clarity.ms/ |
0 48 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
53 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onsecuritypolicyviolation object| onslotchange string| gtm4wp_datalayer_name object| dataLayer object| _wpemojiSettings object| stackable object| frontend_blocks undefined| $ function| jQuery object| tf object| dataLayer_content object| intercomSettings function| Intercom boolean| pp_alreadyInitialized object| jQuery112405042267953138884 function| EvEmitter function| imagesLoaded object| eventie function| EventEmitter function| getStyleProperty function| getSize function| docReady function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry object| wpexvars object| addComment string| swsource function| PWAforwpreadCookie object| wp object| twemoji object| __cfBeacon function| Waypoint boolean| doresize object| scroll_pos boolean| hashtag object| google_tag_manager object| _cio function| UET function| UET_init function| UET_push object| ueto_9313a24dc7 object| uetq number| c_start object| google_tag_data object| gaGlobal function| onYouTubeIframeAPIReady function| clarity number| c_end function| __intercomAssignLocation21 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .bing.com/ | Name: MUID Value: 37C9C1AC61EB6D4724DAD086606F6C13 |
|
| .officeriders.com/ | Name: _uetsid Value: 1fa2e3f073a611ec8bd233c564e57bd9 |
|
| .officeriders.com/ | Name: _uetvid Value: 1fa2f59073a611ec9532cf20c4cf9f25 |
|
| .officeriders.com/ | Name: _ga_ZXBVVPZR76 Value: GS1.1.1641991787.1.0.1641991787.60 |
|
| .officeriders.com/ | Name: _ga Value: GA1.1.586962816.1641991787 |
|
| .c.bing.com/ | Name: SRM_B Value: 37C9C1AC61EB6D4724DAD086606F6C13 |
|
| .c.clarity.ms/ | Name: SM Value: C |
|
| .clarity.ms/ | Name: MUID Value: 37C9C1AC61EB6D4724DAD086606F6C13 |
|
| .c.clarity.ms/ | Name: ANONCHK Value: 0 |
|
| .officeriders.com/ | Name: _clck Value: om0rk1|1|ey2|0 |
|
| .officeriders.com/ | Name: _cioanonid Value: a1b3478e-4988-7ecd-06bf-b6abd98b7c6b |
|
| .officeriders.com/ | Name: _clsk Value: 1b23zw|1641991788489|1|1|d.clarity.ms/collect |
|
| .officeriders.com/ | Name: FPLC Value: O542xh6iwio0cKCg5TSxwlIm5PUmw6%2F1s4CNaDIIokNUCkSOq0cZ4Q27bS5uDbqleZUDrY8wOHkZeaSOC5lBG7su5uLKi38n7DOfkGCjYSwEYNTgwI6Hk4bUAbcn1w%3D%3D |
|
| .officeriders.com/ | Name: FPID Value: FPID2.2.SnK0DaMPmiQVSHxZ3UKViyP9PyahQJj6ELJFtMj5p50%3D.1641991787 |
|
| .officeriders.com/ | Name: FPAU Value: 1.2.12077086.1641991788 |
|
| .doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
| .officeriders.com/ | Name: channel_flow_first Value: news/news-mot |
|
| .officeriders.com/ | Name: channel_flow Value: news/news-mot |
|
| .officeriders.com/ | Name: channel_flow_last Value: news/news-mot |
|
| .officeriders.com/ | Name: intercom-id-d8nedh4o Value: e7837b8b-85c1-4083-b93f-67448432061a |
|
| .officeriders.com/ | Name: intercom-session-d8nedh4o Value: |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api-iam.intercom.io
assets.customer.io
bat.bing.com
c.bing.com
c.clarity.ms
d.clarity.ms
email.officeriders.fr
embed.typeform.com
googleads.g.doubleclick.net
js.intercomcdn.com
metrics.officeriders.com
rsms.me
stackpath.bootstrapcdn.com
static.cloudflareinsights.com
stats.g.doubleclick.net
track.customer.io
widget.intercom.io
www.google.com
www.google.fr
www.googletagmanager.com
www.officeriders.com
108.161.187.71
18.66.139.109
18.66.97.56
2001:4860:4802:32::15
2600:9000:2156:7a00:2:c605:29c0:93a1
2606:4700:3036::ac43:9e2a
2606:4700:3037::6815:6f5
2606:4700:3108::ac42:2aee
2606:4700::6810:5e41
2606:4700::6812:bcf
2620:1ec:c11::200
2a00:1450:4001:801::2008
2a00:1450:4001:809::2003
2a00:1450:4001:82f::2004
2a00:1450:4001:830::2002
2a00:1450:400c:c06::9b
35.227.225.220
40.76.174.66
52.142.114.2
99.83.219.81
11ee4117a8fa93cfdbda950c5abb89e8aba657e2eabcdb106236de0c045014cb
11f4af66c5a7c312cb258336e99e102e6f48345073d2a1c0b950a2bc78e6441c
1203fd0c260110c54be3b38040829baa1f7079efee6330cb4684a6a126e0e67b
13e6d528f03256214e95b700e23954902103524b43eb68a0ac020eaf431833be
19d58803a169ed1e8077c2bf9053f86f467340d57ee2206a935ebdcd28314b25
1b498b959e5b7decbf9185803591d25bc1fbf83e798372ed30d32d5c79d82ff6
1baee0fe4ad9040befeaf65c6eab8869631f6bf060a2dbc5b781fc8f7e9f32a1
36b86832422c8b2f8eb7a0de635369c10fcebbeb8d3a0f80edeacf8252bfd6da
41872b5ffabdc3524a7293f60dde4783fde3e2d59ff7410eaa5123f48b9a6f79
4db6248e10d9a56f6e8bb1071133ed3b3c133f2582751fdc4c7b4cdcf99c95e6
4e9c37406428b72ad34a8e193a4b872cff3ecb25f486117d56fe3743abcc1c20
4f003fbe9d96077f60f6f1826e9ccd00cb9e00a7ce72d9a16a8eedd4255ed501
5036d77bc45902a3567f499ebf981076387d71995d6fab43c9be0cd0b962b230
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
737ac201e9a60a94abbfc409036ce5591ad330bb28e50df2c1b381c106de05f4
765618d1667ba791f2d492d121d2da42ff7d7e079a4773462a381ac9aceab0c5
7c2e83b3f2243460a6e621111ca4af47045b52a755dcd2d6b7f766bd9e88e633
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85f16e6b76e224659d515cbd10956ef78fbcc9d0b2248b7cc12ffb30c87c22e0
8a4e4d87eb5124ff8ace838e9e12db5b279607a0773d2b91cd079d85d426089b
8b17c7c3adffe39c636c1b206603650e6b119ea5e6e2a3aab73ae1d5443a7e4e
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e
8cfcd969a692602c4acd1285a22163938bea53181ed737341ab036719ce0005c
8e4ecb1779a46db0a02cd1222adb07122b9f46f5d0e21cdd578087cf0bcc570f
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9aa77fc77715fac5b7fa28f6c563881767c217ab489c190414cfcca5e54b4651
a2cbd6d2e23d9de1771b76e7892e7cc2617127492742ba1bc6de96209e05e54c
a48e3091c3e26309f1329bb7ee2812cf158deb93cd80fe6439e53e8d57e58d3d
ae0309384c634edd19e599573e0cd337e6fb95a77e41eec64a7ef095cf8e2d0e
b2d2f11eb78159e31bce4355ffd5e696717de4270a77ba1d2038e066462008ad
c1e42a7134de436b111c0610a06c520d7dbffde007d65a9fc7c581c08a1893e8
c5fe6edec9e4484d0e1005fec3670456d7c344070c370aeafa5d37d92fe338ec
c780dfd8d186c9e78638030cffa11ab5a93b14c4dc470ba162be238da38aca53
c905bf1baedd2e4467d003c3e52dfe6f75fc41f03933c665f17bd8742183d97f
d06df4184ba84e09a4be6a6ed101d1c3adefea0eaa833ddecf2f2251f6af33a3
d4e6ec1a60ee420ab4a92730cbed01ec87ea3464f69db7d66e6c9aeffd860816
d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6
d794b41746c5564c7dfb40c66ffb9302ede684c2553d43841e4b879e7ddc566e
d813849669b73ae248b4799780675c66b93ac67bc9d5bcab4404f52ff9b768ee
d86d903c893deed256d26bf995fa4d57bec87b433c99dca9e53b8770e9520931
d971ca76f365fa1893d5f5fddea36f3550c816a9b29274e97f4254cf1c783200
dc660539fafb36d379d9707d627d5691fcc3f59a8a16e64f08136711033729ab
dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994
e0878ca636bb63f01c0b7a732a3735c49d1518fd17425716637b9dc8caf91eb4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9cc44badac985027ec253f9478210c8e29c549fcb6856ad4ea9882f281c29b4
ea32e2cc81273d4f9f6fc3b6a4cd99a59dc9592e3e4acde6a40bb3a1dda43000
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
effd7ce6ed5f47c331ed9333eb10d6ad78f496277f95dabb0d7dcba847d34a97
f35983c228068e67ed1f97091fd08865ff0e42e17ae1cb031d0b11b930ff6f8f
f4da2313ec5a6f93ff25851dfb2949f7f6cc5d0087ef20f5dce3037f7fb3c7a9
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
fd6798c943c452d1dde7cb7ac5b3860710bb6ae2ebe508b92562f7c746810a42
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869