labs.detectify.com
Open in
urlscan Pro
104.196.191.243
Public Scan
Effective URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Submission: On January 14 via api from US
Summary
TLS certificate: Issued by RapidSSL RSA CA 2018 on May 24th 2020. Valid for: a year.
This is the only time labs.detectify.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN15169 (GOOGLE, US)
PTR: 243.191.196.104.bc.googleusercontent.com
labs.detectify.com | |
labsdetectify.wpengine.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
PTR: fra16s18-in-f130.1e100.net
www.googleadservices.com |
ASN54113 (FASTLY, US)
www.redditstatic.com | |
alb.reddit.com |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-88.fra53.r.cloudfront.net
js.driftt.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-100-238.compute-1.amazonaws.com
q.quora.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-197-143-221.compute-1.amazonaws.com
js.driftqa.com |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-65.fra53.r.cloudfront.net
cdn.viglink.com |
Domain | Requested by | |
---|---|---|
27 | labs.detectify.com |
3 redirects
labs.detectify.com
|
6 | c.disquscdn.com |
detectify.disqus.com
|
6 | use.typekit.net |
labs.detectify.com
|
5 | fonts.gstatic.com |
fonts.googleapis.com
|
4 | links.services.disqus.com |
c.disquscdn.com
|
3 | js.driftt.com |
labs.detectify.com
js.driftt.com |
3 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com labs.detectify.com |
2 | cdn.viglink.com |
labs.detectify.com
|
2 | disqus.com |
detectify.disqus.com
|
2 | www.facebook.com |
labs.detectify.com
connect.facebook.net |
2 | www.google.de |
labs.detectify.com
|
2 | www.google.com |
labs.detectify.com
|
2 | px.ads.linkedin.com |
1 redirects
labs.detectify.com
|
2 | bat.bing.com |
labs.detectify.com
|
2 | connect.facebook.net |
labs.detectify.com
connect.facebook.net |
2 | labsdetectify.wpengine.com |
labs.detectify.com
|
2 | fonts.googleapis.com |
labs.detectify.com
|
1 | p.typekit.net |
labs.detectify.com
|
1 | js.driftqa.com |
labs.detectify.com
|
1 | googleads.g.doubleclick.net |
www.googleadservices.com
|
1 | alb.reddit.com |
labs.detectify.com
|
1 | q.quora.com |
labs.detectify.com
|
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | www.linkedin.com | 1 redirects |
1 | snap.licdn.com |
labs.detectify.com
|
1 | a.quora.com |
labs.detectify.com
|
1 | www.redditstatic.com |
labs.detectify.com
|
1 | www.googleadservices.com |
www.googletagmanager.com
|
1 | www.googletagmanager.com |
labs.detectify.com
|
1 | detectify.disqus.com |
labs.detectify.com
|
82 | 30 |
This site contains links to these domains. Also see Links.
Domain |
---|
detectify.com |
support.your-domain.com |
x.example.com |
example.com |
news.ycombinator.com |
www.reddit.com |
www.linkedin.com |
twitter.com |
www.facebook.com |
www.youtube.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
labs.detectify.com RapidSSL RSA CA 2018 |
2020-05-24 - 2021-05-25 |
a year | crt.sh |
use.typekit.net DigiCert SHA2 Secure Server CA |
2020-01-28 - 2022-02-01 |
2 years | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-12-15 - 2021-03-09 |
3 months | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-12-15 - 2021-03-09 |
3 months | crt.sh |
*.wpengine.com RapidSSL RSA CA 2018 |
2019-07-01 - 2021-08-29 |
2 years | crt.sh |
*.disqus.com DigiCert SHA2 Secure Server CA |
2020-04-20 - 2022-05-09 |
2 years | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-12-15 - 2021-03-09 |
3 months | crt.sh |
www.googleadservices.com GTS CA 1O1 |
2020-12-15 - 2021-03-09 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-12-22 - 2021-03-21 |
3 months | crt.sh |
www.redditstatic.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-01-08 - 2021-07-06 |
6 months | crt.sh |
quora.com R3 |
2020-12-27 - 2021-03-27 |
3 months | crt.sh |
www.bing.com Microsoft RSA TLS CA 02 |
2020-10-27 - 2021-04-27 |
6 months | crt.sh |
*.licdn.com DigiCert SHA2 Secure Server CA |
2019-04-01 - 2021-05-07 |
2 years | crt.sh |
drift.com Amazon |
2020-09-21 - 2021-10-23 |
a year | crt.sh |
px.ads.linkedin.com DigiCert SHA2 Secure Server CA |
2021-01-06 - 2021-07-05 |
6 months | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2020-12-15 - 2021-03-09 |
3 months | crt.sh |
www.google.com GTS CA 1O1 |
2020-12-15 - 2021-03-09 |
3 months | crt.sh |
www.google.de GTS CA 1O1 |
2020-12-15 - 2021-03-09 |
3 months | crt.sh |
*.quora.com R3 |
2020-12-27 - 2021-03-27 |
3 months | crt.sh |
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-01-08 - 2021-07-06 |
6 months | crt.sh |
driftqa.com Amazon |
2020-06-18 - 2021-07-18 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-08-15 - 2021-08-15 |
a year | crt.sh |
*.google.com GTS CA 1O1 |
2020-12-15 - 2021-03-09 |
3 months | crt.sh |
*.google.de GTS CA 1O1 |
2020-12-15 - 2021-03-09 |
3 months | crt.sh |
*.typekit.net DigiCert SHA2 Secure Server CA |
2019-12-06 - 2021-12-10 |
2 years | crt.sh |
viglink.com Amazon |
2020-12-13 - 2022-01-11 |
a year | crt.sh |
f.ssl.fastly.net GlobalSign Organization Validation CA - SHA256 - G2 |
2020-11-25 - 2021-12-27 |
a year | crt.sh |
This page contains 6 frames:
Primary Page:
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Frame ID: FB6CCC010D34F9FDC82DBB2898E4B9A3
Requests: 77 HTTP requests in this frame
Frame:
https://disqus.com/embed/comments/?base=default&f=detectify&t_u=https%3A%2F%2Flabs.detectify.com%2F2014%2F10%2F21%2Fhostile-subdomain-takeover-using-herokugithubdesk-more%2F&t_d=Hostile%20Subdomain%20Takeover%20using%20Heroku%2FGithub%2FDesk%20%2B%20more&t_t=Hostile%20Subdomain%20Takeover%20using%20Heroku%2FGithub%2FDesk%20%2B%20more&s_o=default
Frame ID: 12E4C60887DA7E557F89845815DDBC5E
Requests: 1 HTTP requests in this frame
Frame:
https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Frame ID: DB411CBEC70DDE36A54D35D36207CD9E
Requests: 1 HTTP requests in this frame
Frame:
https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Frame ID: 968B53C5FD3ABB7A61A35218CA4583A7
Requests: 1 HTTP requests in this frame
Frame:
https://js.driftt.com/core?embedId=fpb367pdwab4&forceShow=false&skipCampaigns=false&sessionId=ddd79beb-f8f1-4a8f-b492-f48b5c72bd12&sessionStarted=1610587830&campaignRefreshToken=9f83bc41-6b71-479d-a89b-547df5828f7c&pageLoadStartTime=1610587828730
Frame ID: 5BF5ADEFF03EB825C8FE1A5CD4E51C65
Requests: 1 HTTP requests in this frame
Frame:
https://js.driftt.com/core/chat
Frame ID: 21D822C8CAA4F95E5C2FB89EDBB674E3
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-he=
HTTP 301
http://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-he=/ HTTP 301
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-he=/ HTTP 301
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/ Page URL
Detected technologies
WordPress (CMS) ExpandDetected patterns
- headers link /rel="https:\/\/api\.w\.org\/"/i
- html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
PHP (Programming Languages) Expand
Detected patterns
- headers link /rel="https:\/\/api\.w\.org\/"/i
- html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
MySQL (Databases) Expand
Detected patterns
- headers link /rel="https:\/\/api\.w\.org\/"/i
- html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Nginx (Web Servers) Expand
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Yoast SEO (SEO) Expand
Detected patterns
- html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Facebook (Widgets) Expand
Detected patterns
- script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Google Font API (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Page Statistics
17 Outgoing links
These are links going to different origins than the main page.
Title: What is Detectify?
Search URL Search Domain Scan URL
Title: support.your-domain.com
Search URL Search Domain Scan URL
Title: x.example.com
Search URL Search Domain Scan URL
Title: example.com
Search URL Search Domain Scan URL
Title: Detectify domain monitoring
Search URL Search Domain Scan URL
Title: detectify.com
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Contact us
Search URL Search Domain Scan URL
Title: Sign up for a free trial »
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-he=
HTTP 301
http://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-he=/ HTTP 301
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-he=/ HTTP 301
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 45- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=669017&time=1610587829163&url=https%3A%2F%2Flabs.detectify.com%2F2014%2F10%2F21%2Fhostile-subdomain-takeover-using-herokugithubdesk-more%2F HTTP 302
- https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D669017%26time%3D1610587829163%26url%3Dhttps%253A%252F%252Flabs.detectify.com%252F2014%252F10%252F21%252Fhostile-subdomain-takeover-using-herokugithubdesk-more%252F%26liSync%3Dtrue HTTP 302
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=669017&time=1610587829163&url=https%3A%2F%2Flabs.detectify.com%2F2014%2F10%2F21%2Fhostile-subdomain-takeover-using-herokugithubdesk-more%2F&liSync=true
82 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/ Redirect Chain
|
23 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tzo5nif.js
use.typekit.net/ |
18 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
16 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.min.css
labs.detectify.com/wp-includes/css/dist/block-library/ |
50 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
labs.detectify.com/wp-content/themes/detectify2.0.5/dist/css/ |
36 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
labs.detectify.com/wp-includes/js/jquery/ |
87 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-migrate.min.js
labs.detectify.com/wp-includes/js/jquery/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
detectify.svg
labs.detectify.com/wp-content/themes/detectify2.0.5/images/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-ycombinator.png
labs.detectify.com/wp-content/themes/detectify2.0.5/images/ |
683 B 884 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-reddit.png
labs.detectify.com/wp-content/themes/detectify2.0.5/images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-linkedin.png
labs.detectify.com/wp-content/themes/detectify2.0.5/images/ |
709 B 910 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-twitter.png
labs.detectify.com/wp-content/themes/detectify2.0.5/images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-facebook.png
labs.detectify.com/wp-content/themes/detectify2.0.5/images/ |
760 B 961 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Hacker-Pic-B-1-400x480.png
labs.detectify.com/wp-content/uploads/2019/05/ |
178 KB 179 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
image-1-400x480.png
labs.detectify.com/wp-content/uploads/2018/08/ |
30 KB 31 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
GraphQL_proof_of_concept-400x480.png
labs.detectify.com/wp-content/uploads/2018/03/ |
99 KB 99 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
facebook.png
labs.detectify.com/wp-content/themes/detectify2.0.5/images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
twitter.png
labs.detectify.com/wp-content/themes/detectify2.0.5/images/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
linkedin.png
labs.detectify.com/wp-content/themes/detectify2.0.5/images/ |
15 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
youtube.png
labs.detectify.com/wp-content/themes/detectify2.0.5/images/ |
13 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
labs.detectify.com/wp-content/themes/detectify2.0.5/dist/js/ |
262 KB 81 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wp-embed.min.js
labs.detectify.com/wp-includes/js/ |
1 KB 951 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wp-emoji-release.min.js
labs.detectify.com/wp-includes/js/ |
14 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
css
fonts.googleapis.com/ |
2 KB 997 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/ |
23 KB 23 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CircularPro-Book.otf
labs.detectify.com/wp-content/themes/detectify2.0.5/assets/CircularPro-Book/ |
85 KB 85 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
L0xuDF4xlVMF-BfR8bXMIhJHg45mwgGEFl0_3vq_ROW-AJi8SJQt.woff
fonts.gstatic.com/s/robotomono/v12/ |
15 KB 15 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4UaBrEBBsBhlBjvfkSLhx6jj4JN0.woff2
fonts.gstatic.com/s/alegreya/v16/ |
18 KB 18 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4UaErEBBsBhlBjvfkSLk_xHM8pxULilENlY.woff2
fonts.gstatic.com/s/alegreya/v16/ |
19 KB 19 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
4UaHrEBBsBhlBjvfkSLk96rp57F2IwM.woff2
fonts.gstatic.com/s/alegreya/v16/ |
18 KB 18 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
red2.png
labsdetectify.wpengine.com/wp-content/uploads/2016/02/ |
27 KB 27 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.png
labsdetectify.wpengine.com/wp-content/uploads/2016/02/ |
550 KB 551 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
embed.js
detectify.disqus.com/ |
72 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
116 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CircularPro-Medium.otf
labs.detectify.com/wp-content/themes/detectify2.0.5/assets/CircularPro-Medium/ |
93 KB 93 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
46 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
30 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
90 KB 23 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel.js
www.redditstatic.com/ads/ |
17 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qevents.js
a.quora.com/ |
39 KB 14 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bat.js
bat.bing.com/ |
27 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
insight.min.js
snap.licdn.com/li.lms-analytics/ |
4 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fpb367pdwab4.js
js.driftt.com/include/1610588100000/ |
285 KB 81 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
js
www.google-analytics.com/gtm/ |
85 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
670320013354403
connect.facebook.net/signals/config/ |
240 KB 69 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
px.ads.linkedin.com/ Redirect Chain
|
0 61 B |
Image
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 90 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
collect
www.google-analytics.com/ |
35 B 120 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 410 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pixel
q.quora.com/_/ad/1fdf7ccfca6242509a1527df793b82c7/ |
43 B 420 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rp.gif
alb.reddit.com/ |
42 B 125 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/963762917/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
notification.d46d7db1.mp3
js.driftqa.com/conductor/assets/media/ |
20 KB 21 KB |
Media
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lounge.93b42de3124a0dd0533f88d602ff11e8.css
c.disquscdn.com/next/embed/styles/ |
0 22 KB |
Other
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common.bundle.38ea27189bdb723eae3dabf5bc7b8c0b.js
c.disquscdn.com/next/embed/ |
0 93 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lounge.bundle.e99bef264ab1dbdf324efcfb446cf290.js
c.disquscdn.com/next/embed/ |
0 114 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
config.js
disqus.com/next/ |
0 11 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
/
www.google.com/pagead/1p-user-list/963762917/ |
42 B 530 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
/
www.google.de/pagead/1p-user-list/963762917/ |
42 B 530 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/dacbbb/000000000000000000014a3f/27/ |
15 KB 15 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/5e5e35/000000000000000000014a3e/27/ |
15 KB 16 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/c19086/000000000000000000014a3b/27/ |
15 KB 15 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/59af34/000000000000000000014a3d/27/ |
17 KB 17 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/143f81/000000000000000000014a40/27/ |
35 KB 35 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0
bat.bing.com/action/ |
0 115 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p.gif
p.typekit.net/ |
35 B 182 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
disqus.com/embed/comments/ Frame 12E4 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
www.facebook.com/tr/ |
0 86 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
c.disquscdn.com/next/embed/ |
78 KB 26 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel.gif
cdn.viglink.com/images/ |
43 B 387 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel.gif
cdn.viglink.com/images/ |
43 B 388 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
realtime.af77184dec69e96e69aff958ae2bb738.css
c.disquscdn.com/next/embed/styles/ Frame DB41 |
337 B 715 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
realtime.af77184dec69e96e69aff958ae2bb738.css
c.disquscdn.com/next/embed/styles/ Frame 968B |
337 B 354 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
core
js.driftt.com/ Frame 5BF5 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chat
js.driftt.com/core/ Frame 21D8 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
ping
links.services.disqus.com/api/ |
299 B 925 B |
XHR
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sync.gif
links.services.disqus.com/api/ |
43 B 565 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
domains
links.services.disqus.com/api/ |
76 B 701 B |
XHR
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
domains
links.services.disqus.com/api/ |
42 B 667 B |
XHR
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
74 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| Typekit object| _wpemojiSettings undefined| $ function| jQuery object| dataLayer object| google_tag_manager string| GoogleAnalyticsObject function| ga object| google_tag_data function| fbq function| _fbq function| rdt function| qp object| uetq string| _linkedin_partner_id object| _linkedin_data_partner_ids function| drift undefined| driftt object| gaplugins object| gaGlobal object| gaData function| lintrk boolean| _already_called_lintrk function| UET object| google_optimize object| qevents function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| 3eiXJRXgVuLsYGH9303q object| regeneratorRuntime object| __SENTRY__ object| _driftFrames object| __post_robot_10_0_16__ string| __DRIFT_ENV__ string| __DRIFT_BUILD_ID__ string| __DRIFT_BRANCH__ function| disqus_config object| DISQUS boolean| PR_SHOULD_USE_CONTINUATION function| prettyPrintOne function| prettyPrintElem function| prettyPrint object| PR object| wp object| twemoji boolean| __v5k function| vl_cB function| vl_disable function| vglnk_16105878298976 object| vglnk number| drift_page_view_started number| drift_session_started object| drift_event_listeners string| drift_session_id string| drift_campaign_refresh undefined| vglnk_16105878303997 undefined| vglnk_16105878305369 undefined| vglnk_1610587830556107 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.labs.detectify.com/ | Name: _rdt_uuid Value: 1610587829250.359890ec-5bca-46ae-adf0-4f1d4789a61a |
|
labs.detectify.com/ | Name: drift_campaign_refresh Value: 9f83bc41-6b71-479d-a89b-547df5828f7c |
|
.detectify.com/ | Name: _gid Value: GA1.2.1077403745.1610587829 |
|
.detectify.com/ | Name: _uetsid Value: 16054db0560811ebb432a9f5e67ee598 |
|
.detectify.com/ | Name: _uetvid Value: 16055150560811ebb5c4b35407590448 |
|
.detectify.com/ | Name: _fbp Value: fb.1.1610587829236.905496946 |
|
.detectify.com/ | Name: _ga Value: GA1.2.193270723.1610587829 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
a.quora.com
alb.reddit.com
bat.bing.com
c.disquscdn.com
cdn.viglink.com
connect.facebook.net
detectify.disqus.com
disqus.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js.driftqa.com
js.driftt.com
labs.detectify.com
labsdetectify.wpengine.com
links.services.disqus.com
p.typekit.net
px.ads.linkedin.com
q.quora.com
snap.licdn.com
stats.g.doubleclick.net
use.typekit.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.redditstatic.com
104.196.191.243
143.204.215.65
143.204.215.88
151.101.112.64
151.101.113.140
151.101.12.134
151.101.13.2
151.101.64.134
172.217.23.130
2606:4700::6812:a813
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:802::2003
2a00:1450:4001:803::200a
2a00:1450:4001:806::2003
2a00:1450:4001:808::200e
2a00:1450:4001:816::2008
2a00:1450:4001:816::200e
2a00:1450:4001:81b::2002
2a00:1450:4001:81d::2004
2a00:1450:400c:c0c::9b
2a02:26f0:6c00:28d::19fd
2a02:26f0:6c00:296::25ea
2a02:26f0:6c00::210:ba2a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:f500:11:101::b93f:9005
3.213.100.238
54.197.143.221
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0c833aefd088c6fae2c65e2faf155463b75091c61b984a22292ca98718b465de
0ffbc7ee851f346b57d21c7eec566017064431ec7b93e28b020a7351c1996f3d
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12d773a48a0b51b4be416f0437556c330362763bbc06c70cd6e9a3c36e294178
17ff494201dce24dc9609dc5983462fb494e75d2700f703565ce2c98afbb7767
1e36d21bebed621dd7535cb4e15e4a36136316152bd2e11739c5daa7af9b3de1
3685c3818240f5f390073c7d04f944a5cb5d848093224f3a7888034e8c050eb4
45781771a95e51ea8c04de1c05790c612e80d6303e29e54be4dab70007efaa08
4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515
4f5ef0b77621bfff889f1eafa87bd915d715c60b6b63d7702c951f6ea76f381b
4fb0bef9a23d2e21086eb04729ba9719e89e7ca8d78d35410fda1e2de6ec33b1
504b4de8f04d4c0c0c52a1fa8f1a745cf955fc4eda7fbf3cf28750675845ede6
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5541cfb67684ceba743744d4496dc9dc41fce81af5f56c16a1c95e1acb454335
561592b91ee0231080e62a5f40f52bc55124655643af516a33eeaf29b76e1574
5b9db5acc5e9d4fa4baf66b5a8385d3ed4d697faa7f60148f757bf509792f8d2
5c2288ca7b324881faae5e368eb4d69457e2784e042e868de335d3827bb90981
5e79436d1f00cd00ece18c935a3835b2db0dc1f36db9146ba08ea9b1bfefa2fc
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
61c16dfeb22d02ddbf5c8e30d305ad199979d7a7e2d6f8cab66f2cddf6a2c7dd
63a4306a05ad325868f376e75966ee349e8dc5d7ec95bdd9894b8c3f91e67a05
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
761932b546d167fd12090fd5d2cae7bb15a02270b40e10e3a6e041e02cf79dd0
774fe65376725e8aad7d70e5fe6857d77f00fd23800d8c0ef411c648ea9a1531
793acec2f8d584b55d9921216da08fe25b3713efaf597d0f1bb257d99ab0eeb9
7c4747d3a3a7212c5408a4855d277546073a9b32b1bfd164692d758be5de7b5b
813d6874bd1f23696f3719fde392eadd516f7e314a58afe0c82a954c42ecf558
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c7f5c2d81ced50109b62b9501837c677c06a262e6ed50713e7b20ba29413ce2
8df65c16e955a73528fdc581781364fd6059da9c7ffb7d9e84ebea9e34f894b6
8e479c3cd41c52d18a82dd032758a93e98242987ff281d04a163a50a3fe984ac
937708e5eaccff798e9227ab16da5a981b1e011db197b853ceb31a357255856e
997423be26d1eae9efbfc2098141a06f626749dc4a89fc40c15d567a662856a3
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9db911c69298b73dcac7905443fa87aa253bb2d1a2b0d0e2840c696bf9ea97d4
9e75487e743a232de81010377a58dbdfa686ab218d263e06949492b8b24d995a
9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18
a12c794412c0356b1eefb9fe3695f757094a602a2f24659f051f7787195a6ce1
a8755954660f9bef43d2dc61d725f022a3115b81ae76a6af093ab18cfdfa5de7
ad80ac33ed04b4e6d78167b4162ecd3d2e8c29d17b43eb3df1f35b216b2ac5c5
b0353d7ceb6b95d450a0cbe4c2fb7d53839a3f1b7832d53bd3bfd2da8b6d49db
b4f6b15171db948a3719ec5d9ad29101296dbfe801dc29040db8b5d9974fc037
ba3a031eb1841b8944dd1642d07d632293041dec00cb281a66205542937b65db
bcfbcea42950c5e32722fb230626e4323b445e7b332d2f60562b17b87ef41bd7
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
c350e5341423e3e509feec39d45a1fc91cb67466c58a5e78924d58a8f6bd0637
c3e45eb2f762247549e6ea231cadf8fdeecbab660f7a9a5fee4db27eba30ae54
ced098a24c2db69f976f3ee1154da8929d43f035cefaa3c60ee8a70edc3288ab
d91b957d91da6313dea39f16e9f378779d94695dffc1cd05f81837f781fe382c
dbc2dc58ab6e0cfbcade44534efd0747d86ffacc856207a30202ef6b76198a34
e2adf55d07c4c8e4790cf2404f54551ee1609e2490df08356b95c4f4314a4587
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e772ed85c401fe340ba074b1ae7b83e25f6a00febabd53faa247671b65672443
e88e0ed354170d8b73435fadf714ab8fff7c00b985295495d146b5eb92dc3e50
ebaa235bd73fd575f091a0d36701d7d4fee2fc38b0aeea515e28f10ab3bf001e
eec028c2489cb681aa45c3247bdbbd3e8b14b6d5b4b59f32a46eaff565ea0e18
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6de6beb1cf5bf809eccfe10f99aea0e0969c71d4eab5446410fef72695679f
f15a612820ee6932e59908a502c52ea6370c7bacadec59a2153aed31ad876480