www.thechediandermatt.com
Open in
urlscan Pro
3.221.209.207
Public Scan
Effective URL: https://www.thechediandermatt.com/de?updatelang=yes
Submission Tags: falconsandbox
Submission: On February 23 via api from US — Scanned from DE
Summary
TLS certificate: Issued by R3 on January 18th 2023. Valid for: 3 months.
This is the only time www.thechediandermatt.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN24940 (HETZNER-AS, DE)
PTR: bouncer.newsletter2go.com
static.newsletter2go.com |
ASN24940 (HETZNER-AS, DE)
PTR: static.196.193.130.94.clients.your-server.de
api.newsletter2go.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-221-209-207.compute-1.amazonaws.com
www.thechediandermatt.com |
ASN16509 (AMAZON-02, US)
d1pe873sdaunfo.cloudfront.net |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN20940 (AKAMAI-ASN1, NL)
download-video.akamaized.net |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN15169 (GOOGLE, US)
PTR: 119.244.178.107.bc.googleusercontent.com
beacon.sojern.com | |
pixel.sojern.com |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net
ad.doubleclick.net |
ASN29990 (ASN-APPNEX, US)
PTR: 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com |
ASN15169 (GOOGLE, US)
PTR: bud02s37-in-f2.1e100.net
cm.g.doubleclick.net |
ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com |
ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org |
ASN32934 (FACEBOOK, US)
www.facebook.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
thechediandermatt.com
www.thechediandermatt.com |
417 KB |
9 |
doubleclick.net
4 redirects
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 stats.g.doubleclick.net — Cisco Umbrella Rank: 77 ad.doubleclick.net — Cisco Umbrella Rank: 171 cm.g.doubleclick.net — Cisco Umbrella Rank: 202 |
5 KB |
7 |
google.com
1 redirects
region1.analytics.google.com — Cisco Umbrella Rank: 4370 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 73 fcmatch.google.com — Cisco Umbrella Rank: 2851 |
2 KB |
6 |
adnxs.com
4 redirects
secure.adnxs.com — Cisco Umbrella Rank: 377 ib.adnxs.com — Cisco Umbrella Rank: 203 |
6 KB |
5 |
google.de
www.google.de — Cisco Umbrella Rank: 6149 |
885 B |
4 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30 |
20 KB |
4 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 44 |
248 KB |
3 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 105 |
272 B |
3 |
sojern.com
beacon.sojern.com — Cisco Umbrella Rank: 5163 pixel.sojern.com — Cisco Umbrella Rank: 7365 |
2 KB |
3 |
bing.com
bat.bing.com — Cisco Umbrella Rank: 357 |
12 KB |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 151 |
136 KB |
2 |
adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 470 |
66 KB |
2 |
secureprivacy.ai
app.secureprivacy.ai — Cisco Umbrella Rank: 60193 |
33 KB |
2 |
newsletter2go.com
2 redirects
static.newsletter2go.com — Cisco Umbrella Rank: 154687 api.newsletter2go.com — Cisco Umbrella Rank: 157080 |
1 KB |
1 |
adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 296 |
265 B |
1 |
youtube.com
fcmatch.youtube.com — Cisco Umbrella Rank: 2850 |
432 B |
1 |
akamaized.net
download-video.akamaized.net — Cisco Umbrella Rank: 31133 |
|
1 |
vimeo.com
1 redirects
player.vimeo.com — Cisco Umbrella Rank: 1763 |
974 B |
1 |
cloudfront.net
d1pe873sdaunfo.cloudfront.net |
250 KB |
1 |
smoton.com
1 redirects
smoton.com — Cisco Umbrella Rank: 485463 |
465 B |
59 | 20 |
Domain | Requested by | |
---|---|---|
14 | www.thechediandermatt.com |
www.thechediandermatt.com
|
5 | www.google.de |
www.thechediandermatt.com
|
4 | secure.adnxs.com | 2 redirects |
4 | www.google.com |
www.thechediandermatt.com
|
4 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com www.thechediandermatt.com |
4 | www.googletagmanager.com |
www.thechediandermatt.com
www.googletagmanager.com |
3 | www.facebook.com | |
3 | stats.g.doubleclick.net |
www.googletagmanager.com
www.google-analytics.com |
3 | bat.bing.com |
www.thechediandermatt.com
bat.bing.com |
2 | ib.adnxs.com | 2 redirects |
2 | pixel.sojern.com | |
2 | cm.g.doubleclick.net | 2 redirects |
2 | ad.doubleclick.net | 2 redirects |
2 | connect.facebook.net |
beacon.sojern.com
connect.facebook.net |
2 | googleads.g.doubleclick.net |
www.googletagmanager.com
|
2 | assets.adobedtm.com |
www.thechediandermatt.com
assets.adobedtm.com |
2 | app.secureprivacy.ai |
www.thechediandermatt.com
www.googletagmanager.com |
1 | match.adsrvr.org | |
1 | fcmatch.youtube.com | |
1 | fcmatch.google.com | 1 redirects |
1 | adservice.google.com | |
1 | beacon.sojern.com |
www.thechediandermatt.com
|
1 | region1.analytics.google.com |
www.googletagmanager.com
|
1 | download-video.akamaized.net |
www.thechediandermatt.com
|
1 | player.vimeo.com | 1 redirects |
1 | d1pe873sdaunfo.cloudfront.net |
www.thechediandermatt.com
|
1 | api.newsletter2go.com | 1 redirects |
1 | static.newsletter2go.com | 1 redirects |
1 | smoton.com | 1 redirects |
59 | 29 |
This site contains links to these domains. Also see Links.
Domain |
---|
shop.e-guma.ch |
www.google.com |
www.andermatt.ch |
d1pe873sdaunfo.cloudfront.net |
www.instagram.com |
www.facebook.com |
www.linkedin.com |
www.ghmhotels.com |
www.lhw.com |
www.swissdeluxehotels.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
thechediandermatt.com R3 |
2023-01-18 - 2023-04-18 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-06-06 - 2023-06-05 |
a year | crt.sh |
*.cloudfront.net Amazon RSA 2048 M01 |
2022-12-08 - 2023-12-07 |
a year | crt.sh |
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-07-19 - 2023-08-19 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-02-08 - 2023-05-03 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2023-02-08 - 2023-05-03 |
3 months | crt.sh |
www.bing.com Microsoft RSA TLS CA 02 |
2023-02-16 - 2023-08-16 |
6 months | crt.sh |
www.google.de GTS CA 1C3 |
2023-02-01 - 2023-04-26 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2023-02-08 - 2023-05-03 |
3 months | crt.sh |
*.sojern.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-01-17 - 2024-02-17 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2023-01-10 - 2023-03-03 |
2 months | crt.sh |
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020 |
2022-03-31 - 2023-05-02 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.thechediandermatt.com/de?updatelang=yes
Frame ID: F12AD990F066B39214B4C77BB121B170
Requests: 59 HTTP requests in this frame
Frame:
https://www.facebook.com/tr/
Frame ID: 82221B0FAFD6F9D74E76B2629DDE91DF
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Luxushotel in der Schweiz | The Chedi AndermattPage URL History Show full URLs
-
https://smoton.com/prisi54j-8xrqat4j-3yhdge12-mfi
HTTP 302
https://static.newsletter2go.com/index.php?n2g=prisi54j-8xrqat4j-3yhdge12-mfi HTTP 302
https://api.newsletter2go.com/newsletters/click/prisi54j-8xrqat4j-3yhdge12-mfi HTTP 302
https://www.thechediandermatt.com/de?updatelang=yes Page URL
Detected technologies
AppNexus (Advertising Networks) ExpandDetected patterns
- adnxs\.(?:net|com)
Facebook (Widgets) Expand
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Lightbox (JavaScript Libraries) Expand
Detected patterns
- lightbox(?:-plus-jquery)?.{0,32}\.js
Page Statistics
10 Outgoing links
These are links going to different origins than the main page.
Title: Gutscheine
Search URL Search Domain Scan URL
Title: Wegbeschreibung
Search URL Search Domain Scan URL
Title: Aktuelle Wetterverhältnisse
Search URL Search Domain Scan URL
Title: Spa Broschüre
Search URL Search Domain Scan URL
Title: Visit our instagram
Search URL Search Domain Scan URL
Title: Visit our facebook
Search URL Search Domain Scan URL
Title: Visit our linkedin
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://smoton.com/prisi54j-8xrqat4j-3yhdge12-mfi
HTTP 302
https://static.newsletter2go.com/index.php?n2g=prisi54j-8xrqat4j-3yhdge12-mfi HTTP 302
https://api.newsletter2go.com/newsletters/click/prisi54j-8xrqat4j-3yhdge12-mfi HTTP 302
https://www.thechediandermatt.com/de?updatelang=yes Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 19- https://player.vimeo.com/progressive_redirect/playback/781036010/rendition/1080p/file.mp4?loc=external&signature=5329c23e02f74917b36d656051a4039b9eb08514859a961733e54760402eee16 HTTP 302
- https://download-video.akamaized.net/2/playback/c9754e9e-ad42-40d4-a73f-c526087a7041/2ac9c617?__token__=st=1677196531~exp=1677210931~acl=%2F2%2Fplayback%2Fc9754e9e-ad42-40d4-a73f-c526087a7041%2F2ac9c617%2A~hmac=73e49e0e17fab8a4e8d17d3efa2d107cdb80bc49de766b1fa75adfcc4a92d200&r=dXMtY2VudHJhbDE%3D
- https://ad.doubleclick.net/ddm/activity/src=9820864;type=track0;cat=thech0;qty=1;cost=0;u1=;u2=;u3=;u4=;u5=;u6=;u8=;u9=;u10=;u11=;u12=;u13=;u14=;u15=;u16=;u17=;u18=;u19=6810;u20=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=orderID HTTP 302
- https://ad.doubleclick.net/ddm/activity/src=9820864;dc_pre=COCJhfzrrP0CFRVtGQod5yQHYw;type=track0;cat=thech0;qty=1;cost=0;u1=;u2=;u3=;u4=;u5=;u6=;u8=;u9=;u10=;u11=;u12=;u13=;u14=;u15=;u16=;u17=;u18=;u19=6810;u20=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=orderID HTTP 302
- https://adservice.google.com/ddm/fls/z/src=9820864;dc_pre=COCJhfzrrP0CFRVtGQod5yQHYw;type=track0;cat=thech0;qty=1;cost=0;u1=;u2=;u3=;u4=;u5=;u6=;u8=;u9=;u10=;u11=;u12=;u13=;u14=;u15=;u16=;u17=;u18=;u19=6810;u20=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=orderID
- https://secure.adnxs.com/px?id=1349508&t=1 HTTP 307
- https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1349508%26t%3D1
- https://secure.adnxs.com/seg?add=23334214&t=1 HTTP 307
- https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D23334214%26t%3D1
- https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=p_prVAEWyd2ND8JaoPZFdA&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=edMpy5MR9Ol4yTQvZ4MSerJjGf4CtlSxXm2xTlxRcLRiBHOXt1SOwqKVXlqeO9Q_&sjrn_ula=901081040 HTTP 302
- https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=edMpy5MR9Ol4yTQvZ4MSerJjGf4CtlSxXm2xTlxRcLRiBHOXt1SOwqKVXlqeO9Q_&sjrn_ula=901081040&google_gid=CAESEH9YTYfglCZ9oJhVM1PEDs0&google_cver=1
- https://cm.g.doubleclick.net/pixel?google_hm=p_prVAEWyd2ND8JaoPZFdA&google_nid=sojern_adh HTTP 302
- https://fcmatch.google.com/pixel?google_gm=AMnCDopWfTHVM76G_bYTDR9evTeyJroOkoKjC4HoKcFp280O25V6JtM7q4C1ZqioxcuO0pyEe0vsbumbEgfkdLBRMYHjqsxpJoeWR_ewu2qUcZrniY3oiS4 HTTP 302
- https://fcmatch.youtube.com/pixel?google_gm=AMnCDopWfTHVM76G_bYTDR9evTeyJroOkoKjC4HoKcFp280O25V6JtM7q4C1ZqioxcuO0pyEe0vsbumbEgfkdLBRMYHjqsxpJoeWR_ewu2qUcZrniY3oiS4
- https://ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=edMpy5MR9Ol4yTQvZ4MSerJjGf4CtlSxXm2xTlxRcLRiBHOXt1SOwqKVXlqeO9Q_ HTTP 307
- https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2Fidsync%2Fapn%3Fid%3D%24UID%26sjrn_id%3DedMpy5MR9Ol4yTQvZ4MSerJjGf4CtlSxXm2xTlxRcLRiBHOXt1SOwqKVXlqeO9Q_ HTTP 302
- https://pixel.sojern.com/idsync/apn?id=710889618736717768&sjrn_id=edMpy5MR9Ol4yTQvZ4MSerJjGf4CtlSxXm2xTlxRcLRiBHOXt1SOwqKVXlqeO9Q_
59 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
de
www.thechediandermatt.com/ Redirect Chain
|
126 KB 26 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
secure-privacy-v1.js
app.secureprivacy.ai/secureprivacy-plugin/web-plugin/ |
125 KB 26 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-white.svg
www.thechediandermatt.com/skins/skin-thechediandermatt-com/assets/desktop/images/ |
26 KB 7 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1aec8be3874e637b18c94958f07b7a0a.webp
d1pe873sdaunfo.cloudfront.net/thechediandermatt.com-226783510/cms/cache/v2/632b3e35c3df6.jpg/1920x1080/fit/80/ |
249 KB 250 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.min.css
www.thechediandermatt.com/skins/skin-thechediandermatt-com/1676478133/assets/desktop/styles/ |
194 KB 28 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.min.css
www.thechediandermatt.com/skins/skin-thechediandermatt-com/1676478133/assets/desktop/styles/lightbox/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scripts.min.js
www.thechediandermatt.com/skins/skin-thechediandermatt-com/1676478133/assets/desktop/scripts/ |
490 KB 141 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
digitalData.min.js
www.thechediandermatt.com/skins/master/assets/tracking/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
satelliteLib-f3b54d5a1be49ed208cea93f182e2744e6d73bf6.js
assets.adobedtm.com/fde0688fbb2998f2bca09636e7ec95a255559f0d/ |
259 KB 53 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lightbox.js
www.thechediandermatt.com/skins/skin-thechediandermatt-com/1676478133/assets/desktop/scripts/libraries/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
svg-collection.svg
www.thechediandermatt.com/skins/skin-thechediandermatt-com/assets/desktop/images/ |
47 KB 16 KB |
Other
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
whitneybold.woff2
www.thechediandermatt.com/skins/skin-thechediandermatt-com/1676478133/assets/desktop/fonts/ |
18 KB 19 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
whitneylight.woff2
www.thechediandermatt.com/skins/skin-thechediandermatt-com/1676478133/assets/desktop/fonts/ |
18 KB 18 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
750 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
spectral-regular.woff2
www.thechediandermatt.com/skins/skin-thechediandermatt-com/1676478133/assets/desktop/fonts/ |
25 KB 25 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
whitneymedium.woff2
www.thechediandermatt.com/skins/skin-thechediandermatt-com/1676478133/assets/desktop/fonts/ |
18 KB 18 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
spectral-bold.woff2
www.thechediandermatt.com/skins/skin-thechediandermatt-com/1676478133/assets/desktop/fonts/ |
27 KB 28 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
spectral-medium.woff2
www.thechediandermatt.com/skins/skin-thechediandermatt-com/1676478133/assets/desktop/fonts/ |
86 KB 87 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
EX018504ca4da1498bbdfc8535c3d18af5-libraryCode_source.min.js
assets.adobedtm.com/b9783a521e1f/52181b7d19bd/e291679c6d93/ |
35 KB 13 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
296 KB 79 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2ac9c617
download-video.akamaized.net/2/playback/c9754e9e-ad42-40d4-a73f-c526087a7041/ Redirect Chain
|
14 MB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
130 KB 50 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5f348cd87df5d210bc150b9e.js
app.secureprivacy.ai/script/ |
6 KB 7 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
227 KB 79 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/649968341/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
100 KB 40 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bat.js
bat.bing.com/ |
40 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.analytics.google.com/g/ |
0 261 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 47 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 408 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 356 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
4 B 154 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 194 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 70 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
13006875.js
bat.bing.com/p/action/ |
0 119 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0
bat.bing.com/action/ |
0 288 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/649968341/ |
42 B 154 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/649968341/ |
42 B 154 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 408 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
11
beacon.sojern.com/pixel/cp/ |
5 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
collect
www.google-analytics.com/ |
35 B 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
106 KB 28 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
src=9820864;dc_pre=COCJhfzrrP0CFRVtGQod5yQHYw;type=track0;cat=thech0;qty=1;cost=0;u1=;u2=;u3=;u4=;u5=;u6=;u8=;u9=;u10=;u11=;u12=;u13=;u14=;u15=;u16=;u17=;u18=;u19=6810;u20=;dc_lat=;dc_rdid=;tag_for...
adservice.google.com/ddm/fls/z/ Redirect Chain
|
42 B 401 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bounce
secure.adnxs.com/ Redirect Chain
|
0 1 KB |
Image
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bounce
secure.adnxs.com/ Redirect Chain
|
0 1 KB |
Image
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AdX
pixel.sojern.com/idSync/ Redirect Chain
|
42 B 271 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel
fcmatch.youtube.com/ Redirect Chain
|
170 B 432 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
apn
pixel.sojern.com/idsync/ Redirect Chain
|
42 B 274 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
generic
match.adsrvr.org/track/cmf/ |
70 B 265 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
664528024291099
connect.facebook.net/signals/config/ |
377 KB 108 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 185 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 31 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
www.facebook.com/tr/ Frame 8222 |
0 56 B |
Document
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/827323272/ |
2 KB 979 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/827323272/ |
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/827323272/ |
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
148 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless function| initialize_secure_privacy function| sp string| templateURL string| siteFullURL object| siteSettings object| currentPropertyId object| bookingEngineVars number| currentLang string| currentLangSlug object| translations object| BOOKING_SETTINGS object| poiJSON object| digitalData object| s undefined| s_account string| s_sites object| __pageCategory object| __clientInfo function| _typeof2 function| validFileSize object| defaultParent object| counterMap object| uncontrolledNodes object| markerMap number| lockCount function| hideOthers function| leadingZero function| ordinal_suffix_of string| ERROR_CONTAINER_ID string| FIELD_ERROR_CLASS string| SUCCESS_CONTAINER_ID function| nxgFormSubmission function| nxgFormSubmission_setErrorOnForm function| nxgFormSubmission_setUpErrors function| nxgFormSubmission_breakDownNotifications function| nxgFormSubmission_disableSubmitButton function| nxgFormSubmission_submissionSuccessful function| nxgFormSubmission_scrollToError function| nxgFormSubmission_isElementInView function| nxgFormSubmission_scrollToElement function| isWindow function| getWindow function| offset object| windowObject number| windowWidth number| windowHeight number| windowCurrentScroll object| documentObject object| rootObject object| bodyObject object| header number| headerHeight object| headerMainMenu object| booking object| photos object| hamburgerNavigation object| hamburgerNavigationParent object| hamburgerNavigationTrigger object| blogHamburgerNavigation object| bloghamburgerNavigationParent object| blogHamburgerNavigationTrigger object| events object| specialOffers object| specialsSlideshow object| packagesSlideshow string| googleApiKey object| googleApiReady object| reviews object| slideshows boolean| keyboardNavigation object| fadeOnScrollElements string| transitionEndEvent string| currentScreen object| isMobileDevice boolean| fadeOnScrollSupport object| mapStyles function| fixBodyHeight object| lozadObserver function| checkVisibleElements function| searchForText object| skipToContentButton object| skipToTarget function| hamburgerNavigationExpandSubmenu function| hamburgerNavigationCollapseSubmenu string| playVideoButtonClass boolean| slideshowsStopped number| slideshowsPauseTimer function| stopAllSlideshows function| pauseAllSlideshows function| resumeAllSlideshows function| processCheckinCheckoutInputs function| processCategorySelectors function| processSelects function| disableKeyboardNavigation function| restoreKeyboardNavigation function| buttonStates object| contentReadMore function| resolveGoogleMap function| initGallery function| getFormData object| newsletter object| newsletterForm object| newsletterEmail object| newsletterPopup object| closeButton function| openNewsletterPopup function| $ function| jQuery function| lozad object| whatInput function| Swiper function| Galleria object| focusLock string| transitionEnd function| svg4everybody object| _satellite boolean| __satelliteLoaded object| dataLayer function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq undefined| sites object| _alreadyTrackedSpeImpressions object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| gtag object| GooglebQhCsO object| uetq object| SP_BLACKLIST object| SP_SCRIPT_CONF object| SP_IFRAME_CONF object| SP_PIXEL_CONF object| sptt function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData function| UET function| UET_init function| UET_push object| ueto_e5beb440a1 string| key function| fbq function| _fbq19 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
static.newsletter2go.com/ | Name: n2g Value: prisi54j-8xrqat4j-3yhdge12-mfi |
|
.thechediandermatt.com/ | Name: HeBS_Lang Value: de |
|
.thechediandermatt.com/ | Name: _gcl_au Value: 1.1.226909970.1677196531 |
|
.vimeo.com/ | Name: __cf_bm Value: GBp4Qs37Xd6HSV9g5K1OWl7yGyt790irsjaid04JWjc-1677196531-0-ATKFaDy6DWpl3s+vnp1PFKAi0Ex97Tmr/CLO2LNTwAKJcvg2gN6xWQcctUqL+3/LyX0fpE1Pzbz4/Y75Bj+cef0= |
|
.thechediandermatt.com/ | Name: _ga_4682T462C6 Value: GS1.1.1677196531.1.0.1677196531.60.0.0 |
|
.thechediandermatt.com/ | Name: _ga Value: GA1.2.1252828837.1677196531 |
|
.thechediandermatt.com/ | Name: _gid Value: GA1.2.63884715.1677196531 |
|
.thechediandermatt.com/ | Name: _dc_gtm_UA-72908014-1 Value: 1 |
|
.thechediandermatt.com/ | Name: _gat_UA-72908014-1 Value: 1 |
|
.thechediandermatt.com/ | Name: _uetsid Value: 8e2d8280b3d511ed92139dca99b5fdf4 |
|
.thechediandermatt.com/ | Name: _uetvid Value: 8e2dad00b3d511ed8cf161e866e3a4ce |
|
.bing.com/ | Name: MUID Value: 2C876F2FE22C6A0628A47DEEE3A76B50 |
|
.adnxs.com/ | Name: anj Value: dTM7k!M4/8CxrEQF']wIg2In>tHaaR!]tbP6j2F-XstGt!@E*B%%L>O |
|
.adnxs.com/ | Name: uuid2 Value: 710889618736717768 |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUkfwkvhfRCtMzk2whGhtoURZ3sDeOy6HZN7rUVywRRSTYnYFKjp-AzwvhiS0no |
|
.sojern.com/ | Name: cid Value: a7fa6b54-0116-c9dd-8d0f-c25aa0f64574#1677110400000 |
|
.sojern.com/ | Name: apnid Value: 710889618736717768 |
|
.sojern.com/ | Name: gid Value: CAESEH9YTYfglCZ9oJhVM1PEDs0 |
|
.thechediandermatt.com/ | Name: _fbp Value: fb.1.1677196532127.689499267 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | upgrade-insecure-requests |
Strict-Transport-Security | max-age=63072000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ad.doubleclick.net
adservice.google.com
api.newsletter2go.com
app.secureprivacy.ai
assets.adobedtm.com
bat.bing.com
beacon.sojern.com
cm.g.doubleclick.net
connect.facebook.net
d1pe873sdaunfo.cloudfront.net
download-video.akamaized.net
fcmatch.google.com
fcmatch.youtube.com
googleads.g.doubleclick.net
ib.adnxs.com
match.adsrvr.org
pixel.sojern.com
player.vimeo.com
region1.analytics.google.com
secure.adnxs.com
smoton.com
static.newsletter2go.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.thechediandermatt.com
104.26.2.32
107.178.244.119
136.243.111.209
142.250.185.198
142.251.39.2
162.159.128.61
185.89.210.101
185.89.211.84
2001:4860:4802:32::36
213.133.127.169
2600:9000:206f:a800:11:5dfc:900:21
2620:1ec:c11::200
2a00:1450:4001:800::200e
2a00:1450:4001:803::2004
2a00:1450:4001:806::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2008
2a00:1450:4001:829::2002
2a00:1450:4001:829::200e
2a00:1450:400c:c0d::9a
2a00:1450:400d:806::2003
2a02:26f0:3500:8::c16c:9915
2a02:26f0:f700:481::1e80
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.221.209.207
3.33.220.150
94.130.193.196
00e381d327285a24c7499f9de5c4ec25d25df6e64f1a28e1687acdecfbb31bc6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
150cc55d69975242eec7d77ad0f1d8b5a88b652d6b2565ac96f3f4937c7bb42b
243ed6fe28a43d5385d496ac64b96f30b93afd0587ee61322ed8b823c23b2fef
2f3d3052f89fce61a58afd0361af80c31d93263faee5809b5546ace1887de7ba
3a93efdd6e3fc06eda81580b11218166e4019ba6796bd7f3821925af90d43ce2
3c6d5c5bc893b11b26bdb29b8be8167c1112d3e6ecc222d2805e6414b59005b5
3cba13e617185374907dad4c2322a05816bdcd71717e956fc80f344fe8a28d7b
4a9d0a27d80943a92a3e795d88abc81d6d923e9217ec1506572ddf437301dd3d
4fbaf3869f7a120428915ca4c26881d5742a9d128220cc490c22239247b7d866
53f8af9ea2a91b3cf086cf5d38dcf6be353909649851294c14c2040ad0d3fdcb
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a54a6c55c15a942dd662b06551ae687222f4cbc93bc7469edfdf032b67e66c7
66a08f0edb12d1cf6b7b90e84231479e714c2d346e6a9a00a2812f6e4b19b876
739d31b7e17f96ca0bc83c77bdc158403b0a7c6f1a9404ca647e72cb49ff2640
75f80c184362ddcdc13f75dcf4e2891c87b6ed6c69b46c1b0029eaeb9b654feb
793d3e0ceebd7c1ce30d73e35070f251d86fc30db2581deccf01b4cb50e73656
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
874e679915b08824a66248f735ac41f1c24299edda50812a02781010ae1c06f2
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
92561f70760eae88d852c9a44f4d16a3171c91f572e8b1719492c2043ce555e5
a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253
a23e1ef340b401681f052008d062c3471e0664a3aed9ce3ef61e33cdafeaa8e9
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0ba597d5882f10b0a87f7d4a0df0c96178a8817c087b803d395757be8b0aacf
bfa8cba640aca1705437425b3e8ec5e4b3651aacafc46ce303b8366914f3b419
c94693b92a05184dc419e5f550ce2fbad1ba6171c2cbee09251ce76c08a1c78a
cab52dc3525d23d87fc3337ea17253060c6f723389a33e62699d510f1878972b
cce59cb2ccbdee5e2404d195eee0984cde486b2dc22fb61f00a5124b4c7ee87b
e1b8279c398ca5531450408766ad2e4e3b612ec688e294373a3baaa99ea6d2a3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e84cbbcab3d30441d2ef0ee59089df1297d6dc40aa8fa0c39de4760ce9e8aa46
eded5093091d5e94358d940d93beaeffce542e98fc416326ed4ca3fdbc3c9c36
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f14d20ff8c7660cfe68f8fd71ebf8c07e9f099de7605809f7467e0a320c4c4eb
f26d583383091a5cccdba20ddd6f2c2e192d5d43f5b509dbe0c396339347b485
f2faacf38f0c62a0ba5154da5bd8d919474d707e3ef82aadac9220ecbe529c18