rustygriswold.ca
Open in
urlscan Pro
104.16.205.47
Public Scan
Submission Tags: phishingrod
Submission: On February 01 via api from DE — Scanned from CA
Summary
TLS certificate: Issued by GTS CA 1P5 on December 16th 2023. Valid for: 3 months.
This is the only time rustygriswold.ca was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
16 | 104.16.205.47 104.16.205.47 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 142.251.41.8 142.251.41.8 | 15169 (GOOGLE) (GOOGLE) | |
10 | 142.251.40.162 142.251.40.162 | 15169 (GOOGLE) (GOOGLE) | |
2 | 216.239.36.181 216.239.36.181 | 15169 (GOOGLE) (GOOGLE) | |
1 | 172.253.63.154 172.253.63.154 | 15169 (GOOGLE) (GOOGLE) | |
1 | 142.250.65.227 142.250.65.227 | 15169 (GOOGLE) (GOOGLE) | |
1 4 | 142.251.41.2 142.251.41.2 | 15169 (GOOGLE) (GOOGLE) | |
13 | 142.250.80.14 142.250.80.14 | 15169 (GOOGLE) (GOOGLE) | |
9 | 142.251.40.161 142.251.40.161 | 15169 (GOOGLE) (GOOGLE) | |
1 | 142.251.40.234 142.251.40.234 | 15169 (GOOGLE) (GOOGLE) | |
1 | 142.250.80.98 142.250.80.98 | 15169 (GOOGLE) (GOOGLE) | |
1 | 142.251.40.163 142.251.40.163 | 15169 (GOOGLE) (GOOGLE) | |
1 | 142.251.40.164 142.251.40.164 | 15169 (GOOGLE) (GOOGLE) | |
2 | 142.251.32.99 142.251.32.99 | 15169 (GOOGLE) (GOOGLE) | |
2 | 142.250.65.226 142.250.65.226 | 15169 (GOOGLE) (GOOGLE) | |
64 | 16 |
ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f8.1e100.net
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f2.1e100.net
pagead2.googlesyndication.com |
ASN15169 (GOOGLE, US)
PTR: bi-in-f154.1e100.net
stats.g.doubleclick.net |
ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f3.1e100.net
www.google.ca |
ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f2.1e100.net
googleads.g.doubleclick.net |
ASN15169 (GOOGLE, US)
PTR: lga34s33-in-f14.1e100.net
fundingchoicesmessages.google.com |
ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f1.1e100.net
tpc.googlesyndication.com |
ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f10.1e100.net
fonts.googleapis.com |
ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f2.1e100.net
www.googletagservices.com |
ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f3.1e100.net
www.gstatic.com |
ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f4.1e100.net
www.google.com |
ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f3.1e100.net
fonts.gstatic.com |
ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f2.1e100.net
www.googleadservices.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
19 |
googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157 |
423 KB |
16 |
google.com
analytics.google.com — Cisco Umbrella Rank: 154 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1143 www.google.com — Cisco Umbrella Rank: 2 |
74 KB |
16 |
rustygriswold.ca
rustygriswold.ca |
369 KB |
5 |
doubleclick.net
1 redirects
stats.g.doubleclick.net — Cisco Umbrella Rank: 79 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 |
56 KB |
3 |
gstatic.com
www.gstatic.com fonts.gstatic.com |
47 KB |
2 |
googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 145 |
|
1 |
googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 230 |
65 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28 |
1 KB |
1 |
google.ca
www.google.ca — Cisco Umbrella Rank: 9185 |
408 B |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37 |
89 KB |
64 | 10 |
Domain | Requested by | |
---|---|---|
16 | rustygriswold.ca |
rustygriswold.ca
|
13 | fundingchoicesmessages.google.com |
pagead2.googlesyndication.com
|
10 | pagead2.googlesyndication.com |
rustygriswold.ca
pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com |
9 | tpc.googlesyndication.com |
pagead2.googlesyndication.com
googleads.g.doubleclick.net tpc.googlesyndication.com |
4 | googleads.g.doubleclick.net |
1 redirects
pagead2.googlesyndication.com
|
2 | www.googleadservices.com | |
2 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | analytics.google.com |
www.googletagmanager.com
|
1 | www.google.com |
tpc.googlesyndication.com
|
1 | www.gstatic.com |
googleads.g.doubleclick.net
|
1 | www.googletagservices.com |
googleads.g.doubleclick.net
|
1 | fonts.googleapis.com |
googleads.g.doubleclick.net
|
1 | www.google.ca |
rustygriswold.ca
|
1 | stats.g.doubleclick.net |
www.googletagmanager.com
|
1 | www.googletagmanager.com |
rustygriswold.ca
|
64 | 15 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.facebook.com |
twitter.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
rustygriswold.ca GTS CA 1P5 |
2023-12-16 - 2024-03-15 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2024-01-02 - 2024-03-26 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2024-01-02 - 2024-03-26 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2024-01-02 - 2024-03-26 |
3 months | crt.sh |
*.google.ca GTS CA 1C3 |
2024-01-02 - 2024-03-26 |
3 months | crt.sh |
tpc.googlesyndication.com GTS CA 1C3 |
2024-01-02 - 2024-03-26 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-01-02 - 2024-03-26 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2024-01-02 - 2024-03-26 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2024-01-02 - 2024-03-26 |
3 months | crt.sh |
www.googleadservices.com GTS CA 1C3 |
2024-01-02 - 2024-03-26 |
3 months | crt.sh |
This page contains 7 frames:
Primary Page:
https://rustygriswold.ca/
Frame ID: D8174561B157F73682114A42CD60BC91
Requests: 49 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20240129/r20190131/zrt_lookup_fy2021.html
Frame ID: 200AC5A72C776C8244E2EE106795A74F
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5452915446355382&output=html&adk=1812271804&adf=3025194257&lmt=1706727566&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x945_l%7C140x945_r&format=0x0&url=https%3A%2F%2Frustygriswold.ca%2F&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706756417774&bpp=4&bdt=452&idt=281&shv=r20240129&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=326119593785&frm=20&pv=2&ga_vid=1873259262.1706756418&ga_sid=1706756418&ga_hid=1271167368&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C95323005&oid=2&pvsid=2408662975566384&tmod=1637336247&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=308
Frame ID: CC74AEF1D368C7639B19F36E9E24BC4D
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20240129/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 3C7D675423380CFA33225BD086C1C61F
Requests: 15 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 33720256EA5C37FFC150C3CAD143A0A5
Requests: 3 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/aframe
Frame ID: B190ADC5651EB269E12A64F98F4A54C7
Requests: 2 HTTP requests in this frame
Frame:
https://pagead2.googlesyndication.com/bg/AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js
Frame ID: 61825B656735F57092AB0FD8080F5F59
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Rusty Griswold Light Display – Illuminating your holidays with pixel lights, articles, tools, and recipes.Detected technologies
WordPress (CMS) ExpandDetected patterns
- /wp-(?:content|includes)/
Google AdSense (Advertising Networks) Expand
Detected patterns
- googlesyndication\.com/
Google Analytics (Analytics) Expand
Detected patterns
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 54- https://googleads.g.doubleclick.net/pagead/adview?ai=CgETwQgm7ZYfYB9uUvPIPhaeSgAr5gpvMdbTO05nHEom-8PeDAhABIJbk8IoBYP2gmYHoA6AB9ZWvoinIAQmoAwHIA8sEqgTXAU_Qm_vxSfuYM1XN0pFtEzVkstE3WIsf4-OAByvSH0Zl525oeAJzO-vMe7SeR65u-jgVfVgzrROx-bW23dtK267GCpLWDIVHQWgEMYmsf-tzEsaNsclCyT9se48Vlr-toIK6kepVNdjQjdzbb4i-xnRWoMp-60sTiAT5WeQh3K9pGkGucAe8szs89KhhwDOb10mlb1xvvBDPb5ZJvyPr6YfkwaIwMbKAE3bAniHVKijkwPiImiXGSJ7cW3HraDiGke2ANYT844Mbksm45Gi_T8-dcQN3_0-kwATajdWPyASIBZGRhbRNkgUECAQYAZIFBAgFGASgBi6AB_XN_4EEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQi84C0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOljrzJSQk4mEA5oJ9gFodHRwczovL215ZmluZGx5LmNvbS9kc3I_cT1tYXN0ZXJzK2luK2ludGVybmF0aW9uYWwrYm5lc3MrbWFuYWdlbWVudCZhc2lkPW1mX2NoMTQ0OSZkZT1jJnNjbGlkPTAtMjM5NzAmdmlzaXRvcl9pZD0lN0JnY2xpZCU3RF9fX18lN0JwbGFjZW1lbnQlN0RfX19fJTdCY2FtcGFpZ25pZCU3RF8lN0JhZGdyb3VwaWQlN0QmbGlua19rZXk9YjAwMGNmYjUzMGM1ZTMwYzAwZWRhOTE1ZWU2OGQxZjEmcmFjPUJ1c2luZXNzK01hbmFnZW1lbnSACgHICwHaDBAKChCQlIbg6szV0TUSAgEDuBPkA9gTDIgUAtAVAZgWAYAXAbIXHAoaCAASFHB1Yi01NDUyOTE1NDQ2MzU1MzgyGAA&sigh=-PYo5iAdBr4&uach_m=%5BUACH%5D&ase=2&cid=CAQSTgAvHhf_XvOpcv6nh-iWISD4Xg-wO8HaLxkDx3FBSijfTLhvN2ZeAQ3qCIIERcnfdjFcFxe_76mxcRD6y8nyzC5r425HT-glAhj_QZA-ERgB&template_id=484&cbvp=2&vis=1&nis=5 HTTP 302
- https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x270d7099016674650000000000000000%22,%222%22:%220xa772829bd5390e510000000000000000%22,%223%22:%220x70e92b1145e58de60000000000000000%22,%224%22:%220xa72ce09c1458b66f0000000000000000%22,%225%22:%220x21d5cf6323f7f7090000000000000000%22},%22debug_key%22:%2212746185886188986836%22,%22debug_reporting%22:true,%22destination%22:%22https://myfindly.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211077929717%22],%2222%22:[%22true%22],%224%22:[%2202-01%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217822032197797171857%22}&andc=true
64 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
rustygriswold.ca/ |
155 KB 27 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wpo-minify-header-c03432ae.min.css
rustygriswold.ca/wp-content/cache/wpo-minify/1706553416/assets/ |
472 KB 67 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wpo-minify-header-15d2209b.min.js
rustygriswold.ca/wp-content/cache/wpo-minify/1706553416/assets/ |
307 KB 72 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
261 KB 89 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
wpo-minify-header-45ee05e8.min.js
rustygriswold.ca/wp-content/cache/wpo-minify/1706553416/assets/ |
321 B 450 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ |
155 KB 52 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TransparentLogo.png
rustygriswold.ca/wp-content/uploads/2023/01/ |
37 KB 37 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
wpo-minify-footer-35e45ce1.min.js
rustygriswold.ca/wp-content/cache/wpo-minify/1706553416/assets/ |
263 KB 78 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
wpo-minify-footer-f24c1916.min.js
rustygriswold.ca/wp-content/cache/wpo-minify/1706553416/assets/ |
69 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
37 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
380 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
TransparentLogo-Copy-1-1024x318.png
rustygriswold.ca/wp-content/uploads/2023/01/ |
28 KB 28 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
RustyVidtoGif.mp4
rustygriswold.ca/wp-content/uploads/2023/12/ |
10 MB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
547 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
552 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
177 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
515 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
242 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
142.1345ea6b13b00771d513.js
rustygriswold.ca/wp-content/themes/blocksy/static/bundle/ |
7 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
chch-150x150.png
rustygriswold.ca/wp-content/uploads/2023/01/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
output-onlinejpgtools-2-150x150.png
rustygriswold.ca/wp-content/uploads/2023/01/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ctvtoronto-300x169.png
rustygriswold.ca/wp-content/uploads/2023/01/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
BurlingtonToday.com-Logo.jpg
rustygriswold.ca/wp-content/uploads/2023/01/ |
13 KB 14 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
text-editor.2c35aafbe5bf0e127950.bundle.min.js
rustygriswold.ca/wp-content/plugins/elementor/assets/js/ |
1 KB 851 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
video.fea4f8dfdf17262f23e8.bundle.min.js
rustygriswold.ca/wp-content/plugins/elementor/assets/js/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
analytics.google.com/g/ |
0 255 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 255 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.ca/ads/ |
42 B 408 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
195 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/ |
406 KB 138 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240129/r20190131/ Frame 200A |
9 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ads
googleads.g.doubleclick.net/pagead/ Frame CC74 |
158 KB 47 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar
pagead2.googlesyndication.com/getconfig/ |
16 KB 12 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/ |
165 KB 56 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ca-pub-5452915446355382
fundingchoicesmessages.google.com/i/ |
183 KB 61 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar2.js
tpc.googlesyndication.com/sodar/ |
17 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240129/r20110914/ Frame 3C7D |
9 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AGSKWxWucebdPRzXnz5mpujIm1UM4niEYNRiSTjg0yMwpJjrfgCJ7v06Un0uEFyzXho77EcmgGE1Rb2vmfGgK73lWaNcFo2SE2xYex5-8z24LVnROjLBnh8sTsUv58OXCoso1sGMUKj8QQ==
fundingchoicesmessages.google.com/f/ |
10 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ Frame 3C7D |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240129/r20110914/client/ Frame 3C7D |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240129/r20110914/ Frame 3C7D |
23 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240129/r20110914/client/ Frame 3C7D |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240129/r20110914/client/ Frame 3C7D |
20 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 3C7D |
205 KB 65 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ddb466d8785cb75acd721f17b1b8dd87.js
www.gstatic.com/mysidia/ Frame 3C7D |
37 KB 16 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6592766407814317453
tpc.googlesyndication.com/simgad/11779143179850143398/ Frame 3C7D |
46 KB 47 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
14763004658117789537
tpc.googlesyndication.com/simgad/1572141818753588827/ Frame 3C7D |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3372 |
13 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aframe
www.google.com/recaptcha/api2/ Frame B190 |
829 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 3C7D |
213 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 3372 |
39 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ Frame B190 |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
generate_204
tpc.googlesyndication.com/ Frame 3372 |
0 10 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3C7D |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3C7D |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.googleadservices.com/pagead/ar-adview/ Frame 3C7D Redirect Chain
|
0 0 |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js
pagead2.googlesyndication.com/bg/ Frame 6182 |
50 KB 19 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
/
www.googleadservices.com/pagead/ar-adview/ Frame |
0 0 |
Preflight
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
300.
fundingchoicesmessages.google.com/f/AGSKWxXIRqFNRNhXOdP3oL-jV4F4YJ2fNK4-aD2z5J_Ughm6YLcDJJCHXcXQH-9jm72wH2mqqrAnX_3xUm-vCTc6oVGKMXyyLub4RI7TBmiM3c9uy7u_5tNFrDiI2BImIo-wo3Hjpxwg4OYSykmjGvntlAOYWQMkF... |
54 B 110 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ |
147 KB 50 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxV7bysKb5qxooClEXKASnyQj7zklM1vLjKe6kNNQYiWSXpp67eu8gZcrIjqtOohZztp0ImM5b5NB_3YMCrjkfvPYUKg3n4bD7cFQuHKrQFW14gwAuTGVDn9CHZwrlf-s7Yan7-6IA==
fundingchoicesmessages.google.com/el/ |
0 29 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxV7bysKb5qxooClEXKASnyQj7zklM1vLjKe6kNNQYiWSXpp67eu8gZcrIjqtOohZztp0ImM5b5NB_3YMCrjkfvPYUKg3n4bD7cFQuHKrQFW14gwAuTGVDn9CHZwrlf-s7Yan7-6IA==
fundingchoicesmessages.google.com/el/ |
0 29 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxV7bysKb5qxooClEXKASnyQj7zklM1vLjKe6kNNQYiWSXpp67eu8gZcrIjqtOohZztp0ImM5b5NB_3YMCrjkfvPYUKg3n4bD7cFQuHKrQFW14gwAuTGVDn9CHZwrlf-s7Yan7-6IA==
fundingchoicesmessages.google.com/el/ |
0 29 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxV7bysKb5qxooClEXKASnyQj7zklM1vLjKe6kNNQYiWSXpp67eu8gZcrIjqtOohZztp0ImM5b5NB_3YMCrjkfvPYUKg3n4bD7cFQuHKrQFW14gwAuTGVDn9CHZwrlf-s7Yan7-6IA==
fundingchoicesmessages.google.com/el/ |
0 29 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
AGSKWxUOUAEpfZHo4-O0aeeVWjuBMHdL3tehHPB5iD57Ph4jD7yMrisu_kmCMIXhXrYqNxv8598fw8oFubb23wXD7CY2rV1yirl5MhSRu-JE1-CgjM3C7WRcJl5SUo_mEsFyQNp4DUlQoQ==
fundingchoicesmessages.google.com/f/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxV7bysKb5qxooClEXKASnyQj7zklM1vLjKe6kNNQYiWSXpp67eu8gZcrIjqtOohZztp0ImM5b5NB_3YMCrjkfvPYUKg3n4bD7cFQuHKrQFW14gwAuTGVDn9CHZwrlf-s7Yan7-6IA==
fundingchoicesmessages.google.com/el/ |
0 29 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
AGSKWxVxHQKXESuflKDY2lKQDEHi5Hpu2F3dc2E5T9oHb5sKB2n-0C7LXaUNsvpupanFuT-Nk0lsVInwS-qkd7RkfNIfgeqA8Dy2esCn9MkD2Q6B_DNmVEzrj8tNo8tSDE92sPVS2y3HQQ==
fundingchoicesmessages.google.com/f/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
AGSKWxW-Zdt-VkrGPgmHZm7TEBikYya02HLQu4O882G1N_t0Vi5Yych2bF8V-nvCDWE_tF9ISVOuvTvroycsuPLh3HYjxw2St4f91DMMwCzgWdXTHNPlYhW9tAPDJvBPRD8UMIb5dxY-SA==
fundingchoicesmessages.google.com/f/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxW9LOjM6Eqgmb1F6-1_sJV2wYIivXJU0Yv7yH4gaxios6lcAgC8nt_QKPBqAMurNZqRstfzjQ-XYLurmeDSSQ2UdxczaQKD0NahFO8oHMTwUx89qHevhYZpxqmyS8_oXrmyf0D-Uw==
fundingchoicesmessages.google.com/el/ |
0 29 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxV7bysKb5qxooClEXKASnyQj7zklM1vLjKe6kNNQYiWSXpp67eu8gZcrIjqtOohZztp0ImM5b5NB_3YMCrjkfvPYUKg3n4bD7cFQuHKrQFW14gwAuTGVDn9CHZwrlf-s7Yan7-6IA==
fundingchoicesmessages.google.com/el/ |
0 29 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
activeview
pagead2.googlesyndication.com/pcs/ Frame 3C7D |
42 B 64 B |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
analytics.google.com/g/ |
0 54 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
90 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 function| gtag object| dataLayer function| WPO_Intersection_Observer object| WPO_LazyLoad object| starter_templates_zip_preview object| ct_localizations object| _wpUtilSettings object| wpformsElementorVars function| loadCSS function| Vue undefined| $ function| jQuery object| runtime object| regeneratorRuntime object| wp object| blocksyJsonP object| ctEvents object| blocksyResponsiveMenuCache object| ctFrontend object| webpackChunkelementor object| elementorModules function| Waypoint object| elementorFrontendConfig object| WPFormsElementorFrontend object| elementorFrontend function| _ object| google_tag_manager object| google_tag_data object| googletag function| onYouTubeIframeAPIReady object| gaGlobal object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| googlefc boolean| adsbygoogle_ama_fc_has_run object| GoogleGcLKhOms object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| YzIxMjY5YTU4ZmM4MjU0NWxvYWRlcl9qcw== string| YzIxMjY5YTU4ZmM4MjU0NWNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager boolean| __uspapiPostMessageReady object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady boolean| 17027e0d-e99f-439c-94ab-926495de1f65 object| google_image_requests8 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.rustygriswold.ca/ | Name: _ga Value: GA1.1.1873259262.1706756418 |
|
.rustygriswold.ca/ | Name: __gads Value: ID=2cdb075e5bf81562:T=1706756418:RT=1706756418:S=ALNI_MaE7Ye_q4hoQ_92hAtt6TyOOm0M5w |
|
.rustygriswold.ca/ | Name: __gpi Value: UID=00000dbc87aeeb33:T=1706756418:RT=1706756418:S=ALNI_MbzeIb1l2QRltgpecj4X0G-iGZ-Rg |
|
.rustygriswold.ca/ | Name: __eoi Value: ID=d176af19d6e591d7:T=1706756418:RT=1706756418:S=AA-AfjYmE7L3WmJbnZ1E0OQK57Dk |
|
.rustygriswold.ca/ | Name: _ga_7TKVW5VVYW Value: GS1.1.1706756417.1.0.1706756419.58.0.0 |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUkcZ2I37uJ2imxMFabXBPN_ttIgvU3gb6G3Dr8NBIhKzKKeFAyMVz69TTK70QQ |
|
.googleadservices.com/ | Name: ar_debug Value: 1 |
|
.rustygriswold.ca/ | Name: FCNEC Value: %5B%5B%22AKsRol-iu6i4d47b2F5dAv0XBmpOLc6tspjyl-zJ9v3mz9nyJ92jOk5gg_OrdU1SVQ_67Nq3f-x2txitRxuJjZyLySq9jh_UyOJ26At_ZClt6aget20rho0Oml4Ck8ylG1B-ft_LQhxKGRSL_vzOE1770dAAcA3CTQ%3D%3D%22%5D%5D |
6 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
analytics.google.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
rustygriswold.ca
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.16.205.47
142.250.65.226
142.250.65.227
142.250.80.14
142.250.80.98
142.251.32.99
142.251.40.161
142.251.40.162
142.251.40.163
142.251.40.164
142.251.40.234
142.251.41.2
142.251.41.8
172.253.63.154
216.239.36.181
010010798b734ebaa5db582651f1efd8c77e4ed3a396d1886a3f7f0f6c92ee58
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
0c7260fac65e4f7ac5cf524f8ca96efd419cbb5a9b18a3e06e44c448581e9093
11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94
14f6b6848add7885ff0065bdaba764811f6d3ad1fe1aa93f1759f2a7988569f8
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
321b69f8a63c0628c15a36044ca279b24e22cbc5b7a019623e57d849361dc6ce
34a4b98aceb9049aca71da4583d025baece287d4544f709b6849be9fb91a7e18
3669e1e2eb5f930785056ae940c44618af66f5dc194b944cd1e765e06eb3fd07
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
4cbd418ca104118f5ad45de6dac37694c29fa9096c0abe02975776d189961b25
54090d5321bc8e3a05531aacf2ef2b7769f24e94b14f4a0687587375fffa2523
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
582e987e29e019adfc81f85f827c0ff52f46127e42834b665f117b21109b4cbb
5bb4ad65a984323e2099126271672ef91746d429da08f37cf53a44c4764ce06a
60444c3285222fc3fa652b86f823e93cb988909d686473defd9336745bfb0486
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
6bf3e226ccbe8f8b8953bff72909c064fdb45caf179d25cbcfb29208e4c6574a
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
75062154881896ca451d3fd117ee99a74af76244d4de03b0a3b919847a762c99
766dc5f7e11c3d0b59a668bbde6fa2abd1b3b5146e480787ac6afe6ef39bf582
7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132
81913a9bbfd998157acac18745da744e921358d8aacfb97a816f8876509674da
8300951b166b2a9a949a3ca8a6f24f347ee46a082033030745e099babc164944
8675a06a1093ba0769100e8375d07b9c47dd85cdd31f8c5fe656d53f70316e6f
8aaca320a2bd069eb59ab948085c117fba7d2e90bed7f21b5985dfa93ef77c96
97cb1989d086c3eede6c0d9e1f0dedc7bec911281934bb518b40d42c24db9ae2
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9c1d3be976ea616ef8195fa3dff51545016d66d4b785572d73598aa3a548d0fc
a65c6d2b693c50d62a764a04cd885c6f35043b5f95dda1d50e827c0ed98b81c4
ac2be5be07012647af014b9c3acdcfb2348d7aabab707730f736e015ca43006a
b5b4c33b5050eea691d5cfcb71b4d3013a657ea9fc1fcadcd70288fbcda4288d
b7d3d2107bb94374c225fd119fd14e8bebda453477f48760cb92f0ef6b06f220
b8880dd5997a935808443f01b70125f229369ba004a296bbea0b983bd75046d8
b9942ef5656ec65fcec60bb60d3efed213811a86c70dfccf407d42779b6e9838
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
cbea9d610679963f170f28ab4b98775df5c480b792302e51be494dc8d0d25860
cf20741e17b5d52abda5610e0d3571ad6b7a4abf4416726506d3dca51bdaa517
cf9cd9760109f2e07c6edf91674b864a0ca82c1553afdfbb2fdbadc3cd149f11
d02554af6ab5b5bcea0107ad5dec266ec88f83ac256334669bd39577a2d97f88
d17f1b014c8d1d31b462f23921b85d53233ecbb6a0d66591f7c2ddcb7b4a054e
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d971dbcdc5e1aa360c048801a81a135838f0d122ff378ac5aecac6e352d9cf26
df92b7fb3b60ef1e6078135fea9460b0b196cdcaeff0e732a3d071d43b18a73a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
ee26cb4682909100824b9eb74c3f667d7151321c25b4c600e5337f1ee52a1e76
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6b92d1ad00e8e59139bd1b281fefcfa876b7099e6432e8779bb6542186676b
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fff8a5c29c196af65564350450ef0ee9d85a5aeb9ea1dee1299906c4c41c9abf