covidvaccines12andolder.convertly-marketing.com Open in urlscan Pro
138.68.203.54  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response covidvaccines12andolder.convertly-marketing.com/	159 KB 46 KB	385ms 155ms	Document text/html	138.68.203.54 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://covidvaccines12andolder.convertly-marketing.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.68.203.54 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software / Express Resource Hash fcc9791d28ac362939097009b13c85532d2c8632cae8cbef437682551e8985a5 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Date Thu, 30 Mar 2023 23:39:39 GMT Transfer-Encoding chunked Vary Accept-Encoding X-Powered-By Express content-type text/html; charset=utf-8
GET H2	200	ampla-health-logo-long.png images2.convertly.com/5a5e6570-b812-11eb-bbda-f3dbf9b85e2a/eyJ2IjoxfQ==/	735 KB 736 KB	33ms 11ms	Image image/png	2600:9000:2142:1000:1d:4dc8:bb40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://images2.convertly.com/5a5e6570-b812-11eb-bbda-f3dbf9b85e2a/eyJ2IjoxfQ==/ampla-health-logo-long.png Requested by Host: covidvaccines12andolder.convertly-marketing.com URL: https://covidvaccines12andolder.convertly-marketing.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2142:1000:1d:4dc8:bb40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash c4922ae6f61fbd2c76c60d3ffab915096fd49f4af64c890c11d10341b4fc750b Request headers accept-language jp-JP,jp;q=0.9 Referer https://covidvaccines12andolder.convertly-marketing.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 30 Mar 2023 23:45:01 GMT via 1.1 0fdd05f152588a84969bff9452442f70.cloudfront.net (CloudFront) x-amz-cf-pop NRT57-C3 age 48 x-cache Hit from cloudfront x-original-response-code 200 content-length 752346 last-modified Tue, 18 May 2021 19:51:00 GMT x-origin-fetch-time 94 etag "5a5127bcce6117d80b98461f54fd386d" access-control-allow-methods GET, POST, OPTIONS, HEAD content-type image/png access-control-allow-origin * access-control-expose-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length,X-Original-Filesize,X-Original-Resolution,X-CSRF-TOKEN cache-control max-age=10519200 accept-ranges bytes access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length,X-Original-Filesize,X-Original-Resolution,X-CSRF-TOKEN x-amz-cf-id hl47kl7uMrNClv7wZY6SDFv8v5MIc2j-rlnbQX0LRp0cS_7nY6YvEg==
GET H2	200	convertly-logo-small.png images1.convertly.com/convertly-global-images/	501 B 1 KB	22ms 3ms	Image image/png	2600:9000:20c4:4400:1e:84c9:2f40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://images1.convertly.com/convertly-global-images/convertly-logo-small.png Requested by Host: covidvaccines12andolder.convertly-marketing.com URL: https://covidvaccines12andolder.convertly-marketing.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20c4:4400:1e:84c9:2f40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 6b6ea6a7ffbc2368024ece56efb85a36d00780ad12b11972eefde79208a51c3f Request headers accept-language jp-JP,jp;q=0.9 Referer https://covidvaccines12andolder.convertly-marketing.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Sun, 19 Mar 2023 03:32:36 GMT via 1.1 78fd2dd77f1411fa090a7c2472c34d76.cloudfront.net (CloudFront) x-amz-cf-pop NRT57-C2 age 1263039 x-cache Hit from cloudfront x-original-response-code 200 content-length 501 last-modified Thu, 10 Aug 2017 21:38:07 GMT x-origin-fetch-time 41 etag "39227dbc2f640995c54c4a41a0ded874" access-control-allow-methods GET, POST, OPTIONS, HEAD content-type image/png access-control-allow-origin * access-control-expose-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length,X-Original-Filesize,X-Original-Resolution,X-CSRF-TOKEN cache-control max-age=10519200 accept-ranges bytes access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length,X-Original-Filesize,X-Original-Resolution,X-CSRF-TOKEN x-amz-cf-id qTxGsfNRCO8UgHFyVeimsZJllsPnhs4cUu7GaM_-PorlLwUMv9FR5w==
GET H2	200	polyfill.js Show response cdn.polyfill.io/v2/	569 B 886 B	11ms 2ms	Script text/javascript	2a04:4e42:200::282 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.polyfill.io/v2/polyfill.js?features=es6 Requested by Host: covidvaccines12andolder.convertly-marketing.com URL: https://covidvaccines12andolder.convertly-marketing.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::282 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash a6896a419ffbb16f7c9426f73d1ede6acfb470d98140b7a43f328b6ffbf5120e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers accept-language jp-JP,jp;q=0.9 Referer https://covidvaccines12andolder.convertly-marketing.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubdomains; preload content-encoding gzip x-content-type-options nosniff date Thu, 30 Mar 2023 23:39:39 GMT age 877195 detected-user-agent Chrome/111.0.0 useragent_normaliser chrome/111.0.0 server-timing HIT, fastly;desc="Edge time";dur=0 alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 351 referrer-policy origin-when-cross-origin last-modified Sun, 05 Mar 2023 16:54:09 GMT vary User-Agent, Accept-Encoding access-control-allow-methods GET,HEAD,OPTIONS content-type text/javascript; charset=UTF-8 access-control-allow-origin * normalized-user-agent chrome/111.0.0 cache-control public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800 accept-ranges bytes timing-allow-origin *
GET H2	200	webfont.js Show response ajax.googleapis.com/ajax/libs/webfont/1.6.26/	13 KB 6 KB	47ms 3ms	Script text/javascript	2404:6800:4004:821::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js Requested by Host: covidvaccines12andolder.convertly-marketing.com URL: https://covidvaccines12andolder.convertly-marketing.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:821::200a , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://covidvaccines12andolder.convertly-marketing.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Wed, 29 Mar 2023 18:05:11 GMT content-encoding gzip x-content-type-options nosniff age 106468 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5437 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Thu, 28 Mar 2024 18:05:11 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	113 KB 44 KB	102ms 51ms	Script application/javascript	2404:6800:400a:80a::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-183833498-2 Requested by Host: covidvaccines12andolder.convertly-marketing.com URL: https://covidvaccines12andolder.convertly-marketing.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:400a:80a::2008 Osaka, Japan, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 2b5c79a1191afc44ff6a8107d74b1155bab45c1de2b9f0379adff4e4e4ea8853 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://covidvaccines12andolder.convertly-marketing.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 30 Mar 2023 23:39:39 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 45059 x-xss-protection 0 last-modified Thu, 30 Mar 2023 21:51:05 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 30 Mar 2023 23:39:39 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	125 KB 45 KB	108ms 56ms	Script application/javascript	2404:6800:400a:80a::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-KJ6QVPQ Requested by Host: covidvaccines12andolder.convertly-marketing.com URL: https://covidvaccines12andolder.convertly-marketing.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:400a:80a::2008 Osaka, Japan, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash b089075020f903b90ab11960aa781930f56b9d6930ccdd083f30826b689d5826 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://covidvaccines12andolder.convertly-marketing.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 30 Mar 2023 23:39:39 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 46261 x-xss-protection 0 last-modified Thu, 30 Mar 2023 21:51:05 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 30 Mar 2023 23:39:39 GMT
GET DATA	200 OK	truncated /	44 B 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6 Request headers accept-language jp-JP,jp;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Content-Type image/webp
GET H2	200	shutterstock_692047150.jpg images1.convertly.com/5a5e6570-b812-11eb-bbda-f3dbf9b85e2a/eyJ2IjoxfQ==/	1 MB 1 MB	8ms 7ms	Image image/jpeg	2600:9000:20c4:4400:1e:84c9:2f40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://images1.convertly.com/5a5e6570-b812-11eb-bbda-f3dbf9b85e2a/eyJ2IjoxfQ==/shutterstock_692047150.jpg Requested by Host: covidvaccines12andolder.convertly-marketing.com URL: https://covidvaccines12andolder.convertly-marketing.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20c4:4400:1e:84c9:2f40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 00e064485ba96d376344b71e5e31c587c91beb965aec28b7dbfad9ccde972690 Request headers accept-language jp-JP,jp;q=0.9 Referer https://covidvaccines12andolder.convertly-marketing.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 30 Mar 2023 23:45:01 GMT via 1.1 78fd2dd77f1411fa090a7c2472c34d76.cloudfront.net (CloudFront) x-amz-cf-pop NRT57-C2 age 48 x-cache Hit from cloudfront x-original-quality 100 x-original-response-code 200 content-length 1461648 last-modified Tue, 18 May 2021 19:51:00 GMT x-origin-fetch-time 138 etag "efdab414fa03f0237ea5abbe2c2fb78c" access-control-allow-methods GET, POST, OPTIONS, HEAD content-type image/jpeg access-control-allow-origin * access-control-expose-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length,X-Original-Filesize,X-Original-Resolution,X-CSRF-TOKEN cache-control max-age=10519200 accept-ranges bytes access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length,X-Original-Filesize,X-Original-Resolution,X-CSRF-TOKEN x-amz-cf-id mR4U8udhlQZwdjVq9JbTwff6fx43MDZ4-2Wa_dplEJm30N8YvEqgKw==
GET DATA	200 OK	truncated /	82 B 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551 Request headers accept-language jp-JP,jp;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Content-Type image/webp
GET DATA	200 OK	truncated /	90 B 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1 Request headers accept-language jp-JP,jp;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Content-Type image/webp
GET DATA	200 OK	truncated /	38 B 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0 Request headers accept-language jp-JP,jp;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Content-Type image/webp
GET H2	200	covid-19-vaccine-corona-virus-vaccine.webp images2.convertly.com/5a5e6570-b812-11eb-bbda-f3dbf9b85e2a/eyJmb3JtYXQiOiJ3ZWJwIiwidGVzdCI6InRlc3QiLCJvcmlnaW5hbEZpbGV0eXBlIjoiLmpwZWciLCJ2IjoxfQ==/	84 KB 85 KB	7ms 7ms	Image image/webp	2600:9000:2142:1000:1d:4dc8:bb40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://images2.convertly.com/5a5e6570-b812-11eb-bbda-f3dbf9b85e2a/eyJmb3JtYXQiOiJ3ZWJwIiwidGVzdCI6InRlc3QiLCJvcmlnaW5hbEZpbGV0eXBlIjoiLmpwZWciLCJ2IjoxfQ==/covid-19-vaccine-corona-virus-vaccine.webp Requested by Host: covidvaccines12andolder.convertly-marketing.com URL: https://covidvaccines12andolder.convertly-marketing.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2142:1000:1d:4dc8:bb40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 72ea08050312834b2626d00cfff058d7c36cd5cf0a8c71706397cb09b1308273 Request headers accept-language jp-JP,jp;q=0.9 Referer https://covidvaccines12andolder.convertly-marketing.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers x-ops {"quality":80} date Thu, 30 Mar 2023 23:45:01 GMT via 1.1 0fdd05f152588a84969bff9452442f70.cloudfront.net (CloudFront) x-amz-cf-pop NRT57-C3 age 47 x-cache Hit from cloudfront x-original-quality 80 x-original-response-code 200 content-length 85760 last-modified Tue, 18 May 2021 19:51:00 GMT x-origin-fetch-time 94 etag "a5ab787599594577e00687f4ffe6fe3e" access-control-allow-methods GET, POST, OPTIONS, HEAD content-type image/webp access-control-allow-origin * access-control-expose-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length,X-Original-Filesize,X-Original-Resolution,X-CSRF-TOKEN cache-control max-age=10519200 accept-ranges bytes access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length,X-Original-Filesize,X-Original-Resolution,X-CSRF-TOKEN x-amz-cf-id OIpJXfr9mSK-Aa57-V1dkfKfMV6wDEq1LyEhTwftAHEdKEP14e5ntQ==
GET H2	200	fingerprint2.min.js Show response cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/2.1.0/	29 KB 10 KB	17ms 11ms	Script application/javascript	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/2.1.0/fingerprint2.min.js Requested by Host: covidvaccines12andolder.convertly-marketing.com URL: https://covidvaccines12andolder.convertly-marketing.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4bf52e1f92ce9ea93f33025943d00dbfe5e73ff1c8ddc1507aee8ac82d34dc0f Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language jp-JP,jp;q=0.9 Referer https://covidvaccines12andolder.convertly-marketing.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 30 Mar 2023 23:39:39 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 620947 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 9392 last-modified Mon, 04 May 2020 16:10:04 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e5c-72e4" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1fs39hZT9B2HOMmZdG7u3KcJq592ANuKvEFL9gqrDuvbM0pUxLZ5U9x6Sf8NQp2VftYt%2BKefdP1%2BoKj7QFQs1RdTQey0AM9B6hDmmFi5AMWoUY90eVdum9Z7MxT2Tz90ljz4FiLTOgLsfLr25PIr3iJ6"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 7b043176dfc580c9-NRT expires Tue, 19 Mar 2024 23:39:39 GMT
GET H2	200	css fonts.googleapis.com/	12 KB 1 KB	82ms 42ms	Stylesheet text/css	2404:6800:4004:801::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:400,700%7CRubik:400,700%7CEB+Garamond:400,700 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:801::200a , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 68f80cff125a335a111993ae897b4bfdc174061ccb0173bea63e79889e25c247 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://covidvaccines12andolder.convertly-marketing.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Thu, 30 Mar 2023 23:39:40 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Thu, 30 Mar 2023 23:39:40 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 30 Mar 2023 23:39:40 GMT
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v34/	44 KB 44 KB	48ms 4ms	Font font/woff2	2404:6800:4004:824::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700%7CRubik:400,700%7CEB+Garamond:400,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:824::2003 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://covidvaccines12andolder.convertly-marketing.com accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Fri, 24 Mar 2023 11:47:40 GMT x-content-type-options nosniff age 561120 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 44856 x-xss-protection 0 last-modified Mon, 15 Aug 2022 18:20:18 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 23 Mar 2024 11:47:40 GMT
GET H2	200	SlGUmQSNjdsmc35JDF1K5GR1SDk.woff2 fonts.gstatic.com/s/ebgaramond/v26/	39 KB 39 KB	39ms 6ms	Font font/woff2	2404:6800:4004:824::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/ebgaramond/v26/SlGUmQSNjdsmc35JDF1K5GR1SDk.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700%7CRubik:400,700%7CEB+Garamond:400,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:824::2003 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 306b0d4768246ba448fa14872f6b5d7dcfcf3734fb3c9b68f9041cf86884c6ce Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://covidvaccines12andolder.convertly-marketing.com accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Tue, 28 Mar 2023 10:54:30 GMT x-content-type-options nosniff age 218710 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 40144 x-xss-protection 0 last-modified Mon, 11 Jul 2022 19:16:41 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 27 Mar 2024 10:54:30 GMT
GET H2	200	iJWKBXyIfDnIV7nBrXw.woff2 fonts.gstatic.com/s/rubik/v26/	33 KB 33 KB	40ms 7ms	Font font/woff2	2404:6800:4004:824::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/rubik/v26/iJWKBXyIfDnIV7nBrXw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700%7CRubik:400,700%7CEB+Garamond:400,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:824::2003 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e5b4655e2fac9e5887dfc63e54a5ea312f8779ad2a4316765a690c5177ef1acc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://covidvaccines12andolder.convertly-marketing.com accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Tue, 28 Mar 2023 11:21:18 GMT x-content-type-options nosniff age 217102 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 33868 x-xss-protection 0 last-modified Wed, 08 Mar 2023 21:37:56 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 27 Mar 2024 11:21:18 GMT
GET H/1.1	200 OK	tag.js Show response s.btstatic.com/	34 KB 13 KB	11ms 2ms	Script application/javascript	184.26.174.49 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://s.btstatic.com/tag.js Requested by Host: covidvaccines12andolder.convertly-marketing.com URL: https://covidvaccines12andolder.convertly-marketing.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 184.26.174.49 Tokyo, Japan, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-26-174-49.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 5c2b76989e49a2bd8c651a35634fd43081b13bde1a6385fb8e36dccc1d0d42d8 Request headers accept-language jp-JP,jp;q=0.9 Referer https://covidvaccines12andolder.convertly-marketing.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Thu, 30 Mar 2023 23:39:40 GMT Content-Encoding gzip Last-Modified Thu, 03 Nov 2022 17:15:35 GMT Server nginx Vary Accept-Encoding P3P CP=NOI DSP COR NID Content-Type application/javascript Cache-Control public, max-age=14400 Connection keep-alive Accept-Ranges bytes Content-Length 12525
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	43ms 2ms	Script text/javascript	2404:6800:4004:801::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-183833498-2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:801::200e , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language jp-JP,jp;q=0.9 Referer https://covidvaccines12andolder.convertly-marketing.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Thu, 30 Mar 2023 22:05:11 GMT last-modified Tue, 10 Jan 2023 21:29:14 GMT server Golfe2 age 5669 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20085 expires Fri, 31 Mar 2023 00:05:11 GMT
GET H/1.1	200 OK	piwik.js Show response analytics.convertly.com/	64 KB 22 KB	539ms 210ms	Script application/javascript	45.55.96.124 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://analytics.convertly.com/piwik.js Requested by Host: covidvaccines12andolder.convertly-marketing.com URL: https://covidvaccines12andolder.convertly-marketing.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.55.96.124 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Apache/2.4.18 (Ubuntu) / Resource Hash 9e282a1a6fc13d3f400d49260d5bac86836ed14ed25a9a7734cdc7c0a6a8c1d4 Request headers accept-language jp-JP,jp;q=0.9 Referer https://covidvaccines12andolder.convertly-marketing.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 30 Mar 2023 23:39:40 GMT content-encoding gzip last-modified Thu, 06 Sep 2018 16:07:22 GMT server Apache/2.4.18 (Ubuntu) etag "ff7b-57536160e8ca1-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 22260
GET H/1.1	200 OK	loggly.tracker-latest.min.js Show response cloudfront.loggly.com/js/	2 KB 2 KB	122ms 2ms	Script application/javascript	99.84.143.18 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cloudfront.loggly.com/js/loggly.tracker-latest.min.js Requested by Host: covidvaccines12andolder.convertly-marketing.com URL: https://covidvaccines12andolder.convertly-marketing.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 99.84.143.18 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-143-18.nrt57.r.cloudfront.net Software AmazonS3 / Resource Hash 3015c007bbb1a61e4345b214d17980c066c4d8b5334dc41d06db490534634758 Request headers accept-language jp-JP,jp;q=0.9 Referer https://covidvaccines12andolder.convertly-marketing.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Thu, 30 Mar 2023 12:17:14 GMT Content-Encoding gzip Via 1.1 5fd303e4294789c9f7d3efeddb26eaf4.cloudfront.net (CloudFront) Last-Modified Thu, 18 Mar 2021 09:26:13 GMT Server AmazonS3 X-Amz-Cf-Pop NRT57-C3 Age 40947 ETag W/"b471738fe2090543611c9c980eb60bc0" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript X-Cache Hit from cloudfront Connection keep-alive X-Amz-Cf-Id REjNH9TjeYAMPW3g_1mE3tTd-huGPInJime8D92rCTA_Dc-zmeTRmg==
GET H2	200	tag Show response s.thebrighttag.com/	0 286 B	686ms 180ms	Script text/javascript	3.133.28.46 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.thebrighttag.com/tag?site=t4tmU86&H=1upan5o Requested by Host: s.btstatic.com URL: https://s.btstatic.com/tag.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.133.28.46 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-133-28-46.us-east-2.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language jp-JP,jp;q=0.9 Referer https://covidvaccines12andolder.convertly-marketing.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Thu, 30 Mar 2023 23:39:40 GMT x-bt-requestid 2418a1f0-cf54-11ed-accd-0000ac170193 server nginx etag d41d8cd98f00b204e9800998ecf8427e content-type text/javascript access-control-allow-origin https://covidvaccines12andolder.convertly-marketing.com p3p CP=NOI DSP COR NID cache-control private, must-revalidate content-length 0 expires Thu, 01 Jan 1970 00:00:00 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	1 B 228 B	39ms 39ms	XHR text/plain	2404:6800:4004:801::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1444563737&t=pageview&_s=1&dl=https%3A%2F%2Fcovidvaccines12andolder.convertly-marketing.com%2F&ul=en-us&de=UTF-8&dt=COVID-19%20Testing%20%26%20Vaccination%20Sites%20-%2012%20Years%20and%20Older&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4GBAAUABAAAAACAAI~&jid=1389524737&gjid=780565332&cid=1459338761.1680219580&tid=UA-183833498-2&_gid=206839650.1680219580&_r=1&gtm=457e33t0&cd1=a35322508131b9863b38b7bd3f195541&jsscut=1&z=727764203 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:801::200e , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://covidvaccines12andolder.convertly-marketing.com/ accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 30 Mar 2023 23:39:40 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://covidvaccines12andolder.convertly-marketing.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	piwik.php analytics.convertly.com/	43 B 201 B	263ms 263ms	Image image/gif	45.55.96.124 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://analytics.convertly.com/piwik.php?action_name=COVID-19%20Testing%20%26%20Vaccination%20Sites%20-%2012%20Years%20and%20Older&idsite=1419&rec=1&r=180435&h=23&m=39&s=40&url=https%3A%2F%2Fcovidvaccines12andolder.convertly-marketing.com%2F&_id=2a544861030a863f&_idts=1680219581&_idvc=1&_idn=0&_refts=0&_viewts=1680219581&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=312&pv_id=cW1yNK Requested by Host: covidvaccines12andolder.convertly-marketing.com URL: https://covidvaccines12andolder.convertly-marketing.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.55.96.124 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Apache/2.4.18 (Ubuntu) / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language jp-JP,jp;q=0.9 Referer https://covidvaccines12andolder.convertly-marketing.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 30 Mar 2023 23:39:40 GMT cache-control no-store server Apache/2.4.18 (Ubuntu) content-length 43 content-type image/gif

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| WebFontConfig string| gaID boolean| useSystemGtmTag number| siteId function| log object| Convertly function| loadFingerprint object| dataLayer function| gtag object| Modernizr function| Zepto function| $ object| WebFont function| Fingerprint2 object| Inferno object| zenscroll function| onYouTubeIframeAPIReady function| toggleActiveState function| toggleDelayActiveState function| toggleActiveOnScroll function| initDomListeners number| _zid object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| _paq object| _LTracker string| urlLink object| urlParams undefined| helloBarContainerCSS undefined| markup1 undefined| markup2 undefined| hellobarelementcss undefined| headline undefined| gdpragreement undefined| bootstrap undefined| header undefined| amountFromTop function| bt_eval function| bt_parameter function| bt_meta function| bt_cookie function| bt_data function| bt_log function| bt_handle_exception undefined| _bt_url_prefix undefined| _bt_referrer undefined| _bt_site undefined| _bt_mode function| btServe function| bt_data_escaped object| BrightTag object| gaplugins object| gaGlobal object| gaData function| LogglyTracker object| JSON_PIWIK object| Piwik object| AnalyticsTracker function| piwik_log

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.convertly-marketing.com/	1970-01-20 20:19:39	Name: _ga Value: GA1.2.1459338761.1680219580
			.convertly-marketing.com/	1970-01-20 10:45:05	Name: _gid Value: GA1.2.206839650.1680219580
			.convertly-marketing.com/	1970-01-20 10:43:39	Name: _gat_gtag_UA_183833498_2 Value: 1
			covidvaccines12andolder.convertly-marketing.com/	1969-12-31 23:59:59	Name: logglytrackingsession Value: f6309bef-36b4-4016-9a6e-ea6f3e5dabf0
			covidvaccines12andolder.convertly-marketing.com/	1970-01-20 20:09:34	Name: _pk_id.1419.5e21 Value: 2a544861030a863f.1680219581.1.1680219581.1680219581.
			covidvaccines12andolder.convertly-marketing.com/	1970-01-20 10:43:41	Name: _pk_ses.1419.5e21 Value: *

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
analytics.convertly.com
cdn.polyfill.io
cdnjs.cloudflare.com
cloudfront.loggly.com
covidvaccines12andolder.convertly-marketing.com
fonts.googleapis.com
fonts.gstatic.com
images1.convertly.com
images2.convertly.com
s.btstatic.com
s.thebrighttag.com
www.google-analytics.com
www.googletagmanager.com
138.68.203.54
184.26.174.49
2404:6800:4004:801::200a
2404:6800:4004:801::200e
2404:6800:4004:821::200a
2404:6800:4004:824::2003
2404:6800:400a:80a::2008
2600:9000:20c4:4400:1e:84c9:2f40:93a1
2600:9000:2142:1000:1d:4dc8:bb40:93a1
2606:4700::6811:190e
2a04:4e42:200::282
3.133.28.46
45.55.96.124
99.84.143.18
00e064485ba96d376344b71e5e31c587c91beb965aec28b7dbfad9ccde972690
2b5c79a1191afc44ff6a8107d74b1155bab45c1de2b9f0379adff4e4e4ea8853
3015c007bbb1a61e4345b214d17980c066c4d8b5334dc41d06db490534634758
306b0d4768246ba448fa14872f6b5d7dcfcf3734fb3c9b68f9041cf86884c6ce
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
4bf52e1f92ce9ea93f33025943d00dbfe5e73ff1c8ddc1507aee8ac82d34dc0f
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5c2b76989e49a2bd8c651a35634fd43081b13bde1a6385fb8e36dccc1d0d42d8
68f80cff125a335a111993ae897b4bfdc174061ccb0173bea63e79889e25c247
6b6ea6a7ffbc2368024ece56efb85a36d00780ad12b11972eefde79208a51c3f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
72ea08050312834b2626d00cfff058d7c36cd5cf0a8c71706397cb09b1308273
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
9e282a1a6fc13d3f400d49260d5bac86836ed14ed25a9a7734cdc7c0a6a8c1d4
a6896a419ffbb16f7c9426f73d1ede6acfb470d98140b7a43f328b6ffbf5120e
b089075020f903b90ab11960aa781930f56b9d6930ccdd083f30826b689d5826
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
c4922ae6f61fbd2c76c60d3ffab915096fd49f4af64c890c11d10341b4fc750b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5b4655e2fac9e5887dfc63e54a5ea312f8779ad2a4316765a690c5177ef1acc
fcc9791d28ac362939097009b13c85532d2c8632cae8cbef437682551e8985a5