jeffruby.securetree.com
Open in
urlscan Pro
209.105.226.148
Public Scan
URL:
https://jeffruby.securetree.com/
Submission: On December 18 via manual from US
Submission: On December 18 via manual from US
Summary
This website contacted 15 IPs
in 5 countries
across 14 domains to perform 60 HTTP transactions.
The main IP is 209.105.226.148, located in
Dallas, United States and
belongs to ZC38-AS1 - zColo, US.
The main domain is jeffruby.securetree.com.
TLS certificate: Issued by Starfield Secure Certificate Authorit... on May 26th 2014. Valid for: 5 years.
This is the only time jeffruby.securetree.com was scanned on urlscan.io!
TLS certificate: Issued by Starfield Secure Certificate Authorit... on May 26th 2014. Valid for: 5 years.
This is the only time jeffruby.securetree.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 16 | 209.105.226.148 209.105.226.148 | 13354 (ZC38-AS1) (ZC38-AS1 - zColo) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:815::2008 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 10 | 2606:4700::68... 2606:4700::6813:c597 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
| 1 | 2a00:1450:400... 2a00:1450:400c:c0c::5f | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 2 | 209.197.3.15 209.197.3.15 | 20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group) | |
| 8 | 23.38.53.224 23.38.53.224 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
| 2 | 2a00:1450:400... 2a00:1450:4001:81f::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 1 7 | 2.18.233.201 2.18.233.201 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
| 2 | 2a00:1450:400... 2a00:1450:4001:81d::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 1 2 | 216.58.207.38 216.58.207.38 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 2 | 185.29.134.87 185.29.134.87 | 30419 (MEDIAMATH...) (MEDIAMATH-INC - MediaMath Inc) | |
| 5 | 2a00:1450:400... 2a00:1450:4001:821::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 2 | 2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
| 1 | 143.204.101.141 143.204.101.141 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
| 1 | 52.4.1.16 52.4.1.16 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
| 60 | 15 |
16
209.105.226.148
(Dallas, United States)
ASN13354 (ZC38-AS1 - zColo, US)
PTR: dmma.vhf0.whitlock.com
ASN13354 (ZC38-AS1 - zColo, US)
PTR: dmma.vhf0.whitlock.com
| jeffruby.securetree.com |
10
2606:4700::6813:c597
(United States)
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
| cdnjs.cloudflare.com |
2
209.197.3.15
(Phoenix, United States)
ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip0x00f.map2.ssl.hwcdn.net
ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip0x00f.map2.ssl.hwcdn.net
| maxcdn.bootstrapcdn.com |
8
23.38.53.224
(Amsterdam, Netherlands)
ASN20940 (AKAMAI-ASN1, US)
PTR: a23-38-53-224.deploy.static.akamaitechnologies.com
ASN20940 (AKAMAI-ASN1, US)
PTR: a23-38-53-224.deploy.static.akamaitechnologies.com
| use.typekit.net | |
| p.typekit.net |
7
2.18.233.201
(European Union)
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
| pixel.mathtag.com |
2
216.58.207.38
(Mountain View, United States)
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s24-in-f6.1e100.net
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s24-in-f6.1e100.net
| 9029876.fls.doubleclick.net |
2
2a03:2880:f02d:12:face:b00c:0:3
(Ireland)
ASN32934 (FACEBOOK - Facebook, Inc., US)
ASN32934 (FACEBOOK - Facebook, Inc., US)
| connect.facebook.net | |
| staticxx.facebook.com |
1
143.204.101.141
(Wilmington, United States)
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-101-141.fra50.r.cloudfront.net
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-101-141.fra50.r.cloudfront.net
| cdn.siftscience.com |
1
52.4.1.16
(Ashburn, United States)
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-4-1-16.compute-1.amazonaws.com
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-4-1-16.compute-1.amazonaws.com
| hexagon-analytics.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 16 |
securetree.com
jeffruby.securetree.com |
745 KB |
| 10 |
cloudflare.com
cdnjs.cloudflare.com |
54 KB |
| 9 |
mathtag.com
1 redirects
pixel.mathtag.com mathid.mathtag.com |
26 KB |
| 8 |
typekit.net
use.typekit.net p.typekit.net |
165 KB |
| 5 |
gstatic.com
fonts.gstatic.com |
58 KB |
| 3 |
googleapis.com
ajax.googleapis.com fonts.googleapis.com |
34 KB |
| 2 |
doubleclick.net
1 redirects
9029876.fls.doubleclick.net |
294 B |
| 2 |
google-analytics.com
www.google-analytics.com |
17 KB |
| 2 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com |
29 KB |
| 1 |
hexagon-analytics.com
hexagon-analytics.com |
237 B |
| 1 |
siftscience.com
cdn.siftscience.com |
20 KB |
| 1 |
facebook.com
staticxx.facebook.com |
|
| 1 |
facebook.net
connect.facebook.net |
60 KB |
| 1 |
googletagmanager.com
www.googletagmanager.com |
32 KB |
| 60 | 14 |
| Domain | Requested by | |
|---|---|---|
| 16 | jeffruby.securetree.com |
jeffruby.securetree.com
www.google-analytics.com ajax.googleapis.com |
| 10 | cdnjs.cloudflare.com |
jeffruby.securetree.com
|
| 7 | pixel.mathtag.com |
1 redirects
jeffruby.securetree.com
pixel.mathtag.com |
| 6 | use.typekit.net |
jeffruby.securetree.com
use.typekit.net |
| 5 | fonts.gstatic.com |
jeffruby.securetree.com
www.google-analytics.com ajax.googleapis.com |
| 2 | mathid.mathtag.com |
pixel.mathtag.com
mathid.mathtag.com |
| 2 | 9029876.fls.doubleclick.net |
1 redirects
jeffruby.securetree.com
|
| 2 | p.typekit.net |
jeffruby.securetree.com
|
| 2 | www.google-analytics.com |
www.googletagmanager.com
jeffruby.securetree.com |
| 2 | fonts.googleapis.com |
jeffruby.securetree.com
|
| 2 | maxcdn.bootstrapcdn.com |
jeffruby.securetree.com
|
| 1 | hexagon-analytics.com | |
| 1 | cdn.siftscience.com |
jeffruby.securetree.com
|
| 1 | staticxx.facebook.com |
connect.facebook.net
|
| 1 | connect.facebook.net |
ajax.googleapis.com
|
| 1 | ajax.googleapis.com |
jeffruby.securetree.com
|
| 1 | www.googletagmanager.com |
jeffruby.securetree.com
|
| 60 | 17 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| shop.jeffruby.com |
| www.jeffruby.com |
| www.netmasons.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.securetree.com Starfield Secure Certificate Authority - G2 |
2014-05-26 - 2019-05-26 |
5 years | crt.sh |
| *.google-analytics.com Google Internet Authority G3 |
2018-11-27 - 2019-02-19 |
3 months | crt.sh |
| ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2018-09-22 - 2019-03-31 |
6 months | crt.sh |
| *.googleapis.com Google Internet Authority G3 |
2018-11-27 - 2019-02-19 |
3 months | crt.sh |
| *.bootstrapcdn.com COMODO RSA Domain Validation Secure Server CA |
2018-10-03 - 2019-10-12 |
a year | crt.sh |
| *.typekit.net DigiCert SHA2 Secure Server CA |
2018-07-20 - 2020-01-03 |
a year | crt.sh |
| pixel.mathtag.com DigiCert SHA2 Secure Server CA |
2018-02-13 - 2019-03-15 |
a year | crt.sh |
| *.doubleclick.net Google Internet Authority G3 |
2018-11-27 - 2019-02-19 |
3 months | crt.sh |
| *.mathtag.com DigiCert SHA2 Secure Server CA |
2018-01-26 - 2020-04-16 |
2 years | crt.sh |
| *.google.com Google Internet Authority G3 |
2018-11-27 - 2019-02-19 |
3 months | crt.sh |
| *.facebook.com DigiCert SHA2 High Assurance Server CA |
2017-12-15 - 2019-03-22 |
a year | crt.sh |
| *.siftscience.com DigiCert SHA2 Secure Server CA |
2015-11-23 - 2019-02-20 |
3 years | crt.sh |
| *.hexagon-analytics.com DigiCert SHA2 Secure Server CA |
2016-10-11 - 2019-10-16 |
3 years | crt.sh |
This page contains 5 frames:
Primary Page:
https://jeffruby.securetree.com/
Frame ID: 0B883763F214091AAA7428E148792253
Requests: 56 HTTP requests in this frame
Frame:
https://9029876.fls.doubleclick.net/activityi;dc_pre=CMX9-aqrqt8CFQGiewod7S0KHQ;src=9029876;type=jeffr0;cat=landi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3873279926247.477
Frame ID: AD2927FA8E423F0138D73792206A678E
Requests: 1 HTTP requests in this frame
Frame:
https://pixel.mathtag.com/sync/iframe?mt_uuid=0bbb5c19-615d-4500-adc5-84c61ccbfa31&no_iframe=1&mt_adid=176246
Frame ID: 7A901200DE25C6C30DDCC891850714ED
Requests: 1 HTTP requests in this frame
Frame:
https://staticxx.facebook.com/connect/xd_arbiter/r/j-GHT1gpo6-.js?version=43
Frame ID: 6F691DBD4B1F82382470F00F12DAE31E
Requests: 1 HTTP requests in this frame
Frame:
https://pixel.mathtag.com/sync/iframe?realm=batch_supply&mt_adid=176246&mt_id=1372909&mt_nobot=1
Frame ID: DF1596BDFAFE9CE596B8CD7FDFFC992D
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
Windows Server
(Operating Systems)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /IIS(?:\/([\d.]+))?/i
IIS
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /IIS(?:\/([\d.]+))?/i
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
- env /^gaGlobal$/i
Google Font API
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- env /^google_tag_manager$/i
Moment.js
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /moment(?:\.min)?\.js/i
- env /^moment$/i
Typekit
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- env /^Typekit$/i
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
- script /jquery.*\.js/i
- env /^jQuery$/i
Twitter Bootstrap () Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i
- script /(?:twitter\.github\.com\/bootstrap|bootstrap(?:\.js|\.min\.js))/i
Page Statistics
9 Outgoing links
These are links going to different origins than the main page.
URL: https://shop.jeffruby.com/steaks
Title: Jeff Ruby Steaks
Title: Jeff Ruby Steaks
Search URL Search Domain Scan URL
URL: https://shop.jeffruby.com/seasonings
Title: Steakhouse Seasoning
Title: Steakhouse Seasoning
Search URL Search Domain Scan URL
URL: https://shop.jeffruby.com/about-our-beef
Title: About Our Beef
Title: About Our Beef
Search URL Search Domain Scan URL
URL: https://shop.jeffruby.com/cooking-tips
Title: Cooking Tips
Title: Cooking Tips
Search URL Search Domain Scan URL
URL: https://shop.jeffruby.com/shipping-details
Title: Shipping Details
Title: Shipping Details
Search URL Search Domain Scan URL
URL: https://shop.jeffruby.com/customer-support
Title: Customer Support
Title: Customer Support
Search URL Search Domain Scan URL
URL: https://shop.jeffruby.com/faq
Title: FAQ's
Title: FAQ's
Search URL Search Domain Scan URL
URL: https://www.jeffruby.com/
Title: Return to JeffRuby.com
Title: Return to JeffRuby.com
Search URL Search Domain Scan URL
URL: http://www.netmasons.com/storefront/
Title: Commerce by Netmasons
Title: Commerce by Netmasons
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 20- https://pixel.mathtag.com/event/js?mt_id=1372909&mt_adid=176246&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3= HTTP 302
- https://pixel.mathtag.com/event/js?mt_id=1372909&mt_adid=176246&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mm_bnc&mm_bct
- https://9029876.fls.doubleclick.net/activityi;src=9029876;type=jeffr0;cat=landi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3873279926247.477 HTTP 302
- https://9029876.fls.doubleclick.net/activityi;dc_pre=CMX9-aqrqt8CFQGiewod7S0KHQ;src=9029876;type=jeffr0;cat=landi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3873279926247.477
60 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
jeffruby.securetree.com/ |
34 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
87 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
default.css
cdnjs.cloudflare.com/ajax/libs/pickadate.js/3.5.6/themes/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
default.date.css
cdnjs.cloudflare.com/ajax/libs/pickadate.js/3.5.6/themes/ |
6 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
default.time.css
cdnjs.cloudflare.com/ajax/libs/pickadate.js/3.5.6/themes/ |
3 KB 757 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ |
90 KB 32 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ |
36 KB 10 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
picker.js
cdnjs.cloudflare.com/ajax/libs/pickadate.js/3.5.6/ |
36 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
picker.date.js
cdnjs.cloudflare.com/ajax/libs/pickadate.js/3.5.6/ |
47 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
picker.time.js
cdnjs.cloudflare.com/ajax/libs/pickadate.js/3.5.6/ |
31 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fbg4mlw.css
use.typekit.net/ |
2 KB 854 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ |
118 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
nmCore.css
jeffruby.securetree.com/Content/css/ |
101 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootbox.min.js
cdnjs.cloudflare.com/ajax/libs/bootbox.js/4.4.0/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.blockUI.min.js
cdnjs.cloudflare.com/ajax/libs/jquery.blockUI/2.70/ |
11 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
spin.min.js
cdnjs.cloudflare.com/ajax/libs/spin.js/2.3.2/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
custom.js
jeffruby.securetree.com/Content/scripts/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
uex1kqg.js
use.typekit.net/ |
19 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
4 KB 627 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
moment.min.js
cdnjs.cloudflare.com/ajax/libs/moment.js/2.22.2/ |
50 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
NmPromos.js
jeffruby.securetree.com/Content/scripts/ |
4 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
js
pixel.mathtag.com/event/ Redirect Chain
|
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
WebResource.axd
jeffruby.securetree.com/ |
23 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ScriptResource.axd
jeffruby.securetree.com/ |
87 KB 27 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ScriptResource.axd
jeffruby.securetree.com/ |
36 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
logo.png
jeffruby.securetree.com/Content/img/ |
40 KB 40 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Virtual2017-300px
jeffruby.securetree.com/getmetafile/1b69a173-9431-4a3a-88fc-170defd304a7/ |
18 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Traditional2017-300px
jeffruby.securetree.com/getmetafile/7b548695-4667-46bf-b18a-3978f934dd48/ |
12 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Virtual2017-300px
jeffruby.securetree.com/getmetafile/56b719e1-1077-4932-9bee-33bfbe2f3876/ |
18 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Traditional2017-300px
jeffruby.securetree.com/getmetafile/433428b4-26d5-4e4f-a138-c0ca0ee13b5f/ |
12 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
43 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
p.css
p.typekit.net/ |
5 B 168 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
15 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
activityi;dc_pre=CMX9-aqrqt8CFQGiewod7S0KHQ;src=9029876;type=jeffr0;cat=landi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3873279926247.477
9029876.fls.doubleclick.net/ Frame AD29 Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
i.js
mathid.mathtag.com/d/ |
54 KB 19 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
header-bg.jpg
jeffruby.securetree.com/Content/img/ |
139 KB 140 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Qw3FZQNVED7rKGKxtqIqX5Ectllte10hoJky_A.woff2
fonts.gstatic.com/s/josefinsans/v12/ |
10 KB 10 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fa-solid-900.woff2
jeffruby.securetree.com/Content/fonts/ |
43 KB 43 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
wrapper-bg.png
jeffruby.securetree.com/Content/img/ |
387 KB 387 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Qw3aZQNVED7rKGKxtqIqX5EUDXx4Vn8sig.woff2
fonts.gstatic.com/s/josefinsans/v12/ |
10 KB 10 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
collect
www.google-analytics.com/r/ |
35 B 101 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sdk.js
connect.facebook.net/en_US/ |
194 KB 60 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
ListPromos
jeffruby.securetree.com/NmPubApiHandler.axd/ |
814 B 878 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
l
use.typekit.net/af/9ff5df/0000000000000000000131a3/27/ |
41 KB 41 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
l
use.typekit.net/af/aeaf25/0000000000000000000131a2/27/ |
37 KB 37 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
l
use.typekit.net/af/6ebf8d/0000000000000000000131a0/27/ |
41 KB 42 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
l
use.typekit.net/af/4bab48/0000000000000000000131a1/27/ |
37 KB 37 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
iframe
pixel.mathtag.com/sync/ Frame 7A90 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
p.gif
p.typekit.net/ |
35 B 201 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
j-GHT1gpo6-.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame 6F69 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
js
pixel.mathtag.com/event/ |
3 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
img
pixel.mathtag.com/misc/ |
43 B 465 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
iframe
pixel.mathtag.com/sync/ Frame DF15 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v11/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
6xKydSBYKcSV-LCoeQqfX1RYOo3iu4nwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v11/ |
12 KB 12 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v11/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
s
mathid.mathtag.com/d/ |
0 381 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
s.js
cdn.siftscience.com/ |
61 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
358735.gif
hexagon-analytics.com/images/ |
43 B 237 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
img
pixel.mathtag.com/misc/ |
43 B 474 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F67.0.3396.87%20Safari%2F537.36&nm=0&mh=d41d8cd98f00b204e9800998ecf8427e&np=0&ph=d41d8cd98f00b204e9800998ecf8427e&sh=1200&sw=1600&cd=24&p=Linux%20x86_64&to=0&d=0&ce=true&tp=0&ol=true&pr=Gecko&ps=20030107&vd=Google%20Inc.&vs=&hc=8&je=false&ss=true&ls=false&in=true&db=false&tl=false&tr=false&ts=true&tb=false&ab=false&cf=3813340b8d240ec0f1a5c1f4427f561f&z=z){kind=link}
%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F67.0.3396.87%20Safari%2F537.36&nm=0&mh=d41d8cd98f00b204e9800998ecf8427e&np=0&ph=d41d8cd98f00b204e9800998ecf8427e&sh=1200&sw=1600&cd=24&p=Linux%20x86_64&to=0&d=0&ce=true&tp=0&ol=true&pr=Gecko&ps=20030107&vd=Google%20Inc.&vs=&hc=8&je=false&ss=true&ls=false&in=true&db=false&tl=false&tr=false&ts=true&tb=false&ab=false&cf=3813340b8d240ec0f1a5c1f4427f561f&z=z){kind=link}
Verdicts & Comments Add Verdict or Comment
96 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask object| analyticsConfig function| gtag object| dataLayer function| $ function| jQuery object| jQuery191012511413555515416 function| Picker object| google_tag_manager string| GoogleAnalyticsObject function| ga object| bootbox function| Spinner object| _spinnerOpts function| makeCurrentUrlActive object| Typekit function| moment object| nmPromos string| axel number| a string| _user_id string| _session_id object| _sift object| theForm function| __doPostBack function| WebForm_PostBackOptions function| WebForm_DoPostBackWithOptions object| __pendingCallbacks number| __synchronousCallBackIndex function| WebForm_DoCallback function| WebForm_CallbackComplete function| WebForm_ExecuteCallback function| WebForm_FillFirstAvailableSlot boolean| __nonMSDOMBrowser string| __theFormPostData object| __theFormPostCollection object| __callbackTextTypes function| WebForm_InitCallback function| WebForm_InitCallbackAddField function| WebForm_EncodeCallback object| __disabledControlArray function| WebForm_ReEnableControls function| WebForm_ReDisableControls function| WebForm_SimulateClick function| WebForm_FireDefaultButton function| WebForm_GetScrollX function| WebForm_GetScrollY function| WebForm_SaveScrollPositionSubmit function| WebForm_SaveScrollPositionOnSubmit function| WebForm_RestoreScrollPosition function| WebForm_TextBoxKeyHandler function| WebForm_TrimString function| WebForm_AppendToClassName function| WebForm_RemoveClassName function| WebForm_GetElementById function| WebForm_GetElementByTagName function| WebForm_GetElementsByTagName function| WebForm_GetElementDir function| WebForm_GetElementPosition function| WebForm_GetParentByTagName function| WebForm_SetElementHeight function| WebForm_SetElementWidth function| WebForm_SetElementX function| WebForm_SetElementY function| PM_Postback function| PM_Callback function| $get function| $create function| $addHandler function| $addHandlers function| $clearHandlers object| Sys function| Type function| $removeHandler object| _events function| $find object| CMS object| MathIDInits object| google_tag_data object| gaplugins object| gaGlobal object| gaData string| callBackFrameUrl string| url object| FB string| txt object| jstz object| MathID number| index function| metric string| MathIDSet function| __siftFlashCB undefined| Sift object| PluginDetect10 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .mathtag.com/ | Name: uuid Value: 0bbb5c19-615d-4500-adc5-84c61ccbfa31 |
|
| .doubleclick.net/ | Name: IDE Value: AHWqTUn8R9vIPcpCKXB7s2_Z7vWG4VivJcaH2y9BWHRW9Qul-QsqsP7FlZyt8VBp |
|
| .securetree.com/ | Name: _gat_gtag_UA_125424910_2 Value: 1 |
|
| .mathtag.com/ | Name: uuidc Value: jYLcf+IilZDE+Ko4Sz8cUd1+S56/k3hAQ607poBSf0/D1ESjKHY7PKDx8io9SygHt1tif9aQIR+a3Zv9syNbu4U2CNnf4eMGWdpQMuBu1yU= |
|
| .securetree.com/ | Name: _gid Value: GA1.2.1835516196.1545169067 |
|
| .securetree.com/ | Name: _ga Value: GA1.2.1106109705.1545169067 |
|
| .mathtag.com/ | Name: mt_mop Value: 9:1545169067|4:1545169068 |
|
| .mathtag.com/ | Name: mt_misc Value: mt_bt:1 |
|
| jeffruby.securetree.com/ | Name: CMSCsrfCookie Value: RyNXT/SvHJAvFCct5hzMO0ADStEHRq+yIP10qoxi |
|
| jeffruby.securetree.com/ | Name: CMSPreferredCulture Value: en-US |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
9029876.fls.doubleclick.net
ajax.googleapis.com
cdn.siftscience.com
cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
hexagon-analytics.com
jeffruby.securetree.com
mathid.mathtag.com
maxcdn.bootstrapcdn.com
p.typekit.net
pixel.mathtag.com
staticxx.facebook.com
use.typekit.net
www.google-analytics.com
www.googletagmanager.com
143.204.101.141
185.29.134.87
2.18.233.201
209.105.226.148
209.197.3.15
216.58.207.38
23.38.53.224
2606:4700::6813:c597
2a00:1450:4001:815::2008
2a00:1450:4001:81d::200e
2a00:1450:4001:81f::200a
2a00:1450:4001:821::2003
2a00:1450:400c:c0c::5f
2a03:2880:f02d:12:face:b00c:0:3
52.4.1.16
0aeb4ecf1091b9c52c9fa0ba4dc118b1abafbd88a51278935e574f6baff0bb49
15b22347592bdbf4cbf106088c32ef248b6497408fee4973931a2c4f79d51144
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
21b524d81e0b632bfb0d64ff4959b05554d67205b63042dfffb3cfd572bb79b8
26522e8376aaf31e90a4fea2446081bf0030f06ee734b93bc0904cac11eb8fd9
287edafc08a9c7e1e509e1563f9ca33ee975a05680e2c72aa4fb915a94bcfda4
3144a513792ed4ff7da0e06b350fba2eb1f615e45e121dd05205db434ae31b78
3d8bf577b5547ee1a6b082b842b999824299da1bb8e58ce27bab0ca67cd18a24
3e116fd95bbc0dffbce131a4375179cf38127cec9f3b6160e58f2f8067b4fed8
3e27aa13441d103329a705eb4f349942bead5855f75b92a4c91572175ccddde8
3f0bfc8e1c31695beca14ff84e93a0f2f83a0de4f5c9fbf02354d6fdee3c3316
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
416076a8386cbc044f63ef7518c9749a6256e73707418cc4d2ddcc222bdf9882
435102c6994284c58e63143d49204d6c3876633ffec220cc73ca05ff8e0156c9
4848ffd841fa86902c11b726ca60a3fb438a09a74c49b47a4012bfd8677907ea
49fbb2fae2ce2323c8e4326f7b6d9f12e38bf40a7ad920c7b01a7b32f3e054ac
4a58441133d85539974e4b136c25eaa5512ac1b018d4f6d53124a08c6f19b55e
4f527edd365644fbd4933370e6316af27370011684fd554e15cd70a26b3a642f
5370bf8c891dd3a7afd18dea9b58aa0f005a9c334d52b715d0fcd4ddee39d5af
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
7fa52c58ab91f005e19b43091c504e80ee6118ad5647b2d5b4fb8fa3b5e00b12
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
833ecf322174ac04ebd04737496a347c4aee5304d6371faf731d731bdd93e3a9
89b2c900d0670005ccfff084138a684e5479c8519babd5e8d8a5c8b0fa4ac1c6
9406b75bb9bcf23bdb267a5af655abd8c9637501f1fbaf260871d48375e5f5de
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9ef6068492572284a71710e5f8a98bc0fc7a3a95ce49663aa53c73ddc87d07fa
9f44325cb53bbe94f3576fa48f6368991ea44cde303fa676613d11a791aa20f7
9f9425c961900c8d8b3b30085c3969eef0c845a11c5be9fad704d160c64a12f5
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
b08fefb255b40cd18b0f7db8ec21c6f0c79d16aa828d7ed9157da12a38538682
b13c80ba5d109e8614b1c1e8bee1953ff272a097c6b10bca389dca7881e8a2f1
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b688a3bcd1297cc0fe08e6e52fea14ba9108ee4b9a2052c03e7bac6e19347255
b9b5076ba897b3d78ea2c1d2ee66887a4adacf25a82e3e851bfa79a18bff59d1
bafaffc29e4c4f792fa0cd800cf00e36aa41f849febbf346aa64b1fa8dd32427
bbd3597d0f497ab7666cf785b2c4168bff9f496e2eca3b362a3a0f6087b42801
bd7f06e246ebce83d4fffc03d9504b246ef8c61f0fc2a0033a63deea582d084d
be7f2f9888060f29028f34e6104947ca16e9cd6d4b93f72903637110ec1c9391
be9bed62226416b5262c375941521a04eccb5f6c0d1ba287802d938aab434134
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c3dad67a08080a266e21b05646996aa41c3c9cd4f65cb902916d6a76978baa0b
dab06769b7c7d4ddb4c0a9ad7b90847aef071ef1d646ff376a2c5e4dee6a2601
de06dd3e8b7208b1a930ac5ff36d8b2498dd92fc7ff21ea71ee71ecf8b6851d6
e05edee09b002722d47693fb43c49a87ceba8c23a1bfbdb353913c948444478c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44c3b782978c44af9885b97302632e45ff19d01ecb745e91d21cf597c22cb29
e69752f5a025ae7a9878bf63154064aaf406c32698d8a03493b6a772b921e293
e6b500a706ce5e576a1786f7c2616835a65d115a1d5fbf50789233ba3d605f4a
f7044cd37754c3a0010acf8053af566cadf7a24b6b9576a611732fc54685f8a5
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f95c721e5a6168a94f5e6b2ada9d61a1f67ed28219da44b7ba481739393c1271
fe1fd2390971d20586c515c99cbdf53ed0f3a9e4ddb091222dfafeae3a5eabff