freedomheadlines.com
Open in
urlscan Pro
2606:4700:3030::6815:2278
Public Scan
Effective URL: https://freedomheadlines.com/
Submission: On February 11 via api from US — Scanned from US
Summary
TLS certificate: Issued by GTS CA 1P5 on January 22nd 2024. Valid for: 3 months.
This is the only time freedomheadlines.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
mailz.leafybranch.com |
ASN16509 (AMAZON-02, US)
cdn1.lockerdomecdn.com |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 129.139.149.34.bc.googleusercontent.com
decide.dev |
ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-34.jfk50.r.cloudfront.net
tags.crwdcntrl.net |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-196-253.compute-1.amazonaws.com
bcp.crwdcntrl.net |
ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu
id5-sync.com |
ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
google-bidout-d.openx.net | |
us-u.openx.net |
ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com |
ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org |
ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f2.1e100.net
cm.g.doubleclick.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
52 |
freedomheadlines.com
freedomheadlines.com |
6 MB |
10 |
google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 649 |
71 KB |
8 |
doubleclick.net
3 redirects
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 stats.g.doubleclick.net — Cisco Umbrella Rank: 80 cm.g.doubleclick.net — Cisco Umbrella Rank: 258 googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 |
172 KB |
5 |
openx.net
1 redirects
oajs.openx.net — Cisco Umbrella Rank: 2136 google-bidout-d.openx.net — Cisco Umbrella Rank: 2135 us-u.openx.net — Cisco Umbrella Rank: 530 |
2 KB |
5 |
gstatic.com
fonts.gstatic.com |
160 KB |
3 |
criteo.com
1 redirects
gum.criteo.com — Cisco Umbrella Rank: 454 mug.criteo.com — Cisco Umbrella Rank: 3029 |
8 KB |
3 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27 |
21 KB |
3 |
decide.dev
cdn2.decide.dev — Cisco Umbrella Rank: 29810 decide.dev — Cisco Umbrella Rank: 23055 |
6 KB |
2 |
adsrvr.org
2 redirects
match.adsrvr.org — Cisco Umbrella Rank: 347 |
716 B |
2 |
amazon-adsystem.com
1 redirects
s.amazon-adsystem.com — Cisco Umbrella Rank: 304 |
2 KB |
2 |
crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1005 bcp.crwdcntrl.net — Cisco Umbrella Rank: 920 |
12 KB |
2 |
id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 854 id5-sync.com — Cisco Umbrella Rank: 419 |
26 KB |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37 |
149 KB |
2 |
leafybranch.com
2 redirects
mailz.leafybranch.com |
931 B |
1 |
googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 114 |
51 KB |
1 |
yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 493 |
604 B |
1 |
criteo.net
static.criteo.net — Cisco Umbrella Rank: 667 |
13 KB |
1 |
33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1287 |
6 KB |
1 |
openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1783 |
8 KB |
1 |
creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2476 |
1 KB |
1 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 314 |
901 B |
1 |
uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2735 |
3 KB |
1 |
lockerdomecdn.com
cdn1.lockerdomecdn.com — Cisco Umbrella Rank: 25292 |
1 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31 |
3 KB |
0 |
jeeng.com
Failed
users.api.jeeng.com Failed |
|
102 | 25 |
Domain | Requested by | |
---|---|---|
52 | freedomheadlines.com |
freedomheadlines.com
|
10 | fundingchoicesmessages.google.com |
securepubads.g.doubleclick.net
|
5 | fonts.gstatic.com |
fonts.googleapis.com
|
4 | cm.g.doubleclick.net |
3 redirects
google-bidout-d.openx.net
|
3 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
2 | gum.criteo.com |
1 redirects
static.criteo.net
|
2 | us-u.openx.net |
google-bidout-d.openx.net
|
2 | match.adsrvr.org | 2 redirects |
2 | s.amazon-adsystem.com |
1 redirects
google-bidout-d.openx.net
|
2 | oajs.openx.net |
1 redirects
freedomheadlines.com
|
2 | cdn2.decide.dev |
cdn1.lockerdomecdn.com
|
2 | www.googletagmanager.com |
freedomheadlines.com
www.googletagmanager.com |
2 | securepubads.g.doubleclick.net |
freedomheadlines.com
securepubads.g.doubleclick.net |
2 | mailz.leafybranch.com | 2 redirects |
1 | mug.criteo.com | |
1 | googleads.g.doubleclick.net |
pagead2.googlesyndication.com
|
1 | pagead2.googlesyndication.com | |
1 | pr-bh.ybp.yahoo.com |
google-bidout-d.openx.net
|
1 | google-bidout-d.openx.net |
oa.openxcdn.net
|
1 | id5-sync.com |
cdn.id5-sync.com
|
1 | bcp.crwdcntrl.net |
tags.crwdcntrl.net
|
1 | static.criteo.net |
securepubads.g.doubleclick.net
|
1 | cdn-ima.33across.com |
securepubads.g.doubleclick.net
|
1 | oa.openxcdn.net |
securepubads.g.doubleclick.net
|
1 | invstatic101.creativecdn.com |
securepubads.g.doubleclick.net
|
1 | tags.crwdcntrl.net |
securepubads.g.doubleclick.net
|
1 | cdn.jsdelivr.net |
securepubads.g.doubleclick.net
|
1 | cdn.prod.uidapi.com |
securepubads.g.doubleclick.net
|
1 | cdn.id5-sync.com |
securepubads.g.doubleclick.net
|
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | decide.dev |
cdn2.decide.dev
|
1 | cdn1.lockerdomecdn.com |
freedomheadlines.com
|
1 | fonts.googleapis.com |
freedomheadlines.com
|
0 | users.api.jeeng.com Failed |
freedomheadlines.com
|
102 | 34 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
freedomheadlines.com GTS CA 1P5 |
2024-01-22 - 2024-04-21 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-01-09 - 2024-04-02 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2024-01-09 - 2024-04-02 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2024-01-09 - 2024-04-02 |
3 months | crt.sh |
*.lockerdomecdn.com Amazon RSA 2048 M02 |
2023-11-26 - 2024-12-24 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2024-01-09 - 2024-04-02 |
3 months | crt.sh |
*.decide.dev Amazon RSA 2048 M02 |
2023-11-26 - 2024-12-25 |
a year | crt.sh |
decide.dev GTS CA 1D4 |
2024-02-04 - 2024-05-04 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2024-01-09 - 2024-04-02 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-05-07 - 2024-05-06 |
a year | crt.sh |
cdn.prod.uidapi.com R3 |
2024-01-24 - 2024-04-23 |
3 months | crt.sh |
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3 |
2023-09-27 - 2024-10-28 |
a year | crt.sh |
*.crwdcntrl.net Amazon RSA 2048 M01 |
2023-10-08 - 2024-11-05 |
a year | crt.sh |
invstatic101.creativecdn.com GTS CA 1D4 |
2023-12-23 - 2024-03-22 |
3 months | crt.sh |
oa.openxcdn.net GTS CA 1D4 |
2024-01-22 - 2024-04-22 |
3 months | crt.sh |
*.33across.com Sectigo RSA Domain Validation Secure Server CA |
2023-09-06 - 2024-09-30 |
a year | crt.sh |
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-12-15 - 2024-03-10 |
3 months | crt.sh |
*.id5-sync.com R3 |
2024-01-01 - 2024-03-31 |
3 months | crt.sh |
*.openx.net RapidSSL TLS RSA CA G1 |
2023-08-18 - 2024-08-18 |
a year | crt.sh |
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA |
2024-01-10 - 2024-06-26 |
6 months | crt.sh |
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-02-08 - 2024-05-07 |
3 months | crt.sh |
This page contains 5 frames:
Primary Page:
https://freedomheadlines.com/
Frame ID: B9783D42506B2D50436EB9FC13326ACD
Requests: 92 HTTP requests in this frame
Frame:
https://decide.dev/lad/14729220068684902?pubid=ld-14729220068684902&pubo=https%3A%2F%2Ffreedomheadlines.com&rid=&width=1560&path=%2F&x=-100779&y=101199
Frame ID: F856F491B14D1160FB9429711F5A3927
Requests: 1 HTTP requests in this frame
Frame:
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: BBA996FD5AAF74ED18DCA0B22CF4BE80
Requests: 6 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20240207/r20190131/zrt_lookup_fy2021.html
Frame ID: F40241FCA0AC35BA27C19354B4E9C874
Requests: 1 HTTP requests in this frame
Frame:
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=freedomheadlines.com&us_privacy=1---&gpp=&gpp_sid=-1
Frame ID: 8F936E9EF62731F75B36BBB3EE7164C8
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
Freedom Headlines | Top Political News USA | USA Politics – Freedom headlines provide the latest political news in the USA. Read the trending today news headlines in usa and find the best news about the politics.Page URL History Show full URLs
-
http://mailz.leafybranch.com/index.php/campaigns/ht7504drhm028/track-url/rp823kg8md5c5/0.35966528134263465
HTTP 301
https://mailz.leafybranch.com/index.php/campaigns/ht7504drhm028/track-url/rp823kg8md5c5/0.35966528134263465 HTTP 302
https://freedomheadlines.com/ Page URL
Detected technologies
WordPress (CMS) ExpandDetected patterns
- <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
- /wp-(?:content|includes)/
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google AdSense (Advertising Networks) Expand
Detected patterns
- googlesyndication\.com/
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
OpenX (Advertising Networks) Expand
Detected patterns
- https?://[^/]*\.openx\.net
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery Migrate (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
jsDelivr (CDN) Expand
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://mailz.leafybranch.com/index.php/campaigns/ht7504drhm028/track-url/rp823kg8md5c5/0.35966528134263465
HTTP 301
https://mailz.leafybranch.com/index.php/campaigns/ht7504drhm028/track-url/rp823kg8md5c5/0.35966528134263465 HTTP 302
https://freedomheadlines.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 81- https://oajs.openx.net/esp?url=https%3A%2F%2Ffreedomheadlines.com%2F&rid=esp HTTP 302
- https://oajs.openx.net/esp?url=https%3A%2F%2Ffreedomheadlines.com%2F&rid=esp&cc=1
- https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=541f3af0-b329-cb4d-19f3-a72c87cc0ee2 HTTP 302
- https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=541f3af0-b329-cb4d-19f3-a72c87cc0ee2&dcc=t
- https://match.adsrvr.org/track/cmf/openx?oxid=0cc9468d-af83-70b7-d9fd-25bbefffc502&gdpr=0 HTTP 302
- https://match.adsrvr.org/track/cmb/openx?oxid=0cc9468d-af83-70b7-d9fd-25bbefffc502&gdpr=0 HTTP 302
- https://us-u.openx.net/w/1.0/sd?id=537072971&val=c9892ea7-01ec-44d2-b080-b7652ec979b6&ttd_puid=0cc9468d-af83-70b7-d9fd-25bbefffc502&gdpr=0&gdpr_consent=
- https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MjBhNjk1NDctNjZmNC0yZTEzLWNjMWQtN2YwMjI1MWQwYjYy HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MjBhNjk1NDctNjZmNC0yZTEzLWNjMWQtN2YwMjI1MWQwYjYy&google_tc=
- https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
- https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENFDo0Wk_sHXISGbfkM16mw&google_cver=1
- https://gum.criteo.com/sid/json?origin=publishertagids&domain=freedomheadlines.com&sn=ChromeSyncframe&so=0&topUrl=freedomheadlines.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
- https://mug.criteo.com/sid?cpp=_pdgYXxjNTJ5YXViWGJPdVd1bWdpcGg3a0sxaVFoTFBCTW5vWDNUOGtRcmdJTjROSG4xZzBlT0JVL0ZEWlBQUUJEVjg2cEFuTC9iQ09EMjk1ZVZOWExNWXVWRTh3M2VOUHFsSmRNTlJwVzVpd1BJaGI0bzNSMXZVVUM5L2hPa0N0azJSajZFSHhmZjNlL2hPWnBycXZjenNONXFZWjYzYkNTcGVQS3FZOGJIOEZUcjR4TEt3bk5VaVQyb3V3bDlSVDArU3h3b0FQdVRabmZQOURyUkVWWHA2ZEtSZjFDRmc0dDhoR29kVUJkV1R0ZnAyS21GS0lxWkJyN081YWVHZ3pLWEdzQVovdi9iVFFrejk3NncrZnhyZThITnh2WWZCSVB5bTc5TWc0Y0NqVkREUT18&cppv=2
102 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
freedomheadlines.com/ Redirect Chain
|
111 KB 17 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.min.css
freedomheadlines.com/wp-includes/css/dist/block-library/ |
81 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mediaelementplayer-legacy.min.css
freedomheadlines.com/wp-includes/js/mediaelement/ |
11 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wp-mediaelement.min.css
freedomheadlines.com/wp-includes/js/mediaelement/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
components.css
freedomheadlines.com/wp-content/themes/breena/inc/assets/css/ |
52 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
freedomheadlines.com/wp-content/themes/breena/ |
106 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
responsive.css
freedomheadlines.com/wp-content/themes/breena/inc/assets/css/ |
15 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
freedomheadlines.com/wp-content/themes/breena/inc/assets/css/font-awesome/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
58 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
freedomheadlines.com/wp-includes/js/jquery/ |
87 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-migrate.min.js
freedomheadlines.com/wp-includes/js/jquery/ |
11 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gpt.js
securepubads.g.doubleclick.net/tag/js/ |
97 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
192 KB 69 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
users.api.jeeng.com/users/domains/mO6DXK83XA/sdk/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
FH-2021-sized-1.jpg
freedomheadlines.com/wp-content/uploads/2021/01/ |
28 KB 28 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Screenshot-182-800x462.png
freedomheadlines.com/wp-content/uploads/2024/02/ |
415 KB 416 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Screenshot-181-355x355.png
freedomheadlines.com/wp-content/uploads/2024/02/ |
145 KB 146 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Screenshot-179-355x355.png
freedomheadlines.com/wp-content/uploads/2024/02/ |
142 KB 143 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Screenshot-177-355x355.png
freedomheadlines.com/wp-content/uploads/2024/02/ |
184 KB 185 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Screenshot-175-355x355.png
freedomheadlines.com/wp-content/uploads/2024/02/ |
172 KB 173 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Untitled-design-12-355x355.png
freedomheadlines.com/wp-content/uploads/2024/02/ |
125 KB 125 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Red-Abstract-Income-Money-YouTube-Thumbnail-355x355.png
freedomheadlines.com/wp-content/uploads/2024/02/ |
145 KB 146 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Screenshot-174-355x355.png
freedomheadlines.com/wp-content/uploads/2024/02/ |
206 KB 206 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Screenshot-169-355x355.png
freedomheadlines.com/wp-content/uploads/2024/02/ |
206 KB 207 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Screenshot-166-355x355.png
freedomheadlines.com/wp-content/uploads/2024/02/ |
135 KB 136 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Screenshot-168-355x355.png
freedomheadlines.com/wp-content/uploads/2024/02/ |
157 KB 158 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Screenshot-163-355x355.png
freedomheadlines.com/wp-content/uploads/2024/02/ |
144 KB 144 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Screenshot-152-355x355.png
freedomheadlines.com/wp-content/uploads/2024/02/ |
142 KB 143 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Screenshot-165-355x355.png
freedomheadlines.com/wp-content/uploads/2024/02/ |
177 KB 178 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Screenshot-150-355x355.png
freedomheadlines.com/wp-content/uploads/2024/02/ |
146 KB 147 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Screenshot-151-355x355.png
freedomheadlines.com/wp-content/uploads/2024/02/ |
145 KB 145 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Screenshot-140-355x355.png
freedomheadlines.com/wp-content/uploads/2024/02/ |
201 KB 202 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Screenshot-143-355x355.png
freedomheadlines.com/wp-content/uploads/2024/02/ |
120 KB 120 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Screenshot-69-355x355.png
freedomheadlines.com/wp-content/uploads/2024/02/ |
170 KB 171 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Screenshot-144-355x355.png
freedomheadlines.com/wp-content/uploads/2024/02/ |
175 KB 175 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Screenshot-138_cleanup-355x355.png
freedomheadlines.com/wp-content/uploads/2024/02/ |
146 KB 147 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Screenshot-135-355x355.png
freedomheadlines.com/wp-content/uploads/2024/02/ |
238 KB 239 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Screenshot-134-355x355.png
freedomheadlines.com/wp-content/uploads/2024/02/ |
228 KB 228 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Screenshot-133-355x355.png
freedomheadlines.com/wp-content/uploads/2024/02/ |
233 KB 234 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Screenshot-129-355x355.png
freedomheadlines.com/wp-content/uploads/2024/02/ |
159 KB 159 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Screenshot-130-355x355.png
freedomheadlines.com/wp-content/uploads/2024/02/ |
132 KB 132 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Untitled-design-9-355x355.png
freedomheadlines.com/wp-content/uploads/2024/02/ |
174 KB 174 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Screenshot-125-355x355.png
freedomheadlines.com/wp-content/uploads/2024/02/ |
159 KB 160 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Screenshot-118-355x355.png
freedomheadlines.com/wp-content/uploads/2024/02/ |
159 KB 160 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Screenshot-112-355x355.png
freedomheadlines.com/wp-content/uploads/2024/02/ |
186 KB 187 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
freedomheadlines_freedomheadlines_sticky.js
cdn1.lockerdomecdn.com/embeds/ |
1003 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
load-posts.js
freedomheadlines.com/wp-content/themes/breena/inc/assets/js/ |
15 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
components.js
freedomheadlines.com/wp-content/themes/breena/inc/assets/js/ |
241 KB 67 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
breena.js
freedomheadlines.com/wp-content/themes/breena/inc/assets/js/ |
13 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
mediaelement-and-player.min.js
freedomheadlines.com/wp-includes/js/mediaelement/ |
154 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
mediaelement-migrate.min.js
freedomheadlines.com/wp-includes/js/mediaelement/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
wp-mediaelement.min.js
freedomheadlines.com/wp-includes/js/mediaelement/ |
906 B 1001 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
wp-emoji-release.min.js
freedomheadlines.com/wp-includes/js/ |
18 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ |
23 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fontawesome-webfont.woff2
freedomheadlines.com/wp-content/themes/breena/inc/assets/css/font-awesome/fonts/ |
75 KB 76 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ |
47 KB 48 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v40/ |
49 KB 49 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ |
23 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6u_w4BMUTPHjxsI9w2_Gwft.woff2
fonts.gstatic.com/s/lato/v24/ |
17 KB 17 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Screenshot-182-375x249.png
freedomheadlines.com/wp-content/uploads/2024/02/ |
126 KB 127 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Screenshot-181-375x249.png
freedomheadlines.com/wp-content/uploads/2024/02/ |
111 KB 111 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Screenshot-179-375x249.png
freedomheadlines.com/wp-content/uploads/2024/02/ |
107 KB 108 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ajs.js
cdn2.decide.dev/_js/ |
5 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sjs.js
cdn2.decide.dev/_js/ |
10 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/ |
436 KB 137 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
222 KB 79 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
14729220068684902
decide.dev/lad/ Frame F856 |
943 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/g/ |
0 174 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
2 B 92 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
213794966
fundingchoicesmessages.google.com/i/ |
182 KB 61 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 349 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AGSKWxVomq_oVuPYW73XM9EfMrTUfmhWRz5WC9oNBzCiCYDAioip97je0hA-84WzZUH4Y83c00A_Db71fEr2zVlnrV8nlB--jaLreeq9miSObHPT7XMWsNgYN1I-wQhYMHLr9OTV0CGZbw==
fundingchoicesmessages.google.com/f/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
esp.js
cdn.id5-sync.com/api/1.0/ |
89 KB 26 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
uid2SecureSignal.js
cdn.prod.uidapi.com/ |
3 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ |
732 B 901 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ |
39 KB 12 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ |
1 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
esp.js
oa.openxcdn.net/ |
24 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ob.js
cdn-ima.33across.com/ |
17 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
publishertag.ids.js
static.criteo.net/js/ld/ |
41 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
AGSKWxWODvYUypOf3MQ7HnwLEMrqQj83hKK7sHliexHL5d2Y4fB7Lkgqdn4HdjNL00IifCh0YHYSr3RelS3SbZgp5uTKv9H3EGEXN8ZcRwFp44Vjt9YHyqgZ1bFB7Qf4LtLzfirv_T7R9A==
fundingchoicesmessages.google.com/f/ |
10 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
esp
oajs.openx.net/ Redirect Chain
|
85 B 194 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
map
bcp.crwdcntrl.net/6/ |
156 B 618 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
increment
id5-sync.com/api/esp/ |
0 236 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pd
google-bidout-d.openx.net/w/1.0/ Frame BBA9 |
725 B 870 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
980e20c9-3f2f-e2fe-e82a-334e10a8084b
pr-bh.ybp.yahoo.com/sync/openx/ Frame BBA9 |
43 B 604 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dcm
s.amazon-adsystem.com/ Frame BBA9 Redirect Chain
|
43 B 855 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sd
us-u.openx.net/w/1.0/ Frame BBA9 Redirect Chain
|
43 B 314 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel
cm.g.doubleclick.net/ Frame BBA9 Redirect Chain
|
170 B 243 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sd
us-u.openx.net/w/1.0/ Frame BBA9 Redirect Chain
|
43 B 97 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
adblockpopup.
fundingchoicesmessages.google.com/f/AGSKWxVVkA3EnVcmQ_Iqca7vvnMlt0KLrMaEusGuXwVYe96tmDm-3iiR4PhPUiZrD0kpGINd3zwJyMDXtJu0o2EYRQRGsvYdGJWW8IUglPe3rCfvgCJNBTh49AWXXWzm28qTlf9IaGC9RVudPpa7mGPVV-BKZhWzv... |
54 B 110 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ |
147 KB 51 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxVUuxUwNn5_484D5Q3ToEBeiI7x-1Jk3SaJ7Ya51BP8tYbMj6c5i1S-BwDYQte22qQOH7aiZ3XNRZtc1B-qHqV2y5Blqg0OAEthp2qM0BhtFuO6xkvpHqBpohKqz6VglM9HCWAnHQ==
fundingchoicesmessages.google.com/el/ |
0 29 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxVUuxUwNn5_484D5Q3ToEBeiI7x-1Jk3SaJ7Ya51BP8tYbMj6c5i1S-BwDYQte22qQOH7aiZ3XNRZtc1B-qHqV2y5Blqg0OAEthp2qM0BhtFuO6xkvpHqBpohKqz6VglM9HCWAnHQ==
fundingchoicesmessages.google.com/el/ |
0 29 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240207/r20190131/ Frame F402 |
9 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxVUuxUwNn5_484D5Q3ToEBeiI7x-1Jk3SaJ7Ya51BP8tYbMj6c5i1S-BwDYQte22qQOH7aiZ3XNRZtc1B-qHqV2y5Blqg0OAEthp2qM0BhtFuO6xkvpHqBpohKqz6VglM9HCWAnHQ==
fundingchoicesmessages.google.com/el/ |
0 29 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxVUuxUwNn5_484D5Q3ToEBeiI7x-1Jk3SaJ7Ya51BP8tYbMj6c5i1S-BwDYQte22qQOH7aiZ3XNRZtc1B-qHqV2y5Blqg0OAEthp2qM0BhtFuO6xkvpHqBpohKqz6VglM9HCWAnHQ==
fundingchoicesmessages.google.com/el/ |
0 29 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
AGSKWxXKX_e_VMy34ltAq7RwN9sYtgOSBlNnRwQQghs4dStCPlcYtAPlOFT2sRfGgwTu7HFXb44fGvNYjtMxbfJ3l-fAXlh8oifyb4LjNXz4Tsy0GjkPPx4ZI0Noth9a4LX0JEyc9MojeQ==
fundingchoicesmessages.google.com/f/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
syncframe
gum.criteo.com/ Frame 8F93 |
14 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxUw1OAms-BB35qs0jJ6paBGUPS-oK0f94hi5ZkBYmW58_t10WeHlQ1yP3GQ3tU2FjppLynHpSRUoZW5E7JPIdlgRMrzqzbUuAKxwPCyY3MXdzoKMc-v--QAJfFY1TU7RQ8Ar48w-w==
fundingchoicesmessages.google.com/el/ |
0 29 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sid
mug.criteo.com/ Frame 8F93 Redirect Chain
|
457 B 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- users.api.jeeng.com
- URL
- https://users.api.jeeng.com/users/domains/mO6DXK83XA/sdk/
Verdicts & Comments Add Verdict or Comment
198 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| _wpemojiSettings undefined| $ function| jQuery object| googletag function| gtag object| dataLayer object| pbd_alp object| _ldStickyConfig object| ggeac object| google_tag_data object| google_js_reporting_queue object| google_tag_manager string| GoogleAnalyticsObject function| ga function| UpdateQueryString function| Swiper function| PhotoSwipe function| PhotoSwipeUI_Default string| fotoramaVersion object| ajax_var function| sticky_sidebar object| mejsL10n object| mejs function| MediaElement object| HtmlMediaElement function| onYouTubePlayerAPIReady function| DefaultPlayer function| MediaElementPlayer object| _wpmejsSettings object| wp boolean| _ldStickyRendered object| ldAdInit object| _ldAdIdMap object| gaGlobal object| gaplugins object| gaData boolean| google_measure_js_timing object| google_reactive_ads_global_state object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| MzI0YWQ4Nzc3YWIyYWE3NmxvYWRlcl9qcw== string| MzI0YWQ4Nzc3YWIyYWE3NmNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady function| __uspapi object| __uspapiManager boolean| __uspapiPostMessageReady object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady object| regeneratorRuntime object| ox_esp function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| pbjs object| criteo_pubtag object| criteo_identitytag_150 object| Criteo object| Criteo_identitytag_150 object| __uid2SecureSignalProvider object| __uid2 object| _33across object| __id5_finalization_registry boolean| 1401269f-1dc0-4187-b170-98eda83f741a number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| adsbygoogle string| google_user_agent_client_hint object| criteo_syncframe_state object| twemoji22 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.freedomheadlines.com/ | Name: _ga_CP4TF595X7 Value: GS1.1.1707689613.1.0.1707689613.0.0.0 |
|
.freedomheadlines.com/ | Name: _ga Value: GA1.2.2003759575.1707689614 |
|
.freedomheadlines.com/ | Name: _gid Value: GA1.2.1244923625.1707689614 |
|
.freedomheadlines.com/ | Name: _gat_gtag_UA_32644619_11 Value: 1 |
|
.openx.net/ | Name: i Value: df6579d4-0604-4f40-832b-ed538bd8f6ff|1707689614 |
|
.crwdcntrl.net/ | Name: _cc_dc Value: 0 |
|
.crwdcntrl.net/ | Name: _cc_id Value: 54706fb849bc2bbb4821cff854c5b242 |
|
.freedomheadlines.com/ | Name: _cc_id Value: 54706fb849bc2bbb4821cff854c5b242 |
|
.freedomheadlines.com/ | Name: panoramaId_expiry Value: 1707776014625 |
|
.openx.net/ | Name: pd Value: v2|1707689614|vMgavPkWgy |
|
.yahoo.com/ | Name: A3 Value: d=AQABBI5GyWUCECuocfswcqEtKVYXPGtNRLMFEgEBAQGYymXTZQAAAAAA_eMAAA&S=AQAAAmo4WZkbE1r7v35Jj9CNMOk |
|
.adsrvr.org/ | Name: TDID Value: c9892ea7-01ec-44d2-b080-b7652ec979b6 |
|
.amazon-adsystem.com/ | Name: ad-id Value: A9LpNyrr4UgCnlbbKjTpC3E |
|
.amazon-adsystem.com/ | Name: ad-privacy Value: 0 |
|
.adsrvr.org/ | Name: TDCPM Value: CAEYBSABKAIyCwjAnZe7rdbVPBAFOAE. |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUnKA4DRp_i_U9Fa7E8huFVfH1ffjkmjH3NDTxXXuJV7b8uqBE6COiAFMjNsBEk |
|
.openx.net/ | Name: univ_id Value: 537072971|c9892ea7-01ec-44d2-b080-b7652ec979b6|1707689615114259 |
|
.freedomheadlines.com/ | Name: FCNEC Value: %5B%5B%22AKsRol-wtvfXq0TVDfWZT2f8n8fyIRdw7MWUKvl5B7Idt81n6ZJkHE695imqgaLRZs8qd82Ey8z2aavI36s1rwx6VM-AGwjz9CXdDS6D-N5C8cKnmQRY0e___wWNOzTK08_3WXI_lDz8lSTdgLLBLWg8ywA2-prWsw%3D%3D%22%5D%5D |
|
.criteo.com/ | Name: receive-cookie-deprecation Value: 1 |
|
.criteo.com/ | Name: uid Value: f9f6b2ee-0d67-47e4-a448-965096de9701 |
|
.criteo.com/ | Name: partitioned_bundle Value: RJ6yv19KJTJGRWFFSVl1ejZVdE5oMVYyb2lONFB4SmRqQ25Db29lQVo2cHljeUNBakliM0pzJTJCeGc2dW5vd1pYdXNWYkdiYXBycXFJN2VQOHlMbURadnNaJTJCRHZhZ2VMVmNCUEhndTNpQXVyeHRiSyUyRk5ta2l5dSUyRjNUbVJWMzByJTJGNUIyOTlkWGpOZVZtWm1ORDJsYjU1Sml6ZjQ0dG93dnNkdlo2dmJodmlMcFdwOW9qRjJaNGglMkY1V3JVMWx4MEl1VEhHVlhTaA |
|
.freedomheadlines.com/ | Name: cto_bundle Value: 2AHaGl9KJTJGRWFFSVl1ejZVdE5oMVYyb2lONFB4SmRqQ25Db29lQVo2cHljeUNBakliM0pzJTJCeGc2dW5vd1pYdXNWYkdiYXBycXFJN2VQOHlMbURadnNaJTJCRHZhZ2VMVmNCUEhndTNpQXVyeHRiSyUyRk5ta2l5dSUyRjNUbVJWMzByJTJGNUIyOTlkWGpOZVZtWm1ORDJsYjU1Sml6ZjQ0dGtzUGVRTnA5S3UxVkJFRVg5YU9Za0klM0Q |
35 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bcp.crwdcntrl.net
cdn-ima.33across.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn1.lockerdomecdn.com
cdn2.decide.dev
cm.g.doubleclick.net
decide.dev
fonts.googleapis.com
fonts.gstatic.com
freedomheadlines.com
fundingchoicesmessages.google.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
id5-sync.com
invstatic101.creativecdn.com
mailz.leafybranch.com
match.adsrvr.org
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
pr-bh.ybp.yahoo.com
s.amazon-adsystem.com
securepubads.g.doubleclick.net
static.criteo.net
stats.g.doubleclick.net
tags.crwdcntrl.net
us-u.openx.net
users.api.jeeng.com
www.google-analytics.com
www.googletagmanager.com
users.api.jeeng.com
104.18.35.167
108.138.128.34
142.251.40.162
162.19.138.118
209.54.182.161
2600:1f18:4e9:5a05:c89c:b2af:dcc6:f0ac
2600:3c00::f03c:93ff:fe39:3408
2600:9000:21dd:5400:b:6268:b880:93a1
2600:9000:247b:c800:3:7df3:55c0:93a1
2600:9000:2511:ea00:a:e047:753:eb41
2606:4700:10::ac43:266a
2606:4700:3030::6815:2278
2607:f8b0:4004:c0b::9a
2607:f8b0:4006:809::2002
2607:f8b0:4006:809::2003
2607:f8b0:4006:80f::200e
2607:f8b0:4006:81c::200a
2607:f8b0:4006:81e::2002
2607:f8b0:4006:821::2008
2607:f8b0:4006:823::200e
2607:f8b0:4006:824::2002
2620:100:a001::4
2620:100:a001::c
2a04:4e42:200::485
3.33.220.150
34.102.146.192
34.120.107.143
34.149.139.129
34.96.70.87
35.244.159.8
54.85.196.253
74.119.119.139
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
02dec2fffb65715a3fceb2ad95d50b8eb56f519e7a9a3718671d15d1527f48e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d
1344f2cf7e2562ce1c954075dda071857f4ff0c6bb6d2022384883f24d3bd1e9
15fdd50a7fe7f3a79e1115d84e5e2109bd20575700f293449dc33e50b54b7278
187ac694e850167fdd2f736e8d18a46097412ee3ca36edc39a54924ce58a92d1
2218c4ae1e3a769ff3a5a35e8ab9f3eaf312256c7d66e8f78ed7c9d7bddbac66
27348c25398b02664f6e2b4bfeb1dc662d2144366783cf0c8c182b4c40c6feda
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2bcf7c31dad5a7352c5b9750d4e991939473441aef5d9ea22c036a47df0e1dca
2d9d60a7e6f524e853c090b533fcb861fa89c2f60164bb875120b9b7b776d134
2daccf20003ab05bb2398f30e0c6590bc0de12050130d0417f58604663118daa
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2e11c07af27692f028fd0b99be86ab8bbf352f0719c004a50fc515be69eeadf8
309c794d20c6824c9c401713bc7ba07938e85509e557ddbc944f6fa17e7b7469
3417f08a454ce5a2c9109fd0cb417546357afa78dd2571804c0fd718b4e816f4
34f050549c8d27fa1d85e8812f2c433d163b5097864f7cf109b3ac2e51c9702a
36d7ca0b9d64011d1d986ec276bc2240a54199f883c0b718471b7d5e0b208228
370d5a237df169ffbd65d31d1a2114d596b9aefe7eccfaf03537bde443ee7dd9
3a5bf9cc5dd3ef346e99bf040f333b5b52215246f5d69ab6d7b441bb6a48c9e0
3ac6e9505672e7219238eb414f437d26c9f9b7285f00c5dbd02e82ee3d8374be
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3e6131330963c472b950b8aaf544ba3829735b8ccb103d614ba7793e3a786550
443ba0af7a7ed827223c7fb3c008c02b9ff1d651b6492e9c270378b07d9f6008
44dd429d6f518c153ca25102bf826daae25a64a422351b043c5df24a23eceff1
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a9c296e741efdd14a3b5bd5daa4c977038b45df0c810f1315e9ebe0bd428937
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
53516be0a9c5da939f915dd0b838deb739eade601227bcbecbbcd30f3aa141d1
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548ac92055db7d54eee87e56dc70b947ca6bd5f4137b466aabb581111e447189
61773d9a3aa1ba14b2f4ea9a8118c619c460c5acbc8770405530cc5ce31ed7e4
61fda4114e814efbd487335e956dc9885aa28900f12fb50fd35adf033876cd96
68e31ce0af00a64739c011e443360551f543cd78c0f6d8fa74782af0ed468ca5
6b308b20085577b2b60aff955b22f267ece44b4e900e7a0b03db2af62374d7c2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
72ff62298cb3f3a44ba552a12ad127a0d4d908d845304a40d641a43ea188828c
76bbe117102ce802cd20b57f9722133d7924bb3395bfe201f8f0b515a81c46dc
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b6a70e6e0bcad7e4594eda95e649104dbb17cd3bd3f5b87aa07784814073ec9
7f34b768792b90cf0b04fced2470e43d8fab7644f6565d5178fbfb49c4859cee
8934e50a379b952d7519a1508598f3289b07d54fe60db6e1293b1a95d857b9f4
8deb4dcd9ce02afc82cd8ee1938a02d0c40bd438fa8da4f22a255676fbe543e9
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
92b19cf55c0e5b2dceebd85345b8a0899086f33716f987bfa10ca59b57c02fa2
92bf94837e363dc2a3b4c54b15d15b0a90536ad55db6c9191e25b867a33bb2fc
92c90ef09cf0dd580edfba04b4d7fa5f3230b0cf47771511f192e34039f60070
93ff8bdf26d044a68712a1bfa9b28d2bf6e418e7717c3b75364f2f9ecc59bf6e
94eed248eb26332006d142a318a7a7f4d36e7302893c3dd232fdcdd1c0fff21a
990d433c0d4be6218e5e3c2a6d8d3f9463f7676be44504ba811695d074e878cc
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9fa96fcab2dcaa5ba3be1f07ccf8e8c920a24d10d0d2649dbc57bb2aeb0652a2
a2e99d9f642cf26e56bad3ff3705fd8ab8ea028ffa302405d1642bb7456d796a
a340489de79ad09261c049dfee5416a53ea3c0234cf341433f30dacd8648775f
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a81997224ea6b3cd7c4a3f5538be37b103ab12171b55c99ee7dfe25a46225903
a958607d9e79a3d886868a88bdaca055bf913bfbe3cc8e8f12cf9333ed86a517
a961366b4346f6078cc2f164d2c019f63b37e2693f6fc93a995048a98b25c083
b611b4d84df0cf7b36271516046e450429cfc5b82c03524fb8dca1b769488159
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c101bd4f44d2093a3e9927bb6a6b6bddfeed686f55ac5214733bf953ec3fd3de
c1e3066e7ed6a0b5966c1a07d49fe12a5b8055410b672bae1bcfa988e1f6460a
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c5ad3f727ef5f17ff632a0cf27ad59f11458e1b4033322e5d2b4b2c3abe09ca5
c925ec1476277c191bdcad290ba04f1ea9121ab6cc7f2ee96d3f50a4046e154e
cd500c546202be15f4b0d9a10a2096a2dcffd0f195d953bbe931ff8e45ca234f
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
d54e97c21624bf7256d0fdf8b5e2fad32f1dae0c16a9f2c99e2d90975b458953
d720bd2e8fa9d5fd816e93c9314e0d1865466576a27ba38bda1f67a2ac0c98a6
d7468c2b37835cda9fce0108927f2f8f265db0191f848331913e8bacddf1d64b
d7e14c54ef4766b96809b799ad013d3507921ac9f208ab6817e7fbe26b5b6a37
d90635e9387d609021c98744f1c57f90fe34597a03506c9b3aa77419623255b8
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
df05212bb889615bd56fde21376ef68d499860205943aaac71fc45d2a207b8ae
e1bcf2aae786aa72292ec28f330390b1e324f4c273f9ca993150b5163620d862
e388e19ca38c825b329e762c79c66bbd41bd334f18312c5e97fde0a8f64bca36
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f3af7f51784ed4f949a73ea169afd133ee7c27525717273c89a57c7ea5017d
e59fc50c6cfa0cd5b5ee0c82241b208740f002c3857496476fb155643f69563c
e5f4f96e32a749a3c07b566aceb9b84a8445c71ca9713a4bfce9b7d28731fc33
e5fb01b44731d3b33d3a227b318e8be534cdd572945cae5789ae56f4d4ab7de7
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e99595e3b264f17841eeacadf66d8518fb82c055ed8bc6fe13306d1fbbee9f78
e9efd3741128651b2b5ad304c0c8c0a5341446918063f2f5f141a08779f05896
eea137e9308a920bc68c3f46f2568700a5b388af64b565d2b42b1183bd600dbc
f673a8adc98789a6eca1dd65c67fb782787f2571ba2730bb8c5f69bea7b5bc0f
f6f14681142e16db6027f013840dc46f68cce2f3c5ccf8814d2361d06b5127d8
f9788ee2167c38d3fa9fff1de4e37889522368ea18c541d85e67f9ffeb5b4127