somaleaf.com
Open in
urlscan Pro
67.225.164.35
Public Scan
Effective URL: https://somaleaf.com/better-sleep/cb/?hop=dariusfwoo&hopId=346cc157-84c0-468d-8678-bc2b1141fb63
Submission: On June 25 via api from US — Scanned from GB
Summary
TLS certificate: Issued by R3 on May 13th 2024. Valid for: 3 months.
This is the only time somaleaf.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN42831 (UKSERVERS-AS UK Dedicated Servers, Hosting and Co-Location, GB)
PTR: no.rdns.ukservers.com
addressupdate.dnsd.me |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-48-34.compute-1.amazonaws.com
iovia-pmj.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-223-150-129.us-west-2.compute.amazonaws.com
2ef9e3hhmkw3bfzqu8ojl7nuek.hop.clickbank.net |
ASN15169 (GOOGLE, US)
www.googleoptimize.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-109-64.us-west-2.compute.amazonaws.com
cbtb.clickbank.net |
ASN14618 (AMAZON-AES, US)
PTR: ec2-44-205-113-42.compute-1.amazonaws.com
secure.somaleaf.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-114.fra53.r.cloudfront.net
prod.cbstatic.net |
ASN20940 (AKAMAI-ASN1, NL)
staticw2.yotpo.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-11.fra56.r.cloudfront.net
static.hotjar.com |
ASN54113 (FASTLY, US)
cdn.taboola.com | |
trc.taboola.com |
ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1105-119.members.linode.com
purathrive.ladesk.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-32-23-178.fra56.r.cloudfront.net
d9i5ve8f04qxt.cloudfront.net |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com
dev.visualwebsiteoptimizer.com |
ASN13335 (CLOUDFLARENET, US)
sdk.trackcb.com | |
db.trackcb.com |
ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com
s3-us-west-2.amazonaws.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-38-191.eu-central-1.compute.amazonaws.com
p.yotpo.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-205-36.fra53.r.cloudfront.net
d1pqvb2h9xgm7r.cloudfront.net |
ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-54.fra56.r.cloudfront.net
script.hotjar.com |
ASN32934 (FACEBOOK, US)
www.facebook.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-252-138.eu-west-1.compute.amazonaws.com
content.hotjar.io |
ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li105-90.members.linode.com
1-vbus-us-tx.ladesk.com |
ASN14618 (AMAZON-AES, US)
rp.liadm.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-203-174.compute-1.amazonaws.com
rp4.liadm.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-110-53.compute-1.amazonaws.com
idx.liadm.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-189-62-86.us-west-2.compute.amazonaws.com
p.alocdn.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
36 |
somaleaf.com
somaleaf.com secure.somaleaf.com |
1 MB |
7 |
taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 844 psb.taboola.com — Cisco Umbrella Rank: 6802 trc.taboola.com — Cisco Umbrella Rank: 711 trc-events.taboola.com — Cisco Umbrella Rank: 2315 |
24 KB |
5 |
cloudfront.net
d9i5ve8f04qxt.cloudfront.net d1pqvb2h9xgm7r.cloudfront.net |
136 KB |
5 |
ladesk.com
purathrive.ladesk.com 1-vbus-us-tx.ladesk.com — Cisco Umbrella Rank: 90818 |
16 KB |
4 |
liadm.com
1 redirects
b-code.liadm.com — Cisco Umbrella Rank: 4229 rp.liadm.com — Cisco Umbrella Rank: 1242 rp4.liadm.com — Cisco Umbrella Rank: 5750 idx.liadm.com — Cisco Umbrella Rank: 1704 |
37 KB |
4 |
yotpo.com
staticw2.yotpo.com — Cisco Umbrella Rank: 8091 p.yotpo.com — Cisco Umbrella Rank: 7763 |
184 KB |
4 |
cbstatic.net
prod.cbstatic.net — Cisco Umbrella Rank: 244873 |
65 KB |
3 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81 |
290 KB |
3 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1286 stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3406 |
91 KB |
2 |
alocdn.com
1 redirects
p.alocdn.com — Cisco Umbrella Rank: 7372 |
896 B |
2 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 114 |
4 KB |
2 |
google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3125 www.google.com — Cisco Umbrella Rank: 5 |
64 B |
2 |
doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 70 stats.g.doubleclick.net — Cisco Umbrella Rank: 136 |
2 KB |
2 |
trackcb.com
sdk.trackcb.com db.trackcb.com — Cisco Umbrella Rank: 554148 |
7 KB |
2 |
visualwebsiteoptimizer.com
dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 4205 |
3 KB |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 204 |
72 KB |
2 |
hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 894 script.hotjar.com — Cisco Umbrella Rank: 1260 |
60 KB |
2 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 71 |
21 KB |
2 |
clickbank.net
1 redirects
2ef9e3hhmkw3bfzqu8ojl7nuek.hop.clickbank.net cbtb.clickbank.net — Cisco Umbrella Rank: 238861 |
2 KB |
2 |
iovia-pmj.com
iovia-pmj.com — Cisco Umbrella Rank: 313883 |
4 KB |
2 |
dnsd.me
1 redirects
addressupdate.dnsd.me |
902 B |
1 |
hotjar.io
content.hotjar.io — Cisco Umbrella Rank: 6487 |
171 B |
1 |
google.com.br
www.google.com.br — Cisco Umbrella Rank: 12323 |
64 B |
1 |
bbb.org
seal-boise.bbb.org — Cisco Umbrella Rank: 239113 |
5 KB |
1 |
google.co.uk
www.google.co.uk — Cisco Umbrella Rank: 3827 |
63 B |
1 |
amazonaws.com
s3-us-west-2.amazonaws.com |
61 KB |
1 |
mantisadnetwork.com
assets.mantisadnetwork.com — Cisco Umbrella Rank: 299575 |
173 B |
1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 469 |
30 KB |
1 |
googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 4076 |
65 KB |
1 |
emixic25.online
www.emixic25.online |
691 B |
1 |
mpds-smart3.online
1 redirects
xml-v4.mpds-smart3.online |
478 B |
100 | 31 |
Domain | Requested by | |
---|---|---|
34 | somaleaf.com |
www.emixic25.online
somaleaf.com |
4 | trc-events.taboola.com |
cdn.taboola.com
s3-us-west-2.amazonaws.com |
4 | purathrive.ladesk.com |
addressupdate.dnsd.me
purathrive.ladesk.com |
4 | prod.cbstatic.net |
cbtb.clickbank.net
prod.cbstatic.net somaleaf.com |
3 | d1pqvb2h9xgm7r.cloudfront.net |
d9i5ve8f04qxt.cloudfront.net
ajax.googleapis.com |
3 | staticw2.yotpo.com |
somaleaf.com
staticw2.yotpo.com |
3 | www.googletagmanager.com |
somaleaf.com
www.googletagmanager.com www.google-analytics.com |
2 | p.alocdn.com | 1 redirects |
2 | www.facebook.com |
somaleaf.com
|
2 | dev.visualwebsiteoptimizer.com |
addressupdate.dnsd.me
somaleaf.com |
2 | connect.facebook.net |
addressupdate.dnsd.me
connect.facebook.net |
2 | d9i5ve8f04qxt.cloudfront.net |
www.googletagmanager.com
d9i5ve8f04qxt.cloudfront.net |
2 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
2 | secure.somaleaf.com |
somaleaf.com
secure.somaleaf.com |
2 | maxcdn.bootstrapcdn.com |
somaleaf.com
maxcdn.bootstrapcdn.com |
2 | iovia-pmj.com |
addressupdate.dnsd.me
iovia-pmj.com |
2 | addressupdate.dnsd.me | 1 redirects |
1 | idx.liadm.com |
s3-us-west-2.amazonaws.com
|
1 | rp4.liadm.com | |
1 | rp.liadm.com | 1 redirects |
1 | 1-vbus-us-tx.ladesk.com |
purathrive.ladesk.com
|
1 | b-code.liadm.com |
s3-us-west-2.amazonaws.com
|
1 | content.hotjar.io |
script.hotjar.com
|
1 | www.google.com.br |
somaleaf.com
|
1 | www.google.com |
somaleaf.com
|
1 | db.trackcb.com |
sdk.trackcb.com
|
1 | trc.taboola.com |
cdn.taboola.com
|
1 | psb.taboola.com |
cdn.taboola.com
|
1 | seal-boise.bbb.org |
somaleaf.com
|
1 | script.hotjar.com |
static.hotjar.com
|
1 | www.google.co.uk |
somaleaf.com
|
1 | stats.g.doubleclick.net |
www.googletagmanager.com
|
1 | region1.analytics.google.com |
www.googletagmanager.com
|
1 | googleads.g.doubleclick.net |
www.googletagmanager.com
|
1 | p.yotpo.com |
somaleaf.com
|
1 | s3-us-west-2.amazonaws.com |
addressupdate.dnsd.me
|
1 | sdk.trackcb.com |
www.googletagmanager.com
|
1 | assets.mantisadnetwork.com |
www.googletagmanager.com
|
1 | cdn.taboola.com |
www.googletagmanager.com
|
1 | static.hotjar.com |
www.googletagmanager.com
|
1 | stackpath.bootstrapcdn.com |
somaleaf.com
|
1 | cbtb.clickbank.net |
somaleaf.com
|
1 | ajax.googleapis.com |
somaleaf.com
|
1 | www.googleoptimize.com |
somaleaf.com
|
1 | 2ef9e3hhmkw3bfzqu8ojl7nuek.hop.clickbank.net | 1 redirects |
1 | www.emixic25.online |
iovia-pmj.com
|
1 | xml-v4.mpds-smart3.online | 1 redirects |
100 | 47 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
dnsd.me R10 |
2024-06-20 - 2024-09-18 |
3 months | crt.sh |
iovia-pmj.com Amazon RSA 2048 M02 |
2024-05-31 - 2025-06-29 |
a year | crt.sh |
emixic25.online R3 |
2024-04-04 - 2024-07-03 |
3 months | crt.sh |
somaleaf.com R3 |
2024-05-13 - 2024-08-11 |
3 months | crt.sh |
bootstrapcdn.com GTS CA 1P5 |
2024-05-25 - 2024-08-23 |
3 months | crt.sh |
*.google-analytics.com WR2 |
2024-06-03 - 2024-08-26 |
3 months | crt.sh |
upload.video.google.com WR2 |
2024-06-03 - 2024-08-26 |
3 months | crt.sh |
*.clickbank.net Amazon RSA 2048 M03 |
2024-01-09 - 2025-02-07 |
a year | crt.sh |
secure.somaleaf.com R3 |
2024-05-21 - 2024-08-19 |
3 months | crt.sh |
*.cbstatic.net Amazon RSA 2048 M03 |
2024-06-18 - 2025-07-17 |
a year | crt.sh |
*.yotpo.com DigiCert TLS RSA SHA256 2020 CA1 |
2024-01-30 - 2025-01-29 |
a year | crt.sh |
*.hotjar.com Amazon RSA 2048 M03 |
2024-05-22 - 2025-06-20 |
a year | crt.sh |
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-10-23 - 2024-11-22 |
a year | crt.sh |
*.ladesk.com R3 |
2024-04-26 - 2024-07-25 |
3 months | crt.sh |
*.cloudfront.net Amazon RSA 2048 M01 |
2023-10-10 - 2024-09-19 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2024-04-03 - 2024-07-02 |
3 months | crt.sh |
mantisadnetwork.com E5 |
2024-06-11 - 2024-09-09 |
3 months | crt.sh |
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2 |
2023-07-06 - 2024-07-06 |
a year | crt.sh |
trackcb.com GTS CA 1P5 |
2024-05-27 - 2024-08-25 |
3 months | crt.sh |
*.s3-us-west-2.amazonaws.com Amazon RSA 2048 M01 |
2024-05-15 - 2025-05-13 |
a year | crt.sh |
yotpo.com Amazon RSA 2048 M03 |
2024-02-04 - 2025-03-05 |
a year | crt.sh |
*.g.doubleclick.net WR2 |
2024-06-03 - 2024-08-26 |
3 months | crt.sh |
*.google.co.uk WR2 |
2024-06-03 - 2024-08-26 |
3 months | crt.sh |
*.bbb.org DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-04-04 - 2025-04-25 |
a year | crt.sh |
*.google.com WR2 |
2024-06-03 - 2024-08-26 |
3 months | crt.sh |
*.google.com.br WR2 |
2024-06-03 - 2024-08-26 |
3 months | crt.sh |
*.hotjar.io Amazon ECDSA 256 M02 |
2024-01-31 - 2025-03-01 |
a year | crt.sh |
*.liadm.com Amazon RSA 2048 M03 |
2023-12-02 - 2024-12-29 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://somaleaf.com/better-sleep/cb/?hop=dariusfwoo&hopId=346cc157-84c0-468d-8678-bc2b1141fb63
Frame ID: CF0112A3761EEE0542D7240555C3D5B3
Requests: 98 HTTP requests in this frame
Frame:
https://purathrive.ladesk.com/scripts/generateWidget.php?v=5.47.4.31&t=1719243682&cwid=juaz2u9d&cwrt=C&cwt=chat&pt=SOMALEAF&ref=https%3A%2F%2Fsomaleaf.com%2Fbetter-sleep%2Fcb%2F%3Fhop%3Ddariusfwoo%26hopId%3D346cc157-84c0-468d-8678-bc2b1141fb63
Frame ID: 45E2061BC63AA8E211E40D4F953385A4
Requests: 1 HTTP requests in this frame
Frame:
https://1-vbus-us-tx.ladesk.com/5_47_4_31/scripts/lib/bus.html?v=5.47.4.31
Frame ID: 62DE708BE427DE2BEE02CFDF1B5E24DC
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
SOMALEAFPage URL History Show full URLs
-
http://addressupdate.dnsd.me/b/hegap/z/
HTTP 307
https://addressupdate.dnsd.me/b/hegap/z/ Page URL
-
https://addressupdate.dnsd.me/b/hegap/z/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIs...
HTTP 302
http://iovia-pmj.com/zclkvisitor/490c2143-331b-11ef-832c-0affe3126e0b/72092e88-2c53-401c-b988-51e... HTTP 307
https://iovia-pmj.com/zclkvisitor/490c2143-331b-11ef-832c-0affe3126e0b/72092e88-2c53-401c-b988-51e... Page URL
- https://iovia-pmj.com/zclkredirect?visitid=490c2143-331b-11ef-832c-0affe3126e0b&type=js&browserWid... Page URL
-
http://xml-v4.mpds-smart3.online/click?i=-44c1Xdza-8_0
HTTP 307
https://xml-v4.mpds-smart3.online/click?i=-44c1Xdza-8_0 HTTP 302
https://www.emixic25.online/?conversion=FvG5gX-Kn78&bid=0.106&source_subid=10548062769&city=London&searc... Page URL
-
https://2ef9e3hhmkw3bfzqu8ojl7nuek.hop.clickbank.net/
HTTP 307
https://somaleaf.com/better-sleep/cb/?hop=dariusfwoo&hopId=346cc157-84c0-468d-8678-bc2b1141fb63 Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Facebook (Widgets) Expand
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Optimize (A/B Testing) Expand
Detected patterns
- googleoptimize\.com/optimize\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Hotjar (Analytics) Expand
Detected patterns
- //static\.hotjar\.com/
OWL Carousel (Widgets) Expand
Detected patterns
- <link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css
- owl\.carousel.*\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
20 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: BUY NOW
Search URL Search Domain Scan URL
Title: BUY NOW
Search URL Search Domain Scan URL
Title: BUY NOW
Search URL Search Domain Scan URL
Title: 2017 study
Search URL Search Domain Scan URL
Title: 2018 review
Search URL Search Domain Scan URL
Title: Current Drug Safety
Search URL Search Domain Scan URL
Title: this one done in March 2017
Search URL Search Domain Scan URL
Title: https://www.health.harvard.edu/blog/the-endocannabinoid-system-essential-and-mysterious-202108112569
Search URL Search Domain Scan URL
Title: https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7388834/
Search URL Search Domain Scan URL
Title: https://link.springer.com/article/10.1007/s13311-021-01013-w
Search URL Search Domain Scan URL
Title: https://www.ncbi.nlm.nih.gov/books/NBK19956/
Search URL Search Domain Scan URL
Title: https://www.ncbi.nlm.nih.gov/pmc/articles/PMC5576607/
Search URL Search Domain Scan URL
Title: https://www.usnews.com/news/health-news/articles/2019-08-08/1-in-7-adults-use-cbd-products-gallup-survey-finds
Search URL Search Domain Scan URL
Title: https://pubmed.ncbi.nlm.nih.gov/27790143/
Search URL Search Domain Scan URL
Title: https://pubmed.ncbi.nlm.nih.gov/25666611/
Search URL Search Domain Scan URL
Title: https://ajendomed.com/journal/liposomal-cannabidiol-delivery-a-pilot-study/
Search URL Search Domain Scan URL
Title: https://pubmed.ncbi.nlm.nih.gov/34003596/
Search URL Search Domain Scan URL
Title: HERE
Search URL Search Domain Scan URL
Title: HERE
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://addressupdate.dnsd.me/b/hegap/z/
HTTP 307
https://addressupdate.dnsd.me/b/hegap/z/ Page URL
-
https://addressupdate.dnsd.me/b/hegap/z/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTcxOTM0NDk3NSwiaWF0IjoxNzE5MzM3Nzc1LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydmU1MTY2cjExMDZlbGJiOWswYzBhZTMiLCJuYmYiOjE3MTkzMzc3NzUsInRzIjoxNzE5MzM3Nzc1MTg4NjYxfQ._QKtP8zFblX14bXPG5TpzsJhF6AG6dlJoWQkfRA462k&sid=48e4eb72-331b-11ef-83e3-2bf884f9fb86
HTTP 302
http://iovia-pmj.com/zclkvisitor/490c2143-331b-11ef-832c-0affe3126e0b/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=491c4de2-331b-11ef-832c-0affe3126e0b HTTP 307
https://iovia-pmj.com/zclkvisitor/490c2143-331b-11ef-832c-0affe3126e0b/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=491c4de2-331b-11ef-832c-0affe3126e0b Page URL
- https://iovia-pmj.com/zclkredirect?visitid=490c2143-331b-11ef-832c-0affe3126e0b&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC%2B01%3A00&timezoneName=Europe%2FLondon Page URL
-
http://xml-v4.mpds-smart3.online/click?i=-44c1Xdza-8_0
HTTP 307
https://xml-v4.mpds-smart3.online/click?i=-44c1Xdza-8_0 HTTP 302
https://www.emixic25.online/?conversion=FvG5gX-Kn78&bid=0.106&source_subid=10548062769&city=London&search_referrer_domain=dnsd.me&IP=194.74.212.81&pubfeed=211087&query=dnsd%2Cdnsd.me&state=lnd&zip=EC1N Page URL
-
https://2ef9e3hhmkw3bfzqu8ojl7nuek.hop.clickbank.net/
HTTP 307
https://somaleaf.com/better-sleep/cb/?hop=dariusfwoo&hopId=346cc157-84c0-468d-8678-bc2b1141fb63 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://addressupdate.dnsd.me/b/hegap/z/ HTTP 307
- https://addressupdate.dnsd.me/b/hegap/z/
- https://addressupdate.dnsd.me/b/hegap/z/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTcxOTM0NDk3NSwiaWF0IjoxNzE5MzM3Nzc1LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydmU1MTY2cjExMDZlbGJiOWswYzBhZTMiLCJuYmYiOjE3MTkzMzc3NzUsInRzIjoxNzE5MzM3Nzc1MTg4NjYxfQ._QKtP8zFblX14bXPG5TpzsJhF6AG6dlJoWQkfRA462k&sid=48e4eb72-331b-11ef-83e3-2bf884f9fb86 HTTP 302
- http://iovia-pmj.com/zclkvisitor/490c2143-331b-11ef-832c-0affe3126e0b/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=491c4de2-331b-11ef-832c-0affe3126e0b HTTP 307
- https://iovia-pmj.com/zclkvisitor/490c2143-331b-11ef-832c-0affe3126e0b/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=491c4de2-331b-11ef-832c-0affe3126e0b
- http://xml-v4.mpds-smart3.online/click?i=-44c1Xdza-8_0 HTTP 307
- https://xml-v4.mpds-smart3.online/click?i=-44c1Xdza-8_0 HTTP 302
- https://www.emixic25.online/?conversion=FvG5gX-Kn78&bid=0.106&source_subid=10548062769&city=London&search_referrer_domain=dnsd.me&IP=194.74.212.81&pubfeed=211087&query=dnsd%2Cdnsd.me&state=lnd&zip=EC1N
- https://rp.liadm.com/j?dtstmp=1719337783057&se=e30&duid=7fc770f8f3a7--01j18893mncngfr7j9qvz1ft69&tv=v2.14.3&pu=https%3A%2F%2Fsomaleaf.com%2Fbetter-sleep%2Fcb%2F%3Fhop%3Ddariusfwoo%26hopId%3D346cc157-84c0-468d-8678-bc2b1141fb63&wpn=lc-bundle&cd=.somaleaf.com HTTP 302
- https://rp4.liadm.com/j?dtstmp=1719337783057&se=e30&duid=7fc770f8f3a7--01j18893mncngfr7j9qvz1ft69&tv=v2.14.3&pu=https%3A%2F%2Fsomaleaf.com%2Fbetter-sleep%2Fcb%2F%3Fhop%3Ddariusfwoo%26hopId%3D346cc157-84c0-468d-8678-bc2b1141fb63&wpn=lc-bundle&cd=.somaleaf.com&i6=MmEwMDoyMzgxOjUzNzQ6MWM6Ojgx&n3pc=true
- https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=V3VH7232-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252Fv3vh7232%252Fge.js%2522%252C%2522ver%2522%253A%25221.6.1%2522%252C%2522guid%2522%253A%252249e845da-75a4-46e6-bd1d-35f085bbdf2f%2522%257D&title=SOMALEAF&url=https%3A%2F%2Fsomaleaf.com%2Fbetter-sleep%2Fcb%2F%3Fhop%3Ddariusfwoo%26hopId%3D346cc157-84c0-468d-8678-bc2b1141fb63 HTTP 302
- https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=V3VH7232-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252Fv3vh7232%252Fge.js%2522%252C%2522ver%2522%253A%25221.6.1%2522%252C%2522guid%2522%253A%252249e845da-75a4-46e6-bd1d-35f085bbdf2f%2522%257D&title=SOMALEAF&url=https%3A%2F%2Fsomaleaf.com%2Fbetter-sleep%2Fcb%2F%3Fhop%3Ddariusfwoo%26hopId%3D346cc157-84c0-468d-8678-bc2b1141fb63&tdc=1
100 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
addressupdate.dnsd.me/b/hegap/z/ Redirect Chain
|
493 B 770 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
72092e88-2c53-401c-b988-51ef43ce1034
iovia-pmj.com/zclkvisitor/490c2143-331b-11ef-832c-0affe3126e0b/ Redirect Chain
|
3 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zclkredirect
iovia-pmj.com/ |
290 B 753 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.emixic25.online/ Redirect Chain
|
184 B 691 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
somaleaf.com/better-sleep/cb/ Redirect Chain
|
51 KB 51 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ |
27 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
somaleaf.com/better-sleep/cb/css/ |
138 KB 138 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owl.carousel.min.css
somaleaf.com/better-sleep/cb/owl-carousel/css/ |
3 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owl.theme.default.min.css
somaleaf.com/better-sleep/cb/owl-carousel/css/ |
1013 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
somaleaf.com/better-sleep/cb/css/ |
13 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
optimize.js
www.googleoptimize.com/ |
178 KB 65 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.0/ |
84 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
cbtb.clickbank.net/ |
934 B 982 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
UCInvisibleLink
secure.somaleaf.com/cgi-bin/ |
430 B 806 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
somaleaf.com/better-sleep/cb/img/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
katie.png
somaleaf.com/better-sleep/cb/img/ |
80 KB 81 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
left-quote.png
somaleaf.com/better-sleep/cb/img/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
right-quote.png
somaleaf.com/better-sleep/cb/img/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bottles.png
somaleaf.com/better-sleep/cb/img/ |
166 KB 166 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bottle.jpg
somaleaf.com/better-sleep/cb/img/ |
53 KB 53 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bottles3.jpg
somaleaf.com/better-sleep/cb/img/ |
102 KB 102 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
star.jpg
somaleaf.com/better-sleep/cb/img/ |
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bottles6.jpg
somaleaf.com/better-sleep/cb/img/ |
132 KB 132 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
deal.jpg
somaleaf.com/better-sleep/cb/img/ |
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
guarantee.png
somaleaf.com/better-sleep/cb/img/ |
63 KB 63 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
arrows.png
somaleaf.com/better-sleep/cb/img/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/ |
59 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owl.carousel.js
somaleaf.com/better-sleep/cb/owl-carousel/js/ |
88 KB 88 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
slider.js
somaleaf.com/better-sleep/cb/js/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
258 KB 89 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
injectable.js
prod.cbstatic.net/dist/ |
187 KB 57 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
widget.js
staticw2.yotpo.com/x3pyp7ARFIj5LgDzF6lLzSKFiixHFavic2GZKQko/ |
444 KB 144 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
invisibleLink.jsp
secure.somaleaf.com/affiliate/ |
72 B 686 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
left-quote.png
somaleaf.com/better-sleep/cb/img/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
right-quote.png
somaleaf.com/better-sleep/cb/img/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
somaleaf.com/better-sleep/cb/img/ |
10 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sleep.jpg
somaleaf.com/better-sleep/cb/img/ |
135 KB 135 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
no.jpg
somaleaf.com/better-sleep/cb/img/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
green-leaves1.jpg
somaleaf.com/better-sleep/cb/img/ |
54 KB 54 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mood.jpg
somaleaf.com/better-sleep/cb/img/ |
181 KB 182 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
check2.png
somaleaf.com/better-sleep/cb/img/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
check.png
somaleaf.com/better-sleep/cb/img/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
oil.jpg
somaleaf.com/better-sleep/cb/img/ |
60 KB 60 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wave.jpg
somaleaf.com/better-sleep/cb/img/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
avenirnextcyr-bold.woff2
somaleaf.com/better-sleep/cb/fonts/ |
28 KB 28 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
avenirnextcyr-mediumitalic.woff2
somaleaf.com/better-sleep/cb/fonts/ |
50 KB 51 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
avenirnextcyr-medium.woff2
somaleaf.com/better-sleep/cb/fonts/ |
27 KB 28 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/ |
65 KB 66 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
283 KB 100 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hotjar-3591150.js
static.hotjar.com/c/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tfa.js
cdn.taboola.com/libtrc/unip/1610113/ |
70 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
track.js
purathrive.ladesk.com/scripts/ |
49 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect.js
d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/ |
105 KB 105 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
219 KB 59 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.min.js
assets.mantisadnetwork.com/ |
32 B 173 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
j.php
dev.visualwebsiteoptimizer.com/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
track.js
sdk.trackcb.com/ |
17 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ge.js
s3-us-west-2.amazonaws.com/jsstore/a/V3VH7232/ |
61 KB 61 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
widget.css
staticw2.yotpo.com/x3pyp7ARFIj5LgDzF6lLzSKFiixHFavic2GZKQko/ |
479 KB 39 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i
p.yotpo.com/ |
35 B 280 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
open_sans.css
staticw2.yotpo.com/assets/ |
281 B 587 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10789851640/ |
4 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.analytics.google.com/g/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 251 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ga-audiences
www.google.co.uk/ads/ |
42 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v.gif
dev.visualwebsiteoptimizer.com/ |
35 B 152 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
15 B 218 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
id
d1pqvb2h9xgm7r.cloudfront.net/v1/ |
30 B 372 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rrweb-all.min-g.js
d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/vendor/rrweb-0.9.14/ |
88 KB 29 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modules.de6b9e294c29aa146ba1.js
script.hotjar.com/ |
223 KB 56 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1272042493478725
connect.facebook.net/signals/config/ |
58 KB 13 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
287 KB 102 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app-strings-en.json
prod.cbstatic.net/dist/i18n/ |
9 B 438 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-header-two-tone-en.png
prod.cbstatic.net/dist/assets/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-tab-two-tone-en.png
prod.cbstatic.net/dist/assets/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
blue-seal-153-100-clickbank-5004291.png
seal-boise.bbb.org/seals/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
topics_api
psb.taboola.com/ |
65 B 284 B |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
json
trc.taboola.com/1610113/trc/3/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 274 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ |
67 B 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
button.php
purathrive.ladesk.com/scripts/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
track-view
db.trackcb.com/ |
2 B 591 B |
Ping
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.google.com/pagead/1p-user-list/10789851640/ |
42 B 64 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.google.com.br/pagead/1p-user-list/10789851640/ |
42 B 64 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
content.hotjar.io/ |
56 B 171 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
rt
d1pqvb2h9xgm7r.cloudfront.net/v1/ |
514 B 883 B |
XHR
text/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
rt
d1pqvb2h9xgm7r.cloudfront.net/v1/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lc2.js
b-code.liadm.com/ |
101 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
track_visit.php
purathrive.ladesk.com/scripts/ |
434 B 663 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
generateWidget.php
purathrive.ladesk.com/scripts/ Frame 45E2 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
687 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
689 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bus.html
1-vbus-us-tx.ladesk.com/5_47_4_31/scripts/lib/ Frame 62DE |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
j
rp4.liadm.com/ Redirect Chain
|
13 B 350 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
unip
trc-events.taboola.com/1610113/log/3/ |
0 245 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
unip
trc-events.taboola.com/1610113/log/3/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
72731
idx.liadm.com/idex/unknown/ |
0 370 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.jpg
somaleaf.com/better-sleep/cb/img/ |
3 KB 3 KB |
Other
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p.gif
p.alocdn.com/c/vn3d8u2u/a/etarget/ Redirect Chain
|
42 B 353 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
unip
trc-events.taboola.com/1610113/log/3/ |
0 244 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
unip
trc-events.taboola.com/1610113/log/3/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
98 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 undefined| event object| fence object| sharedStorage object| google_tag_manager object| google_tag_data object| dataLayer function| $ function| jQuery string| __ultraaff_r string| __ultraaff_u object| bootstrap function| updateR string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings object| __tfa_pixel_init object| _tfa function| fbq function| _fbq object| mantis object| code object| _vwo_code number| _vwo_settings_timer object| geq function| EndlessScroll function| Room number| EDGE_RANGE_WIDTH function| getUserMedia object| yotpo function| Yotpo object| JSON2 object| jstz function| EXIF object| GooglebQhCsO object| gaGlobal number| _vwo_j_e string| _vwo_mt string| _vwo_tm string| _vwo_cookieDomain number| _vwo_acc_id object| VWO object| vwo_iehack_queue object| gaplugins object| gaData object| TimeMe boolean| _ucaloaded string| _ucav function| ucGetCssSelectorShort function| ucParentsCalc function| ucCalculateSelector function| ucaPushPageEvent object| _uca function| ucaEvent boolean| ucaInit object| trackerApplet object| hjSiteSettings function| hjBootstrap object| hjLazyModules object| hjBootstrapCalled object| $rdate object| $rbody object| $rimg undefined| Handlebars object| JSON3 undefined| returnExports function| cbtb object| rrweb boolean| ucaRecording function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError function| hashCode object| LiveAgentTrackerXD function| LiveAgent function| LiveAgentTracker boolean| _trackcb_hasRun function| GeAnalytics function| geLoadLi boolean| geqpreprun function| run_ge function| _0x3228 object| gekx function| _0x1c2a object| liQ object| _geq object| __li__evt_bus object| liQ_instances function| init_button_juaz2u9d object| widgets number| widgetsLength36 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.liadm.com/j | Name: lidid Value: 33d474f5-ed32-4c91-979d-37117d91226c |
|
.dnsd.me/ | Name: sid Value: 48e4eb72-331b-11ef-83e3-2bf884f9fb86 |
|
www.emixic25.online/ | Name: __ckd Value: VmtFdlRFVnFaVEpFUjA1YU5YbG9SRWxuVlRkSmQwNXRPWFpyVUV0WFdubHBTMEkxZG04MVJEaDZWRzF4T1NzNWFtZFNZVmhGZDFadlkyZDJPR1JZZFE9PQ%3D%3D |
|
.clickbank.net/ | Name: q Value: 01.F11DE80A65FBD6B773905990FF3E4486AB56E4A6021D7CCD26FC70DD5C0445D682400F1076F6AF420E4466EA440EB824FB1C9E56 |
|
cbtb.clickbank.net/ | Name: AWSALBCORS Value: sf2Iq2zGyokeYAD6bFODHxQCe0f5/8XKrX7rXhk+LeLAH2iFiHZc/vpPffd+CSuFo9Ir48T6bb1jymvBdZJiGZI03ajU++tSfWtwUn/K0r98UozzSlq4Q5tDnikj |
|
secure.somaleaf.com/ | Name: AWSALB Value: i1MbrkyChYRDcivFrAfEV52xHs4cDSmCFQLBjOwd4XAcRCDJ3AdFVEsF8aXa1IWJAEtKrRBHBoK5L53adVBL9xwXW0+Z82Dm/AkYqJtVFPIF9vp3C50hBz1cEc9O |
|
secure.somaleaf.com/ | Name: AWSALBCORS Value: i1MbrkyChYRDcivFrAfEV52xHs4cDSmCFQLBjOwd4XAcRCDJ3AdFVEsF8aXa1IWJAEtKrRBHBoK5L53adVBL9xwXW0+Z82Dm/AkYqJtVFPIF9vp3C50hBz1cEc9O |
|
secure.somaleaf.com/ | Name: JSESSIONID Value: abcOmumU4_4QmvckgSQfm |
|
secure.somaleaf.com/ | Name: LBJSESSIONID Value: abcOmumU4_4QmvckgSQfm.n374 |
|
somaleaf.com/ | Name: yotpo_pixel Value: ca0e0f73-9254-490e-92f0-baa259888c0e |
|
somaleaf.com/ | Name: _sp_id.a103 Value: 70920c40eccfdafa.1719337782.1.1719337782.1719337782 |
|
somaleaf.com/ | Name: _sp_ses.a103 Value: * |
|
.somaleaf.com/ | Name: _gcl_au Value: 1.1.586950243.1719337782 |
|
.somaleaf.com/ | Name: _ga_KMMRHNZRRP Value: GS1.1.1719337781.1.0.1719337781.60.0.0 |
|
.somaleaf.com/ | Name: _vwo_uuid_v2 Value: D435DB6293342A892086094FBA7D3643E|ea3fdc337a4ce0b87491a186730a2cd3 |
|
.somaleaf.com/ | Name: _ga Value: GA1.2.1035635446.1719337782 |
|
.somaleaf.com/ | Name: _gid Value: GA1.2.65989255.1719337782 |
|
.somaleaf.com/ | Name: _gat_UA-178251950-1 Value: 1 |
|
.somaleaf.com/ | Name: _fbp Value: fb.1.1719337782196.767451122292789242 |
|
.yotpo.com/ | Name: pixel Value: efdbb867-7b2a-4624-5069-4089686e1544 |
|
somaleaf.com/ | Name: LaVisitorNew Value: Y |
|
.somaleaf.com/ | Name: LaVisitorId_cHVyYXRocml2ZS5sYWRlc2suY29tLw Value: kxfet2ofgaprpqwnvlx8wyp7t5gms |
|
somaleaf.com/ | Name: LaSID Value: qypzxwcreyrq9qf9cj3leeb4s9901 |
|
somaleaf.com/ | Name: trackcb Value: vid%3DLsErNBhBrB1BoBPBvAxBv |
|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
.somaleaf.com/ | Name: _hjSessionUser_3591150 Value: eyJpZCI6IjEzMGRlMDkxLTk4ZGItNTJlMi04OGZmLWI2MmJlZjFmOWY0MSIsImNyZWF0ZWQiOjE3MTkzMzc3ODI1NzIsImV4aXN0aW5nIjp0cnVlfQ== |
|
.somaleaf.com/ | Name: _hjSession_3591150 Value: eyJpZCI6IjQ5YjIyY2JlLTU3NDQtNGFjNS1hMmRmLTZlZTY5ZTI0YjE0MyIsImMiOjE3MTkzMzc3ODI1NzQsInMiOjEsInIiOjEsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0= |
|
.somaleaf.com/ | Name: ucacid Value: 1080621068.537707 |
|
db.trackcb.com/ | Name: ec9c756dc3ee46b08a8acdf31f991f8f Value: LsErNBhBrB1BoBPBvAxBv |
|
.somaleaf.com/ | Name: _li_dcdm_c Value: .somaleaf.com |
|
.somaleaf.com/ | Name: _lc2_fpi Value: 7fc770f8f3a7--01j18893mncngfr7j9qvz1ft69 |
|
.somaleaf.com/ | Name: _lc2_fpi_meta Value: {%22w%22:1719337782933} |
|
somaleaf.com/ | Name: _geuid Value: 49e845da-75a4-46e6-bd1d-35f085bbdf2f |
|
somaleaf.com/ | Name: _geps Value: true |
|
.liadm.com/ | Name: lidid Value: 33d474f5-ed32-4c91-979d-37117d91226c |
|
.alocdn.com/ | Name: uuid Value: e7419736-5055-449f-af2f-c9e6cbd9a8af |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
1-vbus-us-tx.ladesk.com
2ef9e3hhmkw3bfzqu8ojl7nuek.hop.clickbank.net
addressupdate.dnsd.me
ajax.googleapis.com
assets.mantisadnetwork.com
b-code.liadm.com
cbtb.clickbank.net
cdn.taboola.com
connect.facebook.net
content.hotjar.io
d1pqvb2h9xgm7r.cloudfront.net
d9i5ve8f04qxt.cloudfront.net
db.trackcb.com
dev.visualwebsiteoptimizer.com
googleads.g.doubleclick.net
idx.liadm.com
iovia-pmj.com
maxcdn.bootstrapcdn.com
p.alocdn.com
p.yotpo.com
prod.cbstatic.net
psb.taboola.com
purathrive.ladesk.com
region1.analytics.google.com
rp.liadm.com
rp4.liadm.com
s3-us-west-2.amazonaws.com
script.hotjar.com
sdk.trackcb.com
seal-boise.bbb.org
secure.somaleaf.com
somaleaf.com
stackpath.bootstrapcdn.com
static.hotjar.com
staticw2.yotpo.com
stats.g.doubleclick.net
trc-events.taboola.com
trc.taboola.com
www.emixic25.online
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.google.com.br
www.googleoptimize.com
www.googletagmanager.com
xml-v4.mpds-smart3.online
13.32.23.178
13.32.27.54
141.226.228.48
143.204.205.36
143.204.215.114
151.101.1.44
151.101.129.44
173.239.53.32
18.193.38.191
18.66.102.11
2001:4860:4802:32::36
2600:1f18:730:b110:f5ad:9b28:4897:8316
2600:9000:275d:7c00:8:8845:1500:93a1
2606:4700:3030::6815:1421
2606:4700::6812:6e
2606:4700::6812:acf
2606:4700::6812:bcf
2a00:1450:4001:803::2002
2a00:1450:4001:813::200a
2a00:1450:4001:81c::200e
2a00:1450:4001:81d::2004
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2008
2a00:1450:4001:830::2003
2a00:1450:4001:831::2003
2a00:1450:400c:c02::9b
2a02:26f0:3100:18f::1d72
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
3.212.110.53
31.220.31.123
34.192.48.34
34.223.150.129
34.225.203.174
34.248.252.138
34.96.102.137
44.205.113.42
44.239.109.64
45.79.6.119
52.92.185.208
54.189.62.86
67.225.164.35
68.70.204.1
72.14.190.90
94.229.72.123
0073a179cb6b773c537c358cddd68c81d427a6a242641a5b61c6b075b868003d
00c89e0cd4c41144418e06885bb87e962fdb17567bf55adccb1678a1f6beca4c
01f6cbbf8e5ef3f9930aa103a7219a5d4cf637853598a4f9fc4bc6e67ba076bc
02660f9cd38ea499474d8ead6fd8657654ecea09aab69ebb18a33da225532b59
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
0694447d3bc86755a565a0470cde19046a7123e64477fb00a79370d5b73404dc
07fb345b04821e63a38f65a0bce81e63bba042a693b21ac1f69005b34fddc189
09d6d3fa72135d2af00ebcf0861705777ceaa09456dd06566ed35980ed8da7d5
0a6d1ec4715b91ba9e4407601370f21c8891c087937887f8b45f96489f21c936
0f7a81d24c6be9635d37f89c7a2e44b8c51eb6c3d4891bef232b3d86a7178f27
144906e343b22a300c436de37b83c667293c48e9be1d799f6086535c8b3efd19
14d07e87c73f99d4c56f31133b12ae130fa9add6b17f3a9cb171b963bdc4ef3c
192401be4b78aca290cac429df74c0416393d114b59cee821983b9fbc60069c0
217239770254c40334fc4fa584115ebc3293c0ccfa47cc3b2767861b574a6d40
21f9e1a49878a1e3b87c8cebcf14d323ed43ad22f60675bca62dc73a2d18f680
267f259b0715498a94f66b7f4cd3cdcb2fb9699d396944a367c28a4e4ebdc127
291fb3411c0af0a19c6c8b6ac5d021fd5dbfd1272db91eaf1f54d4aaa5f6166c
2d39b4d75d53d7b7e4ae90b035d7f5c78b4293a250fd061eefd41353dc938e04
2f4d0823359307bdc2fbcc62d1004b361b02cc8ae5d6cb75f314658827ee1eeb
34579e37618d1071e225153270cfb89bc7ea585a39d3eec9f43127adf131a408
362e4fd2083e78ceca0ea477db379a7ee218f6dda08174ae5b2e957f54d5c135
369304770c34ecaac133569df7d98b2fa9cabeabe06bbff2d4db504d2a766192
3a8520efad801b58d1edb6be419ba8dabcad41789c153fd78739358af66b4b5e
3bf5632647c1811370b86571486e6cada7ced66bf90099f7a058d2abbc78d7e4
3f4fc029ed726a3c01100fdaf837eb94e2a2e073bb6e91dae68969cb7f76104d
433418f0982f0fa49871fd7a84e1434ffa200b7fd6cff2b29ccf4066405245d5
4576e2a25d9ec0483adc2cdd74146f84e8b18862b929acc76768e3860bf89f0b
45dc0bb4b07603e79efa76e63566db05edd10a15d0022b96c7fabb6b9343b3cd
49255bc7c252edc4c4f2830849c230c199567d3cabf7f8f1a57e46e628da0c33
494196a697c2bf6811bcc9c9d6fa5a361b1381f7156978b1cac97854bab4767d
4bd7e7497f901fe9089a72c9e092b4c553e37e86cfbd1762209757cc58b3504d
4f1c8aa56d3625d6a056a565b51cec59f58de18b6b9cb59b61edfd239b1e34fa
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
58879ae8f67dfb9faac7540adde910484e9d52f950153725e7c9b5cb782a8b31
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
5b8cd9373b77b4579717b6f2fbe1736cad43cd556920a5e47218400b593fae25
5d6fe426eec2d41f7ae99d45a5e2f536017ce5d5c4b5a8fb06b55bcca4549c32
5da2394d87d952e3c7f810adfce1b41ced41486c356ee83f1e4e07da28e75ae9
62b66ffa11fd9c72973367bfb80179ea30f61283774882204aeb844b9b480313
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d61b04ff0408e55ea2a26a36e9d16531d743125605c65b6a5085e5fd6e25be7
6feeb10c3d52dc59144ecf68a2e4c6e86d50b8eff647f4c573f3b69f314539ab
7169cf8309c4c987f2bd0699c8111fa4174701f3300ef8d56adcbd9f34a5eec1
72bc512d47c51acb5fe8bb0b62783cf2619e113d1a06fe2954ad9e9e99912473
743c4b93ab02f0ece15aa8bdb1f7b5d57e1753fe5ef6d320612ee0888e1196c6
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
7db9d7f28723d8297eeac25f264ea8cd2b67147b6f5c6ebd9eb791b785f4ebf7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84986c117f6f9418eff2f7ce5e55940671f178542c58092c05ef539ebd4da308
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
9087c6926d7fdcb36fda0c14eec72a136b33ab4f8ff487220e91830e9916640a
924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac
9bb86f35fe22b7e2ad2d799998bd92a8dca9e28dca1c3ea103b649526188b8cb
9cdb717e1e306a87eb0ba66adfe952708829f5dfa43f63dbae421033e13ea648
a4958507274305377dedb2f768b8cb79ae1e28bde0d817bf519179febbb0fd92
a72cb759af95b601955881a2db62a5b8ab3db39c873c58f7dab9a17955d57fbe
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
adad0f387bdee702d1120265df725c20b92e9d1eaaca34557fd6208babd0cc1b
b548718addc8e47c79bc8cd5b7350c011baba868da91e6838658320d3878460b
b8218860d778fa3b85fc9bc0f4fb3ca7db946823f979ea18769833a5901a7801
bc4f846a058e02aa5fd315d0c535a227636ca4a74ed38a5a84d4d5e675ffec72
c5d00587fde6652d75d52f1ca384fbf0e32635c91a933ba1d6b32bfef8316804
c72d11dc8aa73acdcd9f33d45d7408e6235e7915fb147d1526182ebefb67a38e
cae4b0866ef94b3a9e689b2535f3dfd6ddf8fcce5a4b549719e022dd1e080c1d
cbef69950fc9dba0be14f3b6761597fe9f1a8dca261dd34f7ba5bad77c64ebe3
db9d6cf3c1c4b047c62f646e7d9991c06a212931c362bf53f9a2406b30f09466
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0844570226d35b310ed51a7b92a2f88e3126821afeead784b0fb7f2a0460fbb
e39c45ae816cdb558e7c68d30b56e523288d438494b6a672b963473c3d4a071d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e
e96393be2c4bffa8c395626a42acd1837804bb137fa647b8f9154144165562a6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef532b218e6877d4b92578b7fe0228fbb09d539a1c9198e16765eccc7e6d3cfd
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f4cca8370a48121262342f68dd0433d7ccda7223aed8619f77625a1200142728
f64c5d76c336b7ca872c32f0fad81c26328f03cb01ccdfbeac010934c0eaa624
f752e24e380963973c86376422b0618658de851a8b2011c69e394b787a1c593f
f7f6d9ba6bece6d4e89634274968963183630e04daa2cb7f75305b6b0224d0d7
feb75751c72fb2982a544071ccb0ecc38160bcbf21fc71b9fe861d86438e47dc
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
fff6393f0ae1b15fe11156b938d7dadda20cb9b329fd9c07675a1f417cee5736