protecthealthcare.org
Open in
urlscan Pro
192.240.172.29
Public Scan
Submitted URL: http://protecthealthcare.org/
Effective URL: https://protecthealthcare.org/
Submission: On September 15 via api from SG — Scanned from DE
Effective URL: https://protecthealthcare.org/
Submission: On September 15 via api from SG — Scanned from DE
Summary
This website contacted 24 IPs
in 5 countries
across 23 domains to perform 52 HTTP transactions.
The main IP is 192.240.172.29, located in
United States and
belongs to NEXCESS-NET, US.
The main domain is protecthealthcare.org.
TLS certificate: Issued by GeoTrust EV RSA CA 2018 on September 1st 2022. Valid for: a year.
This is the only time protecthealthcare.org was scanned on urlscan.io!
TLS certificate: Issued by GeoTrust EV RSA CA 2018 on September 1st 2022. Valid for: a year.
This is the only time protecthealthcare.org was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
21
192.240.172.29
(United States)
ASN36444 (NEXCESS-NET, US)
PTR: eep2-15.nexcess.net
ASN36444 (NEXCESS-NET, US)
PTR: eep2-15.nexcess.net
| protecthealthcare.org |
1
104.103.80.30
(Vienna, Austria)
ASN16625 (AKAMAI-AS, US)
PTR: a104-103-80-30.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a104-103-80-30.deploy.static.akamaitechnologies.com
| cloud.typography.com |
4
2a03:2880:f01c:8012:face:b00c:0:3
(Frankfurt am Main, Germany)
ASN32934 (FACEBOOK, US)
ASN32934 (FACEBOOK, US)
| connect.facebook.net |
1
2a00:1450:4001:82f::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
2
2a03:2880:f11c:8183:face:b00c:0:25de
(Frankfurt am Main, Germany)
ASN32934 (FACEBOOK, US)
ASN32934 (FACEBOOK, US)
| www.facebook.com |
1
2a02:26f0:3500:16::215:14a0
(Frankfurt am Main, Germany)
ASN20940 (AKAMAI-ASN1, NL)
ASN20940 (AKAMAI-ASN1, NL)
| snap.licdn.com |
2
2a00:1450:4001:813::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.google-analytics.com |
1
172.217.23.98
(United States)
ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net
| www.googleadservices.com |
2
2620:116:800d:21:ef75:8280:f209:5ba1
(United States)
ASN16509 (AMAZON-02, US)
ASN16509 (AMAZON-02, US)
| secure.quantserve.com | |
| pixel.quantserve.com |
1
108.138.24.21
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-108-138-24-21.fra56.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-108-138-24-21.fra56.r.cloudfront.net
| dnn506yrbagrg.cloudfront.net |
3
2620:1ec:21::14
(United States)
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| px.ads.linkedin.com | |
| www.linkedin.com |
1
2600:9000:223c:ec00:6:44e3:f8c0:93a1
(United States)
ASN16509 (AMAZON-02, US)
ASN16509 (AMAZON-02, US)
| rules.quantcount.com |
1
2a00:1450:4001:809::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| googleads.g.doubleclick.net |
1
54.194.161.205
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-161-205.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-161-205.eu-west-1.compute.amazonaws.com
| d.adroll.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 21 |
protecthealthcare.org
1 redirects
protecthealthcare.org |
2 MB |
| 7 |
adroll.com
2 redirects
s.adroll.com — Cisco Umbrella Rank: 2439 d.adroll.com — Cisco Umbrella Rank: 1453 |
21 KB |
| 4 |
linkedin.com
3 redirects
px.ads.linkedin.com — Cisco Umbrella Rank: 394 www.linkedin.com — Cisco Umbrella Rank: 623 px4.ads.linkedin.com — Cisco Umbrella Rank: 6198 |
3 KB |
| 4 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 152 |
200 KB |
| 2 |
doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 stats.g.doubleclick.net — Cisco Umbrella Rank: 79 |
2 KB |
| 2 |
quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 905 pixel.quantserve.com — Cisco Umbrella Rank: 423 |
11 KB |
| 2 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27 |
20 KB |
| 2 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 113 |
388 B |
| 1 |
qccerttest.com
pxl.qccerttest.com — Cisco Umbrella Rank: 983 |
552 B |
| 1 |
twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 538 |
355 B |
| 1 |
t.co
t.co — Cisco Umbrella Rank: 489 |
337 B |
| 1 |
google.de
www.google.de — Cisco Umbrella Rank: 6352 |
548 B |
| 1 |
google.com
www.google.com — Cisco Umbrella Rank: 2 |
548 B |
| 1 |
ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 613 |
15 KB |
| 1 |
crazyegg.com
script.crazyegg.com — Cisco Umbrella Rank: 1729 |
|
| 1 |
quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 846 |
1 KB |
| 1 |
cloudfront.net
dnn506yrbagrg.cloudfront.net |
822 B |
| 1 |
googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 128 |
17 KB |
| 1 |
licdn.com
snap.licdn.com — Cisco Umbrella Rank: 769 |
3 KB |
| 1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62 |
66 KB |
| 1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 293 |
34 KB |
| 1 |
typography.com
1 redirects
cloud.typography.com — Cisco Umbrella Rank: 5651 |
481 B |
| 0 |
youtube.com
Failed
www.youtube.com Failed |
|
| 52 | 23 |
| Domain | Requested by | |
|---|---|---|
| 21 | protecthealthcare.org |
1 redirects
protecthealthcare.org
|
| 6 | s.adroll.com |
2 redirects
protecthealthcare.org
s.adroll.com |
| 4 | connect.facebook.net |
protecthealthcare.org
connect.facebook.net |
| 2 | px.ads.linkedin.com | 2 redirects |
| 2 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
| 2 | www.facebook.com |
protecthealthcare.org
|
| 1 | d.adroll.com |
s.adroll.com
|
| 1 | pixel.quantserve.com |
protecthealthcare.org
|
| 1 | pxl.qccerttest.com |
protecthealthcare.org
|
| 1 | analytics.twitter.com |
protecthealthcare.org
|
| 1 | t.co |
protecthealthcare.org
|
| 1 | www.google.de |
protecthealthcare.org
|
| 1 | www.google.com |
protecthealthcare.org
|
| 1 | stats.g.doubleclick.net |
www.google-analytics.com
|
| 1 | static.ads-twitter.com |
protecthealthcare.org
|
| 1 | googleads.g.doubleclick.net |
www.googleadservices.com
|
| 1 | script.crazyegg.com |
dnn506yrbagrg.cloudfront.net
|
| 1 | rules.quantcount.com |
secure.quantserve.com
|
| 1 | px4.ads.linkedin.com |
protecthealthcare.org
|
| 1 | www.linkedin.com | 1 redirects |
| 1 | dnn506yrbagrg.cloudfront.net |
protecthealthcare.org
|
| 1 | secure.quantserve.com |
protecthealthcare.org
|
| 1 | www.googleadservices.com |
www.googletagmanager.com
|
| 1 | snap.licdn.com |
www.googletagmanager.com
|
| 1 | www.googletagmanager.com |
protecthealthcare.org
|
| 1 | ajax.googleapis.com |
protecthealthcare.org
|
| 1 | cloud.typography.com | 1 redirects |
| 0 | www.youtube.com Failed |
protecthealthcare.org
|
| 52 | 28 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| actnow.protecthealthcare.org |
| www.facebook.com |
| twitter.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| protecthealthcare.org GeoTrust EV RSA CA 2018 |
2022-09-01 - 2023-09-03 |
a year | crt.sh |
| upload.video.google.com GTS CA 1C3 |
2022-08-22 - 2022-11-14 |
3 months | crt.sh |
| *.facebook.com DigiCert SHA2 High Assurance Server CA |
2022-06-24 - 2022-09-22 |
3 months | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2022-08-22 - 2022-11-14 |
3 months | crt.sh |
| snap.licdn.com DigiCert SHA2 Secure Server CA |
2022-03-01 - 2023-03-01 |
a year | crt.sh |
| www.googleadservices.com GTS CA 1C3 |
2022-08-29 - 2022-11-21 |
3 months | crt.sh |
| *.quantserve.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-08-09 - 2023-09-09 |
a year | crt.sh |
| *.cloudfront.net Amazon |
2022-02-01 - 2023-01-31 |
a year | crt.sh |
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-04-08 - 2023-04-08 |
a year | crt.sh |
| *.g.doubleclick.net GTS CA 1C3 |
2022-08-22 - 2022-11-14 |
3 months | crt.sh |
| ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-07-22 - 2023-08-22 |
a year | crt.sh |
| www.google.com GTS CA 1C3 |
2022-08-22 - 2022-11-14 |
3 months | crt.sh |
| www.google.de GTS CA 1C3 |
2022-08-22 - 2022-11-14 |
3 months | crt.sh |
| t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-03-07 - 2023-03-06 |
a year | crt.sh |
| *.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-03-07 - 2023-03-06 |
a year | crt.sh |
| qccerttest.com Amazon |
2022-04-04 - 2023-05-03 |
a year | crt.sh |
| s.adroll.com Amazon |
2022-07-03 - 2023-08-01 |
a year | crt.sh |
| adroll.mgr.consensu.org Amazon |
2022-08-10 - 2023-09-08 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://protecthealthcare.org/
Frame ID: 0AC5FA851B0EAD7642FC3B3152A19CD5
Requests: 62 HTTP requests in this frame
Screenshot
Page Title
Coalition to Protect America's Health CarePage URL History Show full URLs
-
http://protecthealthcare.org/
HTTP 301
https://protecthealthcare.org/ Page URL
Detected technologies
ExpressionEngine
(CMS)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
ZURB Foundation
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <div [^>]*class="[^"]*(?:small|medium|large)-\d{1,2} columns
AdRoll
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- (?:a|s)\.adroll\.com
Clipboard.js
(Miscellaneous)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- clipboard(?:-([\d.]+))?(?:\.min)?\.js
Crazy Egg
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script\.crazyegg\.com/pages/scripts/\d+/\d+\.js
Facebook
(Widgets)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagmanager\.com/gtm\.js
Linkedin Insight Tag
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Modernizr
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
URL: https://actnow.protecthealthcare.org/a/join-cpah-today
Title: Join Us
Title: Join Us
Search URL Search Domain Scan URL
URL: https://www.facebook.com/protectcare
Title: On Facebook
Title: On Facebook
Search URL Search Domain Scan URL
URL: https://twitter.com/Protectcare
Title: On Twitter
Title: On Twitter
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://protecthealthcare.org/
HTTP 301
https://protecthealthcare.org/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://cloud.typography.com/7385538/7883032/css/fonts.css HTTP 302
- https://protecthealthcare.org/assets/fonts/822953/B4764BD05381C8C85.css
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=703618&time=1663253450383&url=https%3A%2F%2Fprotecthealthcare.org%2F HTTP 302
- https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D703618%26time%3D1663253450383%26url%3Dhttps%253A%252F%252Fprotecthealthcare.org%252F%26liSync%3Dtrue HTTP 302
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=703618&time=1663253450383&url=https%3A%2F%2Fprotecthealthcare.org%2F&liSync=true HTTP 302
- https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=703618&time=1663253450383&url=https%3A%2F%2Fprotecthealthcare.org%2F&liSync=true&e_ipv6=AQIqwjj2u0ltSgAAAYNBoZCWtO9hNIbYVB-UeAra-B1xQiTFx4RYMqmp8DLD07F0vE0EbAjL
- https://s.adroll.com/j/exp/4QMZQ4ZNPNEEVEGNM2F4VS/index.js HTTP 302
- https://s.adroll.com/j/exp/index.js
- https://s.adroll.com/j/pre/4QMZQ4ZNPNEEVEGNM2F4VS/W5AVRV32GRH4JGYAK2LQEM/fpconsent.js HTTP 302
- https://s.adroll.com/j/pre/index.js
52 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
/
protecthealthcare.org/ Redirect Chain
|
22 KB 23 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
B4764BD05381C8C85.css
protecthealthcare.org/assets/fonts/822953/ Redirect Chain
|
365 KB 366 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
styles.css
protecthealthcare.org/assets/css/ |
150 KB 150 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
modernizr.js
protecthealthcare.org/assets/js/vendor/ |
11 KB 12 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.0/ |
95 KB 34 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
picturefill.min.js
protecthealthcare.org/assets/js/vendor/ |
11 KB 11 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cpah-logo.png
protecthealthcare.org/i/logos/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cpah-logo-white.png
protecthealthcare.org/i/logos/ |
8 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
source.js
protecthealthcare.org/assets/js/ |
212 KB 212 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clipboard.min.js
protecthealthcare.org/assets/js/vendor/ |
9 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
copy-custom.js
protecthealthcare.org/assets/js/custom/ |
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
styles-blessed1.css
protecthealthcare.org/assets/css/ |
200 KB 200 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
18 KB 18 KB |
Font
application/x-font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
7 KB 7 KB |
Font
application/x-font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
101 KB 27 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
player_api
www.youtube.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sEy4ibG0.jpeg
protecthealthcare.org/i/ |
66 KB 66 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
18 KB 18 KB |
Font
application/x-font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
thelatest-drmaxouris_1.jpg
protecthealthcare.org/i/ |
237 KB 238 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bluestate_cpah_landingpage-header_2020COVID-AboutUs-Blue.jpg
protecthealthcare.org/i/ |
144 KB 144 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
@mx500
protecthealthcare.org/i/bluestate_cpah_blogheader_2020_hospitals-are-ready_jc1.jpg/ |
85 KB 86 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
@mx500
protecthealthcare.org/i/thelatest-latestcdcguidance20200421.jpg/ |
109 KB 109 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
@mx500
protecthealthcare.org/i/thelatest-coronavirus.jpg/ |
148 KB 148 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
fontawesome-webfont.woff
protecthealthcare.org/assets/fonts/ |
64 KB 64 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
24 KB 24 KB |
Font
application/x-font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
12 KB 12 KB |
Font
application/x-font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
26 KB 26 KB |
Font
application/x-font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
8 KB 8 KB |
Font
application/x-font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
7 KB 7 KB |
Font
application/x-font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
5 KB 5 KB |
Font
application/x-font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
9 KB 9 KB |
Font
application/x-font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gtm.js
www.googletagmanager.com/ |
185 KB 66 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
thelatest-bethdavenport.jpg
protecthealthcare.org/i/ |
59 KB 59 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
thelatest-vikimacy.jpg
protecthealthcare.org/i/ |
31 KB 31 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
all.js
connect.facebook.net/en_US/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
938884789518360
connect.facebook.net/signals/config/ |
293 KB 84 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
all.js
connect.facebook.net/en_US/ |
313 KB 86 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.facebook.com/tr/ |
44 B 297 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
insight.min.js
snap.licdn.com/li.lms-analytics/ |
8 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
conversion.js
www.googleadservices.com/pagead/ |
45 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
aquant.js
secure.quantserve.com/ |
26 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
4034.js
dnn506yrbagrg.cloudfront.net/pages/scripts/0010/ |
309 B 822 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
collect
px4.ads.linkedin.com/ Redirect Chain
|
0 263 B |
Image
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rules-p-RFKCUQe_04MRM.js
rules.quantcount.com/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
4034.js
script.crazyegg.com/pages/scripts/0010/ |
0 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
collect
www.google-analytics.com/j/ |
2 B 22 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/985632618/ |
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
uwt.js
static.ads-twitter.com/ |
56 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 442 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.com/pagead/1p-user-list/985632618/ |
42 B 548 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.de/pagead/1p-user-list/985632618/ |
42 B 548 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
/
www.facebook.com/tr/ |
44 B 91 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
adsct
t.co/i/ |
43 B 337 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
adsct
analytics.twitter.com/i/ |
43 B 355 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pixel
pxl.qccerttest.com/ |
35 B 552 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pixel;r=1370188403;labels=_fp.event.Default;rf=0;a=p-RFKCUQe_04MRM;url=https%3A%2F%2Fprotecthealthcare.org%2F;uht=2;fpan=0;fpa=P0-1927899427-1663253450906;pbc=;ns=0;ce=1;qjs=1;qv=d18171e5-202209131...
pixel.quantserve.com/ |
35 B 371 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
roundtrip.js
s.adroll.com/j/ |
53 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
index.js
s.adroll.com/j/exp/ Redirect Chain
|
28 B 785 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
index.js
s.adroll.com/j/pre/ Redirect Chain
|
0 756 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
index.js
s.adroll.com/j/pre/4QMZQ4ZNPNEEVEGNM2F4VS/W5AVRV32GRH4JGYAK2LQEM/ |
0 805 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
4QMZQ4ZNPNEEVEGNM2F4VS
d.adroll.com/consent/check/ |
449 B 542 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.youtube.com
- URL
- http://www.youtube.com/player_api
Verdicts & Comments Add Verdict or Comment
135 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| html5 object| Modernizr function| yepnope function| $ function| jQuery function| fbq function| _fbq string| adroll_adv_id string| adroll_pix_id function| submitToEA object| picturefillCFG function| picturefill function| FastClick function| getFrameID function| onYouTubePlayerAPIReady function| createYTEvent function| setupStates function| prepInputs function| desktopSearchToggle function| sortDropDownListByText function| removeHash function| formOptions boolean| deviceIsAndroid boolean| deviceIsIOS boolean| deviceIsIOS4 boolean| deviceIsIOSWithBadTarget function| Froogaloop function| YT_ready object| players string| stickyItem number| readAssistOffset number| duration object| doc object| Foundation function| _ function| $f function| keydown function| smoothScrollTo object| jQuery112004499990069098785 object| dataLayer object| FB object| __buffer function| postscribe object| google_tag_manager_external object| google_tag_manager string| _linkedin_data_partner_id object| google_tag_data string| GoogleAnalyticsObject function| ga object| google_conversion_id object| google_custom_params object| google_remarketing_only object| ezt function| lintrk boolean| _already_called_lintrk function| quantserve function| __qc object| _qevents object| _qoptions function| qtrack object| gaplugins object| gaGlobal object| gaData function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_gcl_cookie_path object| google_gcl_cookie_flags object| google_gcl_cookie_domain object| google_gcl_cookie_max_age_seconds object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_additional_params object| google_transport_url object| google_gtm_experiments function| twq object| regeneratorRuntime object| twttr boolean| __adroll_loaded string| adroll_sid object| adroll object| __adroll boolean| adroll_optout object| adroll_ext_network object| adroll_callbacks function| adroll_tpc_callback object| adroll_exp_list object| __adroll_consent_data boolean| __adroll_consent boolean| __adroll_consent_is_gdpr string| __adroll_consent_user_country string| __adroll_consent_adv_country19 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| protecthealthcare.org/ | Name: exp_csrf_token Value: 8e6807dff8666ee8b90b4387a085e0c80ee8c441 |
|
| .protecthealthcare.org/ | Name: _fbp Value: fb.1.1663253450265.1226642077 |
|
| .protecthealthcare.org/ | Name: _ga Value: GA1.2.1933053791.1663253450 |
|
| .protecthealthcare.org/ | Name: _gid Value: GA1.2.763265106.1663253450 |
|
| .protecthealthcare.org/ | Name: _gat_UA-41530000-1 Value: 1 |
|
| .linkedin.com/ | Name: UserMatchHistory Value: AQJmvIK6ZqGrjAAAAYNBoY8TcMyfwmuM4_vEULaWnxoaL0MAOoVgf1ZM6mkMEUegmURuYmbGqiN7MQ |
|
| .linkedin.com/ | Name: AnalyticsSyncHistory Value: AQLPJIwUk3H9_AAAAYNBoY8TFzBtIYnmH5LwHGI5r-HzAVLBSAb9WyuH7JdDxg_yrwjci7sXMBP0X1e1AkNntw |
|
| .ads.linkedin.com/ | Name: lang Value: v=2&lang=en-us |
|
| .linkedin.com/ | Name: bcookie Value: "v=2&4fc1dcf0-9e84-4fb2-8cde-62f815dcbd46" |
|
| .linkedin.com/ | Name: lidc Value: "b=OGST02:s=O:r=O:a=O:p=O:g=2759:u=1:x=1:i=1663253450:t=1663339850:v=2:sig=AQEtqWv8JPnl7cqodLj0H01NJZqBLrWX" |
|
| .doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
| .linkedin.com/ | Name: lang Value: v=2&lang=de-de |
|
| .www.linkedin.com/ | Name: bscookie Value: "v=1&20220915145050986dcfac-602d-495c-8020-c4a93833cc5bAQHiA2CmStL9asxsjM6W2pAMXB56oQHo" |
|
| .linkedin.com/ | Name: li_gc Value: MTswOzE2NjMyNTM0NTA7MjswMjGG8lB3DL7LTgwa3JqJpeojhVYtkcxVixSXKyoJbvOY/A== |
|
| protecthealthcare.org/ | Name: qcSxc Value: 1663253450910 |
|
| .protecthealthcare.org/ | Name: __qca Value: P0-1927899427-1663253450906 |
|
| .quantserve.com/ | Name: mc Value: 63233bca-ea557-bc7c2-c8aa6 |
|
| .twitter.com/ | Name: personalization_id Value: "v1_ebLFNSi+LTxTVML9OS1k5Q==" |
|
| .t.co/ | Name: muc_ads Value: 0192e38a-2f6e-4589-884a-cb2a266a80cf |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
analytics.twitter.com
cloud.typography.com
connect.facebook.net
d.adroll.com
dnn506yrbagrg.cloudfront.net
googleads.g.doubleclick.net
pixel.quantserve.com
protecthealthcare.org
px.ads.linkedin.com
px4.ads.linkedin.com
pxl.qccerttest.com
rules.quantcount.com
s.adroll.com
script.crazyegg.com
secure.quantserve.com
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.youtube.com
www.youtube.com
104.103.80.30
104.244.42.3
104.244.42.5
108.138.24.21
13.107.43.14
172.217.23.98
192.240.172.29
199.232.16.157
2600:9000:223c:ec00:6:44e3:f8c0:93a1
2600:9000:223d:3200:11:615:7240:93a1
2600:9000:225e:2600:6:9280:1080:93a1
2606:4700::6813:9408
2620:116:800d:21:ef75:8280:f209:5ba1
2620:1ec:21::14
2a00:1450:4001:806::200a
2a00:1450:4001:809::2002
2a00:1450:4001:813::2003
2a00:1450:4001:813::200e
2a00:1450:4001:82f::2004
2a00:1450:4001:82f::2008
2a00:1450:400c:c07::9a
2a02:26f0:3500:16::215:14a0
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
54.194.161.205
08e35163df2047c5e06e0248840ef089d73aacb81782080706c2f75654da5380
09cbb5725bb42a2d60a13ea0a48cd5ba5cf9fbc08e4eb21d4d2e35a1a6c85ad2
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1246494ffc7b90e4a4deb60b0a921f1e28bd94c0c94e0d0383fa67437f83dc1a
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
1b223fc846e70d07ead5069b4e1fe488403812f26aec619fc15970bea9c6b13d
1e7803ae0ed8ebec38163ed650ff95dfb675ea675fa7c9a8247c9538960b1d5e
34686cba28b7d374710a0b8204ae2cbce77ced594bcac71bef4f5260a8d99745
374a3a86d7d95f35200daecb486253175b43b75e6ed9fa498aa00592b2e74cf5
41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d
43cc95cd9d5a457e5d8c78091462a97e8b65a21d878dad2e7374b4a6c470fa83
46c2253a990373efcab1c600a6e1c731e5a971b0eecb0358ae53d1fbd7e16ada
4c7143c969edfda042e574d032da409854c6c86e7ac499116537ba2bd5830a2f
54f3a516d9c95e0d4155c18c7555b6ab5d8b521c4a363fec0f31c900535a4bf1
56510b39aaf4a66b5b372f4f9626856175768409c10b2c93a01d858d7eec9541
5998b62e57a124f340702449482ad6bf325c2bcd289d9e04be8dce1cc61e6dd7
5ec08f2ca9f3194c67b3234bd96f7ba180da74563ac05a4f90ca517e5084b20f
5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf
693ca78c5553b0910e2002c695568d2a854952f96a47d7604fbb9d6093eb0837
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7ffa12ca418fd31e809d8e5083ca947e90ec74c38a2532a2456d0f60836ea3d5
815865a2a21ea2100fab5023945deabb200cc5483d302d52301c3bf733c3ea3a
859576f189555d28a9217322ab7c3073a6793734765a46a39be015957b05fcd9
881d5007f7671bdb83f2c4b9f13dfcf46f306ad0289cdc0944ac0caf3993a4c6
8bf08a79b40655c8d77d19af5a176e0173270c34c564c7685493475f2389f1f6
8f97bb00c5be86cc1b32e5f5d5d46283ead1b44948a1ca4167b15935527025aa
92ea878d90275c2e002daa41897df1b545bcb2ef6d7bfb14604ec86c525a5424
97303734c98db605724e0a61dd1d985d3b913b5b8a48448311e00efaba5378f1
9abcc1de4d3491351e700a639a6f11ad155c196a58e57dbb84438aaced113a76
9b083cdcfc35dee4b9d71ce99bb3d8709f468bc7e58dd442c8dc7362b9b487f8
9f3481892669c448d2e80c80a2a954d27f63a6d360667b6059e557d6dbe90777
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ada4731b01d40460f2f8fa5209d20ff5c43b0c405d7fe45ee29737c68450ab66
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1
b5f31af35795605d66ce74d49791a92a9cd1822c142ce8f64057155ba5fd8e23
bc5bda326d3900ca7138ad468ab1ddfac28dfaccc4cff3788ff4383158cd5f61
c82af305afa0d9351daf3ab0e0435dfb4cd7ff0c00422c9fc42302bb403d8b23
ca19a08d150ab3e0255c198f9b3035d1b1e93ece6146f4088ada02e3cee808cf
d0e23e6acca7daafe3775ce56fea6404398aa9615eba84ecfba92fd486b64503
d4b70f15572a2a4100431537f0a91113eae6d1bed01f1867e29512a9e48a07e9
d50b82a4fad8402ae127225310641359ae78f2c7b891a508df184e2f24482b8e
d77bb684ba38fadc44ab4169b2a19a652af68500e82913227393685ca9f9de0f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df34fdf26bb7017ce352154e3cc5285ee7bb4ff0e9be781224259915acd323f7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e693dc8c436cfb1d180edfd3337059cd95397e0b39799b8ba420a93c4d3434c0
eb934801ba5a10aafc7b357381883f966ae4ed0425937ea853e22500ca059e58
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f76312a5df2bdcf211091232688647e3bd4c3c013b1429731f2a0e79e3564445
fb7a8dc6c89d51f24ac80a2373feec7239b73c81f11b5b3b1c303999f063682c
ff493c66733c48e945c1bdbb6df996989bacb38c3ed0cb7961c1c25b425c809d