www.medesk.net
Open in
urlscan Pro
18.160.41.61
Public Scan
Submitted URL: https://www.medesk.net/
Effective URL: https://www.medesk.net/en/
Submission: On June 27 via manual from US — Scanned from US
Effective URL: https://www.medesk.net/en/
Submission: On June 27 via manual from US — Scanned from US
Summary
This website contacted 37 IPs
in 3 countries
across 29 domains to perform 71 HTTP transactions.
The main IP is 18.160.41.61, located in
United States and
belongs to AMAZON-02, US.
The main domain is www.medesk.net.
TLS certificate: Issued by Amazon RSA 2048 M02 on May 20th 2024. Valid for: a year.
This is the only time www.medesk.net was scanned on urlscan.io!
TLS certificate: Issued by Amazon RSA 2048 M02 on May 20th 2024. Valid for: a year.
This is the only time www.medesk.net was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
8
18.160.41.61
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-18-160-41-61.iad55.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-18-160-41-61.iad55.r.cloudfront.net
| www.medesk.net |
5
2600:9000:24f4:6a00:12:94b3:c380:93a1
(United States)
ASN16509 (AMAZON-02, US)
ASN16509 (AMAZON-02, US)
| images.ctfassets.net |
2
2600:1408:c400:11::17cd:6b48
(Ashburn, United States)
ASN20940 (AKAMAI-ASN1, NL)
ASN20940 (AKAMAI-ASN1, NL)
| consent.cookiebot.com |
1
2600:1408:ec00:288::f09
(Ashburn, United States)
ASN20940 (AKAMAI-ASN1, NL)
ASN20940 (AKAMAI-ASN1, NL)
| consentcdn.cookiebot.com |
3
18.154.227.76
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-18-154-227-76.iad55.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-18-154-227-76.iad55.r.cloudfront.net
| rs-cdn.medesk.net |
1
18.160.37.77
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-18-160-37-77.iad55.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-18-160-37-77.iad55.r.cloudfront.net
| dmc1acwvwny3.cloudfront.net |
2
18.160.18.35
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-18-160-18-35.iad12.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-18-160-18-35.iad12.r.cloudfront.net
| rs-api.medesk.net |
20
2600:1f18:61c0:2204:d8a2:6c47:a8:7af6
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
ASN14618 (AMAZON-AES, US)
| d.adroll.com |
1
99.84.178.129
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-99-84-178-129.iad89.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-99-84-178-129.iad89.r.cloudfront.net
| d2wy8f7a9ursnm.cloudfront.net |
1
44.206.95.33
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-44-206-95-33.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-44-206-95-33.compute-1.amazonaws.com
| events.getsitectrl.com |
1
2a03:2880:f003:100:face:b00c:0:3
(Ashburn, United States)
ASN32934 (FACEBOOK, US)
ASN32934 (FACEBOOK, US)
| connect.facebook.net |
2
35.211.178.172
(North Charleston, United States)
ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
| x.bidswitch.net |
2
209.85.232.156
(United States)
ASN15169 (GOOGLE, US)
PTR: qt-in-f156.1e100.net
ASN15169 (GOOGLE, US)
PTR: qt-in-f156.1e100.net
| cm.g.doubleclick.net |
2
35.244.154.8
(Kansas City, United States)
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com
| idsync.rlcdn.com |
1
107.178.254.65
(Kansas City, United States)
ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
| pippio.com |
1
35.244.159.8
(Kansas City, United States)
ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
| us-u.openx.net |
1
34.200.65.202
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com
| ups.analytics.yahoo.com |
2
35.71.139.29
(United States)
ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
| eb2.3lift.com |
2
68.67.179.87
(North Bergen, United States)
ASN29990 (ASN-APPNEX, US)
PTR: 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ASN29990 (ASN-APPNEX, US)
PTR: 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
| ib.adnxs.com |
5
18.209.195.21
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-18-209-195-21.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-18-209-195-21.compute-1.amazonaws.com
| ipv4.d.adroll.com |
1
18.160.41.53
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-18-160-41-53.iad55.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-18-160-41-53.iad55.r.cloudfront.net
| static.hotjar.com |
1
2600:1f18:61c0:2209:71aa:ad10:8acb:95e4
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
ASN14618 (AMAZON-AES, US)
| x.adroll.com |
4
2600:1901:0:7a0b::
(Kansas City, United States)
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
| sessions.bugsnag.com |
2
2607:f8b0:4004:c19::9d
(Washington, United States)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| googleads.g.doubleclick.net |
1
18.160.18.112
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-18-160-18-112.iad12.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-18-160-18-112.iad12.r.cloudfront.net
| script.hotjar.com |
2
35.177.103.31
(London, United Kingdom)
ASN16509 (AMAZON-02, US)
PTR: ec2-35-177-103-31.eu-west-2.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-35-177-103-31.eu-west-2.compute.amazonaws.com
| rs.medesk.net |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 27 |
adroll.com
12 redirects
s.adroll.com — Cisco Umbrella Rank: 3747 d.adroll.com — Cisco Umbrella Rank: 1811 ipv4.d.adroll.com — Cisco Umbrella Rank: 13411 x.adroll.com — Cisco Umbrella Rank: 5716 |
54 KB |
| 15 |
medesk.net
1 redirects
www.medesk.net rs-cdn.medesk.net rs-api.medesk.net rs.medesk.net |
261 KB |
| 5 |
ctfassets.net
images.ctfassets.net — Cisco Umbrella Rank: 3995 |
82 KB |
| 4 |
bugsnag.com
sessions.bugsnag.com — Cisco Umbrella Rank: 953 |
179 B |
| 4 |
doubleclick.net
2 redirects
cm.g.doubleclick.net — Cisco Umbrella Rank: 274 googleads.g.doubleclick.net — Cisco Umbrella Rank: 70 |
977 B |
| 4 |
getsitecontrol.com
l.getsitecontrol.com — Cisco Umbrella Rank: 23238 s2.getsitecontrol.com — Cisco Umbrella Rank: 39457 |
77 KB |
| 4 |
cookiebot.com
consent.cookiebot.com — Cisco Umbrella Rank: 4936 consentcdn.cookiebot.com — Cisco Umbrella Rank: 5488 imgsct.cookiebot.com — Cisco Umbrella Rank: 5824 |
35 KB |
| 3 |
gstatic.com
fonts.gstatic.com |
77 KB |
| 2 |
hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 894 script.hotjar.com — Cisco Umbrella Rank: 1260 |
60 KB |
| 2 |
adnxs.com
1 redirects
ib.adnxs.com — Cisco Umbrella Rank: 279 |
2 KB |
| 2 |
3lift.com
1 redirects
eb2.3lift.com — Cisco Umbrella Rank: 452 |
982 B |
| 2 |
linkedin.com
1 redirects
px.ads.linkedin.com — Cisco Umbrella Rank: 360 |
888 B |
| 2 |
rlcdn.com
2 redirects
idsync.rlcdn.com — Cisco Umbrella Rank: 495 |
834 B |
| 2 |
casalemedia.com
1 redirects
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 682 |
2 KB |
| 2 |
bidswitch.net
1 redirects
x.bidswitch.net — Cisco Umbrella Rank: 394 |
1 KB |
| 2 |
cloudfront.net
dmc1acwvwny3.cloudfront.net d2wy8f7a9ursnm.cloudfront.net |
32 KB |
| 1 |
google.com
1 redirects
www.google.com — Cisco Umbrella Rank: 5 |
24 B |
| 1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81 |
85 KB |
| 1 |
taboola.com
sync.taboola.com — Cisco Umbrella Rank: 1502 |
366 B |
| 1 |
yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 471 |
125 B |
| 1 |
pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 1054 |
540 B |
| 1 |
outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 831 |
360 B |
| 1 |
openx.net
us-u.openx.net — Cisco Umbrella Rank: 575 |
264 B |
| 1 |
rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 432 |
980 B |
| 1 |
pippio.com
1 redirects
pippio.com — Cisco Umbrella Rank: 872 |
634 B |
| 1 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 204 |
59 KB |
| 1 |
getsitectrl.com
events.getsitectrl.com — Cisco Umbrella Rank: 26415 |
879 B |
| 1 |
atatus.com
bm-rx.atatus.com — Cisco Umbrella Rank: 49223 |
240 B |
| 1 |
geojs.io
get.geojs.io — Cisco Umbrella Rank: 17918 |
783 B |
| 71 | 29 |
| Domain | Requested by | |
|---|---|---|
| 20 | d.adroll.com |
12 redirects
s.adroll.com
dmc1acwvwny3.cloudfront.net |
| 8 | www.medesk.net |
1 redirects
www.medesk.net
|
| 5 | ipv4.d.adroll.com | |
| 5 | images.ctfassets.net |
www.medesk.net
|
| 4 | sessions.bugsnag.com |
dmc1acwvwny3.cloudfront.net
|
| 3 | l.getsitecontrol.com |
www.medesk.net
l.getsitecontrol.com |
| 3 | rs-cdn.medesk.net |
www.medesk.net
rs-cdn.medesk.net |
| 3 | fonts.gstatic.com |
www.medesk.net
|
| 2 | rs.medesk.net |
dmc1acwvwny3.cloudfront.net
|
| 2 | googleads.g.doubleclick.net |
www.googletagmanager.com
|
| 2 | ib.adnxs.com | 1 redirects |
| 2 | eb2.3lift.com | 1 redirects |
| 2 | px.ads.linkedin.com | 1 redirects |
| 2 | idsync.rlcdn.com | 2 redirects |
| 2 | dsum-sec.casalemedia.com | 1 redirects |
| 2 | cm.g.doubleclick.net | 2 redirects |
| 2 | x.bidswitch.net | 1 redirects |
| 2 | rs-api.medesk.net |
dmc1acwvwny3.cloudfront.net
|
| 2 | consent.cookiebot.com |
www.medesk.net
consent.cookiebot.com |
| 1 | script.hotjar.com |
static.hotjar.com
|
| 1 | www.google.com | 1 redirects |
| 1 | x.adroll.com | |
| 1 | static.hotjar.com |
rs-cdn.medesk.net
|
| 1 | www.googletagmanager.com |
rs-cdn.medesk.net
|
| 1 | sync.taboola.com | |
| 1 | ups.analytics.yahoo.com | |
| 1 | image2.pubmatic.com | |
| 1 | sync.outbrain.com | |
| 1 | us-u.openx.net | |
| 1 | pixel.rubiconproject.com | |
| 1 | pippio.com | 1 redirects |
| 1 | connect.facebook.net |
s.adroll.com
|
| 1 | events.getsitectrl.com |
dmc1acwvwny3.cloudfront.net
|
| 1 | d2wy8f7a9ursnm.cloudfront.net |
rs-cdn.medesk.net
|
| 1 | s2.getsitecontrol.com |
l.getsitecontrol.com
|
| 1 | bm-rx.atatus.com |
dmc1acwvwny3.cloudfront.net
|
| 1 | dmc1acwvwny3.cloudfront.net |
www.medesk.net
|
| 1 | s.adroll.com |
www.medesk.net
|
| 1 | imgsct.cookiebot.com | |
| 1 | consentcdn.cookiebot.com |
consent.cookiebot.com
|
| 1 | get.geojs.io |
www.medesk.net
|
| 71 | 41 |
This site contains links to these domains. Also see Links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| www.medesk.net Amazon RSA 2048 M02 |
2024-05-20 - 2025-06-17 |
a year | crt.sh |
| images.ctfassets.net Amazon RSA 2048 M02 |
2023-12-19 - 2025-01-16 |
a year | crt.sh |
| *.gstatic.com WR2 |
2024-06-13 - 2024-09-05 |
3 months | crt.sh |
| consent.cookiebot.com DigiCert TLS RSA SHA256 2020 CA1 |
2024-02-28 - 2025-02-27 |
a year | crt.sh |
| geojs.io E1 |
2024-05-09 - 2024-08-07 |
3 months | crt.sh |
| *.cookiebot.com DigiCert TLS RSA SHA256 2020 CA1 |
2024-02-26 - 2025-02-26 |
a year | crt.sh |
| s.adroll.com Amazon RSA 2048 M02 |
2024-05-03 - 2025-06-01 |
a year | crt.sh |
| *.medesk.net Amazon RSA 2048 M03 |
2024-06-09 - 2025-07-08 |
a year | crt.sh |
| *.getsitecontrol.com Go Daddy Secure Certificate Authority - G2 |
2024-03-05 - 2025-04-06 |
a year | crt.sh |
| *.cloudfront.net Amazon RSA 2048 M01 |
2023-10-10 - 2024-09-19 |
a year | crt.sh |
| *.atatus.com Sectigo RSA Domain Validation Secure Server CA |
2023-11-21 - 2024-12-09 |
a year | crt.sh |
| d.adroll.com Amazon RSA 2048 M01 |
2023-10-09 - 2024-11-06 |
a year | crt.sh |
| *.getsitectrl.com Amazon RSA 2048 M02 |
2023-11-15 - 2024-12-14 |
a year | crt.sh |
| *.facebook.com DigiCert SHA2 High Assurance Server CA |
2024-04-05 - 2024-07-04 |
3 months | crt.sh |
| *.google-analytics.com WR2 |
2024-06-13 - 2024-09-05 |
3 months | crt.sh |
| *.hotjar.com Amazon RSA 2048 M03 |
2024-05-22 - 2025-06-20 |
a year | crt.sh |
| *.adroll.com Amazon RSA 2048 M01 |
2023-06-07 - 2024-07-04 |
a year | crt.sh |
| *.bugsnag.com DigiCert TLS RSA SHA256 2020 CA1 |
2024-03-20 - 2025-04-15 |
a year | crt.sh |
| *.g.doubleclick.net WR2 |
2024-06-13 - 2024-09-05 |
3 months | crt.sh |
| rs.medesk.net Amazon RSA 2048 M03 |
2024-05-03 - 2025-06-01 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.medesk.net/en/
Frame ID: D27279BE57D7F8F31404F3B45A8DB7B1
Requests: 66 HTTP requests in this frame
Frame:
https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Frame ID: 65FD85B2E332D621041198BA81CD9BC5
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Medesk — Medical Practice Management SoftwarePage URL History Show full URLs
-
https://www.medesk.net/
HTTP 301
https://www.medesk.net/en/ Page URL
Detected technologies
Contentful
(CMS)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <[^>]+(?:https?:)?//(?:assets|downloads|images|videos)\.(?:ct?fassets\.net|contentful\.com)
AdRoll
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- (?:a|s)\.adroll\.com
AppNexus
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- adnxs\.(?:net|com)
BugSnag
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /bugsnag.*\.js
Cookiebot
(Cookie compliance)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- consent\.cookiebot\.com
Facebook
(Widgets)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagmanager\.com/gtag/js
Hotjar
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- //static\.hotjar\.com/
OpenX
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- https?://[^/]*\.openx\.net
PubMatic
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- https?://[^/]*\.pubmatic\.com
Rubicon Project
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- https?://[^/]*\.rubiconproject\.com
Page Statistics
11 Outgoing links
These are links going to different origins than the main page.
URL: https://app.medesk.net/client/
Title: Log in
Title: Log in
Search URL Search Domain Scan URL
URL: https://vimeo.com/213353988/b0dc5fb69a
Search URL Search Domain Scan URL
URL: http://www.nationalhealthexecutive.com/Robot-News/making-medicine-a-one-click-holistic-ecosystem-
Search URL Search Domain Scan URL
URL: https://thejournalofmhealth.com/delivering-the-benefits-of-digital-health/
Search URL Search Domain Scan URL
URL: https://techcrunch.com/2013/12/09/dreamroomer-and-medesk-take-the-honours-at-techcrunch-moscow-2013/
Search URL Search Domain Scan URL
URL: https://www.idf.uk.net/corporate-members/default.aspx?sort=alphabetical
Search URL Search Domain Scan URL
URL: https://www.facebook.com/medesk.net/
Search URL Search Domain Scan URL
URL: https://twitter.com/Medesk_UK
Search URL Search Domain Scan URL
URL: https://www.linkedin.com/company/21139411/
Search URL Search Domain Scan URL
URL: https://www.washingtonpost.com/news/capital-business/wp/2014/05/19/sixty-four-tech-start-ups-nine-countries-one-world-champion/
Search URL Search Domain Scan URL
URL: http://www.innovationworldcup.com/finalist/medesk-cloud-healthcare-platform/
Title: Award
Title: Award
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.medesk.net/
HTTP 301
https://www.medesk.net/en/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 41- https://d.adroll.com/cm/b/out?adroll_fpc=f64be2bddb6744faedd26e4ec3628c2c-1719482638286&pv=21883356892.476646&arrfrr=https%3A%2F%2Fwww.medesk.net%2Fen%2F&advertisable=FBF7GE5GPJHIHENP4UZEXP HTTP 302
- https://x.bidswitch.net/sync?dsp_id=44&user_id=MDRjMmUxOTM1OWI5NjZjOGRiMDc1ZWRjNDYwOTlkODY HTTP 302
- https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=MDRjMmUxOTM1OWI5NjZjOGRiMDc1ZWRjNDYwOTlkODY
- https://d.adroll.com/cm/g/out?adroll_fpc=f64be2bddb6744faedd26e4ec3628c2c-1719482638286&pv=21883356892.476646&arrfrr=https%3A%2F%2Fwww.medesk.net%2Fen%2F&advertisable=FBF7GE5GPJHIHENP4UZEXP HTTP 302
- https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=BMLhk1m5ZsjbB17cRgmdhg HTTP 302
- https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=BMLhk1m5ZsjbB17cRgmdhg&google_tc= HTTP 302
- https://d.adroll.com/cm/g/in
- https://d.adroll.com/cm/index/out?adroll_fpc=f64be2bddb6744faedd26e4ec3628c2c-1719482638286&pv=21883356892.476646&arrfrr=https%3A%2F%2Fwww.medesk.net%2Fen%2F&advertisable=FBF7GE5GPJHIHENP4UZEXP HTTP 302
- https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MDRjMmUxOTM1OWI5NjZjOGRiMDc1ZWRjNDYwOTlkODY&expiration=1751018638 HTTP 302
- https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MDRjMmUxOTM1OWI5NjZjOGRiMDc1ZWRjNDYwOTlkODY&expiration=1751018638&C=1
- https://d.adroll.com/cm/l/out?adroll_fpc=f64be2bddb6744faedd26e4ec3628c2c-1719482638286&pv=21883356892.476646&arrfrr=https%3A%2F%2Fwww.medesk.net%2Fen%2F&advertisable=FBF7GE5GPJHIHENP4UZEXP HTTP 302
- https://idsync.rlcdn.com/377928.gif?partner_uid=04c2e19359b966c8db075edc46099d86 HTTP 307
- https://idsync.rlcdn.com/1000.gif?memo=CMiIFxIrCicIARDqIhogMDRjMmUxOTM1OWI5NjZjOGRiMDc1ZWRjNDYwOTlkODYQABoNCI7y9LMGEgUI6AcQAEIASgA HTTP 307
- https://pippio.com/api/sync?pid=5324&it=1&iv=5fa2ac3b8bbbdc1ebc5a55b4bb58b47df4ed5c49f085a9690f11141409e957ea791426b5417dce21&_=2 HTTP 307
- https://px.ads.linkedin.com/db_sync?pid=10339&puuid=5fa2ac3b8bbbdc1ebc5a55b4bb58b47df4ed5c49f085a9690f11141409e957ea791426b5417dce21&rand=05409719 HTTP 302
- https://px.ads.linkedin.com/db_sync?pid=10339&puuid=5fa2ac3b8bbbdc1ebc5a55b4bb58b47df4ed5c49f085a9690f11141409e957ea791426b5417dce21&rand=05409719&expected_cookie=25081559-ff54-4d59-a0b3-1a0e20a0c121
- https://d.adroll.com/cm/n/out?adroll_fpc=f64be2bddb6744faedd26e4ec3628c2c-1719482638286&pv=21883356892.476646&arrfrr=https%3A%2F%2Fwww.medesk.net%2Fen%2F&advertisable=FBF7GE5GPJHIHENP4UZEXP HTTP 302
- https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=MDRjMmUxOTM1OWI5NjZjOGRiMDc1ZWRjNDYwOTlkODY&expires=365
- https://d.adroll.com/cm/o/out?adroll_fpc=f64be2bddb6744faedd26e4ec3628c2c-1719482638286&pv=21883356892.476646&arrfrr=https%3A%2F%2Fwww.medesk.net%2Fen%2F&advertisable=FBF7GE5GPJHIHENP4UZEXP HTTP 302
- https://us-u.openx.net/w/1.0/sd?id=537103138&val=04c2e19359b966c8db075edc46099d86&gdpr=1&gdpr_consent=
- https://d.adroll.com/cm/outbrain/out?adroll_fpc=f64be2bddb6744faedd26e4ec3628c2c-1719482638286&pv=21883356892.476646&arrfrr=https%3A%2F%2Fwww.medesk.net%2Fen%2F&advertisable=FBF7GE5GPJHIHENP4UZEXP HTTP 302
- https://sync.outbrain.com/cookie-sync?p=adroll&uid=MDRjMmUxOTM1OWI5NjZjOGRiMDc1ZWRjNDYwOTlkODY&gdpr=1&gdpr_consent=&us_privacy=1---
- https://d.adroll.com/cm/pubmatic/out?adroll_fpc=f64be2bddb6744faedd26e4ec3628c2c-1719482638286&pv=21883356892.476646&arrfrr=https%3A%2F%2Fwww.medesk.net%2Fen%2F&advertisable=FBF7GE5GPJHIHENP4UZEXP HTTP 302
- https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=MDRjMmUxOTM1OWI5NjZjOGRiMDc1ZWRjNDYwOTlkODY&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
- https://d.adroll.com/cm/r/out?adroll_fpc=f64be2bddb6744faedd26e4ec3628c2c-1719482638286&pv=21883356892.476646&arrfrr=https%3A%2F%2Fwww.medesk.net%2Fen%2F&advertisable=FBF7GE5GPJHIHENP4UZEXP HTTP 302
- https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=MDRjMmUxOTM1OWI5NjZjOGRiMDc1ZWRjNDYwOTlkODY&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
- https://d.adroll.com/cm/taboola/out?adroll_fpc=f64be2bddb6744faedd26e4ec3628c2c-1719482638286&pv=21883356892.476646&arrfrr=https%3A%2F%2Fwww.medesk.net%2Fen%2F&advertisable=FBF7GE5GPJHIHENP4UZEXP HTTP 302
- https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=MDRjMmUxOTM1OWI5NjZjOGRiMDc1ZWRjNDYwOTlkODY
- https://d.adroll.com/cm/triplelift/out?adroll_fpc=f64be2bddb6744faedd26e4ec3628c2c-1719482638286&pv=21883356892.476646&arrfrr=https%3A%2F%2Fwww.medesk.net%2Fen%2F&advertisable=FBF7GE5GPJHIHENP4UZEXP HTTP 302
- https://eb2.3lift.com/xuid?mid=4714&xuid=MDRjMmUxOTM1OWI5NjZjOGRiMDc1ZWRjNDYwOTlkODY&dongle=c85e HTTP 302
- https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=MDRjMmUxOTM1OWI5NjZjOGRiMDc1ZWRjNDYwOTlkODY&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=
- https://d.adroll.com/cm/x/out?adroll_fpc=f64be2bddb6744faedd26e4ec3628c2c-1719482638286&pv=21883356892.476646&arrfrr=https%3A%2F%2Fwww.medesk.net%2Fen%2F&advertisable=FBF7GE5GPJHIHENP4UZEXP HTTP 302
- https://ib.adnxs.com/setuid?entity=172&code=MDRjMmUxOTM1OWI5NjZjOGRiMDc1ZWRjNDYwOTlkODY HTTP 307
- https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DMDRjMmUxOTM1OWI5NjZjOGRiMDc1ZWRjNDYwOTlkODY
- https://www.google.com/pagead/landing?gcs=G111&gcd=13n3n3n3n5&tag_exp=0&rnd=809735780.1719482639&url=https%3A%2F%2Fwww.medesk.net%2Fen%2F&dma=0&npa=0>m=45be46q0v9179220158za200&auid=1468855028.1719482639&did=dMWZhNz&gdid=dMWZhNz&frm=0 HTTP 302
- https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13n3n3n3n5&tag_exp=0&rnd=809735780.1719482639&url=https%3A%2F%2Fwww.medesk.net%2Fen%2F&dma=0&npa=0>m=45be46q0v9179220158za200&auid=1468855028.1719482639&did=dMWZhNz&gdid=dMWZhNz&frm=0
71 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
www.medesk.net/en/ Redirect Chain
|
389 KB 59 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
medesk-client.woff
www.medesk.net/assets/fonts/medesk-client/fonts/ |
53 KB 53 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
logo-white.svg
www.medesk.net/assets/images/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
logo-wp.svg
www.medesk.net/assets/images/smi/ |
6 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
logo-ciwc.svg
www.medesk.net/assets/images/smi/ |
29 KB 11 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
-en-_for_homepage.png
images.ctfassets.net/q2vojxd7ywwe/5oRxXxLgDJGxvSLtO9z7ji/53a0751d1b432410d8fd528218d38ae7/ |
16 KB 17 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bundle.js
www.medesk.net/assets/scripts/ |
199 KB 67 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
o-0mIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjcz6L1SoM-jCpoiyAaBO9e6Vc.ttf
fonts.gstatic.com/s/notosans/v36/ |
43 KB 25 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
o-0mIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjcz6L1SoM-jCpoiyD9A-9e6Vc.ttf
fonts.gstatic.com/s/notosans/v36/ |
43 KB 25 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
o-0kIpQlx3QUlC5A4PNr4C5OaxRsfNNlKbCePevHtVtX57DGjDU1QDce2VTSzQ.ttf
fonts.gstatic.com/s/notosans/v36/ |
47 KB 27 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
en_Logos_1__2_.svg
images.ctfassets.net/q2vojxd7ywwe/5pGojCNX3qM7ENnT8gbVjL/50b183410cc42d102f3ed2138bccf68c/ |
2 KB 3 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
en_Logos_2__2_.svg
images.ctfassets.net/q2vojxd7ywwe/3gmS3BY4WUPifgXxzwKWy8/c826bb4659393f75142f1db7f6a88833/ |
4 KB 5 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
en_access_anywhere.png
images.ctfassets.net/q2vojxd7ywwe/1EyL6OqWhLqNL3QwdkEZXP/a206a91e9680316ebf62bd3769a2ccb0/ |
27 KB 27 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
aquisition_channel__3_.png
images.ctfassets.net/q2vojxd7ywwe/3eimYrIVYPQy5jNF5qKs5J/e449469e8ac6c9e2cab9561e26496cca/ |
30 KB 30 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
uc.js
consent.cookiebot.com/ |
109 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
geo.json
get.geojs.io/v1/ip/ |
292 B 783 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bc-v4.min.html
consentcdn.cookiebot.com/sdk/ Frame 65FD |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cc.js
consent.cookiebot.com/0b35c3c6-f9b1-4195-9ac6-eb6bf1e41c2d/ |
42 B 422 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
1.gif
imgsct.cookiebot.com/ |
35 B 744 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
favicon.ico
www.medesk.net/assets/favicons/ |
15 KB 15 KB |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
roundtrip.js
s.adroll.com/j/FBF7GE5GPJHIHENP4UZEXP/ |
98 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rudder-analytics.min.js
rs-cdn.medesk.net/v1.1/ |
122 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
l46883y7.js
l.getsitecontrol.com/ |
433 B 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
atatus.js
dmc1acwvwny3.cloudfront.net/ |
56 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
l46883y7.json
l.getsitecontrol.com/ |
321 KB 21 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
l46883y7.json
l.getsitecontrol.com/ |
321 KB 833 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H2 |
/
rs-api.medesk.net/sourceConfig/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
rs-api.medesk.net/sourceConfig/ |
2 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pageload
bm-rx.atatus.com/track/browser/perf/ |
85 B 240 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
runtime.0e5d0b4.js
s2.getsitecontrol.com/widgets/es6/ |
153 KB 53 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
FBF7GE5GPJHIHENP4UZEXP
d.adroll.com/consent/check/ |
547 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bugsnag.min.js
d2wy8f7a9ursnm.cloudfront.net/v6/ |
40 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
GoogleAds.min.js
rs-cdn.medesk.net/v1.1/js-integrations/ |
28 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Hotjar.min.js
rs-cdn.medesk.net/v1.1/js-integrations/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
events
events.getsitectrl.com/api/v1/ |
631 B 879 B |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
221 KB 59 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
IQ36BSLMXZDMNEALS6BSMQ
d.adroll.com/segment/FBF7GE5GPJHIHENP4UZEXP/ |
42 B 2 KB |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
IQ36BSLMXZDMNEALS6BSMQ
d.adroll.com/segment/FBF7GE5GPJHIHENP4UZEXP/ |
42 B 2 KB |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
IQ36BSLMXZDMNEALS6BSMQ
d.adroll.com/segment/FBF7GE5GPJHIHENP4UZEXP/ |
42 B 2 KB |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
IQ36BSLMXZDMNEALS6BSMQ
d.adroll.com/segment/FBF7GE5GPJHIHENP4UZEXP/ |
42 B 2 KB |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
IQ36BSLMXZDMNEALS6BSMQ
d.adroll.com/segment/FBF7GE5GPJHIHENP4UZEXP/ |
42 B 2 KB |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
IQ36BSLMXZDMNEALS6BSMQ
d.adroll.com/segment/FBF7GE5GPJHIHENP4UZEXP/ |
42 B 2 KB |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sync
x.bidswitch.net/ul_cb/ Redirect Chain
|
43 B 510 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
in
d.adroll.com/cm/g/ Redirect Chain
|
42 B 823 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
rum
dsum-sec.casalemedia.com/ Redirect Chain
|
43 B 735 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
db_sync
px.ads.linkedin.com/ Redirect Chain
|
0 142 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tap.php
pixel.rubiconproject.com/ Redirect Chain
|
42 B 980 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sd
us-u.openx.net/w/1.0/ Redirect Chain
|
43 B 264 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cookie-sync
sync.outbrain.com/ Redirect Chain
|
0 360 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Pug
image2.pubmatic.com/AdServer/ Redirect Chain
|
42 B 540 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sync
ups.analytics.yahoo.com/ups/55980/ Redirect Chain
|
0 125 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rtb-h
sync.taboola.com/sg/adroll-network/1/ Redirect Chain
|
0 366 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
xuid
eb2.3lift.com/ Redirect Chain
|
37 B 474 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bounce
ib.adnxs.com/ Redirect Chain
|
43 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
IQ36BSLMXZDMNEALS6BSMQ
ipv4.d.adroll.com/seg4/FBF7GE5GPJHIHENP4UZEXP/ |
42 B 594 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
IQ36BSLMXZDMNEALS6BSMQ
ipv4.d.adroll.com/seg4/FBF7GE5GPJHIHENP4UZEXP/ |
42 B 593 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
IQ36BSLMXZDMNEALS6BSMQ
ipv4.d.adroll.com/seg4/FBF7GE5GPJHIHENP4UZEXP/ |
42 B 593 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
IQ36BSLMXZDMNEALS6BSMQ
ipv4.d.adroll.com/seg4/FBF7GE5GPJHIHENP4UZEXP/ |
42 B 593 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
IQ36BSLMXZDMNEALS6BSMQ
ipv4.d.adroll.com/seg4/FBF7GE5GPJHIHENP4UZEXP/ |
42 B 593 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
240 KB 85 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
hotjar-2083229.js
static.hotjar.com/c/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
trigger
x.adroll.com/attribution/ |
2 B 641 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H2 |
/
sessions.bugsnag.com/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H2 |
/
sessions.bugsnag.com/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
/
sessions.bugsnag.com/ |
21 B 97 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
/
sessions.bugsnag.com/ |
21 B 82 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
landing
googleads.g.doubleclick.net/pagead/ Redirect Chain
|
42 B 64 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/783315174/ |
43 B 61 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
modules.de6b9e294c29aa146ba1.js
script.hotjar.com/ |
223 KB 56 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H/1.1 |
webhook
rs.medesk.net/v1/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
webhook
rs.medesk.net/v1/ |
2 B 225 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
80 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 undefined| event object| fence object| sharedStorage object| scrollme object| html5 object| Modernizr object| cookies object| xorcipher object| lazySizes function| $ function| jQuery object| debugg function| gsc function| mdEventVideoPlay function| mdShowModal function| mdSignupShow function| mdShowSignup boolean| mdAuthorized object| CookieControl function| __uspapi function| addUspapiLocatorFrame function| __handleUspapiMessage function| propagateIABStub object| Cookiebot object| dataLayer object| CookieConsent string| adroll_adv_id string| adroll_pix_id string| adroll_version boolean| __adroll_loaded object| adroll number| CB_OnTagsExecuted_Processed undefined| TraceKit object| webVitals object| atatus object| rudderanalytics function| __adroll__ string| adroll_sid object| __adroll_consent_data object| __adroll boolean| adroll_sendrolling_cross_device object| adroll_form_fields object| adroll_third_party_forms object| adroll_third_party_detected object| adroll_snippet_errors undefined| adroll_tpc_callback object| Hotjar_RS object| adroll_exp_list string| __adroll_url_category boolean| __adroll_consent boolean| __adroll_consent_is_gdpr string| __adroll_consent_user_country string| __adroll_consent_adv_country number| adroll_lex33_called function| fbq function| _fbq object| __adroll_pxl_assistant_track object| adroll_currency object| adroll_conversion_value object| adroll_conversion_value_in_dollars object| GoogleAds_RS function| gtag string| hotjarSiteId function| hj object| _hjSettings string| adroll_seg_eid string| adroll_rule_type function| bugsnag object| RudderStackGlobals object| google_tag_manager object| google_tag_data object| GooglebQhCsO object| hjSiteSettings function| hjBootstrap object| hjLazyModules object| hjBootstrapCalled object| google_noFurtherRedirects50 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| www.medesk.net/ | Name: CookieConsent Value: {stamp:%27-1%27%2Cnecessary:true%2Cpreferences:true%2Cstatistics:true%2Cmarketing:true%2Cmethod:%27implied%27%2Cver:2%2Cutc:1719482637551%2Cregion:%27US-42%27} |
|
| www.medesk.net/ | Name: atatus-aid Value: id|c56433544dbd414db723d44a38254d23×tamp|2024-06-27T10:03:57.821Z |
|
| .medesk.net/ | Name: rl_session Value: RudderEncrypt%3AU2FsdGVkX18qyOWsW%2BqheR7tvlcQg6fKBfp6c92E2bVMmhbtgkgBH%2F2uwKZx6a0hapXwjKrHz%2FTNZW15a6oiv2duTYUuqbBIgzQ970i5cIlQn3VsuoAj4FUHOw90ydr59VQ1rUPH89MtP%2Fg90Kop4A%3D%3D |
|
| .medesk.net/ | Name: rl_user_id Value: RudderEncrypt%3AU2FsdGVkX1%2BUPiq%2B7iNWgEV2sJiYjU%2FZL3VvJ0Lee6I%3D |
|
| .medesk.net/ | Name: rl_trait Value: RudderEncrypt%3AU2FsdGVkX18I77u%2Bpmt%2BQ4eS7cI87%2Bm71Qnoxc%2BmrYc%3D |
|
| .medesk.net/ | Name: rl_group_id Value: RudderEncrypt%3AU2FsdGVkX19mz9DZnymvJ%2B1AN5hNQMvsZgaY%2Fay7v3k%3D |
|
| .medesk.net/ | Name: rl_group_trait Value: RudderEncrypt%3AU2FsdGVkX18EDBArGJLMSV%2FNw2sBQf3830mrnZDciXU%3D |
|
| .medesk.net/ | Name: rl_anonymous_id Value: RudderEncrypt%3AU2FsdGVkX18cTsJOdIfG93jVFVrJpwL7AfVACoMoAx2bLRW%2FnX%2BY0bGlvFG2dAhAmKdg%2F7xR6%2FEYA8bnzaIxfA%3D%3D |
|
| .medesk.net/ | Name: rl_page_init_referrer Value: RudderEncrypt%3AU2FsdGVkX1%2FDQbbbm8jIvMmmsejhGsBTH%2B8Cd9HxFcM%3D |
|
| .medesk.net/ | Name: rl_page_init_referring_domain Value: RudderEncrypt%3AU2FsdGVkX1%2BrJ89sUf9LjCBhgpbF9GzgAPjugFP87TM%3D |
|
| .d.adroll.com/ | Name: receive-cookie-deprecation Value: 1 |
|
| .adroll.com/ | Name: receive-cookie-deprecation Value: 1 |
|
| .www.medesk.net/ | Name: __adroll_fpc Value: f64be2bddb6744faedd26e4ec3628c2c-1719482638286 |
|
| .www.medesk.net/ | Name: __ar_v4 Value: FBF7GE5GPJHIHENP4UZEXP%3A20240627%3A3%7CIQ36BSLMXZDMNEALS6BSMQ%3A20240627%3A3 |
|
| .casalemedia.com/ | Name: CMID Value: Zn05Dkt3uXIAAEgkAPQDNwAA |
|
| .casalemedia.com/ | Name: CMPS Value: 159 |
|
| .casalemedia.com/ | Name: CMPRO Value: 159 |
|
| .3lift.com/ | Name: tluidp Value: 1970070366327751222493 |
|
| .3lift.com/ | Name: tluid Value: 1970070366327751222493 |
|
| .pubmatic.com/ | Name: KRTBCOOKIE_10 Value: 22808-MDRjMmUxOTM1OWI5NjZjOGRiMDc1ZWRjNDYwOTlkODY&KRTB&22883-MDRjMmUxOTM1OWI5NjZjOGRiMDc1ZWRjNDYwOTlkODY&KRTB&23504-MDRjMmUxOTM1OWI5NjZjOGRiMDc1ZWRjNDYwOTlkODY |
|
| .pubmatic.com/ | Name: PugT Value: 1719482638 |
|
| .rlcdn.com/ | Name: rlas3 Value: kBN7WnnKxQj83fMliex7sST+D6lolyk/Jud2TQ30GuA= |
|
| .rubiconproject.com/ | Name: khaos Value: LXX3KF58-1J-HUD2 |
|
| .rubiconproject.com/ | Name: audit Value: 1|p6zEBKg/d2/mCWB+YOGoRH8CcFaiEx2x/AZ4qLGdG4DtSRNyoMFDqBBRD0pIsSRoD/z5b8D1b2EwHTRO1/p4iGlty70eE65yR164mUDQhphJnKuoXdYGNm58O1L5gjTwdUGDBZC5hSqSv9ez2Z2X7/xxAc7C9KRzSwzcZLrchsS9l5rRWenlEybyzRQDbtqQCwfRAfYnv8yyqVI1k5poNA== |
|
| .rubiconproject.com/ | Name: receive-cookie-deprecation Value: 1 |
|
| .medesk.net/ | Name: _gcl_au Value: 1.1.1468855028.1719482639 |
|
| .adnxs.com/ | Name: XANDR_PANID Value: aw18iGrdLJ3Ddvx8-UkznpBSIoGxTa7QhAEYGfJBX-N74mnw7Q_1aqLqodbUunhVnaKsdp1BQHEF9dxzvs2Od1i5b-EhwVN-8zYe8QWlTK8. |
|
| .adnxs.com/ | Name: receive-cookie-deprecation Value: 1 |
|
| .adnxs.com/ | Name: uuid2 Value: 7742782264864153399 |
|
| .taboola.com/ | Name: t_gid Value: 9c8ba308-2863-4c8a-b214-ab9ed81e53e7-tuctd76be8e |
|
| .taboola.com/ | Name: t_pt_gid Value: 9c8ba308-2863-4c8a-b214-ab9ed81e53e7-tuctd76be8e |
|
| .bidswitch.net/ | Name: tuuid Value: c64b47ca-53c2-4e0c-892c-edcd49985c22 |
|
| .bidswitch.net/ | Name: c Value: 1719482638 |
|
| .bidswitch.net/ | Name: tuuid_lu Value: 1719482638 |
|
| x.adroll.com/ | Name: ar_debug Value: 1 |
|
| .rlcdn.com/ | Name: pxrc Value: CI7y9LMGEgUI6AcQABIFCOhHEAA= |
|
| .adnxs.com/ | Name: anj Value: dTM7k!M4/rD>6NRF']wIg2C%yfnno3!]tbPl@/@8$-^=$Uf]*o>rU%?FWGvq^K%LYZqA%*@3p>K>t>Im_A0c[>rVdLED`4a>>Dt4Yi6m<3>Y[C*bpRz*qF1`*b_H<-B<HU |
|
| .doubleclick.net/ | Name: IDE Value: AHWqTUlOBmXSQiYPSk_zMm7EKoUqKDqMSniW9qCRRp67DvAZKzVoh2JLMqQXg6_jTBg |
|
| .d.adroll.com/ | Name: __adroll Value: 04c2e19359b966c8db075edc46099d86-g_1719482638-a_1719482638 |
|
| .adroll.com/ | Name: __adroll_shared Value: 04c2e19359b966c8db075edc46099d86-g_1719482638-a_1719482638 |
|
| .doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
| .medesk.net/ | Name: _hjSessionUser_2083229 Value: eyJpZCI6IjBkZWZmZDQ2LTNlMTYtNTQxMC04OWZkLTIwMGJlY2JlZTJjZSIsImNyZWF0ZWQiOjE3MTk0ODI2Mzg3OTQsImV4aXN0aW5nIjp0cnVlfQ== |
|
| .medesk.net/ | Name: _hjSession_2083229 Value: eyJpZCI6IjM1YzZkN2ZlLWY3ZjctNGYyMC05M2ZhLTNmODZkNWEwNjcwYSIsImMiOjE3MTk0ODI2Mzg3OTUsInMiOjEsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0= |
|
| .pippio.com/ | Name: did Value: nunVRXlUacbBNJOM |
|
| .pippio.com/ | Name: didts Value: 1719482638 |
|
| .pippio.com/ | Name: nnls Value: |
|
| .pippio.com/ | Name: pxrc Value: CI7y9LMGEgYIgr0rEAA= |
|
| .linkedin.com/ | Name: li_sugr Value: 25081559-ff54-4d59-a0b3-1a0e20a0c121 |
|
| .linkedin.com/ | Name: bcookie Value: "v=2&b856e6a5-8e58-4a67-86a0-580032218e0c" |
|
| .linkedin.com/ | Name: lidc Value: "b=OGST01:s=O:r=O:a=O:p=O:g=3324:u=1:x=1:i=1719482638:t=1719569038:v=2:sig=AQFgs-UbRmsrfOTo6W90nDpd1Hbleyc5" |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bm-rx.atatus.com
cm.g.doubleclick.net
connect.facebook.net
consent.cookiebot.com
consentcdn.cookiebot.com
d.adroll.com
d2wy8f7a9ursnm.cloudfront.net
dmc1acwvwny3.cloudfront.net
dsum-sec.casalemedia.com
eb2.3lift.com
events.getsitectrl.com
fonts.gstatic.com
get.geojs.io
googleads.g.doubleclick.net
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
images.ctfassets.net
imgsct.cookiebot.com
ipv4.d.adroll.com
l.getsitecontrol.com
pippio.com
pixel.rubiconproject.com
px.ads.linkedin.com
rs-api.medesk.net
rs-cdn.medesk.net
rs.medesk.net
s.adroll.com
s2.getsitecontrol.com
script.hotjar.com
sessions.bugsnag.com
static.hotjar.com
sync.outbrain.com
sync.taboola.com
ups.analytics.yahoo.com
us-u.openx.net
www.google.com
www.googletagmanager.com
www.medesk.net
x.adroll.com
x.bidswitch.net
104.18.36.155
107.178.254.65
141.226.124.48
18.154.227.76
18.160.18.112
18.160.18.35
18.160.37.77
18.160.41.53
18.160.41.61
18.209.195.21
209.85.232.156
2400:52e0:1a00::1070:1
2400:52e0:1a00::940:1
2600:1408:c400:11::17cd:6b48
2600:1408:ec00:286::f09
2600:1408:ec00:288::f09
2600:1901:0:7a0b::
2600:1f18:61c0:2204:d8a2:6c47:a8:7af6
2600:1f18:61c0:2209:71aa:ad10:8acb:95e4
2600:9000:24f4:6a00:12:94b3:c380:93a1
2600:9000:26c1:8800:6:9280:1080:93a1
2606:4700:20::ac43:46e9
2607:f8b0:4004:c09::67
2607:f8b0:4004:c0b::61
2607:f8b0:4004:c19::9d
2607:f8b0:400d:c0c::5e
2620:1ec:21::14
2a03:2880:f003:100:face:b00c:0:3
34.200.65.202
35.177.103.31
35.211.178.172
35.244.154.8
35.244.159.8
35.71.139.29
44.206.95.33
45.55.97.123
64.202.112.223
68.67.179.87
69.173.151.100
8.28.7.83
99.84.178.129
02fc2779fd1dd7253a69ff0d8f41a4fd9917ee2b7f29f27683a7fc91dc6d7872
0ad87c5ece36d468ba1c644537f1fa028e128ebe146632d439d590e37a4aff59
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0d2bb54c1a99376f2b18c4bf3bb41d84c845dc3532759cf6f02b186d4816289d
19d4d6710e3903a5a533e9e44aa7a477e6d95fd19587575b5379187c99cfd42d
3940033ec607e014de1f5bd526ab3329d78ff05b63e70127630fde4016df3d94
399915e34df2f4e91dbd3c676344befaa6680d030113a47caeea51c079703056
3bf1e11a25063d1190a1a981d0e553927bc199fa6b115b6132b8599ead3bf3d6
3dc886debe1a91e0911d028542667298a0baa4b37691b8e6e4c41d8fb0e577ca
401bd9163972261dc26d704ae91413a2807a3bf6b490cb9a6b3459553448d614
48320659b723f2c5dc4fa95804d705a89502a87f0affb05ddf8136119a997678
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ee4197ae3e7bac4347e8443d7e264781c7d154e24d27da0eec14b9d4bfc1d61
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
554366953ea3cb53606a73f612538cf539c514f5e512c7be5c4afb3b3d702d10
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a0927f4ccfca2062b01e4561b0c1c6167e8d0b84544cbc656cb4d055ca9189c
656f4dafef87ca0607e94c81d881f92467c791d7d259c580201dc5bc9995c39a
67fa3a65e321d22208444fda775a0ad70af602eb7798eb5514821cbcc0012fd1
6aa743c430b4dc69b5478db469ba4ba39ed72e4ffe6a67ace53ef6076f701713
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
71cb9e8f122fdd1a2993beb1ff51f5e662ed9f94dd8bf7145cad41dc1820ef9d
7398c0e3fe533e73a527c9c43eb3d296929e5d5cd98aa1e42a87481effaf1be3
743c4b93ab02f0ece15aa8bdb1f7b5d57e1753fe5ef6d320612ee0888e1196c6
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
7dda4b29507887a80d74c81a30e6ff5241e414a7381cc0a4f6eef32595ebadf3
8a29d5df96ab34db752483714161e350af8e3e14a164a0d5e12e7e11fa87abc6
8a73cd617de4d35e03a30e1152681bb5aefe9e37305b2909b666c961a4781c98
98bf0d6c91d9604556d8a7c8e537f87bd5c0a2164df72f62ce64f8d81f322de8
9cabc7c9e12cc03fc2d54781f3ddd67e41f2909b35a7c991e76e31bdfa0dc728
a9a2ffeb47ade46a4040ded86919a1dfd6b0e486ea975c5b85c7ebf1f1db98ec
ac28817515ae412df623acc7c9d50ecee6789e37b2b9ba027f4863bfa3b87d6a
ac81f522b307b2af1e9416e743eb6dc976bb40c38633ee5c7b0f81aeefe99623
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c0b85cca2f7024347c1e85bd48328a5a8d8df43376f42591740a40f59cf03bca
c22404dd77702fa64c96bba391bbff6ca0a2d7ff76733b11ab36783e6ffa38ba
c7414c792b8c81e73b4281d4001e3123be930980614857d15ecebe7da7f42d98
de0a41a597e598a3e92fa5ce93b0b46d78c36d3b0c93d0740b6d95a6d561202a
de1805522e8bde4516893684590f431b5bc8716638f3b9cdbf4e987767e61a65
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef5e7ecafca4958a0678c45f540095d1b34a789a9d57f323202f585849694ddb
fd2083444ec1f330367eb91c5fd1c68d1b243bd901b6691d8dd555420b3efc84
feaf6e4b0241f7a4a880eaf1bb2699c5c750447e1ce712f3496fb45d7daf544b