secure.anedot.com
Open in
urlscan Pro
2606:4700::6810:c307
Public Scan
Effective URL: https://secure.anedot.com/tedcruz/pg-rs-mrepd-election-010421?utm_source=email_rs_PG&utm_campaign=cruz&utm_medium=Email&ut...
Submission: On January 27 via api from BE
Summary
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on October 28th 2020. Valid for: 6 months.
This is the only time secure.anedot.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-65-162.compute-1.amazonaws.com
links.standingstrongamerica.com |
ASN13335 (CLOUDFLARENET, US)
secure.anedot.com | |
analytics.anedot.com | |
files.anedot.com |
ASN16625 (AKAMAI-AS, US)
PTR: a104-108-64-37.deploy.static.akamaitechnologies.com
www.paypalobjects.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-225-80-72.fra2.r.cloudfront.net
sc-static.net |
ASN15169 (GOOGLE, US)
PTR: fra16s13-in-f226.1e100.net
cm.g.doubleclick.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-209-68.eu-west-1.compute.amazonaws.com
dpm.demdex.net | |
prospergroupcorp.demdex.net |
ASN15169 (GOOGLE, US)
PTR: 184.226.186.35.bc.googleusercontent.com
tr.snapchat.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-145-149.eu-west-1.compute.amazonaws.com
cm.everesttech.net |
Domain | Requested by | |
---|---|---|
27 | secure.anedot.com |
secure.anedot.com
|
7 | www.facebook.com |
1 redirects
secure.anedot.com
|
6 | maps.googleapis.com |
secure.anedot.com
maps.googleapis.com |
5 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com secure.anedot.com |
4 | connect.facebook.net |
secure.anedot.com
connect.facebook.net |
3 | analytics.anedot.com |
secure.anedot.com
|
2 | prospergroupcorp.demdex.net |
secure.anedot.com
|
2 | maps.gstatic.com |
secure.anedot.com
|
2 | tr.snapchat.com |
secure.anedot.com
|
2 | dpm.demdex.net |
secure.anedot.com
|
2 | cm.g.doubleclick.net |
1 redirects
secure.anedot.com
|
2 | rtd-tm.everesttech.net | 2 redirects |
2 | sc-static.net |
secure.anedot.com
sc-static.net |
2 | www.googletagmanager.com |
secure.anedot.com
|
2 | files.anedot.com |
secure.anedot.com
|
1 | analytics.twitter.com |
static.ads-twitter.com
|
1 | cm.everesttech.net | 1 redirects |
1 | cx.atdmt.com |
secure.anedot.com
|
1 | t.co |
secure.anedot.com
|
1 | www.google.de |
secure.anedot.com
|
1 | www.google.com |
secure.anedot.com
|
1 | t.paypal.com |
secure.anedot.com
|
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | static.ads-twitter.com |
www.googletagmanager.com
|
1 | www.paypal.com |
www.paypalobjects.com
|
1 | www.paypalobjects.com |
secure.anedot.com
|
1 | links.standingstrongamerica.com | 1 redirects |
76 | 27 |
This site contains links to these domains. Also see Links.
Domain |
---|
anedot.com |
help.anedot.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
ssl410314.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2020-10-28 - 2021-05-06 |
6 months | crt.sh |
www.paypal.com DigiCert SHA2 Extended Validation Server CA |
2021-01-13 - 2022-01-11 |
a year | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2021-01-05 - 2021-03-30 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-12-22 - 2021-03-21 |
3 months | crt.sh |
ads-twitter.com DigiCert SHA2 High Assurance Server CA |
2020-08-14 - 2021-08-19 |
a year | crt.sh |
sc-static.net DigiCert SHA2 Secure Server CA |
2019-03-11 - 2021-03-15 |
2 years | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2021-01-05 - 2021-03-30 |
3 months | crt.sh |
upload.video.google.com GTS CA 1O1 |
2021-01-05 - 2021-03-30 |
3 months | crt.sh |
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1 |
2020-12-02 - 2022-01-02 |
a year | crt.sh |
t.paypal.com DigiCert SHA2 Extended Validation Server CA |
2020-11-17 - 2021-11-21 |
a year | crt.sh |
www.google.com GTS CA 1O1 |
2021-01-05 - 2021-03-30 |
3 months | crt.sh |
www.google.de GTS CA 1O1 |
2021-01-05 - 2021-03-30 |
3 months | crt.sh |
t.co DigiCert TLS RSA SHA256 2020 CA1 |
2021-01-12 - 2022-01-11 |
a year | crt.sh |
tr.snapchat.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-01-19 - 2022-01-23 |
a year | crt.sh |
*.atlassolutions.com DigiCert SHA2 High Assurance Server CA |
2020-12-04 - 2021-03-03 |
3 months | crt.sh |
*.gstatic.com GTS CA 1O1 |
2021-01-05 - 2021-03-30 |
3 months | crt.sh |
*.twitter.com DigiCert SHA2 High Assurance Server CA |
2020-03-05 - 2021-03-02 |
a year | crt.sh |
This page contains 4 frames:
Primary Page:
https://secure.anedot.com/tedcruz/pg-rs-mrepd-election-010421?utm_source=email_rs_PG&utm_campaign=cruz&utm_medium=Email&utm_content=PG_RS_mrepd_electionresults_010421&amount=
Frame ID: 798B80C577F91D833C0FA7AB48B8E3A3
Requests: 73 HTTP requests in this frame
Frame:
https://tr.snapchat.com/cm/i?pid=c03b84f1-ade1-4827-9e56-f25f0ced52b9
Frame ID: B34D056E1399D9DD60051EDC0BC11901
Requests: 1 HTTP requests in this frame
Frame:
https://tr.snapchat.com/p
Frame ID: 1FBE181490988DDEF29FA7694F6523C9
Requests: 1 HTTP requests in this frame
Frame:
https://prospergroupcorp.demdex.net/dest5.html?d_nsid=undefined
Frame ID: 7F94EA29A78C8CC2E2893182ABD25892
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://links.standingstrongamerica.com/u/click?_t=29c3b6e742c849fabbcc130432510e66&_m=f1b7a024509342a1bfa664191e385...
HTTP 303
https://secure.anedot.com/tedcruz/pg-rs-mrepd-election-010421?utm_source=email_rs_PG&utm_campaign=cruz... Page URL
Detected technologies
Ruby (Programming Languages) ExpandDetected patterns
- meta csrf-param /^authenticity_token$/i
Google Maps (Maps) Expand
Detected patterns
- script /\/\/maps\.googleapis\.com\/maps\/api\/js/i
Ruby on Rails (Web Frameworks) Expand
Detected patterns
- meta csrf-param /^authenticity_token$/i
CloudFlare (CDN) Expand
Detected patterns
- headers server /^cloudflare$/i
Facebook (Widgets) Expand
Detected patterns
- script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Google Tag Manager (Tag Managers) Expand
Detected patterns
- html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
Title: Terms of Service
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Forgot password?
Search URL Search Domain Scan URL
Title: Support
Search URL Search Domain Scan URL
Title: Anedot
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://links.standingstrongamerica.com/u/click?_t=29c3b6e742c849fabbcc130432510e66&_m=f1b7a024509342a1bfa664191e38515a&_e=Ur34bebY8ZgjSA-lpOmbSoNq6ZqHSrrNZ1mIRrqeI-TPuAaLNyxiPkcrZfMCXz1ALyz-sWH_RiFepV_pghOBW-UzmeKgJoF8p13lA-nCZCHlyae8NaUghhAyeyzrvp75j_OBHTOiiCzzc3Z8Z54HMSilRPRxiYIIVp2lgPy8MuwLeyHJKNEAZv8l77qvLlBS8Opi7nT6bvaoUB2zFSCkX_G7enCOT6I7eHRm1pqfC6nWtJVURxcL4v7TtviaPtgQ-8uP2niuLoe1VO3Mjcrebl1X9LRRPyY0KYbZRpTPrFcAIf472Qv6nRmkJbqTreHZ2SEeYUWzslfIs2Fe8UGsMhqllIEb5CNWq59b1YJnRean_Ie3PdLT7uSbfYNkpiO9n3wIY2PBJ4VJlhbK0DJnH9H_pHr9MGi5yNXiDxCii3lHTR9C_vrk7iAvG-NGYRjpmxbL4pnzUfbR6j5ryoxNWA%3D%3D
HTTP 303
https://secure.anedot.com/tedcruz/pg-rs-mrepd-election-010421?utm_source=email_rs_PG&utm_campaign=cruz&utm_medium=Email&utm_content=PG_RS_mrepd_electionresults_010421&amount= Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 38- https://rtd-tm.everesttech.net/upi/?sid=X8tFfgWPNU4lqxGxxui3&cs=1 HTTP 302
- https://rtd-tm.everesttech.net/ct/upi/?sid=X8tFfgWPNU4lqxGxxui3&cs=1&_test=YBFIfQAAALcod1LS HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WUJGSWZRQUFBTGNvZDFMUw HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WUJGSWZRQUFBTGNvZDFMUw&google_tc=
- https://www.facebook.com/tr/?id=2033579740242926&ev=PageView&dl=https%3A%2F%2Fsecure.anedot.com%2Ftedcruz%2Fpg-rs-mrepd-election-010421%3Futm_source%3Demail_rs_PG%26utm_campaign%3Dcruz%26utm_medium%3DEmail%26utm_content%3DPG_RS_mrepd_electionresults_010421%26amount%3D&rl=&if=false&ts=1611745405568&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1611745405533.1742444802&it=1611745405410&coo=false&rqm=GET HTTP 302
- https://cx.atdmt.com/?c=15731189240328977642&f=AYwGxRPk0EoUXYwDaKjZZCMKl-C3BcSpvyzVN3oMkLPis9t0ZwKQvoakKPsmjJn-ukiXDedViDC1vHVR6_bgwRkw&id=2033579740242926&l=3&v=0
- https://cm.everesttech.net/cm/dd?d_uuid=25695922250726278431187670074490445732 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=YBFIfQAAALcod1LS&d_uuid=25695922250726278431187670074490445732
76 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
pg-rs-mrepd-election-010421
secure.anedot.com/tedcruz/ Redirect Chain
|
47 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendors~donations-19d9d0f1.chunk.css
secure.anedot.com/packs/css/ |
77 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
matomo.js
analytics.anedot.com/ |
195 KB 55 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
be13644d-be28-4b50-9528-02a35fc6b97b.png
files.anedot.com/campaigns/c871a66a492da3a272e0c/header_image/ |
59 KB 60 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runtime~donations-7f74fa8a42911d0db7ef.js
secure.anedot.com/packs/js/ |
1 KB 794 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendors~accounts~action-pages~admin~auth~contracts~crimson-donations~donations~facebook-app-de2c60136725dcfbfd8f.chunk.js
secure.anedot.com/packs/js/ |
120 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendors~accounts~action-pages~admin~auth~crimson-donations~donations-6e73d4c67527127a8427.chunk.js
secure.anedot.com/packs/js/ |
191 KB 56 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendors~accounts~admin~auth~contracts~donations-7519bfafcce1416bb7b0.chunk.js
secure.anedot.com/packs/js/ |
88 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendors~accounts~action-pages~auth~crimson-donations~donations-640da1fc88d09dac528d.chunk.js
secure.anedot.com/packs/js/ |
62 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendors~accounts~action-pages~admin~crimson-donations~donations-c8fec56ade7f3dcc4938.chunk.js
secure.anedot.com/packs/js/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendors~accounts~admin~auth~donations-b9c356c555e264736b20.chunk.js
secure.anedot.com/packs/js/ |
109 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendors~accounts~admin~donations-9ee5066d25d2669c8a0b.chunk.js
secure.anedot.com/packs/js/ |
16 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendors~accounts~auth~donations-864ad84605a83a336b35.chunk.js
secure.anedot.com/packs/js/ |
8 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendors~accounts~donations-d7735c60da4b39710b14.chunk.js
secure.anedot.com/packs/js/ |
10 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
donation-form~donations-a13321dc2e8ead64c788.chunk.js
secure.anedot.com/packs/js/vendors~accounts/ |
2 KB 945 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendors~donations-8e7f27a60b7e19b1dd1a.chunk.js
secure.anedot.com/packs/js/ |
26 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
donations-911a17b5a571921206b0.chunk.js
secure.anedot.com/packs/js/ |
101 B 179 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
checkout.js
www.paypalobjects.com/api/ |
1 MB 231 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
259 KB 84 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
81 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendors~donations-printable-c56b891e.chunk.css
secure.anedot.com/packs/css/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
matomo.php
analytics.anedot.com/ |
43 B 253 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bac8d439-4f52-420d-899f-ed3fb9fa42b5.jpg
files.anedot.com/campaigns/c871a66a492da3a272e0c/background_image/ |
193 KB 193 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-on-white-70b628aad3352e4e3e6ac3fa3cbffc4e.svg
secure.anedot.com/packs/media/namespaces/shared/images/donorid/ |
570 B 573 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OpenSans-Semibold-fc4ef50392cc8c55b5cee4e2e081fc8b.woff2
secure.anedot.com/packs/media/namespaces/shared/fonts/ |
51 KB 51 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dropdown-c80ed423af82974995ac35c4ea10debe.svg
secure.anedot.com/packs/media/namespaces/shared/images/ |
190 B 337 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OpenSans-df7ebff93bcebc0756a1b330b030413a.woff2
secure.anedot.com/packs/media/namespaces/shared/fonts/ |
49 KB 49 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
generic-20a13c16fb14f89fb447cae9db3a3388.svg
secure.anedot.com/packs/media/namespaces/shared/images/components/payment/card/ |
676 B 483 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
badge-2b10568c9262dc2174b5176976bb9e76.svg
secure.anedot.com/packs/media/components/verified-account-indicator/images/ |
275 B 296 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OpenSans-SemiboldItalic-2b812a29a64316fa7e5ffa9dab88674f.woff2
secure.anedot.com/packs/media/namespaces/shared/fonts/ |
48 KB 48 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OpenSans-Extrabold-dd489907e7ca7cfd7a50eef00e428060.woff2
secure.anedot.com/packs/media/namespaces/shared/fonts/ |
50 KB 51 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OpenSans-Bold-36da3683193c31e5fe6411b025b3cf25.woff2
secure.anedot.com/packs/media/namespaces/shared/fonts/ |
51 KB 51 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OpenSans-Light-2b5caa240290d8999a90b5687af2ad3e.woff2
secure.anedot.com/packs/media/namespaces/shared/fonts/ |
50 KB 50 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OpenSans-Italic-14a4fbbd515e7f5cd8f3412a5c682ce2.woff2
secure.anedot.com/packs/media/namespaces/shared/fonts/ |
47 KB 47 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pptm.js
www.paypal.com/tagmanager/ |
12 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
91 KB 23 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
46 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uwt.js
static.ads-twitter.com/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scevent.min.js
sc-static.net/ |
13 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
pixel
cm.g.doubleclick.net/ Redirect Chain
|
170 B 224 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
maps.googleapis.com/maps/api/ |
132 KB 43 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
880619385360672
connect.facebook.net/signals/config/ |
242 KB 70 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-Q050 |
collect
www.google-analytics.com/j/ |
1 B 66 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 89 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
collect
www.google-analytics.com/ |
35 B 122 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
collect
www.google-analytics.com/ |
35 B 58 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
collect
www.google-analytics.com/ |
35 B 58 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
id
dpm.demdex.net/ |
3 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ts
t.paypal.com/ |
42 B 682 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
common.js
maps.googleapis.com/maps-api-v3/api/js/43/6/ |
75 KB 28 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
util.js
maps.googleapis.com/maps-api-v3/api/js/43/6/ |
145 KB 54 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
controls.js
maps.googleapis.com/maps-api-v3/api/js/43/6/ |
211 KB 57 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
places_impl.js
maps.googleapis.com/maps-api-v3/api/js/43/6/ |
43 KB 16 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2033579740242926
connect.facebook.net/signals/config/ |
241 KB 69 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 409 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 214 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
t.co/i/ |
43 B 448 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i
tr.snapchat.com/cm/ Frame B34D |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1151452605057904
connect.facebook.net/signals/config/ |
241 KB 69 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
cx.atdmt.com/ Redirect Chain
|
43 B 640 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js-sha256-v1.min.js
sc-static.net/ |
22 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
powered-by-google-on-white3.png
maps.gstatic.com/mapfiles/api-3/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
autocomplete-icons.png
maps.gstatic.com/mapfiles/api-3/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 101 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-Q050 |
p
tr.snapchat.com/ Frame 1FBE |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
dest5.html
prospergroupcorp.demdex.net/ Frame 7F94 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=411&dpuuid=YBFIfQAAALcod1LS&d_uuid=25695922250726278431187670074490445732
dpm.demdex.net/ Redirect Chain
|
0 720 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
analytics.twitter.com/i/ |
31 B 652 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 147 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 101 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 101 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
event
prospergroupcorp.demdex.net/ |
3 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
matomo.php
analytics.anedot.com/ |
43 B 150 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AuthenticationService.Authenticate
maps.googleapis.com/maps/api/js/ |
62 B 207 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
74 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| dataLayer object| _paq object| JSON_PIWIK object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log object| webpackJsonp function| setImmediate function| clearImmediate object| regeneratorRuntime function| $ function| jQuery object| App object| ReactOnRails boolean| __REACT_ON_RAILS_EVENT_HANDLERS_RAN_ONCE__ object| KJUR object| Hex object| Base64 function| ASN1 function| TxEncrypt object| google_tag_manager object| __postRobot__ object| __zoid__ function| onLegacyPaymentAuthorize function| watchForLegacyFallback function| onLegacyFallback string| LOG_LEVEL function| __pptmLoadedWithNoContent object| paypal object| PAYPAL object| ppxo function| fbq function| _fbq object| google_tag_data string| GoogleAnalyticsObject function| ga function| twq function| snaptr object| r object| _dataLayerHistory object| gaplugins object| gaGlobal object| gaData function| e object| visitor object| myDil object| reg object| dataLayerNew function| iterate object| adobe function| Visitor object| s_c_il number| s_c_in function| DIL object| paypalDDL object| google object| module$contents$MapsEvent_MapsEvent object| module$contents$mapsapi$overlay$OverlayView_OverlayView object| twttr object| __e3_ object| scpixel object| _xdc_16 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.snapchat.com/ | Name: sc_at Value: v2|H4sIAAAAAAAAAAXBgQ3AMAgDsIuQyEZKd84g6hUcX1uqL+mPnXpl0autetNOivhBamMGC8hgOMcvlXm6oDIAAAA= |
|
secure.anedot.com/ | Name: _pk_id.1.369d Value: 8fac9f6923456cf0.1611745405.1.1611745406.1611745405. |
|
.anedot.com/ | Name: AMCV_74640A195C7E4CD00A495DAD%40AdobeOrg Value: 1278862251%7CMCMID%7C31687992546225034291741664911053692194%7CMCAAMLH-1612350205%7C6%7CMCAAMB-1612350205%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1611752605s%7CNONE%7CvVersion%7C4.0.0 |
|
.demdex.net/ | Name: demdex Value: 25695922250726278431187670074490445732 |
|
.anedot.com/ | Name: _scid Value: f5e6998a-9160-4b4f-a035-e5b311f2e8b4 |
|
.anedot.com/ | Name: _fbp Value: fb.1.1611745405533.1742444802 |
|
.anedot.com/ | Name: _gcl_au Value: 1.1.605507251.1611745405 |
|
.anedot.com/ | Name: _dc_gtm_UA-61153326-2 Value: 1 |
|
.anedot.com/ | Name: _gat_UA-22040330-7 Value: 1 |
|
.anedot.com/ | Name: _gid Value: GA1.2.1554882862.1611745405 |
|
.anedot.com/ | Name: AMCVS_74640A195C7E4CD00A495DAD%40AdobeOrg Value: 1 |
|
secure.anedot.com/ | Name: _pk_ref.1.369d Value: %5B%22cruz%22%2C%22%22%2C1611745405%2C%22%22%5D |
|
.anedot.com/ | Name: _ga Value: GA1.2.2143533928.1611745405 |
|
secure.anedot.com/ | Name: _pk_ses.1.369d Value: 1 |
|
.anedot.com/ | Name: _anedot_session_production Value: V76A8cGZiGdkGDKMoX3pcuH3qRwFM8YG6YX%2FeAiaupJHZHGMH8IH5yrFXPlanBoSFmzQM%2FM7aSHQTpf1p6DA7GvGGkh%2FCQZnDoy2l%2FT0Y9PIbhiYiSOknhqfnjqU9%2FNClwoNSYXdPxUCxoTi2HJwpo85gvD7Wv7N4hIurRB6iArMgCs3DQcXaNNOW6vO5L%2FB%2BZ%2B5nnZgJIZ%2FGkU1EskxKA3effKueeAkiWv%2BqHgzJk2bM6nTWO7FHQK4dCxQsf6PnvJQJnIZEoAqYWJeHy8w5Os2%2F2GAVYD4PtKwPBMwEUX3tAsOOTKhUpZGXvoCQMWB7uuLUgdPFYRDVpc9EPYo%2FYjJIPY2iB1sEfyBjLxjT03jrUXI7dHXdnJy%2BhPTvDuWRPw%3D--7n6M4CVIhVCmqbjo--fgNNCOBe6JTQh1FuGP899g%3D%3D |
|
.anedot.com/ | Name: __cfduid Value: d1b0a91a364f63c3b05502ac9531bd7eb1611745404 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
analytics.anedot.com
analytics.twitter.com
cm.everesttech.net
cm.g.doubleclick.net
connect.facebook.net
cx.atdmt.com
dpm.demdex.net
files.anedot.com
links.standingstrongamerica.com
maps.googleapis.com
maps.gstatic.com
prospergroupcorp.demdex.net
rtd-tm.everesttech.net
sc-static.net
secure.anedot.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
t.paypal.com
tr.snapchat.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.paypal.com
www.paypalobjects.com
104.108.64.37
104.244.42.131
104.244.42.5
13.225.80.72
151.101.1.21
151.101.129.35
151.101.14.49
172.217.21.226
199.232.136.157
2606:4700::6810:c307
2a00:1450:4001:802::200e
2a00:1450:4001:808::2003
2a00:1450:4001:809::2008
2a00:1450:4001:80e::2002
2a00:1450:4001:812::2003
2a00:1450:4001:812::2004
2a00:1450:4001:812::200a
2a00:1450:4001:81e::200a
2a00:1450:400c:c00::9b
2a03:2880:f01c:8004:face:b00c:0:8c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.222.65.162
34.253.145.149
35.186.226.184
52.212.209.68
00f15661611f901e27fd955a9ed5ca57501335c21c2e8a3ccd029adcd1e837f8
070ca5a1c8a3e462747eed8d50decdb243fcdd90b22c937b045f04cf9342d5f5
0947a055467f1ed65f0670deb3b184ac4e6e82b4f37713e705bdb5f9cbaa9de5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bdf851afb48df44d842122878f4c4d35e4414784acd8ccfeec0ccd3d354865f
0ef02656425d80ac1ee21139d622a0e6d0f129a6b6609bfaa26de9a0e022e0c3
104234441667d444189fb4dee722cef4fd36cd85744e62f3e63c5897608b16f8
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
123f35d3d879e986b72bc88df84824e2c2b1dd0d5f074d30eb57a515290dbd9a
161023409b73ef8fb4b48880ab2713b302d3054f5d3de97dba4d61ce3459227c
16183e99d8a59ebc5cfbc43fd7ccf2a1cab7a53feba0bf1fccb737f6a4056474
1a5831e8604b4ffd3a75304b2f9fce8e5081344e95866545c3080de14585c930
2ec25d9323b53d8c7073b4e824ca40d1d570f8da337cfd3d77e368ccd7bf0f2c
35e50acae3b7a3cca33dfe56e40269b74c9a9edf4fcd0c9b7d61f71c650ae613
375abfee418478b6ada875ae8ab8410197cba13796dc80fa86f2b16cea39713c
3d1f3c12b845a9bea3445e876cfbb5b66a55ff2fd85c5470d055716f909ea012
3e7d1eea8e61c995be5106af9a663812751a3f163d618113e322613b53b65764
3f03013c38284edda83158a3c03420106e4923640a1e436d549e17459725cb1b
4aa06d1d52bccc6fc0c0472be0945cceb8731476f2490a584b657393cd4f4889
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a
4fe0ec868696c66c1f78eb6f269d2ed9079ae3700fe244e4ba54776c5c65a06f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
576dc7c81e967a716c8a4d500a354ec6a72b6276f754a09d65011a0a03028364
5dc793b50af1683d63606eb73e1bb5f43c654b83b462dc84412a9d8260c9cf8d
64fd4fe64eb65b329e17d3d32d2005d5e2bd0925f01c474895593876db093165
6b06eb5f201ad440f918e488da9bc1b78feab80b3927405d6f28bd3041b06cca
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6eada27dda3a35c0ec580c438d8d0d903dfd9997df58c760540bdb6d40d0e810
7d42fd2cf7adef6e2ca9b9b706eef67e44e0f120c1435ea233807b8eda62fc55
7d496088c7103a25cadd9102a40a7a93acb947481fecada9471f9fe48c36d7f8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8a5bbe4a819917e9cbb849eb882e1a1617d56a2b7d87d1fac48826079d9cd9e2
8b3cf25e00e036e87c683b725e41345b8339c1ffd5efba9b260ed86b814759ab
94150295458c31280dae6250667aa500223bbf40d0aa6250c907e12a5a156291
990fd0aad1cbcc039c35f7d2a06a1b272288cb854f374da55c87506dd3acf376
9c5fe885d4ac6628cd20e979a0ce484ed9099da18fc62d3ca8cdff3423d761e2
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b5d7e733141302904c61a23c078edd04d99cb3c911e38d408adfe5ec50ad4589
ba3d77e0be4f968f93a865602a9d4c51631083244a570b7a31690cc9e414a253
baea3a69c13b2659c60de79ced9208ad10153523c85bf479cd80b17d49a26055
c0603f15f5fbbc0549dc264f44263840e1e608df55e7c71a15fd31e38f7b8016
c9b0c7ea365cf4e807d90e8b2b10279bbac0bc728cb006bef09a968170ca9563
cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4
cfcde69c520d4f6429ceaf8e2d86fa2bdc4f6d3f8b64552e45d321c5661c31c4
db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb
dddf16da1c8a4e89a601de58c07fed21d7ab4ff52622878767bcb8aa4bbb8797
de298147131f00133a58e555d7d807a84030e6d46de18dbb63b042b4b3507062
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
df727347abf6f86b89dc4b234da529d729f221cbabf51f5868d23d3d06e01fb2
e219065cccaa659a8c61e8336be52ff4871ff11ea2f0ec971c171cd9b4d13ebc
e26f0e69a7535cc9c34e36e1298a8a221e56ea9a0d560c6c2b0919f08fa0fab3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e88054bce5b571855b9e8d68f2a418bd9318b21cb5ae7d010e917b33414abf34
ec2588843ebc54409de3a417faba148471a2cbf1cb3db936c115d68a3817c272
ef18c72b14eb5a98bb5ce24261e1a1ec329b452bc9272d75e77cbe20d4268aec
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f11763fd84020e13295b68d97fcf6b6c73e73acaf2ad90183672d5a16d4f6d1c
f363d9483b4a14229ea68716cebc4d5088fc8dab315cef2eae8b508854bd8908
f5724fad2bd03419b0a0dd714b97fa7aa23d6bbd40312e93fd4e5a0ed1a7f4c0