utiformula.com
Open in
urlscan Pro
157.230.215.250
Public Scan
Effective URL: https://utiformula.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=utifixvsl&utm_campaign=utifixcpa&af...
Submission: On March 28 via api from US — Scanned from US
Summary
TLS certificate: Issued by R3 on March 23rd 2024. Valid for: 3 months.
This is the only time utiformula.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 100.147.102.34.bc.googleusercontent.com
www.splashways.com |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 247.199.107.34.bc.googleusercontent.com
www.ibph4trk.com |
ASN14061 (DIGITALOCEAN-ASN, US)
PTR: utiformula.com
utiformula.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-40-26.compute-1.amazonaws.com
secure.utifix.com |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN16509 (AMAZON-02, US)
PTR: server-18-238-74-246.jfk52.r.cloudfront.net
sc-static.net |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-224-106.deploy.static.akamaitechnologies.com
analytics.tiktok.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-238-59-18.jfk52.r.cloudfront.net
d9i5ve8f04qxt.cloudfront.net |
ASN32934 (FACEBOOK, US)
www.facebook.com |
ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com
tr.snapchat.com | |
tr6.snapchat.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-238-79-218.jfk52.r.cloudfront.net
d1pqvb2h9xgm7r.cloudfront.net |
ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f6.1e100.net
12217290.fls.doubleclick.net |
ASN26101 (YAHOO-BF1, US)
PTR: spdc.pbp.vip.bf1.yahoo.com
sp.analytics.yahoo.com |
ASN16625 (AKAMAI-AS, US)
PTR: a23-56-163-9.deploy.static.akamaitechnologies.com
ct.pinterest.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-118-242.deploy.static.akamaitechnologies.com
analytics.pangle-ads.com |
ASN14061 (DIGITALOCEAN-ASN, US)
service3.purehealthresearch.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
pinterest.com
ct.pinterest.com — Cisco Umbrella Rank: 928 |
4 KB |
6 |
clarity.ms
1 redirects
www.clarity.ms — Cisco Umbrella Rank: 753 l.clarity.ms — Cisco Umbrella Rank: 6348 c.clarity.ms — Cisco Umbrella Rank: 1387 |
23 KB |
6 |
cloudfront.net
d9i5ve8f04qxt.cloudfront.net d1pqvb2h9xgm7r.cloudfront.net |
21 KB |
6 |
utiformula.com
utiformula.com |
311 KB |
5 |
snapchat.com
tr.snapchat.com — Cisco Umbrella Rank: 896 tr6.snapchat.com — Cisco Umbrella Rank: 1343 |
1 KB |
5 |
tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 717 |
153 KB |
3 |
doubleclick.net
1 redirects
12217290.fls.doubleclick.net — Cisco Umbrella Rank: 558507 stats.g.doubleclick.net — Cisco Umbrella Rank: 91 |
1 KB |
3 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 42 |
280 KB |
3 |
ibph4trk.com
1 redirects
www.ibph4trk.com — Cisco Umbrella Rank: 551933 |
20 KB |
2 |
google.com
analytics.google.com — Cisco Umbrella Rank: 148 |
307 B |
2 |
yimg.com
s.yimg.com — Cisco Umbrella Rank: 674 |
7 KB |
2 |
pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 935 |
21 KB |
2 |
youtube.com
www.youtube.com — Cisco Umbrella Rank: 68 |
69 KB |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 182 |
73 KB |
2 |
utifix.com
secure.utifix.com |
2 KB |
2 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35 |
3 KB |
1 |
bing.com
1 redirects
c.bing.com — Cisco Umbrella Rank: 245 |
761 B |
1 |
purehealthresearch.com
service3.purehealthresearch.com — Cisco Umbrella Rank: 320723 |
|
1 |
pangle-ads.com
analytics.pangle-ads.com — Cisco Umbrella Rank: 2858 |
966 B |
1 |
yahoo.com
sp.analytics.yahoo.com — Cisco Umbrella Rank: 1497 |
632 B |
1 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 100 |
274 B |
1 |
sc-static.net
sc-static.net — Cisco Umbrella Rank: 1147 |
19 KB |
1 |
youtube-nocookie.com
www.youtube-nocookie.com — Cisco Umbrella Rank: 3425 |
|
1 |
splashways.com
1 redirects
www.splashways.com |
489 B |
62 | 24 |
Domain | Requested by | |
---|---|---|
8 | ct.pinterest.com |
s.pinimg.com
|
6 | utiformula.com |
utiformula.com
|
5 | d1pqvb2h9xgm7r.cloudfront.net |
d9i5ve8f04qxt.cloudfront.net
|
5 | analytics.tiktok.com |
utiformula.com
analytics.tiktok.com |
4 | tr.snapchat.com |
sc-static.net
utiformula.com |
3 | www.googletagmanager.com |
utiformula.com
www.googletagmanager.com |
3 | www.ibph4trk.com |
1 redirects
www.googletagmanager.com
www.ibph4trk.com |
2 | c.clarity.ms | 1 redirects |
2 | l.clarity.ms |
www.clarity.ms
|
2 | analytics.google.com |
www.googletagmanager.com
|
2 | 12217290.fls.doubleclick.net |
1 redirects
www.googletagmanager.com
|
2 | www.clarity.ms |
utiformula.com
www.clarity.ms |
2 | s.yimg.com |
utiformula.com
s.yimg.com |
2 | s.pinimg.com |
www.googletagmanager.com
s.pinimg.com |
2 | www.youtube.com |
utiformula.com
www.youtube.com |
2 | connect.facebook.net |
utiformula.com
connect.facebook.net |
2 | secure.utifix.com |
utiformula.com
secure.utifix.com |
2 | fonts.googleapis.com |
utiformula.com
|
1 | c.bing.com | 1 redirects |
1 | service3.purehealthresearch.com |
utiformula.com
|
1 | analytics.pangle-ads.com |
analytics.tiktok.com
|
1 | tr6.snapchat.com |
sc-static.net
|
1 | sp.analytics.yahoo.com |
utiformula.com
|
1 | stats.g.doubleclick.net |
www.googletagmanager.com
|
1 | www.facebook.com |
utiformula.com
|
1 | d9i5ve8f04qxt.cloudfront.net |
www.googletagmanager.com
|
1 | sc-static.net |
www.googletagmanager.com
|
1 | www.youtube-nocookie.com |
utiformula.com
|
1 | www.splashways.com | 1 redirects |
62 | 29 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
utiformula.com R3 |
2024-03-23 - 2024-06-21 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-02-26 - 2024-05-20 |
3 months | crt.sh |
secure.utifix.com Sectigo RSA Domain Validation Secure Server CA |
2023-07-14 - 2024-08-12 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2024-02-26 - 2024-05-20 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2024-01-06 - 2024-04-05 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2024-02-26 - 2024-05-20 |
3 months | crt.sh |
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-08-07 - 2024-08-07 |
a year | crt.sh |
sc-static.net Amazon RSA 2048 M03 |
2023-12-21 - 2025-01-18 |
a year | crt.sh |
*.tiktok.com RapidSSL ECC CA 2018 |
2023-07-14 - 2024-08-13 |
a year | crt.sh |
*.cloudfront.net Amazon RSA 2048 M01 |
2023-10-10 - 2024-09-19 |
a year | crt.sh |
p8btrk.com Starfield Secure Certificate Authority - G2 |
2023-11-30 - 2024-12-31 |
a year | crt.sh |
*.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA |
2024-03-25 - 2024-05-15 |
2 months | crt.sh |
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1 |
2023-12-07 - 2024-12-07 |
a year | crt.sh |
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-02-21 - 2025-02-20 |
a year | crt.sh |
*.doubleclick.net GTS CA 1C3 |
2024-02-26 - 2024-05-20 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2024-02-26 - 2024-05-20 |
3 months | crt.sh |
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA |
2024-03-19 - 2024-09-11 |
6 months | crt.sh |
*.pangle-ads.com RapidSSL TLS ECC CA G1 |
2023-08-10 - 2024-09-09 |
a year | crt.sh |
a.clarity.ms Microsoft Azure TLS Issuing CA 01 |
2024-01-14 - 2024-06-27 |
5 months | crt.sh |
service3.purehealthresearch.com R3 |
2024-02-05 - 2024-05-05 |
3 months | crt.sh |
This page contains 5 frames:
Primary Page:
https://utiformula.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=utifixvsl&utm_campaign=utifixcpa&affid=463&oid=94&uid=0&_ef_transaction_id=163d46e96a5948a790c5dadfd5cbcdc5&n=694
Frame ID: C8ADF5280B6146ABBC4A279AE89B1FED
Requests: 56 HTTP requests in this frame
Frame:
https://www.youtube-nocookie.com/embed/6EcJNJMbDeM?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
Frame ID: 72F735D81DDD8A8D7B0770729E5A840B
Requests: 1 HTTP requests in this frame
Frame:
https://tr.snapchat.com/cm/i?pid=21444b75-45eb-4207-bb22-dc5f286db86b&u_scsid=ed16ddea-c938-475d-bf3d-876d45603301&u_sclid=126b5e6b-4c3a-4e14-b31a-fdf80e35189c
Frame ID: 286DF4A69B66D932D0C120F90286C430
Requests: 1 HTTP requests in this frame
Frame:
https://12217290.fls.doubleclick.net/activityi;dc_pre=CMWf3fL6l4UDFeiKfwQdlSIMvg;src=12217290;type=invmedia;cat=uf_al0;ord=1;num=7473315977283;npa=0;auiddc=167131233.1711663356;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe43r0z8889807544za201;gcd=13l3l3l3l1;dma=0;epver=2;~oref=https%3A%2F%2Futiformula.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dutifixvsl%26utm_campaign%3Dutifixcpa%26affid%3D463%26oid%3D94%26uid%3D0%26_ef_transaction_id%3D163d46e96a5948a790c5dadfd5cbcdc5%26n%3D694
Frame ID: 98510C912A1263FC4CB562C904BB88C9
Requests: 1 HTTP requests in this frame
Frame:
https://ct.pinterest.com/ct.html
Frame ID: 6A9355BEA9072D76CC62923B775141BF
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
UT FIXPage URL History Show full URLs
-
http://www.splashways.com/9w598/7bw7sws/?sub1=hdshdfjdgaa
HTTP 307
https://www.splashways.com/9w598/7bw7sws/?sub1=hdshdfjdgaa HTTP 302
https://www.ibph4trk.com/Q1JP2N/5MJ263/?sub1=hdshdfjdgaa&sub2=ea586b9121cc436b9760f3c50cdbb131&sub3=h... HTTP 302
http://utiformula.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=utifixvsl&utm_c... HTTP 307
https://utiformula.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=utifixvsl&utm_c... Page URL
Detected technologies
Facebook (Widgets) ExpandDetected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Google Analytics (Analytics) Expand
Detected patterns
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Google Tag Manager (Tag Managers) Expand
Detected patterns
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.splashways.com/9w598/7bw7sws/?sub1=hdshdfjdgaa
HTTP 307
https://www.splashways.com/9w598/7bw7sws/?sub1=hdshdfjdgaa HTTP 302
https://www.ibph4trk.com/Q1JP2N/5MJ263/?sub1=hdshdfjdgaa&sub2=ea586b9121cc436b9760f3c50cdbb131&sub3=hdshdfjdgaa HTTP 302
http://utiformula.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=utifixvsl&utm_campaign=utifixcpa&affid=463&oid=94&uid=0&_ef_transaction_id=163d46e96a5948a790c5dadfd5cbcdc5&n=694 HTTP 307
https://utiformula.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=utifixvsl&utm_campaign=utifixcpa&affid=463&oid=94&uid=0&_ef_transaction_id=163d46e96a5948a790c5dadfd5cbcdc5&n=694 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 29- https://12217290.fls.doubleclick.net/activityi;src=12217290;type=invmedia;cat=uf_al0;ord=1;num=7473315977283;npa=0;auiddc=167131233.1711663356;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe43r0z8889807544za201;gcd=13l3l3l3l1;dma=0;epver=2;~oref=https%3A%2F%2Futiformula.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dutifixvsl%26utm_campaign%3Dutifixcpa%26affid%3D463%26oid%3D94%26uid%3D0%26_ef_transaction_id%3D163d46e96a5948a790c5dadfd5cbcdc5%26n%3D694 HTTP 302
- https://12217290.fls.doubleclick.net/activityi;dc_pre=CMWf3fL6l4UDFeiKfwQdlSIMvg;src=12217290;type=invmedia;cat=uf_al0;ord=1;num=7473315977283;npa=0;auiddc=167131233.1711663356;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe43r0z8889807544za201;gcd=13l3l3l3l1;dma=0;epver=2;~oref=https%3A%2F%2Futiformula.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dutifixvsl%26utm_campaign%3Dutifixcpa%26affid%3D463%26oid%3D94%26uid%3D0%26_ef_transaction_id%3D163d46e96a5948a790c5dadfd5cbcdc5%26n%3D694
- https://c.clarity.ms/c.gif HTTP 302
- https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=379F8043E85B4BB3B7DCBAFC925CCD0C&RedC=c.clarity.ms&MXFR=25754AF75792606A0EB95EA753926E91 HTTP 302
- https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=379F8043E85B4BB3B7DCBAFC925CCD0C&MUID=007061748B8D63781EBC75248A02626F
62 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
presentation
utiformula.com/ Redirect Chain
|
50 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
28 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
32 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DESKTOP-play-GIF-3-2-1.gif
utiformula.com/img/video/ |
128 KB 128 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
UCAffiliateNetworkPixel
secure.utifix.com/cgi-bin/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
318 KB 104 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
218 KB 59 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6EcJNJMbDeM
www.youtube-nocookie.com/embed/ Frame 72F7 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iframe_api
www.youtube.com/ |
993 B 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DESKTOP-play-GIF-3-2-1.gif
utiformula.com/img/video/ |
128 KB 128 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dr-holly.png
utiformula.com/img/featured-on/holly/ |
15 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
featured-logo.svg
utiformula.com/img/featured-on/holly/ |
65 KB 25 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
www-widgetapi.js
www.youtube.com/s/player/3b96d06c/www-widgetapi.vflset/ |
216 KB 67 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
810524130072458
connect.facebook.net/signals/config/ |
60 KB 14 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
317 KB 103 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
core.js
s.pinimg.com/ct/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
destination
www.googletagmanager.com/gtag/ |
200 KB 73 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scevent.min.js
sc-static.net/ |
44 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
events.js
analytics.tiktok.com/i18n/pixel/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect-g.js
d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/ |
103 KB 20 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
everflow.js
www.ibph4trk.com/scripts/sdk/ |
60 KB 19 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ytc.js
s.yimg.com/wi/ |
18 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gnskeh9j3a
www.clarity.ms/tag/ |
1017 B 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
UCAffiliateNetworkPixel
secure.utifix.com/cgi-bin/ |
0 638 B |
Stylesheet
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 274 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
10195419.json
s.yimg.com/wi/config/ |
46 B 679 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
21444b75-45eb-4207-bb22-dc5f286db86b.js
tr.snapchat.com/config/com/ |
185 B 463 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i
tr.snapchat.com/cm/ Frame 286D |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p
tr.snapchat.com/ |
68 B 453 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
id
d1pqvb2h9xgm7r.cloudfront.net/v1/ |
30 B 372 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
activityi;dc_pre=CMWf3fL6l4UDFeiKfwQdlSIMvg;src=12217290;type=invmedia;cat=uf_al0;ord=1;num=7473315977283;npa=0;auiddc=167131233.1711663356;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.86%7C...
12217290.fls.doubleclick.net/ Frame 9851 Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.d1ecc6ee.js
s.pinimg.com/ct/lib/ |
64 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.MWIzOGRhOGZjMQ.js
analytics.tiktok.com/i18n/pixel/static/ |
425 KB 112 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
analytics.google.com/g/ |
0 253 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 253 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sp.pl
sp.analytics.yahoo.com/ |
43 B 632 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clarity.js
www.clarity.ms/s/0.7.26/ |
60 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
ct.pinterest.com/user/ |
298 B 690 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
ct.pinterest.com/user/ |
298 B 711 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
ct.pinterest.com/user/ |
298 B 687 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
ct.pinterest.com/v3/ |
35 B 0 |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
rt
d1pqvb2h9xgm7r.cloudfront.net/v1/ |
20 B 442 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
rt
d1pqvb2h9xgm7r.cloudfront.net/v1/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
p
tr6.snapchat.com/ |
0 48 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
identify_05ea2.js
analytics.tiktok.com/i18n/pixel/static/ |
137 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
pangle_pixel
analytics.pangle-ads.com/api/v2/ |
0 966 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
pixel
analytics.tiktok.com/api/v2/ |
0 699 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
collect
l.clarity.ms/ |
0 294 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
p
tr.snapchat.com/ |
0 95 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
ct.pinterest.com/v3/ |
35 B 0 |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
ct.pinterest.com/v3/ |
35 B 0 |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
click
www.ibph4trk.com/sdk/ |
86 B 449 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
act
analytics.tiktok.com/api/v2/pixel/ |
0 702 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
adnypeu
service3.purehealthresearch.com/ |
0 0 |
Fetch
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c.gif
c.clarity.ms/ Redirect Chain
|
42 B 442 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
token_create.js
ct.pinterest.com/static/ct/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ct.html
ct.pinterest.com/ Frame 6A93 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
rt
d1pqvb2h9xgm7r.cloudfront.net/v1/ |
20 B 308 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H3 |
rt
d1pqvb2h9xgm7r.cloudfront.net/v1/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.png
utiformula.com/img/ |
547 B 840 B |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
collect
l.clarity.ms/ |
0 294 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
analytics.google.com/g/ |
0 54 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
88 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| onpagereveal object| dataLayer function| fbq function| _fbq object| lazySizesConfig object| lazySizes function| init function| adjustVideoPlayerSize function| onYouTubeIframeAPIReady function| getVideoStartTime function| onProgress function| updateTime function| setTapImageSource function| showTapImage function| hideTapImage function| showNextStepButton function| videoChangeGo function| handleKeyboardEvent function| isFacebookApp function| smoothScrollTo function| calculateScrollTopPosition function| showCookiesBanner function| acceptCookies function| setCookie function| getCookie function| toOrderForm object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady function| ucAnpFailback function| ucRemoveBadMacros function| ucAnpCallback object| google_tag_manager object| google_tag_data function| pintrk function| snaptr string| TiktokAnalyticsObject object| ttq object| dotq function| clarity object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| YAHOO object| _scPxHelper object| TimeMe boolean| _ucaloaded string| _ucav function| ucGetCssSelectorShort function| ucParentsCalc function| ucCalculateSelector function| ucaPushPageEvent object| _uca number| c_start function| ucaEvent boolean| ucaInit object| EF object| gaGlobal object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks object| tagConfig46 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
sc-static.net/scevent.min.js | Name: X-AB Value: b9bd00ec73544025b937f4253ff9de4c |
|
www.splashways.com/ | Name: uniqueClick_7bw7sws Value: d9650974-8081-482b-8a6e-0827372f9bcf:1711663355 |
|
www.splashways.com/ | Name: transaction_id Value: ea586b9121cc436b9760f3c50cdbb131 |
|
www.ibph4trk.com/ | Name: uniqueClick_5MJ263 Value: 492c8660-70f5-4c7f-854c-a0dfdf1f3707:1711663355 |
|
.youtube.com/ | Name: YSC Value: JCih6Sn12KQ |
|
.youtube.com/ | Name: VISITOR_INFO1_LIVE Value: d2D8E2MRYok |
|
.youtube.com/ | Name: VISITOR_PRIVACY_METADATA Value: CgJVUxIEGgAgXQ%3D%3D |
|
.utiformula.com/ | Name: _gcl_au Value: 1.1.167131233.1711663356 |
|
secure.utifix.com/ | Name: AWSALBCORS Value: nkIbEqfCzP1tliAfYW8Ebx31ceyX3In9kvfnoW/PmEhwiRQ35RvbMovRzlHk5uF4EwIEoWADHOP2aeXlhzOa8LVOda0b7C93t/D2qwiqfJ1maKPBxy2L24vHwRYz |
|
.utiformula.com/ | Name: _fbp Value: fb.1.1711663356281.1660151380 |
|
.tiktok.com/ | Name: _ttp Value: 2eKpvlhKki1Z68atAZPBuZYdyV2 |
|
.utiformula.com/ | Name: _scid Value: 0d7e9afd-e26c-4f70-a57b-095247766469 |
|
.utiformula.com/ | Name: _scid_r Value: 0d7e9afd-e26c-4f70-a57b-095247766469 |
|
www.clarity.ms/ | Name: CLID Value: f6e0517bc4854fc0b3a55b9aa8de482a.20240328.20250328 |
|
.utiformula.com/ | Name: _ga Value: GA1.1.751177498.1711663356 |
|
.utiformula.com/ | Name: _ga_3QCN2283VC Value: GS1.1.1711663356.1.0.1711663356.60.0.0 |
|
.utiformula.com/ | Name: ucacid Value: 1769909892.597700 |
|
.yahoo.com/ | Name: A3 Value: d=AQABBPzoBWYCEOmnVGQWCtqkt8iiL-x8YQ4FEgEBAQE6B2YPZtww0iMA_eMAAA&S=AQAAAquASNtsAQ6ev5QLSbftcPs |
|
.utiformula.com/ | Name: _clck Value: 76gris%7C2%7Cfkg%7C0%7C1548 |
|
.pinterest.com/ | Name: ar_debug Value: 1 |
|
.snapchat.com/ | Name: sc_at Value: v2|H4sIAAAAAAAAAEXHwRGAMAgEwIqY4RK8iOUcoYsUrz9/u557JUFD3mWRUabutvKtESkN8SD8wQLIOa+vP/0FO1r07EAAAAA= |
|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
.doubleclick.net/ | Name: receive-cookie-deprecation Value: 1 |
|
.tapad.com/ | Name: TapAd_TS Value: 1711663356753 |
|
.tapad.com/ | Name: TapAd_DID Value: b66eb4e9-075f-4c51-860b-062f525bbfd6 |
|
.tapad.com/ | Name: TapAd_3WAY_SYNCS Value: |
|
.utiformula.com/ | Name: _tt_enable_cookie Value: 1 |
|
.utiformula.com/ | Name: _ttp Value: i6_DDzUwmkbeuAMiiW84BF2IWyR |
|
.utiformula.com/ | Name: _pin_unauth Value: dWlkPU9XUTFOamN3TWpNdE1UTTJNQzAwWVROaExUaGtOakF0TUdVd09UQmxZMk0zTlRKbA |
|
.utiformula.com/ | Name: _sctr Value: 1%7C1711620000000 |
|
.utiformula.com/ | Name: _clsk Value: 1l5dyr0%7C1711663357080%7C1%7C1%7Cl.clarity.ms%2Fcollect |
|
.ct.pinterest.com/ | Name: _pinterest_ct_ua Value: "TWc9PSYvODZ0cWptQUVqTVAycEVLcUtWdVNFUU1EbXNVOUJzRjlWR0VCT3ZuOWxMR2pYT200MS8raWJrdUwwb3gyQ1oyNkdiRjhVZWxRRXo5aVFVYTRIaVd5OTUwRWwvdUZhbTdVOEtva1F0R3BrMD0mTUlJVU82cEg0Y0p0WFJ6MTlDdEh5cWxoSFJRPQ==" |
|
www.ibph4trk.com/ | Name: uniqueClick Value: cbc6552a-db2e-4b09-8103-83b69709af23:1711663357 |
|
www.ibph4trk.com/ | Name: transaction_id Value: 163d46e96a5948a790c5dadfd5cbcdc5|163d46e96a5948a790c5dadfd5cbcdc5 |
|
utiformula.com/ | Name: ef_witness Value: 1 |
|
utiformula.com/ | Name: ef_affid Value: 463 |
|
utiformula.com/ | Name: ef_tid_c_o_94 Value: 163d46e96a5948a790c5dadfd5cbcdc5 |
|
utiformula.com/ | Name: ef_tid_c_a_1 Value: 163d46e96a5948a790c5dadfd5cbcdc5 |
|
.bing.com/ | Name: MUID Value: 007061748B8D63781EBC75248A02626F |
|
.c.bing.com/ | Name: MR Value: 0 |
|
.c.bing.com/ | Name: SRM_B Value: 007061748B8D63781EBC75248A02626F |
|
.c.clarity.ms/ | Name: SM Value: C |
|
.clarity.ms/ | Name: MUID Value: 007061748B8D63781EBC75248A02626F |
|
.c.clarity.ms/ | Name: MR Value: 0 |
|
.c.clarity.ms/ | Name: ANONCHK Value: 0 |
|
utiformula.com/ | Name: /presentation:watchVideoTime:6EcJNJMbDeM Value: 0 |
66 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
12217290.fls.doubleclick.net
analytics.google.com
analytics.pangle-ads.com
analytics.tiktok.com
c.bing.com
c.clarity.ms
connect.facebook.net
ct.pinterest.com
d1pqvb2h9xgm7r.cloudfront.net
d9i5ve8f04qxt.cloudfront.net
fonts.googleapis.com
l.clarity.ms
s.pinimg.com
s.yimg.com
sc-static.net
secure.utifix.com
service3.purehealthresearch.com
sp.analytics.yahoo.com
stats.g.doubleclick.net
tr.snapchat.com
tr6.snapchat.com
utiformula.com
www.clarity.ms
www.facebook.com
www.googletagmanager.com
www.ibph4trk.com
www.splashways.com
www.youtube-nocookie.com
www.youtube.com
104.126.118.242
134.209.162.206
142.251.40.230
157.230.215.250
18.238.59.18
18.238.74.246
18.238.79.218
20.110.205.119
20.120.65.166
2001:4860:4802:38::181
2001:4998:1c:800::1000
23.48.224.106
23.56.163.9
2600:141b:1c00:2586::1931
2603:1062:10:25::1
2607:f8b0:4004:c19::9d
2607:f8b0:4006:80c::200e
2607:f8b0:4006:80d::200e
2607:f8b0:4006:821::200a
2607:f8b0:4006:822::2008
2620:1ec:c11::200
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
34.102.147.100
34.107.199.247
34.205.40.26
35.190.43.134
76.13.32.146
047e3259b6f0b42d781532fa122b2d8de9aed187d766fd45efcf119450eeb4c4
08a5d3faf1218d1a3dc17a5f4b37b033fbd895a03872eacd53f9419b772419f1
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
155491144e1b2bf8c41f48f65d8b2d56856254c3cec1a60ae76ea32c0c9bdca8
15fc4f4f41cce71191665c7e7061067c82e9275958257ca9464ff8c21958d60f
1eebbe20a7e11128ee261e88cadbc5f467f81690a0bb0a8aa2a529a8f04aee43
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
345ff81c0370ab4c27745f8d714e482a401c38fdc8fada31a697e65f0389fcbd
3ac111a6765be0ddf9e829f2744dc9bbc95f3d897067a7f68db5270dffd781a7
4218321e8fd3e909d3f757c8609587176e48fe76848f3ed06ad59f96fa8482ef
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
4a432f50ced3c08097f1924b0039849937279cf85941afd4e61798c4c19d1855
4d8884f3e3ac809c301d102e063ae5be043b7c5b3ffbd279f25fa7f6733dd2c7
51698055502813cd29205292dfcb7517bd803cf9deb22e21d06bd24fb3bcdf4b
567b954e201d942a3e76da83aa2aa17c585bf134416f397a784a0311664c43a0
5b15aac9c392958d54b67f8eadb0985ced801f635f7edd5cbf80fa95fae4061a
5d0a9506ee0c2e64325d59451eff05b24df4cd07dc65f300b3bc39e28379640d
73e17c0de6261bcb28ae18c7a6bf1bf653bd73ce29b911ca0621f6bbacef4cda
7573b10466c66e9de1ae8a229abcbc963f985bcb6b1f05d6591bf3a13ceabe4f
7e7fd9f1e6fd2387dc2a5bb83cb72a1c44206347ad8ffde69bcab829cf88b1ff
85bf9e123e6411b36ea57df7a3fcdff95f2ae26a6369fb8f4d27c319a64e7ba0
8e33955f54ef8025b647a6e685fa689a9256fc5c987f7dc98590310ac3c358e5
921c7e2005e97ca90cf67edeea19d6bce1f83d68cb3f77dec7557249373f1686
99c0a4e3a47754840312fa93634c881507c96c133af2e287eb5e3de75f7fdf1d
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a47e8dfabfb472192c82c8d03cb2e526fd5c2cc53778c5460c7e6e25ee81b8c2
ac5cd899069e5c6894cd94cbdd8f0ccf039addc6601543d5dfdd6cb5492cdd89
b791d2b866ab8e257e77eb59e656351704a1c2971b41ff0e4b37d2598708bfa6
b93817073679e9596dd426e3d8d8c219aad75da93f0ef6b62a4274d33d91314e
ba5e0c40b1470c23a498861b5285e6b15f63b7e5a8639b0297632769dd602e14
bc7c6bf1137333ef7c42c1b2ac536168b882e443a7970eda5d102b83d93c08c1
bd4c3a41eccea0d5704ed6eb9cd22d25242dddb210cf8e5075b542a8af7cd9fb
bfc22aa61526b54bd655a11d628c6a6522c714fd355633936052ffb93368f397
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee5b11761bd4ac602a13816b6d26cef5323ccf591f80b06a44273b7c6ae0a6b5
f5c2ba19c6d5b3736aed2ec9e806a3d6633b653a72a1d7160ad30368f82292a1
fa7dc1f49c37b28d767e1ad64998a1c0c2f7b44d3a6ae68a9dce72bdc6574019