presidentsdaysale.net
Open in
urlscan Pro
68.65.123.244
Public Scan
Submission Tags: phishing
Submission: On October 14 via api from US — Scanned from DE
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 4th 2022. Valid for: a year.
This is the only time presidentsdaysale.net was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN22612 (NAMECHEAP-NET, US)
PTR: premium47-4.web-hosting.com
presidentsdaysale.net |
ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com | |
partner.googleadservices.com |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-213-226.fra53.r.cloudfront.net
z-na.amazon-adsystem.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-137-185.eu-west-1.compute.amazonaws.com
api.viglink.com |
ASN15169 (GOOGLE, US)
tpc.googlesyndication.com |
Domain | Requested by | |
---|---|---|
27 | presidentsdaysale.net |
presidentsdaysale.net
|
18 | i5.walmartimages.com |
presidentsdaysale.net
|
8 | pagead2.googlesyndication.com |
presidentsdaysale.net
pagead2.googlesyndication.com tpc.googlesyndication.com |
5 | api.viglink.com |
cdn.viglink.com
presidentsdaysale.net |
4 | fonts.gstatic.com |
fonts.googleapis.com
|
3 | tpc.googlesyndication.com |
pagead2.googlesyndication.com
tpc.googlesyndication.com |
3 | googleads.g.doubleclick.net |
pagead2.googlesyndication.com
|
2 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
2 | fonts.googleapis.com |
presidentsdaysale.net
|
1 | www.google.com |
tpc.googlesyndication.com
|
1 | adservice.google.com |
pagead2.googlesyndication.com
|
1 | adservice.google.de |
pagead2.googlesyndication.com
|
1 | partner.googleadservices.com |
pagead2.googlesyndication.com
|
1 | cdn.viglink.com |
presidentsdaysale.net
|
1 | www.googletagmanager.com |
presidentsdaysale.net
|
1 | z-na.amazon-adsystem.com |
presidentsdaysale.net
|
79 | 16 |
This site contains links to these domains. Also see Links.
Domain |
---|
in.pinterest.com |
api.whatsapp.com |
redirect.viglink.com |
walmart.com |
amazon.com |
endless.com |
myhabit.com |
smallparts.com |
amazonwireless.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
presidentsdaysale.net Sectigo RSA Domain Validation Secure Server CA |
2022-01-04 - 2023-01-04 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-09-12 - 2022-12-05 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2022-09-12 - 2022-12-05 |
3 months | crt.sh |
ws-na.assoc-amazon.com Amazon |
2022-01-17 - 2023-01-16 |
a year | crt.sh |
cf-prod.walmartimages.com GlobalSign RSA OV SSL CA 2018 |
2021-10-06 - 2022-11-07 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-09-12 - 2022-12-05 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-09-12 - 2022-12-05 |
3 months | crt.sh |
ssl1029306.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2022-06-01 - 2022-12-08 |
6 months | crt.sh |
viglink.com Amazon |
2022-10-13 - 2023-11-10 |
a year | crt.sh |
*.google.de GTS CA 1C3 |
2022-09-12 - 2022-12-05 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2022-09-12 - 2022-12-05 |
3 months | crt.sh |
tpc.googlesyndication.com GTS CA 1C3 |
2022-09-12 - 2022-12-05 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2022-09-12 - 2022-12-05 |
3 months | crt.sh |
This page contains 6 frames:
Primary Page:
https://presidentsdaysale.net/
Frame ID: FAFE639AA3D8E28ABF9C3799F456D9FF
Requests: 80 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20221012/r20190131/zrt_lookup.html
Frame ID: D541A0F3D7CDA39F12AB69123922FAAD
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5004744055256393&output=html&adk=318159125&adf=2184669829&lmt=1665753325&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fpresidentsdaysale.net%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665753325367&bpp=3&bdt=2003&idt=139&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8172416770283&frm=20&pv=2&ga_vid=607775512.1665753325&ga_sid=1665753326&ga_hid=603779461&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705&oid=2&pvsid=2665353889483911&tmod=115092106&uas=0&nvt=1&eae=6&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=166
Frame ID: E69B67E39B68C7F1F1FBC46C429A6EF8
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7843196303295990&output=html&h=280&slotname=5162795178&adk=2997449987&adf=2297623196&pi=t.ma~as.5162795178&w=800&fwrn=4&fwrnh=100&lmt=1665753325&rafmt=1&format=800x280&url=https%3A%2F%2Fpresidentsdaysale.net%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665753325370&bpp=3&bdt=2007&idt=173&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8172416770283&frm=20&pv=2&ga_vid=607775512.1665753325&ga_sid=1665753326&ga_hid=603779461&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=514&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705&oid=2&pvsid=2665353889483911&tmod=115092106&uas=0&nvt=1&eae=4&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&dtd=183
Frame ID: 520DDB7FA21F666138583DB16F3B12B2
Requests: 1 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A18BAB16BCA3D7B2DD3990AF7309FAFA
Requests: 3 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/aframe
Frame ID: 73E1B2D26991AB1BB6CF057BEC627C89
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
Black Friday Deals 2022 - Best Buy, Walmart, Home Depot & LowesDetected technologies
WordPress (CMS) ExpandDetected patterns
- <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
- /wp-(?:content|includes)/
Bootstrap (Web Frameworks) Expand
Detected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google AdSense (Advertising Networks) Expand
Detected patterns
- googlesyndication\.com/
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
OWL Carousel (Widgets) Expand
Detected patterns
- owl\.carousel.*\.js
VigLink (Advertising Networks) Expand
Detected patterns
- (?:^[^/]*//[^/]*viglink\.com/api/|vglnk\.js)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery Migrate (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Page Statistics
26 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Walmart.com
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: amazon.com
Search URL Search Domain Scan URL
Title: endless.com
Search URL Search Domain Scan URL
Title: myhabit.com
Search URL Search Domain Scan URL
Title: smallparts.com
Search URL Search Domain Scan URL
Title: amazonwireless.com
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
79 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
presidentsdaysale.net/ |
201 KB 29 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.min.css
presidentsdaysale.net/wp-includes/css/dist/block-library/ |
81 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
presidentsdaysale.net/wp-content/plugins/uk-cookie-consent/assets/css/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.min.css
presidentsdaysale.net/wp-content/plugins/easy-table-of-contents/vendor/icomoon/ |
369 B 396 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
screen.min.css
presidentsdaysale.net/wp-content/plugins/easy-table-of-contents/assets/css/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sassy-social-share-public.css
presidentsdaysale.net/wp-content/plugins/sassy-social-share/public/css/ |
33 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sassy-social-share-svg.css
presidentsdaysale.net/wp-content/plugins/sassy-social-share/admin/css/ |
106 KB 32 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default.min.css
presidentsdaysale.net/wp-content/plugins/tablepress/css/ |
6 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
presidentsdaysale.net/wp-content/themes/mts_socialnow/ |
67 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
responsive.css
presidentsdaysale.net/wp-content/themes/mts_socialnow/css/ |
14 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owl.carousel.css
presidentsdaysale.net/wp-content/themes/mts_socialnow/css/ |
11 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
presidentsdaysale.net/wp-content/themes/mts_socialnow/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
egg-bootstrap.css
presidentsdaysale.net/wp-content/plugins/content-egg/res/bootstrap/css/ |
139 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
products.css
presidentsdaysale.net/wp-content/plugins/content-egg/res/css/ |
9 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
738 B 670 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mb-button.css
presidentsdaysale.net/wp-content/plugins/mango-buttons/public/style/ |
10 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
presidentsdaysale.net/wp-includes/js/jquery/ |
87 KB 30 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-migrate.min.js
presidentsdaysale.net/wp-includes/js/jquery/ |
11 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
price_alert.js
presidentsdaysale.net/wp-content/plugins/content-egg/res/js/ |
2 KB 734 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
822 B 370 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ |
164 KB 164 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
presidentsdaysale.net-logo.png
presidentsdaysale.net/wp-content/uploads/2022/07/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ |
161 KB 162 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
onejs
z-na.amazon-adsystem.com/widgets/ |
25 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
d8cc3fd6-d592-4815-8bd1-19fd50698fe7.aa81e5ae817f306abe3d3b4cd2499c70.jpeg
i5.walmartimages.com/asr/ |
7 KB 7 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon_walmart-com.png
presidentsdaysale.net/wp-content/uploads/ce-logos/ |
379 B 602 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fb2a1b38-721e-4c16-a506-c9ec1209d488.f66744b392dc3c1de599e681c785462c.jpeg
i5.walmartimages.com/asr/ |
109 KB 109 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ded72051-ba21-41dd-9130-cd0f591e7087.03d49a2a3f4fb25f04d4c2250be7ddc2.jpeg
i5.walmartimages.com/asr/ |
126 KB 126 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0a0a0427-a436-4ded-acce-936b933b1c38.03d49a2a3f4fb25f04d4c2250be7ddc2.jpeg
i5.walmartimages.com/asr/ |
126 KB 126 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
feb32bf3-f50d-4824-a1f3-abaf830e2f3c.8ab67d608513abc376cf112c94d6c627.jpeg
i5.walmartimages.com/asr/ |
71 KB 72 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7d2b1b1d-20a0-4c8a-860a-32c5f6683bea.98a86931a340ea39cf5b5f2b3d0ef629.jpeg
i5.walmartimages.com/asr/ |
105 KB 106 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0e7f654b-318f-43dd-a876-d338f176cd14.18e13bc21bfe01358d2df967da70f4c7.jpeg
i5.walmartimages.com/asr/ |
29 KB 30 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
84955a2d-2094-4041-846a-d97b7cc5fb7e_1.7731f5da4140b5433d8239677f5bbda2.jpeg
i5.walmartimages.com/asr/ |
12 KB 12 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3d49dc12-0e87-49e9-877c-546aa5c31a1f_1.1feb00589454f04b91ec4ae675bc417c.jpeg
i5.walmartimages.com/asr/ |
51 KB 51 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
e4b12fd4-906f-4bf0-a270-afe8dc531860_1.c698176588ad49a4cf1bde639e9a838a.jpeg
i5.walmartimages.com/asr/ |
35 KB 35 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
80e414ab-3275-44ba-8248-477a751a236d_1.73694cfb399420f21b6b326f578b984a.jpeg
i5.walmartimages.com/asr/ |
72 KB 73 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
67d56167-7ebc-4b34-88ff-61bc0930dc15_2.2954c0a73f7e3c38bf2fc44b0465d18c.jpeg
i5.walmartimages.com/asr/ |
54 KB 54 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2c57500f-9114-4af5-b2b0-a29424398a69.08ea408e6099d2f0c33303f7bc793781.jpeg
i5.walmartimages.com/asr/ |
97 KB 97 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1114228a-fe9b-4aa1-b732-9ba6d32787f1_1.b18a4a6bdfaf618804d4c6f875c16ff5.jpeg
i5.walmartimages.com/asr/ |
18 KB 18 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c4ced5e4-6dd2-44d4-b8cf-795336f18864.b36f9bb71bcf08d98fd96c6d656da5d5.png
i5.walmartimages.com/asr/ |
9 KB 9 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bb49560a-1e5e-4ac1-8b1e-a53597f44628_1.ceacbceb920d60041a6245961c2828f7.jpeg
i5.walmartimages.com/asr/ |
9 KB 9 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
f6928db5-93a4-4d4a-8fd8-fd723671cd3a_1.b18a4a6bdfaf618804d4c6f875c16ff5.jpeg
i5.walmartimages.com/asr/ |
18 KB 18 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
29a6a03b-7389-4aec-88c5-378bc47c5c31_1.e5f61e35863a57ca520bf312c1617843.jpeg
i5.walmartimages.com/asr/ |
32 KB 32 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uk-cookie-consent-js.js
presidentsdaysale.net/wp-content/plugins/uk-cookie-consent/assets/js/ |
2 KB 845 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
customscript.js
presidentsdaysale.net/wp-content/themes/mts_socialnow/js/ |
11 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owl.carousel.min.js
presidentsdaysale.net/wp-content/themes/mts_socialnow/js/ |
56 KB 14 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sassy-social-share-public.js
presidentsdaysale.net/wp-content/plugins/sassy-social-share/public/js/ |
43 KB 11 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
106 KB 42 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wp-emoji-release.min.js
presidentsdaysale.net/wp-includes/js/ |
18 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nobg.png
presidentsdaysale.net/wp-content/themes/mts_socialnow/images/ |
68 B 289 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-webfont.woff2
presidentsdaysale.net/wp-content/themes/mts_socialnow/fonts/ |
75 KB 76 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
HhyJU5sn9vOmLxNkIwRSjTVNWLEJ0LQl2xMB.ttf
fonts.gstatic.com/s/dosis/v27/ |
36 KB 21 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
HhyJU5sn9vOmLxNkIwRSjTVNWLEJabMl2xMB.ttf
fonts.gstatic.com/s/dosis/v27/ |
36 KB 20 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVc.ttf
fonts.gstatic.com/s/opensans/v34/ |
31 KB 31 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vglnk.js
cdn.viglink.com/api/ |
81 KB 28 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
302 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
682 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
391 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
425 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
780 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
913 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
709 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
436 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
327 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVc.ttf
fonts.gstatic.com/s/opensans/v34/ |
31 KB 20 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
show_ads_impl_with_ama.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/ |
400 KB 400 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221012/r20190131/ Frame D541 |
10 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
ping
api.viglink.com/api/ |
242 B 696 B |
XHR
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/j/ |
1 B 21 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cookie.js
partner.googleadservices.com/gampad/ |
409 B 336 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.de/adsid/ |
107 B 795 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.com/adsid/ |
107 B 552 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
gen_204
pagead2.googlesyndication.com/pagead/ |
0 20 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ads
googleads.g.doubleclick.net/pagead/ Frame E69B |
0 19 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ads
googleads.g.doubleclick.net/pagead/ Frame 520D |
603 B 105 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sync.js
api.viglink.com/api/ |
43 B 390 B |
Script
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sync.gif
api.viglink.com/api/ |
43 B 390 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
domains
api.viglink.com/api/ |
56 B 509 B |
XHR
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
domains
api.viglink.com/api/ |
58 B 511 B |
XHR
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/getconfig/ |
14 KB 11 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar2.js
tpc.googlesyndication.com/sodar/ |
17 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A18B |
13 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aframe
www.google.com/recaptcha/api2/ Frame 73E1 |
783 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js
pagead2.googlesyndication.com/bg/ Frame A18B |
36 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ Frame 73E1 |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
generate_204
tpc.googlesyndication.com/ Frame A18B |
0 10 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
Verdicts & Comments Add Verdict or Comment
123 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| heateorSssLoadEvent string| heateorSssSharingAjaxUrl string| heateorSssCloseIconPath string| heateorSssPluginIconPath number| heateorSssHorizontalSharingCountEnable number| heateorSssVerticalSharingCountEnable number| heateorSssSharingOffset number| heateorSssMobileStickySharingEnabled string| heateorSssCopyLinkMessage object| heateorSssUrlCountFetched string| heateorSssSharesText string| heateorSssShareText function| heateorSssPopup object| _wpemojiSettings undefined| $ function| jQuery object| ceggPriceAlert object| adsbygoogle function| vglnk object| ctcc_vars object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc number| google_rum_task_id_counter string| google_user_agent_client_hint function| catapultSetCookie function| catapultReadCookie function| catapultDeleteCookie function| catapultAcceptCookies function| ctccCloseNotification function| ctccFirstPage object| mts_customscript object| slideropts function| heateorSssCallAjax function| heateorSssGetScript function| heateorSssMoreSharingPopup function| heateorSssFilterSharing object| heateorSssFacebookTargetUrls function| heateorSssGetSharingCounts function| heateorSssFetchFacebookShares function| heateorSssFBShareJSONCall function| heateorSssSaveFacebookShares function| heateorSssCalculateApproxCount function| heateorSssCalculateActualCount function| heateorSssCapitaliseFirstLetter function| heateorSssHideSharing function| gtag object| dataLayer object| google_tag_manager string| GoogleAnalyticsObject function| ga boolean| __v5k function| vl_cB function| vl_disable function| vglnk_16657533254746 undefined| vglnk_16657533254757 object| gaplugins object| gaGlobal object| gaData function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages undefined| vglnk_16657533257319 undefined| vglnk_166575332584210 function| amazon_assoc_ir_f_call_associates_ads function| amazon_assoc_ir_f_call function| amzn_assoc_ad_spec_type object| amzn_assoc_ad_spec object| amzn_assoc_ad_async_spec object| adUnitDeliveryNetwork object| slotCounter function| cmManager object| amzn_assoc_cm boolean| amzn_assoc_enable_abs object| amzn_assoc_internal_params function| assocUtilsMaker object| amzn_assoc_utils object| nativeAdLayoutComputer object| amzn_assoc_ad object| blockedMarketPlacesJson object| blockedViewerCountriesJson boolean| mtsRTL string| mtsItem function| EventEmitter object| eventie function| imagesLoaded object| twemoji object| wp object| GoogleGcLKhOms6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.presidentsdaysale.net/ | Name: _ga Value: GA1.2.607775512.1665753325 |
|
.presidentsdaysale.net/ | Name: _gid Value: GA1.2.1163428741.1665753325 |
|
.presidentsdaysale.net/ | Name: _gat_gtag_UA_122497537_2 Value: 1 |
|
.presidentsdaysale.net/ | Name: __gads Value: ID=99bdbcd543be3e47-22e361d746ce0029:T=1665753325:RT=1665753325:S=ALNI_MbAFfZlywIN0fp46wfAuJpBBteIwA |
|
.presidentsdaysale.net/ | Name: __gpi Value: UID=00000b72a6b9cc2d:T=1665753325:RT=1665753325:S=ALNI_MaBor8aMwav5_qQnIBjy7VoV9lnYg |
|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
adservice.google.com
adservice.google.de
api.viglink.com
cdn.viglink.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i5.walmartimages.com
pagead2.googlesyndication.com
partner.googleadservices.com
presidentsdaysale.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
z-na.amazon-adsystem.com
143.204.213.226
2606:4700::6810:a10d
2606:4700::6811:2813
2a00:1450:4001:806::2001
2a00:1450:4001:806::2002
2a00:1450:4001:806::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2004
52.214.137.185
68.65.123.244
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01fc92b7704c3e3baaefd2ce87ce17e2ea266a1bb4244f032da25931e9c6fb92
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0892857259f48d3f600f58705a86fd5718257a207f6cf8d2398ef5333020ad64
0cee9471c79e0e6f1c8c5e623e605e931a548db4e944b6abcf23fd8e4ae7cf14
0e82f52fd8268a5c5ed948fc93e534244e4b16c5a5508973232ea6a05b48617f
131d7ee76b779886898c901bfa19c90b68917c8e4b4b4cc9d929e53a9ecc92a2
16f708e5165a9e2302fec421f8f9d341e3f66a0954a5b7c962460406c7f2be4e
177ece2ab1036eb9e833aa41bf41c8bd09a2ea88033b9486cdddd461f98c83a3
17c31e9bf7baf961861e9e5cecf4700cb22917538b5a09dccbdab82ef59dca1d
17f180f511551c40d21b7b5c553d4c5f02d8768afb677dbeaaaf4b44ae108eff
1ab97734a4ede181fed09128f0f17429e12432096c3971ef994a8584f3c3326a
1ddd7739c5eda85479ebac9e4b353ab2ab19fd0ce61a496b324f623210a46790
2662e0eef0f270830358bb255f079f695da71794ecbe8ba0825200862d8e9746
294ed1734fd63bdeca41e4ac6d668c513ea6932b0030ee10c605d09efba1900e
2a2c62efdb968b320a940053b7617c7fd049ab4754f0421eca8e08771c51fd24
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2e52aa532594524ce54ab7f748eb9828e2285b705ba1da5fe5b4c0f4ada6ce1a
30114f6359042403a7ca099c3467ad8911a00dd437eb5a0d0eda481f7786f175
34513f6e62e1b5dedbea61d6f79455a5df46097096913bbf1d154ac86b9d9fb5
3b6ff6d56280bfd76558a11d8188a3e2de944d9e5d05dd7a589d4544db122d5e
43d4672851fa1f2b8f89c86da8de12308fdf00da1597c09c9fd7439f579a8670
4bf971df101bf1fc17750fc96fd2436cd81f6a1f3a45c7bd0503ebce5795ef66
5190a9752c2dfbe2d702965f3d30c8d8ea97dd51eede8c03d73a6b41194bbc1f
54c9560cb0117d8d1f955aefe0f88b843517964e118512d8f1a224a8a9b662f4
555a5d82d6ef53034c9656ba557b9e5f4506bdc15c3a4e96d53912234b985db8
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59b6ea23d757b5da5b173b53a4bd4249755948d2fbba94b868541f895c96fe5d
5a6fd9024a3a2d3690cf6884ec0d48d505a5590fb175451a3cad8c043a123a27
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
644b9d0302a6693369bc66e0b706d4908d326cacf62b00ad5e6a80a05e66caf9
685408e46c52991337fcad6dca03d060e9d98164f7432e05d3edaee18a65d91e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
71410de1f37e7f42ef4bc1e8d86672888211c1efb6b97ae0c52eb4e4d05dfd94
73073ed7160406dcfbe826dcabd7ec807cf2aa72afe0303424f518767120cf2e
7417c8aa220d29cc82313734b71f986e5457f49efddf2668d02b20025ea4901e
749634fbb2fa7083850b8aed57642633e62091064bfcc5d224a7fba6e995893c
760bc4d420605c167dd90147b0e0d82b4e761a18bc35be7aeffaa4192b371635
795534a47cda8149a867c710d77cc20ac76f4554468e632afa23a2faa7f7489e
79654c86e568ac1be0d7e3e8d4553f68bfbe71d13b50bf5a68ead3cf22e2140d
7c3acfa9d59e3e0ba34047d8288a9dbc06df8e4479f27aba296236766b6dece0
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8bea023912e79201c6ee1975888517873ec14a9c73705ecae53876b886be64fa
97d21de77be0945921d75a905ed4f97cfe1a02958fc95ff15e9828eacc2a781c
98159deaf178781beb61b9a2297073c8fda830505ed5315740913e22156e7f9d
98e95fa4b4eaf8082c1b5ebd3ff8f46f29644bf27ef8d7894988d744d69beadb
a06a297e3c22e2f57ca24ec2b76feb792f56140384cccc9b40102e52aad00bc3
a3052d9b1e993fcb74e7c4336f35de68616a56f3f5ab242e721e58cd0d839121
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
acf04d7f4c509d5bdcefef9c17eca028a14aa92014d593a7e46421e920f6c12b
b2b61831d206e10e55c6a5206633e7ccb42a43b41c172d7038fa0b7a4378f073
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b6d018729b6cc00b3732df6a76d2d350e205062eac8b2e6ac254db938eeab31b
b79a253467fec70035af9d6c38d820152f4e74f44493d9982efd04399648c8c3
b980f62a2d545d64f24e6f96902c8fbf5da0018569c369bc18f9e5b5fcf099ed
bca0c355bb49d9c2e013f5cf27d5596c14d9161ef593879228e9c1ff2b7a2832
bd2317f75582f7f94823a6289701498ee4c75d51ce502c09fd4663de07f3dda4
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
be38a8304f69b692c7038ad954e96e6be49a98e16896027d26a84fc935cb1402
bfcb5b207fa0bdbb3bf1730ae629418cd588477b0ff1eb3cc9dbf7b3cac04a1c
c2e8b4fba49f90cfca5a43371c09879aed7447e0ba2ed4abd75b81448776c4f7
c5f7b8aba3da4ebcd330d8899970b0c32082ffdd630ab523a4c5adecbd1675d4
cb54a9a83638c0ecb32f5109e9f63c694543e50a02f92abb6fa07a8e97b46c96
cdaa4267bd42dfda04c06d5984733eddad9a37af2fae9dec52f3deeefc90ae58
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
cf628b1168f007021b66e0a98d54ebe0bb51d963d51bae56665f5341ad5cc876
d31374e862fe63f0cfabb3f4cebf0723e3ee46c70589a8576daa1643cebdd651
d35c809bcd9170b889f996ca93908d12502201718a5c13cf63eecdc5232f1e2d
d80b9f273b1be43ee7e98ea3b3b2f35b073f132e588e3c7afc41f61c50b30b24
d97d9e5bcf94bf99306db5daee14e3eb099db44af6f7b006aabdddcf46778ba6
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4fbd97b06d5bb354b685c280f482a4f97c9649ca3d68bb4bbe4d5d62d3d2105
eb610b0ca4c290f4fbd37705cf1a81752ee7d6ce05f734f682d7316424a2266b
ee58acdf124ca04b2c79366bdd1e04b19dd6694a16d47ce347bceb9802ccb339
f1b73de8b6eac85496d46c377611e0d8dbd2a68ab7258e0919fac78d31dc1fc6
f67b43c012569773ad0115cb53024ad3dc9cdf9df409feff8b95e51a586ef5b5
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f79249e54e469dd19b03fced0312648dad97ac0e68e8c6a17d47a591c0fc05d0
f97d86af373732ca24ce21dec9b1f24b14dcd8fd3221b6756f68fb1b3f543fef
fc05f3fcbebe884fabc8e38f64f402412600f85e1ce427298c77354b046423f5