andrewforish.com
Open in
urlscan Pro
34.69.219.172
Public Scan
Submitted URL: http://terminsurance-sf.com/
Effective URL: https://andrewforish.com/
Submission: On February 28 via api from US — Scanned from US
Effective URL: https://andrewforish.com/
Submission: On February 28 via api from US — Scanned from US
Summary
This website contacted 16 IPs
in 1 countries
across 18 domains to perform 74 HTTP transactions.
The main IP is 34.69.219.172, located in
Council Bluffs, United States and
belongs to GOOGLE-CLOUD-PLATFORM, US.
The main domain is andrewforish.com.
TLS certificate: Issued by R3 on February 23rd 2023. Valid for: 3 months.
This is the only time andrewforish.com was scanned on urlscan.io!
TLS certificate: Issued by R3 on February 23rd 2023. Valid for: 3 months.
This is the only time andrewforish.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
3
34.69.219.172
(Council Bluffs, United States)
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 172.219.69.34.bc.googleusercontent.com
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 172.219.69.34.bc.googleusercontent.com
| terminsurance-sf.com | |
| andrewforish.com |
5
104.198.70.133
(Council Bluffs, United States)
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 133.70.198.104.bc.googleusercontent.com
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 133.70.198.104.bc.googleusercontent.com
| mx-api.prod.mirus.io | |
| peachy.prod.mirus.io |
6
18.164.116.22
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-22.jfk50.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-22.jfk50.r.cloudfront.net
| nexus.ensighten.com |
6
2a03:2880:f012:8:face:b00c:0:1
(Secaucus, United States)
ASN32934 (FACEBOOK, US)
ASN32934 (FACEBOOK, US)
| connect.facebook.net |
7
174.129.176.59
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-174-129-176-59.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-174-129-176-59.compute-1.amazonaws.com
| dpm.demdex.net |
1
44.194.115.212
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-115-212.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-115-212.compute-1.amazonaws.com
| statefarmmutualautomobileinsurancecompany.demdex.net |
2
63.140.38.226
(United States)
ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-38-226.data.adobedc.net
ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-38-226.data.adobedc.net
| smetrics.statefarm.com |
1
3.82.73.135
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-82-73-135.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-82-73-135.compute-1.amazonaws.com
| cm.everesttech.net |
2
35.190.60.146
(Kansas City, United States)
ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
| idsync.rlcdn.com |
3
142.251.40.130
(United States)
ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f2.1e100.net
ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f2.1e100.net
| cm.g.doubleclick.net |
6
52.223.40.198
(United States)
ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
| match.adsrvr.org | |
| insight.adsrvr.org |
1
76.13.32.147
(Lockport, United States)
ASN26101 (YAHOO-BF1, US)
PTR: spcms.pbp.vip.bf1.yahoo.com
ASN26101 (YAHOO-BF1, US)
PTR: spcms.pbp.vip.bf1.yahoo.com
| cms.analytics.yahoo.com |
1
18.213.152.51
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-152-51.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-152-51.compute-1.amazonaws.com
| usermatch.krxd.net |
1
35.172.249.65
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-35-172-249-65.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-35-172-249-65.compute-1.amazonaws.com
| beacon.krxd.net |
2
143.204.138.162
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-143-204-138-162.ewr52.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-143-204-138-162.ewr52.r.cloudfront.net
| js.adsrvr.org |
2
68.67.160.137
(New York, United States)
ASN29990 (ASN-APPNEX, US)
PTR: 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ASN29990 (ASN-APPNEX, US)
PTR: 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
| ib.adnxs.com |
1
54.175.87.114
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-87-114.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-87-114.compute-1.amazonaws.com
| ups.analytics.yahoo.com |
3
2a03:2880:f112:182:face:b00c:0:25de
(Secaucus, United States)
ASN32934 (FACEBOOK, US)
ASN32934 (FACEBOOK, US)
| www.facebook.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 34 |
mirus.io
mx-api.prod.mirus.io — Cisco Umbrella Rank: 121569 peachy.prod.mirus.io — Cisco Umbrella Rank: 70131 ephemera.mirus.io — Cisco Umbrella Rank: 70336 |
686 KB |
| 8 |
adsrvr.org
2 redirects
match.adsrvr.org — Cisco Umbrella Rank: 296 js.adsrvr.org — Cisco Umbrella Rank: 1431 insight.adsrvr.org — Cisco Umbrella Rank: 575 |
7 KB |
| 8 |
demdex.net
1 redirects
dpm.demdex.net — Cisco Umbrella Rank: 198 statefarmmutualautomobileinsurancecompany.demdex.net — Cisco Umbrella Rank: 10079 |
10 KB |
| 6 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 151 |
287 KB |
| 6 |
ensighten.com
nexus.ensighten.com — Cisco Umbrella Rank: 2969 |
72 KB |
| 3 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 105 |
265 B |
| 3 |
pinterest.com
ct.pinterest.com — Cisco Umbrella Rank: 800 |
1 KB |
| 3 |
doubleclick.net
3 redirects
cm.g.doubleclick.net — Cisco Umbrella Rank: 202 |
979 B |
| 2 |
adnxs.com
2 redirects
ib.adnxs.com — Cisco Umbrella Rank: 203 |
2 KB |
| 2 |
pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 743 |
18 KB |
| 2 |
krxd.net
1 redirects
usermatch.krxd.net — Cisco Umbrella Rank: 1402 beacon.krxd.net — Cisco Umbrella Rank: 585 |
529 B |
| 2 |
yahoo.com
2 redirects
cms.analytics.yahoo.com — Cisco Umbrella Rank: 848 ups.analytics.yahoo.com — Cisco Umbrella Rank: 265 |
1 KB |
| 2 |
rlcdn.com
2 redirects
idsync.rlcdn.com — Cisco Umbrella Rank: 342 |
835 B |
| 2 |
statefarm.com
smetrics.statefarm.com — Cisco Umbrella Rank: 32031 |
2 KB |
| 2 |
terminsurance-sf.com
1 redirects
terminsurance-sf.com |
1 KB |
| 1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 44 |
73 KB |
| 1 |
everesttech.net
1 redirects
cm.everesttech.net — Cisco Umbrella Rank: 1048 |
517 B |
| 1 |
andrewforish.com
andrewforish.com |
152 KB |
| 74 | 18 |
| Domain | Requested by | |
|---|---|---|
| 29 | ephemera.mirus.io |
andrewforish.com
ephemera.mirus.io |
| 7 | dpm.demdex.net |
1 redirects
andrewforish.com
|
| 6 | connect.facebook.net |
andrewforish.com
connect.facebook.net terminsurance-sf.com |
| 6 | nexus.ensighten.com |
andrewforish.com
nexus.ensighten.com |
| 5 | match.adsrvr.org |
2 redirects
js.adsrvr.org
|
| 4 | peachy.prod.mirus.io |
mx-api.prod.mirus.io
andrewforish.com |
| 3 | www.facebook.com | |
| 3 | ct.pinterest.com |
s.pinimg.com
|
| 3 | cm.g.doubleclick.net | 3 redirects |
| 2 | ib.adnxs.com | 2 redirects |
| 2 | js.adsrvr.org |
www.googletagmanager.com
insight.adsrvr.org |
| 2 | s.pinimg.com |
terminsurance-sf.com
s.pinimg.com |
| 2 | idsync.rlcdn.com | 2 redirects |
| 2 | smetrics.statefarm.com |
nexus.ensighten.com
terminsurance-sf.com |
| 2 | terminsurance-sf.com | 1 redirects |
| 1 | ups.analytics.yahoo.com | 1 redirects |
| 1 | insight.adsrvr.org |
js.adsrvr.org
|
| 1 | beacon.krxd.net | |
| 1 | usermatch.krxd.net | 1 redirects |
| 1 | cms.analytics.yahoo.com | 1 redirects |
| 1 | www.googletagmanager.com |
nexus.ensighten.com
|
| 1 | cm.everesttech.net | 1 redirects |
| 1 | statefarmmutualautomobileinsurancecompany.demdex.net |
nexus.ensighten.com
|
| 1 | andrewforish.com |
terminsurance-sf.com
|
| 1 | mx-api.prod.mirus.io |
terminsurance-sf.com
|
| 74 | 25 |
This site contains links to these domains. Also see Links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| terminsurance-sf.com R3 |
2023-01-04 - 2023-04-04 |
3 months | crt.sh |
| mx-api.prod.mirus.io R3 |
2023-02-24 - 2023-05-25 |
3 months | crt.sh |
| peachy.prod.mirus.io R3 |
2023-02-14 - 2023-05-15 |
3 months | crt.sh |
| andrewforish.com R3 |
2023-02-23 - 2023-05-24 |
3 months | crt.sh |
| ephemera.mirus.io R3 |
2023-01-31 - 2023-05-01 |
3 months | crt.sh |
| nexus.ensighten.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-10-07 - 2023-10-14 |
a year | crt.sh |
| *.facebook.com DigiCert SHA2 High Assurance Server CA |
2023-01-10 - 2023-03-07 |
2 months | crt.sh |
| *.demdex.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-09-26 - 2023-10-27 |
a year | crt.sh |
| smetrics.statefarm.com Entrust Certification Authority - L1K |
2023-01-20 - 2024-02-19 |
a year | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2023-02-08 - 2023-05-03 |
3 months | crt.sh |
| *.pinterest.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-08-01 - 2023-08-08 |
a year | crt.sh |
| *.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020 |
2022-03-31 - 2023-05-02 |
a year | crt.sh |
This page contains 8 frames:
Primary Page:
https://andrewforish.com/
Frame ID: 5A62169BF6D940E30940BCE41CFE61BD
Requests: 59 HTTP requests in this frame
Frame:
https://statefarmmutualautomobileinsurancecompany.demdex.net/dest5.html?d_nsid=0
Frame ID: 29AFD17791CA62A9150EC275DA5DB340
Requests: 6 HTTP requests in this frame
Frame:
https://insight.adsrvr.org/track/up?adv=3davbp4&ref=https%3A%2F%2Fandrewforish.com%2F&upid=t8xbszz&upv=1.1.0
Frame ID: EBD5E5EFA8595067AEE0930884DDB19E
Requests: 2 HTTP requests in this frame
Frame:
https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=7892068118691078388&ttd_tdid=76fd115e-4851-472b-b8e3-46c3e5decfed
Frame ID: 9AC96485701A002D0F3B0B466DB53106
Requests: 1 HTTP requests in this frame
Frame:
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=76fd115e-4851-472b-b8e3-46c3e5decfed&google_gid=CAESENanXjBR982EFMrp5BCx4OQ&google_cver=1
Frame ID: C92B5E86ECD27DFB027F64FB74AD73AA
Requests: 1 HTTP requests in this frame
Frame:
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-2gBYoQ1E2uIKPfiNJzzeji_OVxe1PL4-~A&gdpr=0
Frame ID: 74A64665F6AD3F23BF667E54F4A7604A
Requests: 1 HTTP requests in this frame
Frame:
https://ct.pinterest.com/ct.html
Frame ID: 0C0DD59256966C7FD5D31D7DB3F0A3C8
Requests: 1 HTTP requests in this frame
Frame:
https://www.facebook.com/tr/
Frame ID: 034E7087A472976B2D17312BD864B7C0
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
State Farm ® PA, OH, WV, MD, NY - Auto, Home, and Life InsPage URL History Show full URLs
-
http://terminsurance-sf.com/
HTTP 301
https://terminsurance-sf.com/ Page URL
- https://andrewforish.com/ Page URL
Detected technologies
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Alpine.js
(JavaScript frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /alpine(?:\.min)?\.js
Ensighten
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- //nexus\.ensighten\.com/
Facebook
(Widgets)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagmanager\.com/gtm\.js
Page Statistics
27 Outgoing links
These are links going to different origins than the main page.
URL: https://proofing.statefarm.com/login-interceptor/login
Title: Log In
Title: Log In
Search URL Search Domain Scan URL
URL: https://www.google.com/maps/search/?api=1&z=22&query=40.583014%2C-79.56297&query_place_id=ChIJMUHtu87RNIgR7ia0h_hl5qg
Title: Location Map & Directions
Title: Location Map & Directions
Search URL Search Domain Scan URL
URL: https://get-id-card.delitess.c1.statefarm/view-insurance-card
Title: Get ID Card
Title: Get ID Card
Search URL Search Domain Scan URL
URL: https://www.yelp.com/biz/andrew-forish-state-farm-insurance-agent-apollo
Search URL Search Domain Scan URL
URL: https://www.google.com/search?q=andrew+forish+state+farm&safe=active&sxsrf=ALiCzsbEmANCPgM35NEU-Cj58YaWDFcE0g%3A1653057715406&ei=s6iHYsK7GNelqtsP4_CJ-A8&ved=0ahUKEwiC4a3vp-73AhXXkmoFHWN4Av8Q4dUDCA4&uact=5&oq=andrew+forish+state+farm&gs_lcp=Cgdnd3Mtd2l6EAMyBAgjECcyCwguEIAEEMcBEK8BOgcIIxCwAxAnOg4ILhCABBDHARCvARCwAzoJCAAQHhCwAxAHOgYIABAeEBZKBAhBGAFKBAhGGABQoQRYsw9g5xBoAXAAeACAAakCiAGZEJIBBTAuNS41mAEAoAEByAEFwAEB&sclient=gws-wiz
Search URL Search Domain Scan URL
URL: https://www.statefarm.com/insurance/retrievequote?agentAssociateId=9NS0G7CX8AK
Title: Continue a saved quote
Title: Continue a saved quote
Search URL Search Domain Scan URL
URL: https://www.statefarm.com/insurance/auto/resources/auto-insurance-checklist
Title: Items needed for a quote
Title: Items needed for a quote
Search URL Search Domain Scan URL
URL: https://www.statefarm.com/claims/file-a-claim
Title: File a Claim
Title: File a Claim
Search URL Search Domain Scan URL
URL: https://financials.statefarm.com/UnauthenticatedPaymentsUI-web/unauth/launchApp.do
Title: Send Payment
Title: Send Payment
Search URL Search Domain Scan URL
URL: https://www.statefarm.com/simple-insights/family/why-is-sunscreen-important?agentAssociateId=9NS0G7CX8AK
Title: Why is sunscreen important? Why is sunscreen important? Learn the ins and outs of sun protection and importance of sunscreen from this handy infographic. Read More
Title: Why is sunscreen important? Why is sunscreen important? Learn the ins and outs of sun protection and importance of sunscreen from this handy infographic. Read More
Search URL Search Domain Scan URL
URL: https://www.statefarm.com/simple-insights/residence/are-power-surges-damaging-your-electronics?agentAssociateId=9NS0G7CX8AK
Title: Can a power surge damage my electronics? Can a power surge damage my electronics? Prevent power surges from zapping your electronics and protect your property from electrical hazards by following these tips from State Farm. Read More
Title: Can a power surge damage my electronics? Can a power surge damage my electronics? Prevent power surges from zapping your electronics and protect your property from electrical hazards by following these tips from State Farm. Read More
Search URL Search Domain Scan URL
URL: https://www.statefarm.com/simple-insights/safety/the-real-consequences-of-drunk-driving?agentAssociateId=9NS0G7CX8AK
Title: The Real Consequences of Drunk Driving The Real Consequences of Drunk Driving What's at stake if you're caught drunk driving? A lot. These tips help you avoid the dangers of drinking and driving. Read More
Title: The Real Consequences of Drunk Driving The Real Consequences of Drunk Driving What's at stake if you're caught drunk driving? A lot. These tips help you avoid the dangers of drinking and driving. Read More
Search URL Search Domain Scan URL
URL: https://www.statefarm.com/simple-insights/?agentAssociateId=9NS0G7CX8AK
Title: View More Articles
Title: View More Articles
Search URL Search Domain Scan URL
URL: https://www.youtube.com/watch?v=5gPOQke9CrI
Title: Legacy Of Safety
Title: Legacy Of Safety
Search URL Search Domain Scan URL
URL: https://static1.st8fm.com/accessible-transcripts/LegacyOfSafetyStateFarmNeighborhoodAssistStateFarm.txt
Title: Audio Transcript
Title: Audio Transcript
Search URL Search Domain Scan URL
URL: https://www.youtube.com/watch?v=5zZOEHGj61Y
Title: Web Development for a good cause with 48in48
Title: Web Development for a good cause with 48in48
Search URL Search Domain Scan URL
URL: https://static1.st8fm.com/accessible-transcripts/WebDevelopmentforagoodcausewith48in48NeighborhoodofGood.txt
Title: Audio Transcript
Title: Audio Transcript
Search URL Search Domain Scan URL
URL: https://andrewforish.sfagentjobs.com/jobs
Title: https://andrewforish.sfagentjobs.com/jobs
Title: https://andrewforish.sfagentjobs.com/jobs
Search URL Search Domain Scan URL
URL: https://trupanion.com/pet-insurance/policy/view-sample-policy
Title: full policy
Title: full policy
Search URL Search Domain Scan URL
URL: https://www.statefarm.com/customer-care/privacy-security/privacy/about-our-ads
Title: Ads & Tracking
Title: Ads & Tracking
Search URL Search Domain Scan URL
URL: https://www.statefarm.com/customer-care/privacy-security/security
Title: Security & Fraud
Title: Security & Fraud
Search URL Search Domain Scan URL
URL: https://www.statefarm.com/about-us/diversity-inclusion/accessibility-statement
Title: Accessibility
Title: Accessibility
Search URL Search Domain Scan URL
URL: https://www.statefarm.com/customer-care/disclosures/terms-of-use
Title: Terms of Use
Title: Terms of Use
Search URL Search Domain Scan URL
URL: https://www.statefarm.com/customer-care/privacy-security/privacy
Title: Notice of Privacy Policy
Title: Notice of Privacy Policy
Search URL Search Domain Scan URL
URL: https://www.statefarm.com/customer-care/privacy-security/privacy/state-privacy-rights
Title: State Privacy Rights
Title: State Privacy Rights
Search URL Search Domain Scan URL
URL: https://itunes.apple.com/us/app/state-farm-pocket-agent/id318142137?mt=8
Search URL Search Domain Scan URL
URL: https://play.google.com/store/apps/details?id=com.statefarm.pocketagent
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://terminsurance-sf.com/
HTTP 301
https://terminsurance-sf.com/ Page URL
- https://andrewforish.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://terminsurance-sf.com/ HTTP 301
- https://terminsurance-sf.com/
- https://dpm.demdex.net/id?d_visid_ver=3.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1677570843121 HTTP 302
- https://dpm.demdex.net/id/rd?d_visid_ver=3.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1677570843121
- https://cm.everesttech.net/cm/dd?d_uuid=69744090945200623861977910629686072094 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y-2zHAAAAEuMSwNz
- https://idsync.rlcdn.com/365868.gif?partner_uid=69744090945200623861977910629686072094 HTTP 307
- https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomNjk3NDQwOTA5NDUyMDA2MjM4NjE5Nzc5MTA2Mjk2ODYwNzIwOTQQABoNCJzm9p8GEgUI6AcQAEIASgA HTTP 307
- https://dpm.demdex.net/ibs:dpid=477&dpuuid=41ff2ec41bab8c6bbdea1b82463ff3a04a2a6ac6323a300b2df0f73301a508f5b0da87c991749652
- https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=Njk3NDQwOTA5NDUyMDA2MjM4NjE5Nzc5MTA2Mjk2ODYwNzIwOTQ= HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=Njk3NDQwOTA5NDUyMDA2MjM4NjE5Nzc5MTA2Mjk2ODYwNzIwOTQ=&google_tc= HTTP 302
- https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEDXn4b8aDxPDs1a__gPR9iI&google_cver=1?gdpr=0&gdpr_consent=
- https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=andrewforish.com&ttd_tpi=1 HTTP 302
- https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=andrewforish.com&ttd_tpi=1 HTTP 302
- https://dpm.demdex.net/ibs:dpid=903&dpuuid=76fd115e-4851-472b-b8e3-46c3e5decfed
- https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=69744090945200623861977910629686072094&gdpr=0&gdpr_consent= HTTP 302
- https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-ASMVhtVE2pF8pnWs5SZsHGi9eiAJqnu.hsQ-~A
- https://usermatch.krxd.net/um/v2?partner=adobe&id=69744090945200623861977910629686072094 HTTP 302
- https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=69744090945200623861977910629686072094
- https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=76fd115e-4851-472b-b8e3-46c3e5decfed HTTP 307
- https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fmatch.adsrvr.org%252ftrack%252fcmf%252fappnexus%253fttd%253d1%2526anid%253d%2524UID%26ttd_tdid%3D76fd115e-4851-472b-b8e3-46c3e5decfed HTTP 302
- https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=7892068118691078388&ttd_tdid=76fd115e-4851-472b-b8e3-46c3e5decfed
- https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=NzZmZDExNWUtNDg1MS00NzJiLWI4ZTMtNDZjM2U1ZGVjZmVk&gdpr=0&gdpr_consent=&ttd_tdid=76fd115e-4851-472b-b8e3-46c3e5decfed HTTP 302
- https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=76fd115e-4851-472b-b8e3-46c3e5decfed&google_gid=CAESENanXjBR982EFMrp5BCx4OQ&google_cver=1
- https://ups.analytics.yahoo.com/ups/55953/sync?uid=76fd115e-4851-472b-b8e3-46c3e5decfed&_origin=1&redir=true&gdpr=0&gdpr_consent= HTTP 302
- https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-2gBYoQ1E2uIKPfiNJzzeji_OVxe1PL4-~A&gdpr=0
74 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
/
terminsurance-sf.com/ Redirect Chain
|
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
peachy-client
mx-api.prod.mirus.io/ |
65 KB 20 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
pageviews
peachy.prod.mirus.io/record/3.0/projects/null/events/ |
80 B 328 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H2 |
pageviews
peachy.prod.mirus.io/record/3.0/projects/null/events/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Primary Request
/
andrewforish.com/ |
599 KB 152 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
resize
ephemera.mirus.io/img/ |
103 KB 103 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Bootstrap.js
nexus.ensighten.com/statefarm/mirus/ |
76 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sdk.js
connect.facebook.net/en_US/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
MecherleSans-SemiBold.woff2
ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/da39a3ee5e6b4b0d3255bfef95601890afd80709/fonts/sf/ |
31 KB 32 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
resize
ephemera.mirus.io/img/ |
27 KB 27 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
resize
ephemera.mirus.io/img/ |
1 KB 1 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
MecherleSans-Regular.woff2
ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/da39a3ee5e6b4b0d3255bfef95601890afd80709/fonts/sf/ |
31 KB 32 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
MecherleSans-Bold.woff2
ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/da39a3ee5e6b4b0d3255bfef95601890afd80709/fonts/sf/ |
31 KB 31 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
MecherleSans-Medium.woff2
ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/da39a3ee5e6b4b0d3255bfef95601890afd80709/fonts/sf/ |
31 KB 32 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
resize
ephemera.mirus.io/img/ |
2 KB 2 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
resize
ephemera.mirus.io/img/ |
2 KB 2 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
resize
ephemera.mirus.io/img/ |
13 KB 14 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
resize
ephemera.mirus.io/img/ |
10 KB 10 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
alpineFileInput.js
ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/da39a3ee5e6b4b0d3255bfef95601890afd80709/js/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
resize
ephemera.mirus.io/img/ |
3 KB 4 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
alpine.js
ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/da39a3ee5e6b4b0d3255bfef95601890afd80709/js/ |
55 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
lazysizes.js
ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/da39a3ee5e6b4b0d3255bfef95601890afd80709/js/ |
8 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
scrollToElement.js
ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/da39a3ee5e6b4b0d3255bfef95601890afd80709/js/ |
491 B 594 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utils.js
ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/da39a3ee5e6b4b0d3255bfef95601890afd80709/js/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
svgIcon.js
ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/da39a3ee5e6b4b0d3255bfef95601890afd80709/js/ |
122 B 412 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
alpineContactForm.js
ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/da39a3ee5e6b4b0d3255bfef95601890afd80709/js/ |
111 KB 53 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sdk.js
connect.facebook.net/en_US/ |
306 KB 87 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
rd
dpm.demdex.net/id/ Redirect Chain
|
1 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
serverComponent.php
nexus.ensighten.com/statefarm/mirus/ |
390 B 697 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1ba502fdbfa062dcf1ad19b41f833b80.js
nexus.ensighten.com/statefarm/mirus/code/ |
164 KB 46 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
37a6eb7558cd7caddabc4d41df02ff83.js
nexus.ensighten.com/statefarm/mirus/code/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
MecherleLegal-Medium.woff2
ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/da39a3ee5e6b4b0d3255bfef95601890afd80709/fonts/sf/ |
32 KB 33 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
MecherleLegal-Regular.woff2
ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/da39a3ee5e6b4b0d3255bfef95601890afd80709/fonts/sf/ |
32 KB 32 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
resize
ephemera.mirus.io/img/ |
146 KB 147 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
resize
ephemera.mirus.io/img/ |
3 KB 3 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
e.gif
nexus.ensighten.com/error/ |
0 248 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
dest5.html
statefarmmutualautomobileinsurancecompany.demdex.net/ Frame 29AF |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
id
smetrics.statefarm.com/ |
48 B 465 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ibs:dpid=411&dpuuid=Y-2zHAAAAEuMSwNz
dpm.demdex.net/ Redirect Chain
|
42 B 940 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
resize
ephemera.mirus.io/img/ |
6 KB 7 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
resize
ephemera.mirus.io/img/ |
10 KB 11 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
resize
ephemera.mirus.io/img/ |
25 KB 26 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
resize
ephemera.mirus.io/img/ |
4 KB 4 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
s0721155393799
smetrics.statefarm.com/b/ss/sfglobalprod/10/JS-2.1.0/ |
1 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ibs:dpid=477&dpuuid=41ff2ec41bab8c6bbdea1b82463ff3a04a2a6ac6323a300b2df0f73301a508f5b0da87c991749652
dpm.demdex.net/ Frame 29AF Redirect Chain
|
42 B 940 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ibs:dpid=771&dpuuid=CAESEDXn4b8aDxPDs1a__gPR9iI&google_cver=1
dpm.demdex.net/ Frame 29AF Redirect Chain
|
42 B 940 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gtm.js
www.googletagmanager.com/ |
391 KB 73 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
e.gif
nexus.ensighten.com/error/ |
0 248 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
pageviews
peachy.prod.mirus.io/record/3.0/projects/PID/events/ |
80 B 325 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H2 |
pageviews
peachy.prod.mirus.io/record/3.0/projects/PID/events/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ibs:dpid=903&dpuuid=76fd115e-4851-472b-b8e3-46c3e5decfed
dpm.demdex.net/ Frame 29AF Redirect Chain
|
42 B 940 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ibs:dpid=30646
dpm.demdex.net/ Frame 29AF Redirect Chain
|
42 B 940 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
usermatch.gif
beacon.krxd.net/ Frame 29AF Redirect Chain
|
0 338 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
fbevents.js
connect.facebook.net/en_US/ |
106 KB 27 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
core.js
s.pinimg.com/ct/ |
1 KB 751 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
up_loader.1.1.0.js
js.adsrvr.org/ |
4 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
1673276772914128
connect.facebook.net/signals/config/ |
151 KB 41 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
up
insight.adsrvr.org/track/ Frame EBD5 |
893 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
main.8b1025ba.js
s.pinimg.com/ct/lib/ |
56 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
universal_pixel.1.1.0.js
js.adsrvr.org/ Frame EBD5 |
487 B 987 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
inferredevents.js
connect.facebook.net/signals/plugins/ |
72 KB 21 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
appnexus
match.adsrvr.org/track/cmf/ Frame 9AC9 Redirect Chain
|
70 B 609 B |
Document
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
google
match.adsrvr.org/track/cmf/ Frame C92B Redirect Chain
|
70 B 609 B |
Document
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
generic
match.adsrvr.org/track/cmf/ Frame 74A6 Redirect Chain
|
70 B 609 B |
Document
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
ct.pinterest.com/user/ |
540 B 607 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
ct.pinterest.com/v3/ |
35 B 247 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
1936962093151750
connect.facebook.net/signals/config/ |
377 KB 108 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.facebook.com/tr/ |
0 185 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ct.html
ct.pinterest.com/ Frame 0C0D |
565 B 403 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.facebook.com/tr/ |
0 31 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
resize
ephemera.mirus.io/img/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
resize
ephemera.mirus.io/img/ |
19 KB 19 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
resize
ephemera.mirus.io/img/ |
4 KB 4 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
/
www.facebook.com/tr/ Frame 034E |
0 49 B |
Document
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
%20at%20c.Rule.code%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2Fcode%2F1ba502fdbfa062dcf1ad19b41f833b80.js%3FconditionId0%3D423109%3A32%3A378)%20at%20c.Rule.execute%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A11%3A28)%20at%20e.test%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A6%3A484)%20at%20c.testAll%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A9%3A90)%20at%20c.Rule.execute%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A11%3A226)%20at%20e.test%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A6%3A484)%20at%20c.testAll%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A9%3A90)%20at%20c.Rule.execute%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A11%3A226)%20at%20e.test%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A6%3A484)%20at%20c.testAll%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A9%3A90)&lnn=-1&fn=SC%3A%20Microsites%20Prod&cid=603&client=statefarm&publishPath=mirus&rid=3850531&did=486748&errorName=){kind=link}
%20at%20c.Rule.code%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2Fcode%2F1ba502fdbfa062dcf1ad19b41f833b80.js%3FconditionId0%3D423109%3A32%3A378)%20at%20c.Rule.execute%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A11%3A28)%20at%20e.test%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A6%3A484)%20at%20c.testAll%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A9%3A90)%20at%20c.Rule.execute%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A11%3A226)%20at%20e.test%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A6%3A484)%20at%20c.testAll%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A9%3A90)%20at%20c.Rule.execute%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A11%3A226)%20at%20e.test%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A6%3A484)%20at%20c.testAll%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A9%3A90)&lnn=-1&fn=SC%3A%20Microsites%20Prod&cid=603&client=statefarm&publishPath=mirus&rid=3850531&did=486748&errorName=){kind=link}
%20at%20c.Rule.code%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2Fcode%2F1ba502fdbfa062dcf1ad19b41f833b80.js%3FconditionId0%3D423109%3A14%3A403)%20at%20c.Rule.execute%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A11%3A28)%20at%20e.test%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A6%3A484)%20at%20c.testAll%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A9%3A90)%20at%20c.Rule.execute%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A11%3A226)%20at%20e.test%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A6%3A484)%20at%20c.testAll%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A9%3A90)%20at%20c.callOnDOMLoaded%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A30%3A32)&lnn=-1&fn=Microsites%20New%20M-Pages&cid=603&client=statefarm&publishPath=mirus&rid=3816425&did=710940&errorName=){kind=link}
%20at%20c.Rule.code%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2Fcode%2F1ba502fdbfa062dcf1ad19b41f833b80.js%3FconditionId0%3D423109%3A14%3A403)%20at%20c.Rule.execute%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A11%3A28)%20at%20e.test%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A6%3A484)%20at%20c.testAll%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A9%3A90)%20at%20c.Rule.execute%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A11%3A226)%20at%20e.test%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A6%3A484)%20at%20c.testAll%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A9%3A90)%20at%20c.callOnDOMLoaded%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A30%3A32)&lnn=-1&fn=Microsites%20New%20M-Pages&cid=603&client=statefarm&publishPath=mirus&rid=3816425&did=710940&errorName=){kind=link}
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- ephemera.mirus.io
- URL
- https://ephemera.mirus.io/img/resize?width=100&type=auto&url=https%3A%2F%2Fstatic1.st8fm.com%2Fen_US%2Fimg%2Fsi%2F750%2Fthe-real-consequences-of-drunk-driving-wide.jpg
Verdicts & Comments Add Verdict or Comment
71 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 boolean| credentialless object| dataLayer object| dl function| initOfficeHours function| setImmediate function| clearImmediate object| peachyClient function| initQuoteForm object| FB object| ensBootstraps object| Bootstrapper function| Visitor object| s_c_il number| s_c_in object| visitor function| initFileInput function| initM2TabControl function| initContactForm object| Alpine object| lazySizes function| scrollToElement object| __mirus_utilities function| svgIcon object| __buffer function| errorLogging string| sName string| h string| p string| t function| AppMeasurement_Module_ActivityMap function| AppMeasurement_Module_AudienceManagement function| AppMeasurement_Module_Media function| AppMeasurement function| s_gi function| s_pgicq boolean| _frstRun undefined| _scTempPrevURL object| _scHtml object| _langButtons undefined| _i string| s_account function| DIL number| s_objectID number| s_giq object| s string| s_urlPathEmber boolean| s_emberIndicator boolean| screenChange string| s_testsplitpath string| str string| newstr string| _scLang string| v string| k string| s_campaignSet undefined| prop31 object| s_i_sfglobalprod object| GTMdataLayer function| daGTMAdd string| s_clickEquivalentEvent function| intentEvent function| sendEvent object| google_tag_manager object| google_tag_data function| fbq function| _fbq function| pintrk function| ttd_dom_ready function| TTDUniversalPixelApi33 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| terminsurance-sf.com/ | Name: __cheesecrd_version Value: master |
|
| terminsurance-sf.com/ | Name: keen Value: {%22initialReferrer%22:null} |
|
| andrewforish.com/ | Name: __cheesecrd_version Value: master |
|
| .demdex.net/ | Name: demdex Value: 69744090945200623861977910629686072094 |
|
| .andrewforish.com/ | Name: s_gad Value: 1 |
|
| .andrewforish.com/ | Name: AMCVS_AAD53BC75245B4BA0A490D4D%40AdobeOrg Value: 1 |
|
| .statefarm.com/ | Name: s_ecid Value: MCMID%7C77165417450744408141201984973911201986 |
|
| .andrewforish.com/ | Name: s_pre_pn Value: sf%3Aus%3Aagent-micro-m%3A9NS0G7CX8AK |
|
| .andrewforish.com/ | Name: s_pre_v6 Value: andrewforish.com |
|
| .andrewforish.com/ | Name: s_dl Value: 1 |
|
| .andrewforish.com/ | Name: s_cm Value: other%20natural%20referrersundefinedterminsurance-sf.com |
|
| .andrewforish.com/ | Name: s_ev32 Value: %5B%5B%27referring%2520domains%27%2C%271677570843921%27%5D%5D |
|
| .andrewforish.com/ | Name: s_session Value: s_prev_url%3Dhttps%3A%2F%2Fandrewforish.com%2F%7Creferrer%3Dhttps%3A%2F%2Fterminsurance-sf.com%2F%7Centry%3Dhttps%3A%2F%2Fandrewforish.com%2F%7Cs_prev_channel%3Dundefined%7Cs_prev_ch%3Dagent-micro-m%7Cs_prev_pn%3D9NS0G7CX8AK%7Cs_prev_pageName%3Dundefined%7Cmc%3Dreferring%20domains%7C |
|
| .andrewforish.com/ | Name: s_cc Value: true |
|
| .andrewforish.com/ | Name: AAMC_statefarmmutualautomobileinsurancecompany_0 Value: REGION%7C7 |
|
| .andrewforish.com/ | Name: aam_uuid Value: 69744090945200623861977910629686072094 |
|
| .everesttech.net/ | Name: everest_g_v2 Value: g_surferid~Y-2zHAAAAEuMSwNz |
|
| .rlcdn.com/ | Name: rlas3 Value: tROa5X8zqrsw0mSEGbg7hkXUgdS7LgJHLaB+P/pQfno= |
|
| .dpm.demdex.net/ | Name: dpm Value: 69744090945200623861977910629686072094 |
|
| .andrewforish.com/ | Name: AMCV_AAD53BC75245B4BA0A490D4D%40AdobeOrg Value: 690614123%7CMCIDTS%7C19417%7CMCMID%7C77165417450744408141201984973911201986%7CMCAAMLH-1678175643%7C7%7CMCAAMB-1678175643%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1677578043s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19424%7CvVersion%7C3.1.0 |
|
| andrewforish.com/ | Name: keen Value: {%22uuid%22:%22b948b7bf-01a2-43df-99a9-47c0dfd22a0d%22%2C%22initialReferrer%22:%22https://terminsurance-sf.com/%22} |
|
| .rlcdn.com/ | Name: pxrc Value: CJzm9p8GEgUI6AcQABIGCPHrARAA |
|
| .adsrvr.org/ | Name: TDID Value: 76fd115e-4851-472b-b8e3-46c3e5decfed |
|
| .demdex.net/ | Name: dextp Value: 60-1-1677570843965|771-1-1677570844068|903-1-1677570844185|30646-1-1677570844286|66757-1-1677570844387 |
|
| .doubleclick.net/ | Name: IDE Value: AHWqTUklSWn4iSQcYZGYjC2lxXbVrYLyjXxfA-HymD4NHlafp2LI8GBZXzj5quBHwuQ |
|
| .andrewforish.com/ | Name: _gcl_au Value: 1.1.1837998748.1677570845 |
|
| .yahoo.com/ | Name: A3 Value: d=AQABBByz_WMCED161s719e3GITtDUIP91isFEgEBAQEE_2MHZAAAAAAA_eMAAA&S=AQAAAgOplrrI9zauYpIbBya3N5A |
|
| .krxd.net/ | Name: _kuid_ Value: PZ_s876o |
|
| .andrewforish.com/ | Name: _fbp Value: fb.1.1677570844965.1466790374 |
|
| .andrewforish.com/ | Name: _pin_unauth Value: dWlkPU9EUTJORFppTXpRdE1XSTNNeTAwTlRnekxXRXdPV0l0TkRRNE1HVTRNR1ZrT0RnNA |
|
| .adnxs.com/ | Name: uuid2 Value: 7892068118691078388 |
|
| .analytics.yahoo.com/ | Name: IDSYNC Value: 1769~2a8v |
|
| .adsrvr.org/ | Name: TDCPM Value: CAESEgoDYWFtEgsIjoHY6t_azDsQBRIXCghhcHBuZXh1cxILCMbjku7f2sw7EAUSFQoGZ29vZ2xlEgsIjN3P8N_azDsQBRIZCgpyaWdodG1lZGlhEgsI5Oyl7t_azDsQBRgFIAIoAzILCMbblZv22sw7EAVCDyINCAESCQoFdGllcjEQAVoHM2RhdmJwNGAB |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
andrewforish.com
beacon.krxd.net
cm.everesttech.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
ct.pinterest.com
dpm.demdex.net
ephemera.mirus.io
ib.adnxs.com
idsync.rlcdn.com
insight.adsrvr.org
js.adsrvr.org
match.adsrvr.org
mx-api.prod.mirus.io
nexus.ensighten.com
peachy.prod.mirus.io
s.pinimg.com
smetrics.statefarm.com
statefarmmutualautomobileinsurancecompany.demdex.net
terminsurance-sf.com
ups.analytics.yahoo.com
usermatch.krxd.net
www.facebook.com
www.googletagmanager.com
ephemera.mirus.io
104.198.70.133
142.251.40.130
143.204.138.162
151.101.0.84
174.129.176.59
18.164.116.22
18.213.152.51
2600:1400:9000:286::1931
2607:f8b0:4006:824::2008
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:182:face:b00c:0:25de
2a09:8280:1::1ce
3.82.73.135
34.69.219.172
35.172.249.65
35.190.60.146
44.194.115.212
52.223.40.198
54.175.87.114
63.140.38.226
68.67.160.137
76.13.32.147
043891a7206d150a132a7ad634a0a1bd409e13b08818bf7b5c6b2a519dd75433
048d38b83986d01ae3a3415e05a14e2e89b1eef358fc98762d9ecc5d68d79854
06a98bda583c1db68279699915f38d7a84a56fc7621a1048fccb46b9a46defe2
136414855441642aee3e0f0ca5aa96a5ef9afe5f435b0fa2203de01c22c92ef0
146046061120ce2129efff050241412a8d572d155ad0998c934f20bfad09ef8d
14f625816fea4994c55fb1075de867ffc1c0a6107bc533fdac2c7b8e67867246
172659fea4c16184bd4065c362a0229ed51805bc758576330fab395b34726624
2176a788d2654a7cb03f939214356c1705d16d30e38558e8695b7303444461b7
29ea949517218fe50776722615c498f07681b805ca6d4e535d5786031557bf29
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
440b92fb87f07a2ca6903e1d0dab55e793db48dee05d89333762f60012951cd4
452142b3ddf609268cc9e35391334d0043b4b2f7e6fe1e02240346bbdb0957c4
4e496d8e4a39943f02bce2f2c230435f073f4295766afa0df4152b15b148c989
5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a
5c1b133e4da2d3c32efabe11e0aea725cf19372d47fa794ff41df965bf5ebe59
5cca16f85c6a40f7ea6ca088b90e94c1373056aa39cd8cd6e1ab936802dcc4ec
5d0f0407096d756184fee3329b904656d444a8a256b8fa9948caed8d70c10ece
5d1ea495ea1a16258d3c7229e45e3c0934cd19e681300237af48183d7fe10980
63b2f0b99fea462c96bdb35799e62b4cb534a14b09ee95c6632a7828959e63eb
6dc043bd1b8c60a2d8c2d356aa812d10f4070f15b56bd8e8e07f5c09a18113e3
6e17fa3cc4118440d1111d00c3aca6e3183e736de354210eafe140eb92dba8d7
6eef9707eec553bb30fd2c014ff003fd85290bf64bdabce762d16c8c7c7d3d42
734c888b490f0e385eca51abdc568dcb368b8c24d728c06e2acb5b4002f22c24
77ad5d8c41d29606b03f98cc1fcabe0fdbca93c411a63596a9ace9b84e3a9640
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
8076f9015c3206c45e6b126361bcd20de5d0e5b7adf44f39f6e7341655009109
820aa617ca868a27915131c3c75fe9e6f7b889739293bce9c6ed55a322fade0b
891eec21df42d40440bc9c3dee3aa2dda8ada02102865925b7edc7e4802f46f6
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e19918b008d46042fc6a4ed746b8e836dddbf893a3852f20853abb46dd6d5dd
8fd0e79fe04e510f99d7693dd7ee10ddd58a662c42732a03626f6c1447b09154
a52640e24aeb0e434571f21a7266ce572f34be5bc5ac242785ae94fcc9031e99
a7e77c4ed00585a08b390d1459cb0358c5b5934caaaf983abd8f28ebadb832c6
a81bd873357a1b8a21318aa658f70351ba1652102a15bbf2cd98023e532ef1d9
aa8784be13576e4bd3497ea3bc1487bbdd08b5b0cb754b484ece3a72834228fb
aef8a63b908318446f3376b9351fe8538b05d52b4067f865b8c09ae659bdaa0b
af03e77d62fbc792d45f6385ceb338f45e61065af9d0eb98c6992a5c3681dede
b8bc333b53e0a75d2248ba7389df0e378a2ba48bce3ad993109b8253f06a3f03
bddb679cd0e715b6ad82a75e80189439d1ffe3be641c9666fd29f3b545a4a77b
befea78b20324739582ae2458e7b3677fd4ac77acbf60aaeb476e4fcd84e58b1
c0abe15987147036e8479ab7e9297784bc5b3c70c5cd20a8e2e0d294f522458c
c12abe16b6b4df8328c76e18c5eabb98aabbb7b1d098d4881818e5efd771f086
c7c23d9f330a67b39ade5d798487155a71707570238ca1264e0088f106a29171
ca4079b45eb719dafb86f764c262fae2518608b533d4714aa5f897d961001cf1
cab52dc3525d23d87fc3337ea17253060c6f723389a33e62699d510f1878972b
d599ac64a683a6635e83ae06b947627fe995fedd193bda8d544f432d42a985aa
d835ef5a85deb9cccbe7c01f71fa555d72c25b49f07368645fba6022d79273a5
d98509f5351c7f8a41a5aa749a3ca3e1fe31984a4e8dddbe436508e69b77434e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e653fe7eca6c1e58fc4c00f5df3f8ab21cfdf67fe662988e1ed5fc032857d833
e98fa00f596fc1a1e7a52a7814de4d52f6ed47adb6c3bcf90ba42999b93a4b88
ec3842cdee5c382b716601b4e452c6402b6b01f1269641c334a0809db0afd3cf
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f087f49b3446092afca3b478660b7c1c96ce50564660e95f53b264e6916207e3
f298fa5e6a38d3b65fb4dca29ab338303266ee4a77944a12a6a74b64c0dcef3c
f61383b86c6f2cc9441a0cd49719f86bf94f96e2ccee2a36f183b47c36611a71
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3