gretchenrubin.com
Open in
urlscan Pro
2606:4700:30::681f:48a6
Public Scan
Effective URL: https://gretchenrubin.com/podcasts/
Submission: On September 04 via manual from US
Summary
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on August 26th 2019. Valid for: a year.
This is the only time gretchenrubin.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 3.15.82.248 3.15.82.248 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
4 | 2606:4700:30:... 2606:4700:30::681f:48a6 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 1 | 23.38.51.49 23.38.51.49 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
10 | 192.0.77.2 192.0.77.2 | 2635 (AUTOMATTIC) (AUTOMATTIC - Automattic) | |
2 | 151.101.112.176 151.101.112.176 | 54113 (FASTLY) (FASTLY - Fastly) | |
4 | 2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
1 | 2a00:1450:400... 2a00:1450:4001:825::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
4 | 2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
1 4 | 2.18.233.40 2.18.233.40 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
15 18 | 54.246.96.68 54.246.96.68 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
2 2 | 52.29.62.210 52.29.62.210 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 2 | 3.122.14.108 3.122.14.108 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 2 | 2.18.234.21 2.18.234.21 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
1 | 69.173.144.165 69.173.144.165 | 26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project) | |
1 3 | 151.101.114.2 151.101.114.2 | 54113 (FASTLY) (FASTLY - Fastly) | |
1 | 185.64.189.110 185.64.189.110 | 62713 (AS-PUBMATIC) (AS-PUBMATIC - PubMatic) | |
1 2 | 2001:4998:58:... 2001:4998:58:4904::7000 | 26101 (YAHOO-3) (YAHOO-3 - Oath Holdings Inc.) | |
1 2 | 52.28.51.203 52.28.51.203 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 2 | 52.29.161.247 52.29.161.247 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 | 185.33.223.197 185.33.223.197 | 29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus) | |
1 | 35.190.72.21 35.190.72.21 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 2 | 34.95.120.147 34.95.120.147 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 2 | 216.58.206.2 216.58.206.2 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
43 | 20 |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-3-15-82-248.us-east-2.compute.amazonaws.com
el2.convertkit-mail.com |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
gretchenrubin.com |
ASN20940 (AKAMAI-ASN1, US)
PTR: a23-38-51-49.deploy.static.akamaitechnologies.com
cloud.typography.com |
ASN2635 (AUTOMATTIC - Automattic, Inc, US)
PTR: i1.wp.com
i1.wp.com | |
i2.wp.com | |
i0.wp.com |
ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net |
ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com |
ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com |
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-233-40.deploy.static.akamaitechnologies.com
s.adroll.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-246-96-68.eu-west-1.compute.amazonaws.com
d.adroll.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-29-62-210.eu-central-1.compute.amazonaws.com
pixel.advertising.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-3-122-14-108.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com |
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com |
ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)
pixel.rubiconproject.com |
ASN54113 (FASTLY - Fastly, US)
sync.outbrain.com | |
trc.taboola.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-28-51-203.eu-central-1.compute.amazonaws.com
eb2.3lift.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-29-161-247.eu-central-1.compute.amazonaws.com
x.bidswitch.net |
ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 302.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: 21.72.190.35.bc.googleusercontent.com
idsync.rlcdn.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: 147.120.95.34.bc.googleusercontent.com
us-u.openx.net |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s20-in-f2.1e100.net
cm.g.doubleclick.net |
Domain | Requested by | |
---|---|---|
18 | d.adroll.com |
15 redirects
s.adroll.com
|
5 | i1.wp.com |
gretchenrubin.com
|
4 | s.adroll.com |
1 redirects
gretchenrubin.com
|
4 | www.facebook.com |
gretchenrubin.com
|
4 | connect.facebook.net |
gretchenrubin.com
connect.facebook.net |
4 | gretchenrubin.com |
gretchenrubin.com
|
3 | i2.wp.com |
gretchenrubin.com
|
2 | cm.g.doubleclick.net | 2 redirects |
2 | us-u.openx.net | 1 redirects |
2 | x.bidswitch.net | 1 redirects |
2 | eb2.3lift.com | 1 redirects |
2 | ads.yahoo.com | 1 redirects |
2 | sync.outbrain.com | 1 redirects |
2 | dsum-sec.casalemedia.com | 1 redirects |
2 | ups.analytics.yahoo.com | 1 redirects |
2 | pixel.advertising.com | 2 redirects |
2 | js.stripe.com |
gretchenrubin.com
js.stripe.com |
2 | i0.wp.com |
gretchenrubin.com
|
1 | idsync.rlcdn.com | |
1 | ib.adnxs.com | |
1 | trc.taboola.com | |
1 | simage2.pubmatic.com | |
1 | pixel.rubiconproject.com | |
1 | www.google-analytics.com |
gretchenrubin.com
|
1 | cloud.typography.com | 1 redirects |
1 | el2.convertkit-mail.com | 1 redirects |
43 | 26 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com CloudFlare Inc ECC CA-2 |
2019-08-26 - 2020-08-25 |
a year | crt.sh |
*.wp.com Go Daddy Secure Certificate Authority - G2 |
2018-04-10 - 2020-05-11 |
2 years | crt.sh |
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA |
2019-08-15 - 2019-11-19 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2019-08-24 - 2019-10-19 |
2 months | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2019-08-13 - 2019-11-11 |
3 months | crt.sh |
*.adroll.com DigiCert SHA2 Secure Server CA |
2018-12-19 - 2020-03-19 |
a year | crt.sh |
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA |
2019-05-08 - 2019-11-04 |
6 months | crt.sh |
san.casalemedia.com GeoTrust RSA CA 2018 |
2019-07-17 - 2020-03-09 |
8 months | crt.sh |
*.rubiconproject.com DigiCert SHA2 Secure Server CA |
2019-01-10 - 2021-01-14 |
2 years | crt.sh |
f2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3 |
2019-07-30 - 2020-07-25 |
a year | crt.sh |
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA |
2019-02-22 - 2021-02-21 |
2 years | crt.sh |
*.ads.yahoo.com DigiCert SHA2 High Assurance Server CA |
2019-06-27 - 2019-12-24 |
6 months | crt.sh |
*.3lift.com Amazon |
2019-07-17 - 2020-08-17 |
a year | crt.sh |
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA |
2019-04-17 - 2020-05-04 |
a year | crt.sh |
*.adnxs.com DigiCert ECC Secure Server CA |
2019-01-23 - 2021-03-08 |
2 years | crt.sh |
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA |
2019-04-24 - 2020-04-23 |
a year | crt.sh |
*.openx.net GeoTrust RSA CA 2018 |
2018-01-04 - 2020-07-09 |
3 years | crt.sh |
This page contains 2 frames:
Primary Page:
https://gretchenrubin.com/podcasts/
Frame ID: 3C8C81899A92E3A59012DFE1D4524DC1
Requests: 59 HTTP requests in this frame
Frame:
https://js.stripe.com/v2/m/outer.html
Frame ID: 8AF405BBCD03470949C84311E8B8FA70
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://el2.convertkit-mail.com/c/wvupvvzxeofghwx808i4/o8ukhqh6eq3z40/aHR0cHM6Ly9ncmV0Y2hlbnJ1YmluLmNvbS9wb2...
HTTP 302
https://gretchenrubin.com/podcasts/ Page URL
Detected technologies
CloudFlare (CDN) ExpandDetected patterns
- headers server /^cloudflare$/i
Page Statistics
15 Outgoing links
These are links going to different origins than the main page.
Title: Courses
Search URL Search Domain Scan URL
Title: Four Tendencies Quiz
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: Instagram
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: LinkedIn
Search URL Search Domain Scan URL
Title: YouTube
Search URL Search Domain Scan URL
Title: Pinterest
Search URL Search Domain Scan URL
Title: Four Tendencies Quiz
Search URL Search Domain Scan URL
Title: Video Courses
Search URL Search Domain Scan URL
Title: Four Tendencies Workshop
Search URL Search Domain Scan URL
Title: Pinterest
Search URL Search Domain Scan URL
Title: YouTube
Search URL Search Domain Scan URL
Title: Feedburner
Search URL Search Domain Scan URL
Title: Goodreads
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://el2.convertkit-mail.com/c/wvupvvzxeofghwx808i4/o8ukhqh6eq3z40/aHR0cHM6Ly9ncmV0Y2hlbnJ1YmluLmNvbS9wb2RjYXN0cy8=
HTTP 302
https://gretchenrubin.com/podcasts/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://cloud.typography.com/6933196/7310572/css/fonts.css HTTP 302
- https://gretchenrubin.com/fonts/604316/B0BBE34BB51A94AFB.css
- https://s.adroll.com/j/exp/MNJ6HPMUZNDJPMY2LCJIK4/index.js HTTP 302
- https://s.adroll.com/j/exp/index.js
- https://d.adroll.com/pixel/MNJ6HPMUZNDJPMY2LCJIK4/CETUGPVSS5BUZJOYYZWMKH?adroll_fpc=6016db5d92df7a027f6b29556fcc5297-1567605918919&xid_ch=f&pv=51845467314.325485&cookie=&adroll_s_ref=&keyw=&arrfrr=https%3A%2F%2Fgretchenrubin.com%2Fpodcasts%2F HTTP 302
- https://s.adroll.com/pixel/MNJ6HPMUZNDJPMY2LCJIK4/CETUGPVSS5BUZJOYYZWMKH/5K2BZL3M2ZEOHBC6TSFAUF.js
- https://d.adroll.com/cm/aol/out?adroll_fpc=6016db5d92df7a027f6b29556fcc5297-1567605918919&xid_ch=f&advertisable=MNJ6HPMUZNDJPMY2LCJIK4 HTTP 302
- https://pixel.advertising.com/ups/55980/sync?uid=OTM1OGMwNzA2MTFjMjI4MTQxZTcwMTNiMDE3NWM5MjY&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
- https://pixel.advertising.com/ups/55980/sync?uid=OTM1OGMwNzA2MTFjMjI4MTQxZTcwMTNiMDE3NWM5MjY&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true HTTP 302
- https://ups.analytics.yahoo.com/ups/55980/sync?uid=OTM1OGMwNzA2MTFjMjI4MTQxZTcwMTNiMDE3NWM5MjY&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP07054dfd-cf1d-11e9-b262-067436786462 HTTP 302
- https://ups.analytics.yahoo.com/ups/55980/sync?uid=OTM1OGMwNzA2MTFjMjI4MTQxZTcwMTNiMDE3NWM5MjY&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP07054dfd-cf1d-11e9-b262-067436786462&verify=true
- https://d.adroll.com/cm/index/out?adroll_fpc=6016db5d92df7a027f6b29556fcc5297-1567605918919&xid_ch=f&advertisable=MNJ6HPMUZNDJPMY2LCJIK4 HTTP 302
- https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=OTM1OGMwNzA2MTFjMjI4MTQxZTcwMTNiMDE3NWM5MjY&expiration=1599141919 HTTP 302
- https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=OTM1OGMwNzA2MTFjMjI4MTQxZTcwMTNiMDE3NWM5MjY&expiration=1599141919&C=1
- https://d.adroll.com/cm/n/out?adroll_fpc=6016db5d92df7a027f6b29556fcc5297-1567605918919&xid_ch=f&advertisable=MNJ6HPMUZNDJPMY2LCJIK4 HTTP 302
- https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=OTM1OGMwNzA2MTFjMjI4MTQxZTcwMTNiMDE3NWM5MjY&expires=365
- https://d.adroll.com/cm/outbrain/out?adroll_fpc=6016db5d92df7a027f6b29556fcc5297-1567605918919&xid_ch=f&advertisable=MNJ6HPMUZNDJPMY2LCJIK4 HTTP 302
- https://sync.outbrain.com/cookie-sync?p=adroll&uid=OTM1OGMwNzA2MTFjMjI4MTQxZTcwMTNiMDE3NWM5MjY HTTP 302
- https://sync.outbrain.com/cookie-sync?p=adroll&uid=OTM1OGMwNzA2MTFjMjI4MTQxZTcwMTNiMDE3NWM5MjY&rdrctExp=true
- https://d.adroll.com/cm/pubmatic/out?adroll_fpc=6016db5d92df7a027f6b29556fcc5297-1567605918919&xid_ch=f&advertisable=MNJ6HPMUZNDJPMY2LCJIK4 HTTP 302
- https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=OTM1OGMwNzA2MTFjMjI4MTQxZTcwMTNiMDE3NWM5MjY&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
- https://d.adroll.com/cm/r/out?adroll_fpc=6016db5d92df7a027f6b29556fcc5297-1567605918919&xid_ch=f&advertisable=MNJ6HPMUZNDJPMY2LCJIK4 HTTP 302
- https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
- https://d.adroll.com/cm/taboola/out?adroll_fpc=6016db5d92df7a027f6b29556fcc5297-1567605918919&xid_ch=f&advertisable=MNJ6HPMUZNDJPMY2LCJIK4 HTTP 302
- https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=OTM1OGMwNzA2MTFjMjI4MTQxZTcwMTNiMDE3NWM5MjY
- https://d.adroll.com/cm/triplelift/out?adroll_fpc=6016db5d92df7a027f6b29556fcc5297-1567605918919&xid_ch=f&advertisable=MNJ6HPMUZNDJPMY2LCJIK4 HTTP 302
- https://eb2.3lift.com/xuid?mid=4714&xuid=OTM1OGMwNzA2MTFjMjI4MTQxZTcwMTNiMDE3NWM5MjY&dongle=c85e HTTP 302
- https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=OTM1OGMwNzA2MTFjMjI4MTQxZTcwMTNiMDE3NWM5MjY&dongle=c85e&gdpr=1&cmp_cs=
- https://d.adroll.com/cm/r/out?advertisable=MNJ6HPMUZNDJPMY2LCJIK4 HTTP 302
- https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
- https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
- https://d.adroll.com/cm/b/out?advertisable=MNJ6HPMUZNDJPMY2LCJIK4 HTTP 302
- https://x.bidswitch.net/sync?dsp_id=44&user_id=OTM1OGMwNzA2MTFjMjI4MTQxZTcwMTNiMDE3NWM5MjY HTTP 302
- https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=OTM1OGMwNzA2MTFjMjI4MTQxZTcwMTNiMDE3NWM5MjY
- https://d.adroll.com/cm/x/out?advertisable=MNJ6HPMUZNDJPMY2LCJIK4 HTTP 302
- https://ib.adnxs.com/setuid?entity=172&code=OTM1OGMwNzA2MTFjMjI4MTQxZTcwMTNiMDE3NWM5MjY
- https://d.adroll.com/cm/l/out?advertisable=MNJ6HPMUZNDJPMY2LCJIK4 HTTP 302
- https://idsync.rlcdn.com/377928.gif?partner_uid=9358c070611c228141e7013b0175c926
- https://d.adroll.com/cm/o/out?advertisable=MNJ6HPMUZNDJPMY2LCJIK4 HTTP 302
- https://us-u.openx.net/w/1.0/sd?id=537103138&val=9358c070611c228141e7013b0175c926 HTTP 302
- https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=9358c070611c228141e7013b0175c926
- https://d.adroll.com/cm/g/out?advertisable=MNJ6HPMUZNDJPMY2LCJIK4&google_nid=adroll5 HTTP 302
- https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=k1jAcGEcIoFB5wE7AXXJJg&google_ula=1535926 HTTP 302
- https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=k1jAcGEcIoFB5wE7AXXJJg&google_ula=1535926&google_tc= HTTP 302
- https://d.adroll.com/cm/g/in?google_ula=1535926,0
43 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
gretchenrubin.com/podcasts/ Redirect Chain
|
336 KB 38 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
B0BBE34BB51A94AFB.css
gretchenrubin.com/fonts/604316/ Redirect Chain
|
178 KB 132 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Forty-Ways-to-Look-at-Winston-Churchill.jpg
i1.wp.com/api.gretchenrubin.com/wp-content/uploads/2004/05/ |
24 KB 24 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Power-Money-Fame-Sex.jpg
i2.wp.com/api.gretchenrubin.com/wp-content/uploads/2017/08/ |
3 KB 3 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
profane-waste.jpg
i2.wp.com/api.gretchenrubin.com/wp-content/uploads/2017/08/ |
7 KB 7 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
the-yale-law-review-gretchen-rubin.png
i1.wp.com/api.gretchenrubin.com/wp-content/uploads/1994/08/ |
7 KB 7 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Outer-Order-Inner-Calm-by-Gretchen-Rubin-1.jpg
i0.wp.com/api.gretchenrubin.com/wp-content/uploads/2018/10/ |
7 KB 7 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
four-tendencies.jpg
i1.wp.com/api.gretchenrubin.com/wp-content/uploads/2017/08/ |
15 KB 15 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
better-than-before.jpg
i1.wp.com/api.gretchenrubin.com/wp-content/uploads/2017/08/ |
16 KB 16 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
HappierAtHomePaperback.jpg
i2.wp.com/api.gretchenrubin.com/wp-content/uploads/2017/06/ |
16 KB 16 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
HappinessProject10th-pb-c-1.jpg
i1.wp.com/api.gretchenrubin.com/wp-content/uploads/2018/10/ |
17 KB 17 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Forty-Ways-to-Look-at-JFK.jpg
i0.wp.com/api.gretchenrubin.com/wp-content/uploads/2017/08/ |
14 KB 14 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
email-decode.min.js
gretchenrubin.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ |
1 KB 868 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
js.stripe.com/v3/ |
142 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.e18e91ea.js
gretchenrubin.com/static/js/ |
1 MB 338 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
121 KB 31 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
284 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
342 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
11 KB 11 KB |
Font
application/x-font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
346 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
425 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
616 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
565 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
583 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
343 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
422 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
613 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
562 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
347 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
11 KB 11 KB |
Font
application/x-font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
4 KB 4 KB |
Font
application/x-font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
4 KB 4 KB |
Font
application/x-font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
196741967530756
connect.facebook.net/signals/config/ |
307 KB 79 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
43 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
outer.html
js.stripe.com/v2/m/ Frame 8AF4 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
inferredEvents.js
connect.facebook.net/signals/plugins/ |
35 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 246 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
roundtrip.js
s.adroll.com/j/ |
34 KB 11 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.js
s.adroll.com/j/exp/ Redirect Chain
|
29 B 681 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
MNJ6HPMUZNDJPMY2LCJIK4
d.adroll.com/consent/check/ |
46 B 505 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
5K2BZL3M2ZEOHBC6TSFAUF.js
s.adroll.com/pixel/MNJ6HPMUZNDJPMY2LCJIK4/CETUGPVSS5BUZJOYYZWMKH/ Redirect Chain
|
5 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
427215647432902
connect.facebook.net/signals/config/ |
307 KB 79 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync
ups.analytics.yahoo.com/ups/55980/ Redirect Chain
|
0 473 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rum
dsum-sec.casalemedia.com/ Redirect Chain
|
43 B 898 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tap.php
pixel.rubiconproject.com/ Redirect Chain
|
42 B 371 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cookie-sync
sync.outbrain.com/ Redirect Chain
|
0 324 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Pug
simage2.pubmatic.com/AdServer/ Redirect Chain
|
1 B 862 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
v1
ads.yahoo.com/cms/ Redirect Chain
|
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
trc.taboola.com/sg/adroll-network/1/rtb-h/ Redirect Chain
|
0 192 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
xuid
eb2.3lift.com/ Redirect Chain
|
37 B 335 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
in
d.adroll.com/cm/r/ Redirect Chain
|
42 B 501 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync
x.bidswitch.net/ul_cb/ Redirect Chain
|
43 B 380 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
setuid
ib.adnxs.com/ Redirect Chain
|
43 B 875 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
377928.gif
idsync.rlcdn.com/ Redirect Chain
|
0 40 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sd
us-u.openx.net/w/1.0/ Redirect Chain
|
43 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
in
d.adroll.com/cm/g/ Redirect Chain
|
42 B 533 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 200 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 246 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 99 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
30 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| fbq function| _fbq function| Stripe object| __PRELOADED_STATE__ string| adroll_adv_id string| adroll_pix_id function| webpackJsonp object| __core-js_shared__ string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData boolean| __adroll_loaded string| adroll_sid object| __adroll boolean| adroll_optout object| adroll_ext_network object| adroll_callbacks undefined| adroll_tpc_callback object| adroll_exp_list boolean| __adroll_consent boolean| __adroll_consent_is_gdpr string| __adroll_consent_user_country number| adroll_xavier_called number| __adroll_xid_ch object| adroll_currency object| adroll_conversion_value object| adroll_conversion_value_in_dollars6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.gretchenrubin.com/ | Name: __stripe_sid Value: 18036947-1e12-4e0e-a99b-ce72effe967e |
|
.gretchenrubin.com/ | Name: _gid Value: GA1.2.2071188756.1567605918 |
|
.gretchenrubin.com/ | Name: _fbp Value: fb.1.1567605918457.2073451996 |
|
.gretchenrubin.com/ | Name: __stripe_mid Value: 8026df34-473d-4df8-a496-5b24c1ffe2f3 |
|
.gretchenrubin.com/ | Name: _ga Value: GA1.2.1343210399.1567605918 |
|
.gretchenrubin.com/ | Name: __cfduid Value: d62f01db5c8f3390b55d8f1423216807d1567605916 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ads.yahoo.com
cloud.typography.com
cm.g.doubleclick.net
connect.facebook.net
d.adroll.com
dsum-sec.casalemedia.com
eb2.3lift.com
el2.convertkit-mail.com
gretchenrubin.com
i0.wp.com
i1.wp.com
i2.wp.com
ib.adnxs.com
idsync.rlcdn.com
js.stripe.com
pixel.advertising.com
pixel.rubiconproject.com
s.adroll.com
simage2.pubmatic.com
sync.outbrain.com
trc.taboola.com
ups.analytics.yahoo.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
x.bidswitch.net
151.101.112.176
151.101.114.2
185.33.223.197
185.64.189.110
192.0.77.2
2.18.233.40
2.18.234.21
2001:4998:58:4904::7000
216.58.206.2
23.38.51.49
2606:4700:30::681f:48a6
2a00:1450:4001:825::200e
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
3.122.14.108
3.15.82.248
34.95.120.147
35.190.72.21
52.28.51.203
52.29.161.247
52.29.62.210
54.246.96.68
69.173.144.165
08b0723d5a953f21f6b846d19827282a921d7c337a8ff1b63a727ab1f3701733
0b298aaebfc8ef86d0fcb08b6e6aa83c7e4f00ad9bf3d96fbf35519645b38433
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14d88b3a27f0e6de034f86ad42d6411081e9467daf754147f2f16bcb20782177
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
3580c0fa19242c84d69ef733cc3e3db0cd418e6cbdfdbb2f1ade52d36924b271
38d61b3cde29e11b356be2067f7ef3368732d58186cddd54cc0ac68208ae4ee9
40a0ec86e55a586518b3454ac064eb1dcac7830c7b62b77dd77d2ff4db03b1e5
49544815513740e36ad02bd54b4d2fe4fbd84d5e3ba3f4ffaa405b203cb111ec
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bc2fbc52e09fc96dd5d159071037fcd66efc19034311c20aa170e2d4f50625f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f85b7f989d19bd584c2b043407e424a2386c5ff3fce1bffa3608b0af6272108
514e103e31d8b8e15b14bb5a11cc139ed475a23ab7a15bdbdc5119694c39a2df
53505d8e87a553ce5ce2f30c05f4fb421c7c182a16342e8d00735003495b5435
53563faf34c5273b1378e8fe01301f9e76474116833e8a683f1afddfc1a601bd
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
553405f6647070824f92f0812b7d9f0b8d5e15367b28e16fe086c09ba484dfac
5c29b175a6d1f05484b053e12e2cdb182846568129d7b78eedff887c82f962df
695a2d2b7aa7145745ff1ab604a3ca72e2ecae4ed7b09ca999db866a01abc60b
78b4fe722b6fe9392810cbb4b3f4606602ec142c1807f23e1307d9518616bfd0
7a8fafdc4aa74b069bd56f62e742e6925b99010f8e5174ef400ed823cd3e060c
85cad9a6e54e6f4e14a9607e63399ae5519b9ff5a3c8c888f08b4dac50a74249
8f94dafb9a9b5ff21ffe516da97a708106f6a589f75e4fd6d5060a5028302e91
a6e691f7e328ef741eaeed7182981b24362a3a68711dcb562b7c24331576febb
ac38e0962fdcfe99f8a0fe8190b65ade38b0d9416bd426a3add6aec0c8c39e63
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4e9e9bef19c34422f55a7fdb9d10c4db5e39cff24b8c98a0be0e09b2ee6ac2b
bb1eb888e8a4dba3c81f1f8243409a9e1801c4daabb3bbeb33169ccf32227ed6
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bf4b602785a308e911470a9a913d7a52acc0e87f8d7da507f38a7f6ccb5223c3
c2078bc025220a0cd2b07c2bd18a0df9529ed59fc4477b50da4c10724fec31c4
c36c764d8787db95c319593e3041c8132cc32ad3be06a2cea845643fac788718
cafc58d72e88b64c369e4921a8ecf9820c6c4470731cb13149e739d1732f86e8
cf38889e850804ce74690c840b8e5c30cc619d992b85002b80450eb5960bc584
cfe947c36973f675da145b93a3979fcc51d9d201e3b15db2c0b8bb9b0a2eaef5
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
df481d9c66f1cc76809d6397149090d85a21c879b17c65b3ca6f657a0d1a3981
e129303f75e317ba0dd09f90f4de9e94f1d832355b5d9202181e3e72648b3646
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e503337cd524b0c27f2ac9722c3ba138e567e48fcb2454b5f0defd0b5b87cd24
e5517f2eed2d953d74693853493c8a90832683511289f3691ea30b93aa8f995f
e95ddfb5a0cdbbd740407f94fcffc098b34e7b9de1079c34500c28e4085e2908
ee0c0a03b19f1a0bec489bdccce04329a1540f109434d7146c087ff3c41450ec
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7d7b8e746c4d75bbd4454d4a0e2e2c58d51f0293c25b1351696c33fc3571cce
f922925bdc285476116d4da2c4b66f84c9125fe5e1d628229d849b67c2658868
fe29cac585b6222f1ddbde27bec3d8a20960ef62effc6a1935c309574436da22
ff1f200e6309e7075a1493ef12e6cb55b4554dd44d94ea19533939779c0cf104