secure.ew.com
Open in
urlscan Pro
2600:9000:2156:8a00:1f:68ee:dbc0:93a1
Public Scan
Effective URL: https://secure.ew.com/common/profile/member/optout/?showPreferencesOnTop=true
Submission: On June 17 via api from US
Summary
TLS certificate: Issued by Amazon on September 6th 2020. Valid for: a year.
This is the only time secure.ew.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN22606 (EXACT-7, US)
PTR: click.offers.meredith.com
click.offers.meredith.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-224-195-100.fra2.r.cloudfront.net
geoscripts.meredith.services |
ASN16625 (AKAMAI-AS, US)
PTR: a104-111-233-93.deploy.static.akamaitechnologies.com
c.betrad.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com | |
ampcid.google.de |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16625 (AKAMAI-AS, US)
PTR: a104-111-244-187.deploy.static.akamaitechnologies.com
c.evidon.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-224-132-196.compute-1.amazonaws.com
l.betrad.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-36-169-40.us-west-2.compute.amazonaws.com
api.segment.io |
ASN16509 (AMAZON-02, US)
cdn-gl.imrworldwide.com |
ASN15169 (GOOGLE, US)
PTR: 216.93.201.35.bc.googleusercontent.com
gwiqcdn.globalwebindex.net |
ASN16509 (AMAZON-02, US)
PTR: server-13-225-74-21.fra2.r.cloudfront.net
cookie-stream.ipp-meredith.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-201-96-235.compute-1.amazonaws.com
qpsftq5jqg.execute-api.us-east-1.amazonaws.com |
ASN16509 (AMAZON-02, US)
static.chartbeat.com |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN16509 (AMAZON-02, US)
PTR: server-13-225-74-96.fra2.r.cloudfront.net
sb.scorecardresearch.com |
ASN16509 (AMAZON-02, US)
d9jj3mjthpub.cloudfront.net |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-201-186-195.compute-1.amazonaws.com
ping.chartbeat.net |
ASN32934 (FACEBOOK, US)
www.facebook.com |
Domain | Requested by | |
---|---|---|
6 | cdn.cookielaw.org |
secure.ew.com
cdn.cookielaw.org |
5 | secure.ew.com |
1 redirects
secure.ew.com
|
4 | sb.scorecardresearch.com |
2 redirects
secure.ew.com
|
3 | d9jj3mjthpub.cloudfront.net |
secure.ew.com
|
3 | api.segment.io |
cdn.segment.com
|
3 | fonts.gstatic.com |
secure.ew.com
|
2 | www.facebook.com |
secure.ew.com
|
2 | gwiq-v3.globalwebindex.net |
gwiqcdn.globalwebindex.net
|
2 | assets.bounceexchange.com |
tag.bounceexchange.com
assets.bounceexchange.com |
2 | tru.am |
www.googletagmanager.com
tru.am |
2 | connect.facebook.net |
secure.ew.com
connect.facebook.net |
2 | cdn.brandmetrics.com |
www.googletagmanager.com
cdn.brandmetrics.com |
2 | www.google-analytics.com |
cdn.segment.com
www.google-analytics.com |
2 | geolocation.onetrust.com |
secure.ew.com
cdn.cookielaw.org |
1 | e.cdnwidget.com | |
1 | ids.cdnwidget.com |
assets.bounceexchange.com
|
1 | api.bounceexchange.com |
assets.bounceexchange.com
|
1 | view.cdnbasket.net |
assets.bounceexchange.com
|
1 | page.cdnbasket.net |
assets.bounceexchange.com
|
1 | data.cdnbasket.net |
assets.bounceexchange.com
|
1 | secure-dcr.imrworldwide.com |
secure.ew.com
|
1 | www.google.de |
secure.ew.com
|
1 | www.google.com |
secure.ew.com
|
1 | ping.chartbeat.net |
secure.ew.com
|
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | static.chartbeat.com |
secure.ew.com
|
1 | qpsftq5jqg.execute-api.us-east-1.amazonaws.com |
secure.ew.com
|
1 | chirp.bizrate.com |
secure.ew.com
|
1 | pippio.com |
secure.ew.com
|
1 | cookie-stream.ipp-meredith.com |
secure.ew.com
|
1 | tag.bounceexchange.com |
secure.ew.com
|
1 | gwiqcdn.globalwebindex.net |
www.googletagmanager.com
|
1 | cdn.p-n.io |
www.googletagmanager.com
|
1 | cdn-gl.imrworldwide.com |
secure.ew.com
|
1 | ampcid.google.de |
www.google-analytics.com
|
1 | ampcid.google.com |
www.google-analytics.com
|
1 | script.crazyegg.com |
cdn.segment.com
|
1 | l.betrad.com |
secure.ew.com
|
1 | c.evidon.com |
secure.ew.com
|
1 | www.googletagmanager.com |
cdn.segment.com
|
1 | browser-update.org |
secure.ew.com
|
1 | c.betrad.com |
secure.ew.com
|
1 | cdn.segment.com |
secure.ew.com
|
1 | geoscripts.meredith.services |
secure.ew.com
|
1 | ajax.googleapis.com |
secure.ew.com
|
1 | cdnjs.cloudflare.com |
secure.ew.com
|
1 | click.offers.meredith.com | 1 redirects |
70 | 47 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
secure.meredith.com Amazon |
2020-09-06 - 2021-10-08 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-10-21 - 2021-10-20 |
a year | crt.sh |
upload.video.google.com GTS CA 1O1 |
2021-05-24 - 2021-08-16 |
3 months | crt.sh |
cookielaw.org Cloudflare Inc ECC CA-3 |
2021-06-01 - 2022-05-31 |
a year | crt.sh |
onetrust.com Cloudflare Inc ECC CA-3 |
2021-02-12 - 2022-02-11 |
a year | crt.sh |
geoscripts.meredith.services Amazon |
2021-02-21 - 2022-03-22 |
a year | crt.sh |
*.segment.com DigiCert SHA2 Secure Server CA |
2020-06-12 - 2021-07-27 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2021-05-24 - 2021-08-16 |
3 months | crt.sh |
*.betrad.com DigiCert SHA2 Secure Server CA |
2020-04-29 - 2021-07-29 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2021-05-24 - 2021-08-16 |
3 months | crt.sh |
*.evidon.com DigiCert SHA2 Secure Server CA |
2021-05-30 - 2022-06-08 |
a year | crt.sh |
l.betrad.com Go Daddy Secure Certificate Authority - G2 |
2019-04-25 - 2021-06-24 |
2 years | crt.sh |
*.google.com GTS CA 1C3 |
2021-05-24 - 2021-08-16 |
3 months | crt.sh |
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-01-28 - 2022-02-01 |
a year | crt.sh |
pushlycdn.com Amazon |
2021-03-16 - 2022-04-14 |
a year | crt.sh |
gwiqcdn-v3.globalwebindex.net GTS CA 1D4 |
2021-05-01 - 2021-07-30 |
3 months | crt.sh |
tag.bounceexchange.com R3 |
2021-05-27 - 2021-08-25 |
3 months | crt.sh |
ipp-meredith.com Amazon |
2021-05-18 - 2022-06-16 |
a year | crt.sh |
pippio.com GTS CA 1D4 |
2021-05-01 - 2021-07-30 |
3 months | crt.sh |
*.bizrate.com Amazon |
2021-03-11 - 2022-04-09 |
a year | crt.sh |
*.execute-api.us-east-1.amazonaws.com Amazon |
2020-08-19 - 2021-09-19 |
a year | crt.sh |
*.chartbeat.com Thawte RSA CA 2018 |
2021-05-20 - 2022-06-03 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2021-05-26 - 2021-08-24 |
3 months | crt.sh |
*.scorecardresearch.com Amazon |
2021-02-28 - 2022-03-29 |
a year | crt.sh |
*.cloudfront.net Amazon |
2021-03-19 - 2022-03-17 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2021-05-24 - 2021-08-16 |
3 months | crt.sh |
assets.bounceexchange.com GTS CA 1D4 |
2021-05-01 - 2021-07-30 |
3 months | crt.sh |
*.chartbeat.net Thawte RSA CA 2018 |
2020-12-01 - 2021-12-30 |
a year | crt.sh |
gwiq.globalwebindex.net GTS CA 1D4 |
2021-05-01 - 2021-07-30 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2021-05-24 - 2021-08-16 |
3 months | crt.sh |
www.google.de GTS CA 1C3 |
2021-05-17 - 2021-08-09 |
3 months | crt.sh |
*.cdnbasket.net Go Daddy Secure Certificate Authority - G2 |
2020-07-29 - 2021-09-27 |
a year | crt.sh |
*.wunderkind.co R3 |
2021-06-01 - 2021-08-30 |
3 months | crt.sh |
ids.cdnwidget.com GTS CA 1D4 |
2021-05-01 - 2021-07-30 |
3 months | crt.sh |
e.cdnwidget.com GTS CA 1D4 |
2021-05-01 - 2021-07-30 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://secure.ew.com/common/profile/member/optout/?showPreferencesOnTop=true
Frame ID: 126B79B07F3ADA27FF91489064DACF44
Requests: 72 HTTP requests in this frame
Frame:
https://assets.bounceexchange.com/assets/bounce/local_storage_frame16.min.html
Frame ID: 293199E36CED701306AF3612BF9F2328
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://click.offers.meredith.com/?qs=b292a3c7e19cb234173ddff3fcaedd937fe483f402fff5181a1ca16b4896e5df2d161bd3...
HTTP 302
https://secure.ew.com/common/profile/member/optout/?showPreferencesOnTop=true&hid=0f8c087a906bfb43... HTTP 302
https://secure.ew.com/common/profile/member/optout/?showPreferencesOnTop=true Page URL
Detected technologies
Java (Programming Languages) ExpandDetected patterns
- headers server /^Apache-Coyote(?:\/([\d.]+))?/i
Apache Tomcat (Web Servers) Expand
Detected patterns
- headers server /^Apache-Coyote(?:\/([\d.]+))?/i
Amazon Web Services (PaaS) Expand
Detected patterns
- headers via /\(CloudFront\)$/i
Amazon Cloudfront (CDN) Expand
Detected patterns
- headers via /\(CloudFront\)$/i
Bounce Exchange (Marketing Automation) Expand
Detected patterns
- script /^https?:\/\/tag\.bounceexchange\.com\//i
Crazy Egg (Analytics) Expand
Detected patterns
- script /script\.crazyegg\.com\/pages\/scripts\/\d+\/\d+\.js/i
Facebook (Widgets) Expand
Detected patterns
- script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Modernizr (JavaScript Libraries) Expand
Detected patterns
- script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i
Segment (Analytics) Expand
Detected patterns
- script /cdn\.segment\.com\/analytics\.js/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
50 Outgoing links
These are links going to different origins than the main page.
Title: ew.com
Search URL Search Domain Scan URL
Title: Agriculture
Search URL Search Domain Scan URL
Title: All People Quilt
Search URL Search Domain Scan URL
Title: Allrecipes
Search URL Search Domain Scan URL
Title: Better Homes and Gardens
Search URL Search Domain Scan URL
Title: Cooking Light
Search URL Search Domain Scan URL
Title: Coastal Living
Search URL Search Domain Scan URL
Title: Departures
Search URL Search Domain Scan URL
Title: Diabetic Living
Search URL Search Domain Scan URL
Title: EatingWell
Search URL Search Domain Scan URL
Title: Food & Wine
Search URL Search Domain Scan URL
Title: Family Circle
Search URL Search Domain Scan URL
Title: Fortune
Search URL Search Domain Scan URL
Title: Fit Pregnancy
Search URL Search Domain Scan URL
Title: Fitness Magazine
Search URL Search Domain Scan URL
Title: Hello Giggles
Search URL Search Domain Scan URL
Title: Health
Search URL Search Domain Scan URL
Title: InStyle
Search URL Search Domain Scan URL
Title: Living the Country Life
Search URL Search Domain Scan URL
Title: Life
Search URL Search Domain Scan URL
Title: Magazine.store
Search URL Search Domain Scan URL
Title: Magazines.com
Search URL Search Domain Scan URL
Title: Martha Stewart
Search URL Search Domain Scan URL
Title: Martha Stewart Weddings
Search URL Search Domain Scan URL
Title: Midwest Living
Search URL Search Domain Scan URL
Title: MORE Magazine
Search URL Search Domain Scan URL
Title: MyRecipes
Search URL Search Domain Scan URL
Title: mywedding.com
Search URL Search Domain Scan URL
Title: Parents
Search URL Search Domain Scan URL
Title: People
Search URL Search Domain Scan URL
Title: Rachael Ray Every Day
Search URL Search Domain Scan URL
Title: Real Simple
Search URL Search Domain Scan URL
Title: Sports Illustrated for Kids
Search URL Search Domain Scan URL
Title: Shape Magazine
Search URL Search Domain Scan URL
Title: Southern Living
Search URL Search Domain Scan URL
Title: Sports Illustrated
Search URL Search Domain Scan URL
Title: Travel & Leisure
Search URL Search Domain Scan URL
Title: Traditional Home
Search URL Search Domain Scan URL
Title: Time
Search URL Search Domain Scan URL
Title: Time Edge
Search URL Search Domain Scan URL
Title: Time for Kids
Search URL Search Domain Scan URL
Title: Wood Magazine
Search URL Search Domain Scan URL
Title: Meredith Corporation
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: EU Privacy Policy
Search URL Search Domain Scan URL
Title: Data Policy
Search URL Search Domain Scan URL
Title: Terms of Service
Search URL Search Domain Scan URL
Title: AdChoices
Search URL Search Domain Scan URL
Title: More information
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://click.offers.meredith.com/?qs=b292a3c7e19cb234173ddff3fcaedd937fe483f402fff5181a1ca16b4896e5df2d161bd3696c661b566a2cad44a79a4aa390e0b7fc29ac1bac86e7d9f9bc0b9d
HTTP 302
https://secure.ew.com/common/profile/member/optout/?showPreferencesOnTop=true&hid=0f8c087a906bfb436b9a0d499650dd373f8ddcf2 HTTP 302
https://secure.ew.com/common/profile/member/optout/?showPreferencesOnTop=true Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 41- https://sb.scorecardresearch.com/b?c1=2&c2=6035728&ns__t=1623948230327&ns_c=windows-1252&c8=EntertainmentWeekly%20Newsletter%20and%20Marketing%20Preferences&c7=https%3A%2F%2Fsecure.ew.com%2Fcommon%2Fprofile%2Fmember%2Foptout%2F%3FshowPreferencesOnTop%3Dtrue&c9= HTTP 302
- https://sb.scorecardresearch.com/b2?c1=2&c2=6035728&ns__t=1623948230327&ns_c=windows-1252&c8=EntertainmentWeekly%20Newsletter%20and%20Marketing%20Preferences&c7=https%3A%2F%2Fsecure.ew.com%2Fcommon%2Fprofile%2Fmember%2Foptout%2F%3FshowPreferencesOnTop%3Dtrue&c9=
- https://sb.scorecardresearch.com/c2/6035728/cs.js HTTP 302
- https://sb.scorecardresearch.com/internal-c2/default/cs.js
70 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
secure.ew.com/common/profile/member/optout/ Redirect Chain
|
38 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
optout_184f6e983fb9318e80d826b60e048406.css
secure.ew.com/web/css-min/common/css/pages/ewk/ |
288 KB 119 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modernizr.min.js
cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ |
94 KB 94 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
omnitureFunctions.js
secure.ew.com/web/js-min/js/mdp/util/ |
899 B 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
optout_cf810527290cb748f10ce4a498bc6cfd.js
secure.ew.com/web/js-min/common/js/pages/ |
32 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ |
17 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
meredithOneTrustGeoloc
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ |
177 B 259 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mdp.javascript.gdpr.min.1.0.0.js
geoscripts.meredith.services/public/javascripts/ |
0 502 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.min.js
cdn.segment.com/analytics.js/v1/BON3FBilt68aKr0pgANaJJW6i49R33qn/ |
401 KB 64 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
4 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
11 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DXI1ORHCpsQm3Vp6mXoaTRsxEYwM7FgeyaSgU71cLG0.woff
fonts.gstatic.com/s/opensans/v13/ |
96 KB 96 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
k3k702ZOKiLJc3WVjuplzBsxEYwM7FgeyaSgU71cLG0.woff
fonts.gstatic.com/s/opensans/v13/ |
96 KB 97 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uYKcPVoh6c5R0NpdEY5A-Q.woff
fonts.gstatic.com/s/opensans/v13/ |
94 KB 94 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
79 KB 79 KB |
Font
application/x-font-ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tag.js
c.betrad.com/pub/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
update.js
browser-update.org/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6a8c29a6-a4f7-4e30-b10e-b91e52b259ae.json
cdn.cookielaw.org/consent/6a8c29a6-a4f7-4e30-b10e-b91e52b259ae/ |
4 KB 2 KB |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ |
164 B 226 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
48 KB 19 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
429 KB 100 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon1.png
c.evidon.com/pub/ |
600 B 907 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p.gif
l.betrad.com/pub/ |
0 121 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.18.0/ |
377 KB 84 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
p
api.segment.io/v1/ |
21 B 141 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6699.js
script.crazyegg.com/pages/scripts/0080/ |
0 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
publisher:getClientId
ampcid.google.com/v1/ |
74 B 551 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
publisher:getClientId
ampcid.google.de/v1/ |
3 B 320 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nlsDcrLite510.min.js
cdn-gl.imrworldwide.com/novms/js/2/ |
22 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pushly-sdk.min.js
cdn.p-n.io/ |
348 KB 69 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gwiq.js
gwiqcdn.globalwebindex.net/gwiq/ |
6 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i.js
tag.bounceexchange.com/1494/ |
297 KB 119 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
i
api.segment.io/v1/ |
21 B 139 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s
cookie-stream.ipp-meredith.com/v1/ |
1 KB 1 KB |
Script
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync
pippio.com/api/ |
0 0 |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync.js
chirp.bizrate.com/ |
0 275 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
segments
qpsftq5jqg.execute-api.us-east-1.amazonaws.com/production/ |
0 0 |
Script
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
eweek.js
cdn.brandmetrics.com/tag/0884da54854545f7befc6604672f60d8/ |
23 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chartbeat_video.js
static.chartbeat.com/js/ |
69 KB 23 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
94 KB 24 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
meredith.js
tru.am/scripts/custom/ |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
b2
sb.scorecardresearch.com/ Redirect Chain
|
64 B 330 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
x.gif
d9jj3mjthpub.cloudfront.net/ |
35 B 350 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-29 |
collect
www.google-analytics.com/j/ |
4 B 24 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en.json
cdn.cookielaw.org/consent/6a8c29a6-a4f7-4e30-b10e-b91e52b259ae/77f7508a-4666-4a03-a50d-16d147c146d3/ |
260 KB 42 KB |
Fetch
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 86 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ijs_all_modules_cjs_min_b4395170d61a13c15f51ebcc0bc01dc5.js
assets.bounceexchange.com/assets/smart-tag/versioned/ |
564 KB 140 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ping
ping.chartbeat.net/ |
43 B 201 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
1576393572602771
connect.facebook.net/signals/config/ |
263 KB 75 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
c0248
gwiq-v3.globalwebindex.net/v2/gwiq/campaign/ |
0 231 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 113 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
c0248
gwiq-v3.globalwebindex.net/v2/gwiq/campaign/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gn
secure-dcr.imrworldwide.com/cgi-bin/ |
44 B 530 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
69828927.js
cdn.brandmetrics.com/scripts/bundle/ |
37 KB 12 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otFlat.json
cdn.cookielaw.org/scripttemplates/6.18.0/assets/ |
12 KB 3 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otPcTab.json
cdn.cookielaw.org/scripttemplates/6.18.0/assets/ |
58 KB 14 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
ta-pagesocial-sdk.js
tru.am/scripts/ |
27 KB 10 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
data.cdnbasket.net/ |
100 B 449 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
page.cdnbasket.net/ |
100 B 449 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
view.cdnbasket.net/ |
57 B 406 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 147 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
local_storage_frame16.min.html
assets.bounceexchange.com/assets/bounce/ Frame 2931 |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
817 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cs.js
sb.scorecardresearch.com/internal-c2/default/ Redirect Chain
|
0 348 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
init1.js
api.bounceexchange.com/bounce/ |
36 B 323 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c
ids.cdnwidget.com/ |
31 B 167 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cjs-logger
e.cdnwidget.com/ |
0 69 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
/
www.facebook.com/tr/ |
44 B 88 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
i
api.segment.io/v1/ |
21 B 140 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
x.gif
d9jj3mjthpub.cloudfront.net/ |
35 B 350 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
i
api.segment.io/v1/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
x.gif
d9jj3mjthpub.cloudfront.net/ |
35 B 350 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- api.segment.io
- URL
- https://api.segment.io/v1/i
Verdicts & Comments Add Verdict or Comment
121 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| mdp function| OptanonWrapper function| meredithOneTrustGeoloc string| gdprBaseUrl object| url object| euVersion object| s object| html5 object| Modernizr function| $ function| jQuery object| analytics string| brandName number| locCode object| dataLayerEntry string| key function| invokeToSegment object| dataLayer function| doRefreshAdFrame function| sendSponsorPageEvent function| sendPageEventWithComSource function| sendPageEventWithComSourceInfiniteScrollOnly function| sendComSourceCall function| sendContestPageEvent function| sendShopNationProductClickEvent function| sendAnalyticsEvent function| sendPageEvent function| sendPageEventWithParams function| sendLinkEvent function| sendPageEventWithReg function| toSegment object| CryptoJS function| MdpApi object| $buoop object| JSON3 object| OneTrustStub string| OnetrustActiveGroups string| OptanonActiveGroups object| $bu_ function| $buo function| $bu_getBrowser object| _buorgres string| GoogleAnalyticsObject function| ga function| normalize function| jsonFeed object| _evidonLinkNotice object| notice object| otStubData object| google_tag_data object| gaplugins object| google_tag_manager function| postscribe object| google_tag_manager_external object| nielsenMetadata boolean| euConsent string| sfdmpConsentLogged string| uid object| obj function| setCookie function| getCookie function| Krux object| globalTI function| ruskajs_init object| ruskajs object| _sf_async_config object| utag function| fbq function| _fbq object| gaGlobal object| gaData object| PushlySDK function| pushly object| pushly_profile undefined| muid object| NOLLite object| bouncex object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| pSUPERFLY_video object| _cbv_strategies object| _cbv number| _swclk_ number| _swsts_ object| $jscomp function| MIIScriptCtrl object| gwiq string| section object| brandmetrics object| Optanon object| OneTrust object| regeneratorRuntime object| bxgraph function| __assign function| __spreadArrays object| _brandmetrics object| local function| reload_campaigns function| setBounceCookie function| getBounceCookie function| setBounceVisitCookie function| getBounceVisitCookie function| clearBounceCookie object| TRUE_ANTHEM function| MultiCookie string| bcx_vars2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.ew.com/ | Name: OptanonConsent Value: groups=1%3A1%2C2%3A0%2C3%3A0%2C4%3A0%2C5%3A0&datestamp=Thu+Jun+17+2021+18%3A43%3A53+GMT%2B0200+(Central+European+Summer+Time)&version=6.18.0&hosts= |
|
.ew.com/ | Name: _fbp Value: fb.1.1623948232739.39026422 |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
ampcid.google.com
ampcid.google.de
api.bounceexchange.com
api.segment.io
assets.bounceexchange.com
browser-update.org
c.betrad.com
c.evidon.com
cdn-gl.imrworldwide.com
cdn.brandmetrics.com
cdn.cookielaw.org
cdn.p-n.io
cdn.segment.com
cdnjs.cloudflare.com
chirp.bizrate.com
click.offers.meredith.com
connect.facebook.net
cookie-stream.ipp-meredith.com
d9jj3mjthpub.cloudfront.net
data.cdnbasket.net
e.cdnwidget.com
fonts.gstatic.com
geolocation.onetrust.com
geoscripts.meredith.services
gwiq-v3.globalwebindex.net
gwiqcdn.globalwebindex.net
ids.cdnwidget.com
l.betrad.com
page.cdnbasket.net
ping.chartbeat.net
pippio.com
qpsftq5jqg.execute-api.us-east-1.amazonaws.com
sb.scorecardresearch.com
script.crazyegg.com
secure-dcr.imrworldwide.com
secure.ew.com
static.chartbeat.com
stats.g.doubleclick.net
tag.bounceexchange.com
tru.am
view.cdnbasket.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
api.segment.io
104.111.233.93
104.111.244.187
107.178.254.65
13.111.90.97
13.224.195.100
13.225.74.21
13.225.74.96
130.211.31.36
130.211.47.17
18.203.242.161
2600:9000:20eb:f800:11:e0c9:84c0:21
2600:9000:2104:9400:18:1fcd:34f:cdc1
2600:9000:2104:b200:2:42d9:3100:93a1
2600:9000:2156:8a00:1f:68ee:dbc0:93a1
2600:9000:21f3:8200:6:f5a3:efc0:93a1
2606:4700:10::6814:b844
2606:4700:20::681a:274
2606:4700:20::681a:6b4
2606:4700:20::ac43:45f7
2606:4700::6810:135e
2606:4700::6810:9540
2606:4700::6813:9308
2a00:1450:4001:80f::2004
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2008
2a00:1450:4001:810::200a
2a00:1450:4001:827::2003
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2003
2a00:1450:400c:c08::9a
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
34.107.221.36
34.117.4.53
34.120.253.250
34.201.186.195
34.98.72.95
35.190.65.91
35.190.80.238
35.190.80.55
35.201.93.216
52.201.96.235
52.36.169.40
54.224.132.196
65.9.82.96
65.9.85.130
00a372d3a162303926538ecdef2f190f0a3a4cdc99a752cb4a0206c6837ae11e
0385ee74ecfb95851591d855ebe9ce33585c9e2521b333105b1177813700c300
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
130de48e0c060d4b6238ea51906a09de1ae3d64e32420e935ebe1d5761784e7d
1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f
1d045adcd4667d1b5c17b122e9d114787922f6949558a6b19db002be8bb99a02
1dd4c3f1ea5b28ca04d4f2391197c4b57ef93d2d79ca0656bf6c5d588408e325
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
3362bbd6b06a5c7dfc9ca7d0199974bdd2b8464e635c8715b1779b3b9c13b88f
339fadb7357a1ecc56171a30156cce13555a6e03696fb18e77101dae0138ad9a
3c669add48bf3a45fa266a020fcaac2e6da0fc72d1dd95ba78ac9b77e0afba32
40d2dae0209b964e6ceb2607faafc02bb3d6efa0d73f47a4ab2a17279f642b91
4506c6d054756f3e143401714456bb28de2d793d4820c16a56409a3e78a1e21e
4cb92a925cb9f89157d46b55a677964228c0bfeca476a65d5c2150203d8360ca
547f226c6e04b6654144617685448d360e2a92d908c6fb646761a1e6d4850004
58401ebf2b79237c2f8973233de281d3f5e6f747a21337aff2ce9c4b03a5d423
59bf4920a322377c761eec2dba5b7de57b64267e82b0d3a7e9fafcfd4a954e34
5b04dc41ed527e8dde5f9f5f333e40ceed215c42122c513d4990e5d62e85f91a
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
6627c5ab36fa407f18fc9b6987e359eccef005ae6d35b370d2142b7daa770324
6aa7c3edbc1ee1fe66d4db0fea18aa2d0bbe0dfae05d228c9ffeeaeacb6f1c53
6ab8a3ed644d05d5eda40fc5ea20fe003d35131e58aaa0156824cb08db694f21
77aada385806e67e30d42a7190b25d73b8d78b17a0d1e021ccb274907f273a6a
7bc5851091f6e78079a6ea6006a95beef487e2e2b59a58e0e22f1342c768926d
7bf8ff1a42d5f1dbccd84428f729a2425d6d5dd84dc80d75c290ff03ed416a21
7eb5fb609b4607cdc6c3af8d00f3728e830fd0611fb859dbd3a7b19e1e08c97d
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
893181914496d765ace0da63d5505748f4a331004443cb5268ef4d766bff5e02
8dbc3f1a033b6733e96a5af1bc89d6f8ab68a5d533dcad72d56bd019e3b5b6b5
8eb9fd5180f31570c65fe43430c06cec8f74daf1a7df3bee104c4c0a6e05e4ef
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9cc5bd8ae1cf61a5282d733cf513be531b8fd185d8c416c46b8e5b49de663e10
a5e767be1cbb41ac4bfbed24cb276ae04341448348e6d5b8893656b5669966a9
ac0ba669867894cd9d28c4e72ac4541ea047d90e76af29de5e508882cc5043c1
ad9baa8716a2649e0a70de8add790e7c3f6fc35e8572d4f3a3a0e57cfce2807b
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b8aeaaba896f3b22f1dcb4ceead11866e0375dad159e1b336299bc498c311626
bb6bc69e17c661f565c3c277c87f230bb31b664a1be7a09a6142ecf06a9729e5
bd315fcf17e22d3d43cb96c107a420ef7e480c39235104adf496a98c9d49db2f
bf8fce049c8e10f0a036f50f5eb7c8dde06dc5bee833635f9db82de6f51f2418
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe
d58c2c4c4f0e61376d7458b0201f7cc413d1d7f957a4b4b8a820035c05d93a66
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
dda2f4f232fcd87be062ef868f383f5140abcc68b43a5a54dd6722ab826a765e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e74ae3b0618e97bcc7c7ad7b0552ca0485db3020fdd3328e9db2009d5e071540
e91cade20db06daf9ad40c3e054c2aeed360c7218d28c7c5e3b2d5090ff848e1
eb1fa7363d6e4772f7c49d67f031d68f209e66de6c3c05aade6fdc57a02505c1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2f11e4d45030f1f21ec7d3ae67a65b83c4c67016fe861fbebdff04ca0c8cd60
f5e8f371f6def6ca4b499e854abce523838e5be738c39dd13377b42b46ac7606
fe3fcb884394be745dbd11141b6d780028a4d86106b6292d7502db096f582218