test-1.retainr.io Open in urlscan Pro
54.232.167.120  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response test-1.retainr.io/	3 KB 2 KB	532ms 199ms	Document text/html	54.232.167.120 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://test-1.retainr.io/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 54.232.167.120 São Paulo, Brazil, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-232-167-120.sa-east-1.compute.amazonaws.com Software nginx/1.18.0 (Ubuntu) / Resource Hash 8b1da5ce44ada94695dfdbc0fd95785627d91e5ccc955b2fd9003bf9a8d22caa Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html Date Fri, 08 Dec 2023 16:53:02 GMT ETag W/"65721187-b8d" Last-Modified Thu, 07 Dec 2023 18:40:07 GMT Server nginx/1.18.0 (Ubuntu) Transfer-Encoding chunked
GET H2	200	css fonts.googleapis.com/	25 KB 1 KB	235ms 80ms	Stylesheet text/css	2607:f8b0:4006:823::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:400,100,100italic,300,300italic,400italic,500,500italic,700,700italic,900italic,900 Requested by Host: test-1.retainr.io URL: https://test-1.retainr.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:823::200a , United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 2ece1ce88d0c0ee1733e95c7bab6fc3795dc0fefc8e09027c67302d621479b47 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://test-1.retainr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 08 Dec 2023 16:53:02 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 08 Dec 2023 15:26:50 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 08 Dec 2023 16:53:02 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	274 KB 91 KB	238ms 97ms	Script application/javascript	2607:f8b0:4006:816::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-LY81V86E4J Requested by Host: test-1.retainr.io URL: https://test-1.retainr.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:816::2008 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 0aaa2081faab2f776f73b414063dbbe73f39e45c2700be0eaaaa61fd284269d0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://test-1.retainr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 16:53:02 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 93063 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Fri, 08 Dec 2023 16:53:02 GMT
GET H2	200	rw.js Show response r.wdfl.co/	15 KB 5 KB	234ms 63ms	Script text/javascript	2600:9000:208f:6a00:1b:348c:b140:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.wdfl.co/rw.js Requested by Host: test-1.retainr.io URL: https://test-1.retainr.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:208f:6a00:1b:348c:b140:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash f2b24206208f641d0db0a4a0b9ac008f215fa24743d685539fc3790c8ff97a34 Request headers accept-language en-US,en;q=0.9 Referer https://test-1.retainr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 16:04:09 GMT content-encoding gzip via 1.1 d91f9d07d2d79c22681fc8eb4b5f2698.cloudfront.net (CloudFront) last-modified Fri, 08 Dec 2023 08:38:53 GMT server AmazonS3 x-amz-cf-pop IAD79-C3 age 2934 x-amz-server-side-encryption AES256 etag W/"3fe376cf64d7c74367dfea06c12cc733" vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript cache-control max-age=3600 x-amz-cf-id bWlDMFMYXzM1mYSHDG96gaFv2LNEiL4CrJJDTNa9xywhbprfw5IM_Q==
GET H2	200	css fonts.googleapis.com/	2 KB 1 KB	234ms 80ms	Stylesheet text/css	2607:f8b0:4006:823::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Inter&display=swap Requested by Host: test-1.retainr.io URL: https://test-1.retainr.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:823::200a , United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash cb9edaf733338f4cbf6c8fa4bca4b1b2787b855d923059e5762f6525e87eb486 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://test-1.retainr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 08 Dec 2023 16:53:02 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 08 Dec 2023 15:11:31 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 08 Dec 2023 16:53:02 GMT
GET H/1.1	200 OK	main.2f7525b6.js Show response test-1.retainr.io/static/js/	3 MB 3 MB	385ms 139ms	Script application/javascript	54.232.167.120 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://test-1.retainr.io/static/js/main.2f7525b6.js Requested by Host: test-1.retainr.io URL: https://test-1.retainr.io/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 54.232.167.120 São Paulo, Brazil, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-232-167-120.sa-east-1.compute.amazonaws.com Software nginx/1.18.0 (Ubuntu) / Resource Hash 449012f9bb85fee57785c77c6813adc54b061a47bef2ebe694a78c4127536119 Request headers accept-language en-US,en;q=0.9 Referer https://test-1.retainr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Fri, 08 Dec 2023 16:53:03 GMT Last-Modified Thu, 07 Dec 2023 18:40:10 GMT Server nginx/1.18.0 (Ubuntu) ETag "6572118a-2f9b83" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 3120003
GET H/1.1	200 OK	main.2c4b8cf6.css test-1.retainr.io/static/css/	260 KB 260 KB	278ms 278ms	Stylesheet text/css	54.232.167.120 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://test-1.retainr.io/static/css/main.2c4b8cf6.css Requested by Host: test-1.retainr.io URL: https://test-1.retainr.io/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 54.232.167.120 São Paulo, Brazil, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-232-167-120.sa-east-1.compute.amazonaws.com Software nginx/1.18.0 (Ubuntu) / Resource Hash 12a3a79b24d2ae257a38822c1266955d7ad94e9ee9183c4e20621c8ce58ff4ad Request headers accept-language en-US,en;q=0.9 Referer https://test-1.retainr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Fri, 08 Dec 2023 16:53:02 GMT Last-Modified Thu, 07 Dec 2023 18:40:07 GMT Server nginx/1.18.0 (Ubuntu) ETag "65721187-40f04" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 265988
POST H2	204	collect www.google-analytics.com/g/	0 255 B	304ms 79ms	Ping text/plain	2607:f8b0:4006:816::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-LY81V86E4J&gtm=45je3bt0v9170491208&_p=1702054382668&gcd=11l1l1l1l1&dma=0&cid=2117167975.1702054383&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702054382&sct=1&seg=0&dl=https%3A%2F%2Ftest-1.retainr.io%2F&dt=Retainr&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=992 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-LY81V86E4J Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://test-1.retainr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Fri, 08 Dec 2023 16:53:02 GMT server Golfe2 content-type text/plain access-control-allow-origin https://test-1.retainr.io cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	202 KB 54 KB	201ms 66ms	Script application/x-javascript	2a03:2880:f012:8:face:b00c:0:1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: test-1.retainr.io URL: https://test-1.retainr.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://test-1.retainr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=() content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Fri, 08 Dec 2023 16:53:02 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 54273 x-xss-protection 0 reporting-endpoints pragma public x-fb-debug e21YPw99KrAVj27oHMecZVSXADAwyCNBqMahtxC68AQSrL5JYHB2PPfy4rktEPnwF4XGkpa9IoGcWCXpaKRMFw== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 cache-control public, max-age=1200 x-fb-optimizer 0 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	events.js Show response analytics.tiktok.com/i18n/pixel/	5 KB 3 KB	357ms 86ms	Script application/javascript	23.206.172.11 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CLHUT0JC77U8CEMNT35G&lib=ttq Requested by Host: test-1.retainr.io URL: https://test-1.retainr.io/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.206.172.11 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-206-172-11.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 69de63a5d51f7553726569bde84f8cd1ec2a42262613ad81a75d3b754be1c5ff Request headers accept-language en-US,en;q=0.9 Referer https://test-1.retainr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers x-akamai-request-id dfd5de2f.262388a date Fri, 08 Dec 2023 16:53:03 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-231208165303672E6706DE3A06048E50-4752B1668EE7716E-00 x-cache TCP_MISS from a23-58-89-11.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-) x-parent-response-time 16,23.58.89.11 server-timing cdn-cache; desc=MISS, edge; dur=8, origin; dur=8, inner; dur=5 content-length 1730 pragma no-cache server nginx x-tt-logid 20231208165303672E6706DE3A06048E50 x-cache-remote TCP_MISS from a23-218-222-68.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-) vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=0, no-cache, no-store x-origin-response-time 8,23.218.222.68 x-tt-trace-host 01439e9c575441e437c8f70b0cf4bee413120e56f38566e210ed2fd01a155256af531cc6757d0da573b11c5b18750a091b77da0a38486db497fa00a533e37227b45411afa4c115d21a96fd2d7f66b9103596cff2a5fb7d30cf99f274fb6cf721c9936870ab3ad45657745f18df3448c0e5 expires Fri, 08 Dec 2023 16:53:03 GMT
GET H2	200	3214714355488547 Show response connect.facebook.net/signals/config/	142 KB 37 KB	285ms 284ms	Script application/x-javascript	2a03:2880:f012:8:face:b00c:0:1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/3214714355488547?v=2.9.138&r=stable&domain=test-1.retainr.io Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash b291594e206aaa7ff43d4c4d8189edcb8a35836d94c9312f3681ae93bfd1f7ba Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://test-1.retainr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=() content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Fri, 08 Dec 2023 16:53:03 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints pragma public x-fb-debug yGQC5kBFsvnHhEdZSOkVLynyy7gSp2gTJ0dEaOFhUyjH1XS6mDNncN9zSbNCur0Tp6N4TEkIGqhNSkB1An/kgQ== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	main.MTdjYzNiZDU2MQ.js Show response analytics.tiktok.com/i18n/pixel/static/	417 KB 108 KB	66ms 65ms	Script application/javascript	23.206.172.11 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MQ.js Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CLHUT0JC77U8CEMNT35G&lib=ttq Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.206.172.11 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-206-172-11.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 899b480c61ba64c81eca25d7e37c963401ce6521586c6f42b20648597f20acbd Request headers accept-language en-US,en;q=0.9 Referer https://test-1.retainr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers x-akamai-request-id 26238b6 date Fri, 08 Dec 2023 16:53:03 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static server nginx x-tt-logid 20231115210818FA0B881269E3CC88F977 vary Accept-Encoding x-cache TCP_HIT from a23-58-89-11.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-) content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable x-tt-trace-host 01ad9b0436dc8099654cb87647f6119bf7cf28fe3900d0f037260fb538b289b706b0aae2a62800bdd673d182568e5442e82e080434a300c4359fb32dc6d9775468b516196408ebfe8c3542ed41f21b28895b28e2b8d08638a01d9f2632f6564316 server-timing cdn-cache; desc=HIT, edge; dur=0, inner; dur=3 content-length 110274
GET H2	200	identify_bb163.js Show response analytics.tiktok.com/i18n/pixel/static/	135 KB 36 KB	75ms 74ms	Script application/javascript	23.206.172.11 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MQ.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.206.172.11 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-206-172-11.deploy.static.akamaitechnologies.com Software nginx / Resource Hash a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a Request headers accept-language en-US,en;q=0.9 Referer https://test-1.retainr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers x-akamai-request-id 2623938 date Fri, 08 Dec 2023 16:53:03 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static server nginx x-tt-logid 20231115210811EA16A3D724B57A1F9A83 vary Accept-Encoding x-cache TCP_MEM_HIT from a23-58-89-11.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-) content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable x-tt-trace-host 01b892b3b5af80faf4ea30ee2929449b28be44ad0e8441fc5387245e802ac8246e64a1f516bbd4491b4d21a639e14d3b09e66ac4e4f8038aebe25072f06716438c472945e31f80a93087098a2fcf97159065ce2c19a7dcd86cde2eabaedc8172b2 server-timing cdn-cache; desc=HIT, edge; dur=0, inner; dur=4 content-length 36207
POST H2	200	pixel analytics.tiktok.com/api/v2/	0 844 B	559ms 558ms	Ping text/plain	23.206.172.11 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MQ.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.206.172.11 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-206-172-11.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://test-1.retainr.io/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id bce1272c.26239f0 date Fri, 08 Dec 2023 16:53:03 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-23120816530342514B46BE81BCCF7115-607A6D6E47ED4D2A-00 x-cache TCP_MISS from a23-58-89-11.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-) x-parent-response-time 479,23.58.89.11 server-timing cdn-cache; desc=MISS, edge; dur=115, origin; dur=371, inner; dur=252 content-length 0 pragma no-cache server nginx x-tt-logid 2023120816530342514B46BE81BCCF7115 x-cache-remote TCP_MISS from a23-218-222-78.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-) access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 371,23.218.222.78 x-tt-trace-host 01439e9c575441e437c8f70b0cf4bee413120e56f38566e210ed2fd01a155256afbfc85963f287976bfcbef978a937174c75754c0eef8b117fefd0d246d6ef6d8012b771ee26f65599ca7bbb8bc295648f0e92df5bd65bb204631a8b0cbe95b2271b99601121f5ec63674af9266a1ed3ce access-control-allow-headers Authorization,* expires Fri, 08 Dec 2023 16:53:03 GMT
GET H2	200	/ www.facebook.com/tr/	0 185 B	215ms 66ms	Image text/plain	2a03:2880:f112:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=3214714355488547&ev=PageView&dl=https%3A%2F%2Ftest-1.retainr.io%2F&rl=&if=false&ts=1702054383403&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1702054383399.1153860860&cs_est=true&ler=empty&it=1702054383067&coo=false&rqm=GET Requested by Host: test-1.retainr.io URL: https://test-1.retainr.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-US,en;q=0.9 Referer https://test-1.retainr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Fri, 08 Dec 2023 16:53:03 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
POST H2	200	act analytics.tiktok.com/api/v2/pixel/	0 696 B	98ms 97ms	Ping text/plain	23.206.172.11 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel/act Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MQ.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.206.172.11 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-206-172-11.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://test-1.retainr.io/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id 2623ab7 date Fri, 08 Dec 2023 16:53:03 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-231208165303580D4429AFF106A3C307-623A058046068EB0-00 x-cache TCP_MISS from a23-58-89-11.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-) server-timing inner; dur=17, cdn-cache; desc=MISS, edge; dur=7, origin; dur=27 content-length 0 pragma no-cache server nginx x-tt-logid 20231208165303580D4429AFF106A3C307 access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 29,23.58.89.11 x-tt-trace-host 01439e9c575441e437c8f70b0cf4bee4134214e30c3000aa7acf6d176f578833410ed994f18f5f5e2172640f639d23baa6944098048d3b1957b03f09ce0bd1b1fc3a13e58d37c801758626fcfb47e814efebe454c07045aeafa9b53367b76517e0 access-control-allow-headers Authorization,* expires Fri, 08 Dec 2023 16:53:03 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	67ms 66ms	Script text/javascript	2607:f8b0:4006:816::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: test-1.retainr.io URL: https://test-1.retainr.io/static/js/main.2f7525b6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://test-1.retainr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Fri, 08 Dec 2023 15:49:04 GMT last-modified Mon, 12 Jun 2023 18:23:07 GMT server Golfe2 age 3839 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Fri, 08 Dec 2023 17:49:04 GMT
GET H/1.1	200 OK	/ Show response api.ipify.org/	22 B 222 B	373ms 92ms	Fetch application/json	173.231.16.77 WEBNX
General Check archive.org Show headers Download Go to Full URL https://api.ipify.org/?format=json Requested by Host: test-1.retainr.io URL: https://test-1.retainr.io/static/js/main.2f7525b6.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.231.16.77 , United States, ASN18450 (WEBNX, US), Reverse DNS api.ipify.org Software nginx/1.25.1 / Resource Hash 2323918c968f88f7824d1391806958de07015a04ff7771b6999119924136b2ff Request headers accept-language en-US,en;q=0.9 Referer https://test-1.retainr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Fri, 08 Dec 2023 16:53:04 GMT Server nginx/1.25.1 Connection keep-alive Content-Length 22 Vary Origin Content-Type application/json
GET H2	200	/ www.facebook.com/tr/	0 31 B	68ms 65ms	Image text/plain	2a03:2880:f112:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=3214714355488547&ev=PageView&dl=https%3A%2F%2Ftest-1.retainr.io%2Flogin&rl=&if=false&ts=1702054383861&sw=1600&sh=1200&v=2.9.138&r=stable&ec=1&o=4126&fbp=fb.1.1702054383399.1153860860&cs_est=true&ler=empty&it=1702054383067&coo=false&rqm=GET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-US,en;q=0.9 Referer https://test-1.retainr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Fri, 08 Dec 2023 16:53:03 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	host Show response api.retainr.io/auth/company/by/	512 B 824 B	311ms 311ms	XHR application/json	2600:9000:247b:6600:16:c1fc:39c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.retainr.io/auth/company/by/host Requested by Host: test-1.retainr.io URL: https://test-1.retainr.io/static/js/main.2f7525b6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:247b:6600:16:c1fc:39c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Express Resource Hash d275363832f16e0344123e9770d8dae68b74a2ffb3a259397b362192114d13f2 Request headers Accept application/json, text/plain, */* Referer https://test-1.retainr.io/ fbp fb.1.1702054383399.1153860860 accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 16:53:04 GMT via 1.1 c723324ff3815a0e30df3eecba242152.cloudfront.net (CloudFront) x-amz-cf-pop JFK52-P2 x-powered-by Express etag W/"200-AaWFkWvUbRjp/rD8NBCiDO89YfY" x-cache Miss from cloudfront content-type application/json; charset=utf-8 access-control-allow-origin * content-length 512 x-amz-cf-id dCM40GYQ-TOWpBSOcGJbRujghJKG8wYbkws3l0iK0_lVwhfY9x67jg==
OPTIONS H2	204	host api.retainr.io/auth/company/by/	0 0	629ms 298ms	Preflight	2600:9000:247b:6600:16:c1fc:39c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.retainr.io/auth/company/by/host Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:247b:6600:16:c1fc:39c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Express Resource Hash Request headers Accept */* Access-Control-Request-Headers fbp Access-Control-Request-Method GET Origin https://test-1.retainr.io Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers access-control-allow-headers fbp access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE access-control-allow-origin * date Fri, 08 Dec 2023 16:53:04 GMT vary Access-Control-Request-Headers via 1.1 c723324ff3815a0e30df3eecba242152.cloudfront.net (CloudFront) x-amz-cf-id rCw2DKoBnz56rjR_lUe6KcmDTScX9E9ur60y0uYlapjuBZedJgtACg== x-amz-cf-pop JFK52-P2 x-cache Miss from cloudfront x-powered-by Express
POST H2	200	collect Show response www.google-analytics.com/j/	3 B 93 B	171ms 170ms	XHR text/plain	2607:f8b0:4006:816::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1316090796&t=pageview&_s=1&dl=https%3A%2F%2Ftest-1.retainr.io%2Flogin&dp=%2F&ul=en-us&de=UTF-8&dt=Retainr&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1616712885&gjid=967405615&cid=2117167975.1702054383&tid=G-LY81V86E4J&_gid=1959187589.1702054384&_r=1&_slc=1&z=1753321744 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://test-1.retainr.io/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 08 Dec 2023 16:53:04 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://test-1.retainr.io cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	collect www.google-analytics.com/g/	0 17 B	77ms 76ms	Ping text/plain	2607:f8b0:4006:816::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-LY81V86E4J&gtm=45je3bt0v9170491208&_p=1702054382668&gcd=11l1l1l1l1&dma=0&cid=2117167975.1702054383&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&sid=1702054382&sct=1&seg=0&dl=https%3A%2F%2Ftest-1.retainr.io%2F&dt=Retainr&_s=2&tfd=6006 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-LY81V86E4J Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://test-1.retainr.io/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Fri, 08 Dec 2023 16:53:07 GMT server Golfe2 content-type text/plain access-control-allow-origin https://test-1.retainr.io cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| documentPictureInPicture object| google_tag_manager object| google_tag_data object| dataLayer function| gtag function| onYouTubeIframeAPIReady object| gaGlobal function| fbq function| _fbq string| _rwq function| rewardful string| TiktokAnalyticsObject object| ttq boolean| _rewardful_loaded function| Rewardful object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks object| webpackChunkdash string| GoogleAnalyticsObject function| ga object| gaplugins object| gaData

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.tiktok.com/	1970-01-21 02:09:10	Name: _ttp Value: 2ZGha7xCEmhtoc1QQ7nKKRa4XS4
			.retainr.io/	1970-01-21 02:09:10	Name: _tt_enable_cookie Value: 1
			.retainr.io/	1970-01-21 02:09:10	Name: _ttp Value: R-oriWhNlJHy-ZSQXUVH8XwxnEQ
			.retainr.io/	1970-01-20 18:57:10	Name: _fbp Value: fb.1.1702054383399.1153860860
			.retainr.io/	1970-01-21 02:23:34	Name: _ga Value: GA1.2.2117167975.1702054383
			.retainr.io/	1970-01-20 16:49:00	Name: _gid Value: GA1.2.1959187589.1702054384
			.retainr.io/	1970-01-20 16:47:34	Name: _gat Value: 1
			.retainr.io/	1970-01-21 02:23:34	Name: _ga_LY81V86E4J Value: GS1.1.1702054382.1.1.1702054384.0.0.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
api.ipify.org
api.retainr.io
connect.facebook.net
fonts.googleapis.com
r.wdfl.co
test-1.retainr.io
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
173.231.16.77
23.206.172.11
2600:9000:208f:6a00:1b:348c:b140:93a1
2600:9000:247b:6600:16:c1fc:39c0:93a1
2607:f8b0:4006:816::2008
2607:f8b0:4006:816::200e
2607:f8b0:4006:823::200a
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
54.232.167.120
0aaa2081faab2f776f73b414063dbbe73f39e45c2700be0eaaaa61fd284269d0
12a3a79b24d2ae257a38822c1266955d7ad94e9ee9183c4e20621c8ce58ff4ad
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2323918c968f88f7824d1391806958de07015a04ff7771b6999119924136b2ff
2ece1ce88d0c0ee1733e95c7bab6fc3795dc0fefc8e09027c67302d621479b47
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
449012f9bb85fee57785c77c6813adc54b061a47bef2ebe694a78c4127536119
69de63a5d51f7553726569bde84f8cd1ec2a42262613ad81a75d3b754be1c5ff
899b480c61ba64c81eca25d7e37c963401ce6521586c6f42b20648597f20acbd
8b1da5ce44ada94695dfdbc0fd95785627d91e5ccc955b2fd9003bf9a8d22caa
a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a
b291594e206aaa7ff43d4c4d8189edcb8a35836d94c9312f3681ae93bfd1f7ba
cb9edaf733338f4cbf6c8fa4bca4b1b2787b855d923059e5762f6525e87eb486
d275363832f16e0344123e9770d8dae68b74a2ffb3a259397b362192114d13f2
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f2b24206208f641d0db0a4a0b9ac008f215fa24743d685539fc3790c8ff97a34