web.fairstone.ca
Open in
urlscan Pro
13.225.63.124
Public Scan
Effective URL: https://web.fairstone.ca/
Submission: On November 06 via api from US — Scanned from CA
Summary
TLS certificate: Issued by Amazon RSA 2048 M02 on September 17th 2023. Valid for: a year.
This is the only time web.fairstone.ca was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-55.ewr53.r.cloudfront.net
web.fairstone.ca |
ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-124.ewr53.r.cloudfront.net
web.fairstone.ca |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-205-106-74.deploy.static.akamaitechnologies.com
analytics.tiktok.com |
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com | |
www.linkedin.com |
ASN32934 (FACEBOOK, US)
www.facebook.com |
ASN26101 (YAHOO-BF1, US)
PTR: spdc.pbp.vip.bf1.yahoo.com
sp.analytics.yahoo.com |
ASN16276 (OVH, FR)
PTR: prd-usage-2.tjsint.net
usage.trackjs.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net | |
adservice.google.com |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 205.23.198.104.bc.googleusercontent.com
r.lr-in-prod.com |
ASN15169 (GOOGLE, US)
PTR: pd-in-f149.1e100.net
6501431.fls.doubleclick.net |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-37-98.compute-1.amazonaws.com
q.quora.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-4-58.compute-1.amazonaws.com
client-logger.salemove.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 742 |
257 KB |
8 |
fairstone.ca
1 redirects
web.fairstone.ca |
390 KB |
7 |
doubleclick.net
1 redirects
stats.g.doubleclick.net — Cisco Umbrella Rank: 78 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 6501431.fls.doubleclick.net |
5 KB |
7 |
google.com
analytics.google.com — Cisco Umbrella Rank: 157 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 105 |
1 KB |
7 |
salemove.com
api.salemove.com — Cisco Umbrella Rank: 20610 libs.salemove.com — Cisco Umbrella Rank: 20133 client-logger.salemove.com — Cisco Umbrella Rank: 14664 |
499 KB |
5 |
linkedin.com
4 redirects
px.ads.linkedin.com — Cisco Umbrella Rank: 377 www.linkedin.com — Cisco Umbrella Rank: 629 px4.ads.linkedin.com — Cisco Umbrella Rank: 6003 |
5 KB |
5 |
google.ca
www.google.ca — Cisco Umbrella Rank: 9133 |
750 B |
4 |
licdn.com
snap.licdn.com — Cisco Umbrella Rank: 778 |
15 KB |
3 |
bing.com
bat.bing.com — Cisco Umbrella Rank: 366 |
14 KB |
3 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174 |
126 KB |
3 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27 |
21 KB |
3 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35 |
292 KB |
2 |
quora.com
a.quora.com — Cisco Umbrella Rank: 5077 q.quora.com — Cisco Umbrella Rank: 3698 |
15 KB |
2 |
yahoo.com
sp.analytics.yahoo.com — Cisco Umbrella Rank: 1417 |
880 B |
2 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 110 |
239 B |
2 |
yimg.com
s.yimg.com — Cisco Umbrella Rank: 648 |
7 KB |
2 |
gstatic.com
fonts.gstatic.com |
30 KB |
2 |
lr-in-prod.com
cdn.lr-in-prod.com — Cisco Umbrella Rank: 13834 r.lr-in-prod.com — Cisco Umbrella Rank: 12706 |
164 KB |
1 |
trackjs.com
usage.trackjs.com — Cisco Umbrella Rank: 2997 |
229 B |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31 |
1 KB |
72 | 20 |
Domain | Requested by | |
---|---|---|
8 | analytics.tiktok.com |
web.fairstone.ca
analytics.tiktok.com |
8 | web.fairstone.ca |
1 redirects
web.fairstone.ca
|
5 | www.google.ca |
web.fairstone.ca
|
4 | www.google.com |
web.fairstone.ca
|
4 | snap.licdn.com |
www.googletagmanager.com
snap.licdn.com |
4 | libs.salemove.com |
api.salemove.com
libs.salemove.com |
3 | bat.bing.com |
www.googletagmanager.com
bat.bing.com |
3 | px.ads.linkedin.com | 3 redirects |
3 | stats.g.doubleclick.net |
www.googletagmanager.com
web.fairstone.ca |
3 | connect.facebook.net |
web.fairstone.ca
connect.facebook.net |
3 | www.google-analytics.com |
www.googletagmanager.com
web.fairstone.ca |
3 | www.googletagmanager.com |
web.fairstone.ca
www.googletagmanager.com |
2 | 6501431.fls.doubleclick.net |
1 redirects
www.googletagmanager.com
|
2 | googleads.g.doubleclick.net |
www.googletagmanager.com
|
2 | sp.analytics.yahoo.com |
web.fairstone.ca
|
2 | www.facebook.com |
web.fairstone.ca
|
2 | analytics.google.com |
www.googletagmanager.com
|
2 | s.yimg.com |
web.fairstone.ca
|
2 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | api.salemove.com |
web.fairstone.ca
api.salemove.com |
1 | adservice.google.com |
6501431.fls.doubleclick.net
|
1 | client-logger.salemove.com |
web.fairstone.ca
|
1 | q.quora.com | |
1 | a.quora.com |
www.googletagmanager.com
|
1 | r.lr-in-prod.com |
web.fairstone.ca
|
1 | usage.trackjs.com | |
1 | px4.ads.linkedin.com |
web.fairstone.ca
|
1 | www.linkedin.com | 1 redirects |
1 | cdn.lr-in-prod.com |
web.fairstone.ca
|
1 | fonts.googleapis.com |
web.fairstone.ca
|
72 | 30 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.fairstone.ca |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.fairstone.ca Amazon RSA 2048 M02 |
2023-09-17 - 2024-10-15 |
a year | crt.sh |
*.glia.com Amazon RSA 2048 M01 |
2023-06-18 - 2024-07-15 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-10-16 - 2024-01-08 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-03-13 - 2024-03-12 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-10-16 - 2024-01-08 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-10-16 - 2024-01-08 |
3 months | crt.sh |
snap.licdn.com DigiCert SHA2 Secure Server CA |
2023-02-01 - 2024-01-31 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2023-08-15 - 2023-11-13 |
3 months | crt.sh |
*.tiktok.com RapidSSL ECC CA 2018 |
2023-07-14 - 2024-08-13 |
a year | crt.sh |
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA |
2023-09-25 - 2023-11-15 |
2 months | crt.sh |
*.google.com GTS CA 1C3 |
2023-10-16 - 2024-01-08 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2023-10-16 - 2024-01-08 |
3 months | crt.sh |
*.google.ca GTS CA 1C3 |
2023-10-16 - 2024-01-08 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2023-10-16 - 2024-01-08 |
3 months | crt.sh |
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA |
2023-10-24 - 2024-04-17 |
6 months | crt.sh |
*.trackjs.com RapidSSL TLS RSA CA G1 |
2023-07-31 - 2024-08-11 |
a year | crt.sh |
www.bing.com Microsoft Azure TLS Issuing CA 01 |
2023-10-24 - 2024-04-21 |
6 months | crt.sh |
api.logrocket.com R3 |
2023-09-29 - 2023-12-28 |
3 months | crt.sh |
*.doubleclick.net GTS CA 1C3 |
2023-10-16 - 2024-01-08 |
3 months | crt.sh |
quora.com R3 |
2023-09-24 - 2023-12-23 |
3 months | crt.sh |
*.quora.com R3 |
2023-11-05 - 2024-02-03 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://web.fairstone.ca/
Frame ID: BAE6D1DF2E5E10CFEB4AFB316E462F12
Requests: 71 HTTP requests in this frame
Frame:
https://6501431.fls.doubleclick.net/activityi;dc_pre=CLeR34_jroIDFcclwQodC3oJPQ;src=6501431;type=fairs0;cat=fairs0;ord=7376968041786;auiddc=1239836428.1699253106;gtm=45He3b11v6866613;gcd=11l1l1l1l1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fweb.fairstone.ca%2Fmaintenance
Frame ID: F0034F6784EE25BE705623F6F0D1A7A7
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
Digital Financial ApplicationPage URL History Show full URLs
-
http://web.fairstone.ca/
HTTP 301
https://web.fairstone.ca/ Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Facebook (Widgets) Expand
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/ns\.html[^>]+></iframe>
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Linkedin Insight Tag (Analytics) Expand
Detected patterns
- snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: PRIVACY POLICY
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://web.fairstone.ca/
HTTP 301
https://web.fairstone.ca/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 39- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1775842&time=1699253106614&url=https%3A%2F%2Fweb.fairstone.ca%2Fmaintenance HTTP 302
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1775842&time=1699253106614&url=https%3A%2F%2Fweb.fairstone.ca%2Fmaintenance&cookiesTest=true HTTP 302
- https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1775842%26time%3D1699253106614%26url%3Dhttps%253A%252F%252Fweb.fairstone.ca%252Fmaintenance%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1775842&time=1699253106614&url=https%3A%2F%2Fweb.fairstone.ca%2Fmaintenance&cookiesTest=true&liSync=true HTTP 302
- https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1775842&time=1699253106614&url=https%3A%2F%2Fweb.fairstone.ca%2Fmaintenance&cookiesTest=true&liSync=true&e_ipv6=AQIAmATxSbfc8gAAAYujYLoQROtiZxXuWBGXDSAQ5kc1exxwS97Cm4-m9xwgZxdYL4TnVO90cgTH
- https://6501431.fls.doubleclick.net/activityi;src=6501431;type=fairs0;cat=fairs0;ord=7376968041786;auiddc=1239836428.1699253106;gtm=45He3b11v6866613;gcd=11l1l1l1l1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fweb.fairstone.ca%2Fmaintenance HTTP 302
- https://6501431.fls.doubleclick.net/activityi;dc_pre=CLeR34_jroIDFcclwQodC3oJPQ;src=6501431;type=fairs0;cat=fairs0;ord=7376968041786;auiddc=1239836428.1699253106;gtm=45He3b11v6866613;gcd=11l1l1l1l1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fweb.fairstone.ca%2Fmaintenance
72 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
web.fairstone.ca/ Redirect Chain
|
726 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
salemove_integration.js
api.salemove.com/ |
9 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.2e247e6d.js
web.fairstone.ca/us-east-1/static/js/ |
1 MB 355 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.e1336793.css
web.fairstone.ca/us-east-1/static/css/ |
102 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
visitor_config
api.salemove.com/ |
9 KB 11 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logger-1.min.js
cdn.lr-in-prod.com/ |
826 KB 163 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
505 KB 121 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7675.25b13842.chunk.css
web.fairstone.ca/us-east-1/static/css/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7675.874af29e.chunk.js
web.fairstone.ca/us-east-1/static/js/ |
57 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrapper-ce979979d.js
libs.salemove.com/visitor/ |
635 KB 165 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ |
14 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
3f1fa705-6e29-4b4b-b20d-9592da7c12e6
https://web.fairstone.ca/ |
460 KB 0 |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7207.a8502c35.chunk.css
web.fairstone.ca/us-east-1/static/css/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7207.4250fcc8.chunk.js
web.fairstone.ca/us-east-1/static/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
279 KB 91 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
233 KB 81 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
insight.min.js
snap.licdn.com/li.lms-analytics/ |
12 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
208 KB 55 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
events.js
analytics.tiktok.com/i18n/pixel/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
events.js
analytics.tiktok.com/i18n/pixel/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ytc.js
s.yimg.com/wi/ |
18 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webcomponents_es5-ce979979d.js
libs.salemove.com/visitor/ |
936 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
visitor-app.7f9104b6-95587b76.min.js
libs.salemove.com/ |
686 KB 198 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
visitor-app.7f9104b6-95587b76.default.css
libs.salemove.com/ |
317 KB 114 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
analytics.google.com/g/ |
0 254 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 47 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.ca/ads/ |
42 B 408 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
41 KB 41 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
10198817.json
s.yimg.com/wi/config/ |
2 B 449 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
4 B 209 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
3 B 70 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 349 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.MTdiNDNiZjZlMA.js
analytics.tiktok.com/i18n/pixel/static/ |
396 KB 106 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.MTdiNDNiZjZlMQ.js
analytics.tiktok.com/i18n/pixel/static/ |
416 KB 108 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
insight.old.min.js
snap.licdn.com/li.lms-analytics/ |
8 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
371369027251497
connect.facebook.net/signals/config/ |
139 KB 36 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 70 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
px4.ads.linkedin.com/ Redirect Chain
|
0 488 B |
Image
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 408 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.ca/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
identify_7b38b.js
analytics.tiktok.com/i18n/pixel/static/ |
134 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
pixel
analytics.tiktok.com/api/v2/ |
0 648 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
pixel
analytics.tiktok.com/api/v2/ |
0 792 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.ca/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 185 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sp.pl
sp.analytics.yahoo.com/ |
43 B 246 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sp.pl
sp.analytics.yahoo.com/ |
43 B 634 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
act
analytics.tiktok.com/api/v2/pixel/ |
0 792 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
usage.gif
usage.trackjs.com/ |
43 B 229 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/963056520/ |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/868121167/ |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bat.js
bat.bing.com/ |
45 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
insight.min.js
snap.licdn.com/li.lms-analytics/ |
12 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
insight.old.min.js
snap.licdn.com/li.lms-analytics/ |
8 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5613842.js
bat.bing.com/p/action/ |
0 118 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0
bat.bing.com/action/ |
0 362 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/868121167/ |
42 B 154 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.google.ca/pagead/1p-user-list/868121167/ |
42 B 64 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/963056520/ |
42 B 108 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.google.ca/pagead/1p-user-list/963056520/ |
42 B 64 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
i
r.lr-in-prod.com/ |
260 B 736 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
activityi;dc_pre=CLeR34_jroIDFcclwQodC3oJPQ;src=6501431;type=fairs0;cat=fairs0;ord=7376968041786;auiddc=1239836428.1699253106;gtm=45He3b11v6866613;gcd=11l1l1l1l1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;u...
6501431.fls.doubleclick.net/ Frame F003 Redirect Chain
|
482 B 614 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qevents.js
a.quora.com/ |
41 KB 14 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
597088370792613
connect.facebook.net/signals/config/ |
133 KB 35 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pixel
q.quora.com/_/ad/fa1f99229b1e4be38dac70979b084e49/ |
43 B 421 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
client-logger.salemove.com/ |
0 303 B |
Fetch
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 54 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dc_pre=CLeR34_jroIDFcclwQodC3oJPQ;src=6501431;type=fairs0;cat=fairs0;ord=7376968041786;auiddc=*;gtm=45He3b11v6866613;gcd=11l1l1l1l1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https...
adservice.google.com/ddm/fls/z/ Frame F003 |
42 B 401 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
analytics.google.com/g/ |
0 54 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
67 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| documentPictureInPicture object| sm object| webpackChunkdfa_frontend function| _lrMutationObserver function| _lr_surl_cb object| __SDKCONFIG__ object| __REACT_INTL_CONTEXT__ object| regeneratorRuntime function| _ number| 2f1acc6c3a606b082e5eef5e54414ffb object| dataLayer function| _lrXMLHttpRequest function| _LRLogger boolean| _lr_loaded object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data function| GTMsetPersistentCookie function| GTMsetSessionCookie function| GTMgetCookie function| GTMsetLayerValue object| fairstoneLayer string| GoogleAnalyticsObject function| ga string| _linkedin_data_partner_id function| fbq function| _fbq function| setCookie function| getCookie string| cookieName string| cookieValue number| expirationTime string| date number| dateTimeNow string| TiktokAnalyticsObject object| ttq object| dotq function| onYouTubeIframeAPIReady object| gaGlobal object| webpackJsonpSalemoveVisitorApp object| YAHOO object| gaplugins object| gaData object| process function| lintrk boolean| _already_called_lintrk object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks object| GooglebQhCsO function| UET function| UET_init function| UET_push object| ueto_3dcc9878d7 object| uetq function| qp string| qpGtm object| qevents30 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
api.salemove.com/ | Name: visitor_session Value: eyJhbGciOiJFUzI1NiJ9.eyJpYXQiOjE2OTkyNTMxMDUsInZpc2l0b3JfaWQiOiJlN2FiYTA3Ni0yOGZmLTQzNGMtYWY2ZC1lOTYxMWEyMDljM2YiLCJpc3MiOiJHbGlhIFNpdGUgVmlzaXRvciBDb25maWciLCJraWQiOiI4OWVhNjI0OS1mZDdhLTQ5MDMtODZjNi0xYmJiYTg1ZDc5ZWIifQ.OCW2MELx02MKKQOXML2Us1LfuE4e_n4OBMYYkOZxySm2GZzNCywugaZYJiJql8U5iuPH92LyQSu3QsmyJOnpBg |
|
web.fairstone.ca/ | Name: _lr_tabs_-hwqsvv%2Fdfa-9njts Value: {%22sessionID%22:0%2C%22recordingID%22:%225-28832b37-63b4-46e8-895c-e8d9f403cc3a%22%2C%22webViewID%22:null%2C%22lastActivity%22:1699253105947} |
|
web.fairstone.ca/ | Name: _lr_hb_-hwqsvv%2Fdfa-9njts Value: {%22heartbeat%22:1699253105947} |
|
web.fairstone.ca/ | Name: _lr_uf_-hwqsvv Value: f2bfaf8b-ceb2-4ac5-bd27-f865e8606a32 |
|
.fairstone.ca/ | Name: _gcl_au Value: 1.1.1239836428.1699253106 |
|
.web.fairstone.ca/ | Name: Hit Timestamp Value: 2023-11-05T22:45:06.179-08:00 |
|
.web.fairstone.ca/ | Name: Visitor Type Value: New visitor |
|
.fairstone.ca/ | Name: _ga_Q8NJ0QC7WK Value: GS1.1.1699253106.1.0.1699253106.60.0.0 |
|
.tiktok.com/ | Name: _ttp Value: 2Xn7hA5Lu0hCr6FJiWfAunzGRkc |
|
.web.fairstone.ca/ | Name: _ga Value: GA1.3.1586900722.1699253106 |
|
.web.fairstone.ca/ | Name: _gid Value: GA1.3.1354989488.1699253107 |
|
.web.fairstone.ca/ | Name: _gat_UA-57062305-3 Value: 1 |
|
.fairstone.ca/ | Name: _ga Value: GA1.2.1586900722.1699253106 |
|
.fairstone.ca/ | Name: _gid Value: GA1.2.1354989488.1699253107 |
|
.fairstone.ca/ | Name: _dc_gtm_UA-57062305-6 Value: 1 |
|
.fairstone.ca/ | Name: _tt_enable_cookie Value: 1 |
|
.fairstone.ca/ | Name: _ttp Value: UfxS0gv9Zc6sVVmpQO766vjlfSf |
|
.fairstone.ca/ | Name: _fbp Value: fb.1.1699253106777.565507571 |
|
.linkedin.com/ | Name: li_sugr Value: 30ef9cea-8430-4c5b-aef5-a3ed2e608ab5 |
|
.linkedin.com/ | Name: bcookie Value: "v=2&2179f715-cf0b-4a3f-8bfc-c31228ca128b" |
|
.linkedin.com/ | Name: lidc Value: "b=OGST02:s=O:r=O:a=O:p=O:g=3048:u=1:x=1:i=1699253106:t=1699339506:v=2:sig=AQF04ykxWBShG_5n6vSnd9zfcVHJPwTQ" |
|
.linkedin.com/ | Name: UserMatchHistory Value: AQJ7_xWgRniDVQAAAYujYLkURTjocmvQ2b51A0J4CmogUGoDuu1ubQAx8K7-yIB_m3dK7eB8X3_HQw |
|
.linkedin.com/ | Name: AnalyticsSyncHistory Value: AQJCPlaYM4SumwAAAYujYLkUbIHqf9RLe38vDtSUEiWaBB3Zjt8QoZqjZFs4okszc8CND1kxWrUxZASFAVLkPQ |
|
.yahoo.com/ | Name: A3 Value: d=AQABBHOLSGUCEK0bvTglu2eXiN8D8Z5OHGcFEgEBAQHcSWVSZSXcxyMA_eMAAA&S=AQAAAv7bXRghifzcpSQXhJlhtpE |
|
.www.linkedin.com/ | Name: bscookie Value: "v=1&2023110606450727c18f24-d145-4f0b-8a8a-e7dafde3235aAQFzLrH_MaY3fR-VIth4a_4OJd86bOBu" |
|
.fairstone.ca/ | Name: _uetsid Value: 0643b5d07c7011eeb71ae54d3a2b89e9 |
|
.fairstone.ca/ | Name: _uetvid Value: 0643d3e07c7011ee998c43e70ebee202 |
|
.bing.com/ | Name: MUID Value: 0EA6AC837DA661EE0BE8BF427C0C60C6 |
|
.bat.bing.com/ | Name: MR Value: 0 |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUkFM6_ABT8igeaYjjTg6kB2vBbBR_tEQ5sugqrHy3gmVKdQmMzctLI6vjC_EhI |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | upgrade-insecure-requests;frame-ancestors 'self' ; |
Strict-Transport-Security | max-age=31536000; includeSubdomains; preload |
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
6501431.fls.doubleclick.net
a.quora.com
adservice.google.com
analytics.google.com
analytics.tiktok.com
api.salemove.com
bat.bing.com
cdn.lr-in-prod.com
client-logger.salemove.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
libs.salemove.com
px.ads.linkedin.com
px4.ads.linkedin.com
q.quora.com
r.lr-in-prod.com
s.yimg.com
snap.licdn.com
sp.analytics.yahoo.com
stats.g.doubleclick.net
usage.trackjs.com
web.fairstone.ca
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.linkedin.com
104.198.23.205
13.107.42.14
13.225.63.124
13.225.63.55
142.251.179.149
162.159.153.247
167.114.119.127
2001:4860:4802:38::181
2001:4998:14:800::1000
23.205.106.74
2600:1408:c400:2b::17de:4ce
2600:9000:2511:2600:17:4c3f:1b80:93a1
2600:9000:2512:2800:0:99b9:cd80:93a1
2606:4700:3030::6815:41c3
2607:f8b0:4004:c06::5e
2607:f8b0:4004:c06::9d
2607:f8b0:4004:c08::5e
2607:f8b0:4004:c09::9c
2607:f8b0:4004:c17::5f
2607:f8b0:4004:c17::66
2607:f8b0:4004:c1f::61
2607:f8b0:4004:c1f::67
2620:1ec:21::14
2620:1ec:c11::200
2a03:2880:f003:c0e:face:b00c:0:3
2a03:2880:f103:83:face:b00c:0:25de
52.45.37.98
52.7.4.58
76.13.32.146
07286bbf5eedf55af85e8427ae9df07c84cbe56b8da0f5fab4a7a84c52be87f7
07be4a3f965216e9f09e0087ea104161641639614cd8b4e22a6d1e52a854df73
085fa63bd5ca5ec9e2fb93e761032cbb85a9f11c5f984842bb63230b539bbeab
092ecc013c3d9e89a0a5f4af1e66130d46b98f55eb3385d03032917dd0b71fc0
0dc90421cbf6414c9f1ef5e93af3dbe48a4e51899452330f0ae0b2815e38be94
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0ec4b556bec5cb62eefbfb31c744019188540c2871f6c5a09d034401a2d06405
17a1a2d1ce0a836e39a7b52eeebc52412363ff5dce4be6a05713e3fe752ea451
1bd42b8fe934ccfcfc52080210bbe9ef20bf00d89d383194b87239d7ca4e470c
1beef433b46d74386994b4a74c97ddf8eef03d362a663d7c13e5e25ae29a1f78
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2ba0d18d5cac548c066e6cb4ba000edb0c7d07c2100847a2e674e11c612e407d
37df75726cdb388afb109f40ca63e36cc7a6400862abb9a1f41dfca2377b1f56
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44cc1fcf04b09d5a46174471e6472afb2bf7fb8ecb035f9b9f4e879aff3a626c
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
48575b0cf8ea677778f4f33ff96bc4d82bc93ac8e09bcb71c8840a385c6320c3
5202c6b8a2a9cde5eaec33c33bdd56847e0a7723005b080f72b1ed977b8bde15
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
566183211ff0f9a954b0709a505031caa82551710367846a838a9359aef129fd
5971ec0241731235c67d6f653d24e088760ec9011393c31fce7c5277d49585ac
5b3086a886aa8649ecbf496ac913a1aa443926cd2fff610be2d136c9598bcd8b
5f96f7a60d34c8caf779c37a9d9727f9305f6877ca6e08b1d11b26836e1a1d3e
672e173a1961506da81fd51463bb8b4aeacf8be4d484d02dca74b3e3a848ab7c
70242b7559c38404934267e32fa95b7ab11a7f1f8ec793c34b96e84aed7a42b1
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7fd7424a4c35368a1f74b59332c21ad08e4570bf827d921c0af2dda5cec60bfd
832dbd199f70ade357e88a3f5d32920c8c63e69258dc173d3b261686320895db
85285ac1a98398bcec534f27c75ca4b0c7de5c6c51dcf93cfa31c0462755e966
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
8791e029279937edfb74fcd669aa3b929e179f71d5f302679c19b1887aabbefe
9213ac17b151af2419644a4dc52b1e944d29797ffe61dc8d8e0be784114026f9
97c3366cea714e7f0d4e64001ac974361a4f455f0e4ba138cb09b086e59f39a2
9c67cbe013aedc3d0a50eb17524e88d3669653bf8be409ba2e4a94c3f8d9dc9e
a057896acd5135c256111adc7cbdf2c7268ddd8e319557c2d39c30f077b60ecb
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0af19431043c20a30cc8a23d6d261fc45565055b29ac86100c16fc2973df884
c1f907763f17208915efa6e49366b7b0c728da8304f29fcd5c7f1ae705e31b31
c2a101f313f27c267a744088e44664a87d2ec7dc2a3464bf1319a95094dc76db
ca2bfd8bbb923a82d4368ec98909f19bb25313b902d98883602452671fb6ffc1
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
cd8f3a30d222b9fa3b235b1351cefad8c1567e860ff3cd8d5c0d6b8d78b78d55
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d6d9babef255ee8f0557fb5ac197c499d1d3299d9278f7f1399c9ecdb6630ca1
dbb57bc7676a577c0b238585ecd305973382646052ab813d93f5f0548503fa8c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f35fc77358c112ed11975f584e638b05b258f52cb5d312cca3711a1cdbce44f6