www.diquotestat.com
Open in
urlscan Pro
104.248.10.18
Public Scan
Effective URL: https://www.diquotestat.com/?apcid=0065c3e747a502bb26290206&campid=801245&utm_campaign=240312-di-diqs-rf-starting&utm_conten...
Submission: On March 12 via manual from IN — Scanned from DE
Summary
TLS certificate: Issued by R3 on January 17th 2024. Valid for: 3 months.
This is the only time www.diquotestat.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN16509 (AMAZON-02, US)
PTR: ec2-3-20-48-63.us-east-2.compute.amazonaws.com
pilotl.ink |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-191-84.eu-central-1.compute.amazonaws.com
widget.manychat.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com
dev.visualwebsiteoptimizer.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-56.fra2.r.cloudfront.net
cdn3l.ink |
ASN14618 (AMAZON-AES, US)
PTR: s3-1-w.amazonaws.com
pattern-media.s3.amazonaws.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-13-70-248.us-east-2.compute.amazonaws.com
capture-api.ap3prod.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-37-240.eu-central-1.compute.amazonaws.com
manychat.com |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-36.fra60.r.cloudfront.net
chat-widget.hiverhq.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-44-235-175-98.us-west-2.compute.amazonaws.com
chat-api.hiverhq.com |
ASN32934 (FACEBOOK, US)
www.facebook.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
diquotestat.com
2 redirects
www.diquotestat.com |
571 KB |
10 |
hiverhq.com
chat-widget.hiverhq.com — Cisco Umbrella Rank: 359386 chat-api.hiverhq.com — Cisco Umbrella Rank: 218731 |
249 KB |
4 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180 |
160 KB |
3 |
bing.com
bat.bing.com — Cisco Umbrella Rank: 375 |
14 KB |
3 |
google.de
www.google.de — Cisco Umbrella Rank: 6744 |
622 B |
3 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 84 |
453 B |
3 |
google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2656 www.google.com — Cisco Umbrella Rank: 2 |
719 B |
3 |
amazonaws.com
pattern-media.s3.amazonaws.com |
84 KB |
3 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40 |
280 KB |
3 |
manychat.com
widget.manychat.com — Cisco Umbrella Rank: 54902 manychat.com — Cisco Umbrella Rank: 39229 |
1 KB |
2 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 29 |
21 KB |
2 |
omappapi.com
a.omappapi.com — Cisco Umbrella Rank: 5735 api.omappapi.com — Cisco Umbrella Rank: 5846 |
4 KB |
2 |
trackcmp.net
trackcmp.net — Cisco Umbrella Rank: 9156 |
463 B |
2 |
cdn3l.ink
cdn3l.ink — Cisco Umbrella Rank: 124976 |
57 KB |
2 |
visualwebsiteoptimizer.com
dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 2716 |
2 KB |
2 |
npmcdn.com
1 redirects
npmcdn.com — Cisco Umbrella Rank: 27182 |
6 KB |
1 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 100 |
273 B |
1 |
cdnfonts.com
fonts.cdnfonts.com — Cisco Umbrella Rank: 7749 |
809 B |
1 |
ap3prod.com
capture-api.ap3prod.com — Cisco Umbrella Rank: 69900 |
625 B |
1 |
mccdn.me
mccdn.me — Cisco Umbrella Rank: 46864 |
239 KB |
1 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 310 |
4 KB |
1 |
opmnstr.com
a.opmnstr.com — Cisco Umbrella Rank: 26393 |
18 KB |
1 |
pilotl.ink
1 redirects
pilotl.ink |
471 B |
66 | 23 |
Domain | Requested by | |
---|---|---|
16 | www.diquotestat.com |
2 redirects
www.diquotestat.com
|
6 | chat-api.hiverhq.com |
chat-widget.hiverhq.com
|
4 | chat-widget.hiverhq.com |
www.diquotestat.com
chat-widget.hiverhq.com |
4 | connect.facebook.net |
mccdn.me
connect.facebook.net www.diquotestat.com |
3 | bat.bing.com |
www.googletagmanager.com
bat.bing.com |
3 | www.google.de |
www.diquotestat.com
|
3 | stats.g.doubleclick.net |
www.googletagmanager.com
www.google-analytics.com |
3 | pattern-media.s3.amazonaws.com |
www.diquotestat.com
|
3 | www.googletagmanager.com |
www.diquotestat.com
www.googletagmanager.com www.google-analytics.com |
2 | manychat.com |
mccdn.me
|
2 | region1.analytics.google.com |
www.googletagmanager.com
|
2 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
2 | trackcmp.net |
www.diquotestat.com
|
2 | cdn3l.ink |
www.diquotestat.com
|
2 | dev.visualwebsiteoptimizer.com |
www.diquotestat.com
|
2 | npmcdn.com |
1 redirects
www.diquotestat.com
|
1 | www.facebook.com | |
1 | fonts.cdnfonts.com |
chat-widget.hiverhq.com
|
1 | www.google.com |
www.diquotestat.com
|
1 | capture-api.ap3prod.com |
cdn3l.ink
|
1 | mccdn.me |
widget.manychat.com
|
1 | api.omappapi.com |
a.opmnstr.com
|
1 | a.omappapi.com |
a.opmnstr.com
|
1 | cdn.jsdelivr.net |
www.diquotestat.com
|
1 | widget.manychat.com |
www.diquotestat.com
|
1 | a.opmnstr.com |
www.diquotestat.com
|
1 | pilotl.ink | 1 redirects |
66 | 27 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.diquotestat.com R3 |
2024-01-17 - 2024-04-16 |
3 months | crt.sh |
a.opmnstr.com R3 |
2024-02-14 - 2024-05-14 |
3 months | crt.sh |
widget.manychat.com Sectigo ECC Domain Validation Secure Server CA |
2023-04-25 - 2024-04-17 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-05-02 - 2024-05-01 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2024-02-19 - 2024-05-13 |
3 months | crt.sh |
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2 |
2023-07-06 - 2024-07-06 |
a year | crt.sh |
static.ap3prod.com Amazon RSA 2048 M01 |
2023-06-14 - 2024-07-13 |
a year | crt.sh |
*.s3.amazonaws.com Amazon RSA 2048 M01 |
2023-10-10 - 2024-07-03 |
9 months | crt.sh |
a.omappapi.com R3 |
2024-02-14 - 2024-05-14 |
3 months | crt.sh |
omappapi.com GTS CA 1P5 |
2024-02-19 - 2024-05-19 |
3 months | crt.sh |
mccdn.me E1 |
2024-02-29 - 2024-05-29 |
3 months | crt.sh |
*.ap3prod.com Amazon RSA 2048 M03 |
2024-01-16 - 2025-02-13 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2024-02-19 - 2024-05-13 |
3 months | crt.sh |
www.google.de GTS CA 1C3 |
2024-02-19 - 2024-05-13 |
3 months | crt.sh |
manychat.com Sectigo ECC Domain Validation Secure Server CA |
2023-06-27 - 2024-07-27 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2023-12-21 - 2024-03-20 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2024-02-19 - 2024-05-13 |
3 months | crt.sh |
www.bing.com Microsoft Azure TLS Issuing CA 02 |
2024-01-21 - 2024-06-27 |
5 months | crt.sh |
hiverhq.com Amazon RSA 2048 M02 |
2023-08-17 - 2024-09-15 |
a year | crt.sh |
cdnfonts.com GTS CA 1P5 |
2024-01-28 - 2024-04-27 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.diquotestat.com/?apcid=0065c3e747a502bb26290206&campid=801245&utm_campaign=240312-di-diqs-rf-starting&utm_content=240312-di-diqs-rf-starting&utm_medium=email&utm_source=ortto
Frame ID: 7943004E535FFE2A14F500493EDD2C51
Requests: 56 HTTP requests in this frame
Frame:
https://chat-widget.hiverhq.com/chat-widget/widget.html?website_token=3E83igb2QVoPRcVs5HNB5Axx
Frame ID: C8E2E08DCCDF8DA896D5AEBE2275FA1C
Requests: 7 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://pilotl.ink/r?i=patternmain&e=cbs4hz2huublwjrjaidbazpqpts7seb7dda6nzicdkfxpxicid4nfdo3x7...
HTTP 302
https://www.diquotestat.com/?apcid=0065c3e747a502bb26290206&campid=801245&utm_campaign=240312-di-diqs-rf... Page URL
Detected technologies
Facebook (Widgets) ExpandDetected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
ManyChat (Marketing automation) Expand
Detected patterns
- widget\.manychat\.com
jsDelivr (CDN) Expand
Detected patterns
- <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://pilotl.ink/r?i=patternmain&e=cbs4hz2huublwjrjaidbazpqpts7seb7dda6nzicdkfxpxicid4nfdo3x7xwrrtsvez5nka7ze65wcyffcmhix4bme6ciokd6bth5a2rkkke4th4534exs4eb65m3zdfg5uo4kft
HTTP 302
https://www.diquotestat.com/?apcid=0065c3e747a502bb26290206&campid=801245&utm_campaign=240312-di-diqs-rf-starting&utm_content=240312-di-diqs-rf-starting&utm_medium=email&utm_source=ortto Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 10- https://npmcdn.com/flatpickr/dist/themes/confetti.css HTTP 302
- https://npmcdn.com/flatpickr@4.6.13/dist/themes/confetti.css
- https://www.diquotestat.com/imageRedirect/s3?asset=/media/uploaded-files/powered%20by_transparent-02-200w.png HTTP 302
- https://pattern-media.s3.amazonaws.com/media/uploaded-files/powered%20by_transparent-02-200w.png?X-Amz-Content-Sha256=UNSIGNED-PAYLOAD&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAJ5MBLWM7KZYY2VGA%2F20240312%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240312T215417Z&X-Amz-SignedHeaders=host&X-Amz-Expires=300&X-Amz-Signature=9bf2ca27f27b00c2e8f349bd8a7b9abb47c1fd7d15f12af6d6073668ddb93568
- https://www.diquotestat.com/imageRedirect/s3?asset=/statamicSiteBuild/trusted-physician-disability-insurance-and-life-insurance-disability-insurance-is-complicated-diquote.jpg HTTP 302
- https://pattern-media.s3.amazonaws.com/statamicSiteBuild/trusted-physician-disability-insurance-and-life-insurance-disability-insurance-is-complicated-diquote.jpg?X-Amz-Content-Sha256=UNSIGNED-PAYLOAD&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAJ5MBLWM7KZYY2VGA%2F20240312%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240312T215417Z&X-Amz-SignedHeaders=host&X-Amz-Expires=300&X-Amz-Signature=9d2d25c21e4d88d00d10145ce1a0b782b653b85e9619a8fd5ff006eb19df109a
66 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.diquotestat.com/ Redirect Chain
|
49 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DroidSerif-Regular-webfont.woff
www.diquotestat.com/fonts/droidserif/ |
27 KB 27 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DroidSerif-Bold-webfont.woff
www.diquotestat.com/fonts/droidserif/ |
27 KB 27 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OpenSans-Bold-webfont.woff
www.diquotestat.com/fonts/opensans/ |
20 KB 20 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OpenSans-Regular-webfont.woff
www.diquotestat.com/fonts/opensans/ |
20 KB 20 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BrandonText-Bold.woff
www.diquotestat.com/fonts/jsdrift/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BrandonText-Regular.woff
www.diquotestat.com/fonts/jsdrift/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.min.js
a.opmnstr.com/app/js/ |
51 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.css
www.diquotestat.com/css/ |
2 MB 93 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
480877268635606.js
widget.manychat.com/ |
1 KB 897 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flatpickr.min.css
cdn.jsdelivr.net/npm/flatpickr/dist/ |
16 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
confetti.css
npmcdn.com/flatpickr@4.6.13/dist/themes/ Redirect Chain
|
19 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-horz-220h.png
www.diquotestat.com/assets/ |
20 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.js
www.diquotestat.com/js/ |
484 KB 138 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
281 KB 96 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
j.php
dev.visualwebsiteoptimizer.com/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.js
cdn3l.ink/ |
123 KB 29 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-horz-220h.png
www.diquotestat.com/assets/ |
20 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
VOTED-BEST-PLACE.png
pattern-media.s3.amazonaws.com/statamicSiteBuild/ |
397 B 803 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Poppins-Regular.ttf
www.diquotestat.com/fonts/poppins/ |
155 KB 66 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Lora-Bold.ttf
www.diquotestat.com/fonts/lora/ |
131 KB 63 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Poppins-Bold.ttf
www.diquotestat.com/fonts/poppins/ |
150 KB 65 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
powered%20by_transparent-02-200w.png
pattern-media.s3.amazonaws.com/media/uploaded-files/ Redirect Chain
|
14 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
trusted-physician-disability-insurance-and-life-insurance-disability-insurance-is-complicated-diquote.jpg
pattern-media.s3.amazonaws.com/statamicSiteBuild/ Redirect Chain
|
68 KB 68 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
visit
trackcmp.net/ |
0 420 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.min.css
a.omappapi.com/app/js/ |
10 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
32375
api.omappapi.com/v2/embed/ |
165 B 591 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
widget.js
mccdn.me/assets/js/ |
893 KB 239 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v.gif
dev.visualwebsiteoptimizer.com/ |
35 B 143 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
page-event
capture-api.ap3prod.com/-/events/ |
185 B 625 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
295 KB 96 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.analytics.google.com/g/ |
0 257 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 47 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 408 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
logEvent
manychat.com/pixel/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
logEvent
manychat.com/pixel/ |
15 B 140 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
15 B 224 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 352 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/en_US/ |
3 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
251 KB 88 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 408 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sdk.js
connect.facebook.net/en_US/ |
303 KB 87 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.analytics.google.com/g/ |
0 54 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 54 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bat.js
bat.bing.com/ |
45 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
215 KB 57 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
visit
trackcmp.net/ |
0 43 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
chat-widget.hiverhq.com/chat-widget/js/ |
76 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.js
cdn3l.ink/ |
123 KB 29 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
1259275247433720
connect.facebook.net/signals/config/ |
63 KB 14 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
widget.html
chat-widget.hiverhq.com/chat-widget/ Frame C8E2 |
901 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
56341086.js
bat.bing.com/p/action/ |
0 117 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0
bat.bing.com/action/ |
0 286 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
widget.f65d81bd.css
chat-widget.hiverhq.com/chat-widget/css/ Frame C8E2 |
86 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
widget-4e133b8ea1bcbf5fa1e6.js
chat-widget.hiverhq.com/chat-widget/js/ Frame C8E2 |
688 KB 198 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
roboto
fonts.cdnfonts.com/css/ Frame C8E2 |
2 KB 809 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
config
chat-api.hiverhq.com/api/v1/widget/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
config
chat-api.hiverhq.com/api/v1/widget/ Frame C8E2 |
5 KB 6 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 273 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
conversations
chat-api.hiverhq.com/api/v1/widget/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversations
chat-api.hiverhq.com/api/v1/widget/ Frame C8E2 |
2 B 520 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
424 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
campaigns
chat-api.hiverhq.com/api/v1/widget/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
campaigns
chat-api.hiverhq.com/api/v1/widget/ Frame C8E2 |
2 B 521 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
108 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| dataLayer function| setCookie function| getParameterByName function| getCookie function| deleteCookie function| delete_cookie function| appendURL object| _vwo_code number| settings_timer number| _vwo_settings_timer object| ap3c object| s object| t function| setImmediate function| clearImmediate function| _ function| Cleave function| flatpickr object| SocialSharing string| trackcmp_email object| trackcmp object| trackcmp_s undefined| trackcmp_h object| webpackChunkom_api_js object| _omapp function| OptinMonsterApp boolean| om_loaded object| om22175_32375 object| _omq function| omq object| mcwidget undefined| vwo_e number| _vwo_j_e string| _vwo_mt string| _vwo_tm object| vwo_iehack_queue number| _vwo_acc_id number| TIMEOUT number| BASE_NEEDLE_ANGLE number| START_NEEDLE_MOVE_ANGLE number| END_NEEDLE_MOVE_ANGLE number| NEEDLE_ANGLE_INCREMENT number| DECIMAL_MULTIPLIER string| CLOSE_WIDGET_LINK string| PUSH_PERMISSION_LINK string| AP3_WIDGETS_PREFIX object| HIDDEN_FIELDS_REGEX string| HIDDEN_FIELDS_SUBSTITUTION object| cookies object| frequencies object| preFillOptionIds object| visibilityOptionIds object| netPromoterScoreThanksVariants boolean| isMobile boolean| isIOSWebView function| isNotificationSupported function| isAndroidWebView object| validShopifyCartAddPaths object| validShopifyCartAddStatuses object| urlParamKeys object| platforms function| getUrlParams function| getFieldType function| getDefaultValue function| populateSelectOptions function| replacePlatformLinks function| isInViewport function| getTimeFromSeconds string| uA string| vendor undefined| submitter undefined| submitterSelector function| jsonFromXhr function| sortObjectAndToString function| calcTrackKey function| getCookieDomain function| readCookie function| removeCookie function| convertLegacyCookies function| convertLegacyPageFilter function| isPageFilterValid function| isKnownSession object| widgetsAccepted function| getShopifyProductCurrentVariantId function| polyfillDateInput object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| gaGlobal object| MC_PIXEL object| MC object| gaplugins object| gaData object| FB object| __buffer function| fbq function| _fbq object| chatwootSDK object| $chatwoot object| $hiverChatWidget function| UET function| UET_init function| UET_push object| ueto_c0e218a8df object| uetq20 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.diquotestat.com/ | Name: campid Value: 0 |
|
www.diquotestat.com/ | Name: uclickid Value: 0 |
|
www.diquotestat.com/ | Name: _omappvp Value: 592q7gIVWQSMGbDUnw3BMwQChK9X8r1PMOajBLSPaO7Ulvusj5SAMYgXfNwziwFQx4JlCoXegkwMSvwTMPo1YyyaXK9whBRw |
|
www.diquotestat.com/ | Name: _omappvs Value: 1710280457089 |
|
.diquotestat.com/ | Name: _vwo_uuid_v2 Value: D6454011C8E46BE16ABF1E70A50BD92C2|a77f4029518e2ccf228ccdff8b5984cf |
|
www.diquotestat.com/ | Name: ap3pages Value: 1 |
|
.diquotestat.com/ | Name: _ga_LY978PRX8P Value: GS1.1.1710280457.1.0.1710280457.60.0.0 |
|
trackcmp.net/ | Name: cmp474937107 Value: 9c47bca54588fce39d8cc1e2ee8d0855 |
|
.diquotestat.com/ | Name: _ga Value: GA1.2.798558653.1710280457 |
|
.diquotestat.com/ | Name: _gid Value: GA1.2.1513416815.1710280457 |
|
.diquotestat.com/ | Name: _dc_gtm_UA-38553438-2 Value: 1 |
|
www.diquotestat.com/ | Name: XSRF-TOKEN Value: eyJpdiI6IjY3YlN2T2J1Z3RaMEUyaFhNOU9OOXc9PSIsInZhbHVlIjoiRXE0d3lzeVk1VXFsVzBPb2NOUmhlT3JQR3hFTzhnQjVEREFTcHp3V0k5MnBNWklGM0dDSTYwbHZEMm1xcFRST1pHSERqcUU3VUVSckc2RWJ6RXlnMGkvaFM1bVl3Y3JvMjdZSUwxZlBZcytQc3Q4K0QzMkZLMFBZclJTUElnNG0iLCJtYWMiOiIwOGFmY2UyOWM0MWZmZGRlYzQ5NjUwMjI5YTFjYmNhYTJiYjQxNTk2MjdiZmRkMzE2NjE3OWRhMDM2MGU1ZDJjIiwidGFnIjoiIn0%3D |
|
www.diquotestat.com/ | Name: patternlife_session Value: eyJpdiI6IkNyckZ1K3crT1IyNFVyYjdxZkdrYlE9PSIsInZhbHVlIjoiWU1nalVJMXVBWlIwMzlyVE8wWS9MZGNFQXBwSzFrQ3hRT0ljcVpTb0dFREwveXZjUzU5b0s1dFNqak83OFlOWkJ0UkpwSVFkVEUyY2lad3EvYW4zdlduRFpVR205RjVwdEp4bE1HUThHY3pBcnVvTCtXR2JETUljaHUrNmszOTciLCJtYWMiOiI0YTE0M2ZmM2U1MGQ5YTZjMjgwYzk3ZGIzYzRiMWU0YmYwM2QzYzRkYjY1NDQ3YjBiNGM1NTE5MjI0YjM2OTU4IiwidGFnIjoiIn0%3D |
|
.diquotestat.com/ | Name: _ga_PK93YQKBES Value: GS1.2.1710280457.1.0.1710280457.60.0.0 |
|
www.diquotestat.com/ | Name: ap3c Value: AGXD50elArsmKQIGAGXwzwlSIr2XVmlQhZltjgjVgdHdZxzFnQ |
|
.diquotestat.com/ | Name: _uetsid Value: 130ed1c0e0bb11eebc88f37003a9adfb |
|
.diquotestat.com/ | Name: _uetvid Value: 130ef260e0bb11ee8150fd8677a2abed |
|
.bing.com/ | Name: MUID Value: 2818C652846363CF1145D21285E86227 |
|
.diquotestat.com/ | Name: _fbp Value: fb.1.1710280458070.422076529 |
|
www.diquotestat.com/ | Name: cw_conversation Value: eyJhbGciOiJIUzI1NiJ9.eyJzb3VyY2VfaWQiOiIwZTAzMzMxYy0zOTkzLTRlOTEtOWYwNy1kNTUxODBhMDJkMzEiLCJpbmJveF9pZCI6MjU5MX0.FM1hZEgBJYbF0LnVQkt4JzM_4aCwVUD1VNWxenfnUhY |
9 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
a.omappapi.com
a.opmnstr.com
api.omappapi.com
bat.bing.com
capture-api.ap3prod.com
cdn.jsdelivr.net
cdn3l.ink
chat-api.hiverhq.com
chat-widget.hiverhq.com
connect.facebook.net
dev.visualwebsiteoptimizer.com
fonts.cdnfonts.com
manychat.com
mccdn.me
npmcdn.com
pattern-media.s3.amazonaws.com
pilotl.ink
region1.analytics.google.com
stats.g.doubleclick.net
trackcmp.net
widget.manychat.com
www.diquotestat.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
104.248.10.18
13.224.189.56
13.32.121.36
18.185.191.84
2001:4860:4802:34::36
2400:52e0:1e00::1082:1
2606:4700:20::681a:f87
2606:4700:20::ac43:4951
2606:4700:3108::ac42:2af8
2606:4700:4400::6812:22d6
2606:4700::6810:5614
2606:4700:e6::ac40:c010
2620:1ec:c11::200
2a00:1450:4001:812::2003
2a00:1450:4001:812::200e
2a00:1450:4001:81d::2004
2a00:1450:4001:831::2008
2a00:1450:400c:c00::9c
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
3.13.70.248
3.20.48.63
3.5.2.183
3.69.37.240
34.96.102.137
44.235.175.98
013594cc9e142769c5e3dd4da13b91a1571e1b4defa5398f334f0e4abeac03c7
0340172ff6206fc75c1c620bc18c81ccedc64ce3f9c29468578ed15f694b1622
075ac073abbc9fd73288959aaa6e4461293ebbd043a0c1a95045750422eb8d94
0e8b39d82c699bbbb2316f503336718a7e80396af2332f4db5ff4e57e2cf50be
0f7cef73c9d8bd723095f54186e8f6192389a6377ff7eff8eb00dc202aac94c0
10bdda367e9ad0ceec3a5577cdf3379cd0c7bea4cdd78aca57fd15f9c8a38ff2
11afbfecd9d8484182910131ab787e78b58fdf2e2253569d997bb257371e5868
1937d6cd550a1ac13d51c83e1f24428a3dbf4123d9ec06e6ba59822d4a716df7
1b34a42552c96f10e4dfaaa4a367276b03868aacff63c1ac42ffe331352bc754
2325b44b867b92241b49e3b09f35edffef506feec67778c2a7ebea89724f7063
3869edaf8ee32e76fc446ebb858971c88831868235f233848de3bfa150a76300
3bc2652b3323eb83f36f6d009001899ea9646840e815ea1d74c013ae2d911a03
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5
52cea2e63fec4f8589406792b5194db66255cfb26b6a33b7971260a3852c7ba5
5427a0e2dd0e96c0fab38c7c92644caee71c9cc25a3b7c175651674e28f47449
568f16da080bcc3f117ff4ac2fe3cae70469c951d21d8e123f8e68f4d86924b9
5af48949c0ea65705d1f29da6d4cbaeae13ebab6d1e0f6ec17e57b2cb0f9e94f
5bd3fe75c844879d6cd58ebf0d4b1805ed326948a17046bc609c1de81772040d
5e3ade5c03cefe66407a5274dac47888855f82eaa86608f0db8dd804cbe1e988
707fdc5c8bab57a90061c6a8ed7b70d5ffb82fc810e994e79f90bace890c255a
7219547ee25334cbac0fe4b3acf0bf631e48ebb622c71af038edaaa652c60875
724ffca6332d70f4cbb540b05753e0e5d59a9b25a0eefd2e46fbf841ad41889b
78fac4ebabd5d782a9aaae0aa663750bb930f0948fbcd7f4d9a5c841edebae61
793928b40893aefe135117fa0ea3fcdf11f918ade9d9aec67a5221f17aab2a6f
7c06da53ddd8e8836991405413cfc097627a038293c604e2d4874ab6e50bee83
7c51c8ca9b8579915848d0c09263e53ee8ec6f9d29d22b1c0ef8ab7f90ae080c
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
9971f5780e37e343eefd5222b93e71b7afbd4e2dc9476c402263a82675854434
9c88270fded5c2d3184e3d65eb91d2d45b43a2a5e378b0fb31e4738aac9232b9
a7888c7964d4fdccc897a6d13e84fe9421aebbd00a71ca9159ab582553280779
b03b7840f7ae231417871786639ab144d5cf606278354f99358a9d75e90a3e77
b3c6fc9de63da2083c4cae65192db3b979ca837431227f6131decf3326d8f32a
b893d86e300b591db8c9aa7e57062439b39c9f2ffc77355493c155c8a7c1dee4
b934ce9883949e7bceb88fa78a354125eefc85715f7e54da8ff529c94ebab0fe
baf6b49c9a507d2f731140a306c4eac3b441d68290cd0c5beba0cf60315d953e
be70bbd06646b81bc773da077a00c65cee8c2722d793ec76a1de88e042181798
bff267b7d30ba1cc8c4388c5231cf3f5928e078c66279061dfdd07175f9eacb5
c4f164142ed106185c5736dac3416494c28c8b82a1743edc51a3fda81288d01b
d1aabb581480d255a4660893e946a2f41c75fb8c5b1122f18f4cd60096c40acc
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1b1abb5bdba26dd1b997f638ca49cfc4ae5545dd201a6e3d90647bb0cc8e83c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f21a07b8173a59a6cdf3f46d46a4bd1b14e4146d4e1c80a543021a6d69b2fe8c