exoduseffect.com
Open in
urlscan Pro
2a06:98c1:3120::3
Public Scan
Effective URL: https://exoduseffect.com/?affId=352&c1=&c2=1021a0c47fa55ef18f7044054e45e7&c3=&id=130979502&affid=352&cid=984&s1=&s2=1021a...
Submission: On November 22 via api from NL — Scanned from NL
Summary
TLS certificate: Issued by GTS CA 1P5 on September 25th 2023. Valid for: 3 months.
This is the only time exoduseffect.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 105.129.238.35.bc.googleusercontent.com
links.conservative-politics.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-135-161.eu-west-1.compute.amazonaws.com
go.offerwave.org |
ASN24940 (HETZNER-AS, DE)
PTR: cache-06.pushwoosh.com
cdn.pushwoosh.com |
ASN14618 (AMAZON-AES, US)
rp.liadm.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-224-144-142.compute-1.amazonaws.com
rp4.liadm.com |
ASN16509 (AMAZON-02, US)
PTR: server-65-9-94-113.prg50.r.cloudfront.net
cdn.amplitude.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-89-67-20.us-west-2.compute.amazonaws.com
api.amplitude.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
26 |
exoduseffect.com
exoduseffect.com |
892 KB |
6 |
criteo.com
2 redirects
dynamic.criteo.com — Cisco Umbrella Rank: 4133 gum.criteo.com — Cisco Umbrella Rank: 454 mug.criteo.com — Cisco Umbrella Rank: 2926 sslwidget.criteo.com — Cisco Umbrella Rank: 2332 widget.us.criteo.com — Cisco Umbrella Rank: 24980 |
33 KB |
5 |
gstatic.com
fonts.gstatic.com |
118 KB |
5 |
rhvsl.com
cdn.rhvsl.com — Cisco Umbrella Rank: 837850 |
2 MB |
3 |
amplitude.com
cdn.amplitude.com — Cisco Umbrella Rank: 2690 api.amplitude.com — Cisco Umbrella Rank: 1804 |
20 KB |
3 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 364 fonts.googleapis.com — Cisco Umbrella Rank: 31 |
38 KB |
3 |
liadm.com
1 redirects
b-code.liadm.com — Cisco Umbrella Rank: 3063 rp.liadm.com — Cisco Umbrella Rank: 1574 rp4.liadm.com — Cisco Umbrella Rank: 6581 |
16 KB |
2 |
zencdn.net
vjs.zencdn.net — Cisco Umbrella Rank: 5091 |
170 KB |
2 |
conservative-politics.com
2 redirects
links.conservative-politics.com |
958 B |
1 |
cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 899 |
7 KB |
1 |
pushwoosh.com
cdn.pushwoosh.com — Cisco Umbrella Rank: 33034 |
43 KB |
1 |
hillybillyrus.co
1 redirects
hillybillyrus.co |
914 B |
1 |
offerwave.org
1 redirects
go.offerwave.org |
2 KB |
1 |
lnktch.com
1 redirects
rdr.lnktch.com — Cisco Umbrella Rank: 647463 |
1 KB |
55 | 14 |
Domain | Requested by | |
---|---|---|
26 | exoduseffect.com |
exoduseffect.com
static.cloudflareinsights.com ajax.googleapis.com |
5 | fonts.gstatic.com |
fonts.googleapis.com
|
5 | cdn.rhvsl.com |
vjs.zencdn.net
|
2 | api.amplitude.com |
cdn.amplitude.com
|
2 | gum.criteo.com |
1 redirects
dynamic.criteo.com
|
2 | vjs.zencdn.net |
exoduseffect.com
|
2 | ajax.googleapis.com |
exoduseffect.com
|
2 | links.conservative-politics.com | 2 redirects |
1 | widget.us.criteo.com |
exoduseffect.com
|
1 | sslwidget.criteo.com | 1 redirects |
1 | mug.criteo.com |
exoduseffect.com
|
1 | fonts.googleapis.com |
ajax.googleapis.com
|
1 | cdn.amplitude.com |
exoduseffect.com
|
1 | rp4.liadm.com |
exoduseffect.com
|
1 | rp.liadm.com | 1 redirects |
1 | static.cloudflareinsights.com |
exoduseffect.com
|
1 | cdn.pushwoosh.com |
exoduseffect.com
|
1 | dynamic.criteo.com |
exoduseffect.com
|
1 | b-code.liadm.com |
exoduseffect.com
|
1 | hillybillyrus.co | 1 redirects |
1 | go.offerwave.org | 1 redirects |
1 | rdr.lnktch.com | 1 redirects |
55 | 22 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.networkadvertising.org |
Subject Issuer | Validity | Valid | |
---|---|---|---|
exoduseffect.com GTS CA 1P5 |
2023-09-25 - 2023-12-24 |
3 months | crt.sh |
*.liadm.com Amazon RSA 2048 M02 |
2023-02-28 - 2024-01-30 |
a year | crt.sh |
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-09-26 - 2023-12-23 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-10-23 - 2024-01-15 |
3 months | crt.sh |
vjs.zencdn.net GlobalSign Atlas R3 DV TLS CA 2023 Q2 |
2023-06-03 - 2024-07-04 |
a year | crt.sh |
*.pushwoosh.com Sectigo RSA Domain Validation Secure Server CA |
2023-03-07 - 2024-04-05 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-04-10 - 2024-04-09 |
a year | crt.sh |
cdn.amplitude.com Amazon RSA 2048 M01 |
2023-01-12 - 2024-02-11 |
a year | crt.sh |
cdn.rhvsl.com Amazon RSA 2048 M01 |
2023-06-20 - 2024-07-18 |
a year | crt.sh |
*.amplitude.com COMODO RSA Domain Validation Secure Server CA |
2023-01-23 - 2024-02-14 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-10-23 - 2024-01-15 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://exoduseffect.com/?affId=352&c1=&c2=1021a0c47fa55ef18f7044054e45e7&c3=&id=130979502&affid=352&cid=984&s1=&s2=1021a0c47fa55ef18f7044054e45e7&s3=&s4=&s5=
Frame ID: C10259E7DA47E86E6CB55C7062A40DB8
Requests: 58 HTTP requests in this frame
Frame:
https://gum.criteo.com/syncframe?topUrl=exoduseffect.com&origin=onetag
Frame ID: 7B04312689B7EB3BA35A35810FBC6058
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
The Exodus EffectPage URL History Show full URLs
-
http://links.conservative-politics.com/a/1537/click/15674/3953758/b1a08e0aba4b59ead9daa9dd1c1af5155af26746/15f92114...
HTTP 308
https://links.conservative-politics.com/a/1537/click/15674/3953758/b1a08e0aba4b59ead9daa9dd1c1af5155af26746/15f92114... HTTP 302
https://rdr.lnktch.com/aff_c?offer_id=1026&aff_id=1029&aff_sub=cp1121&file_id=2761 HTTP 302
https://go.offerwave.org/aff_c?offer_id=1105&aff_id=1002&aff_click_id=10289bdebd060279c4a232b5f1e924 HTTP 302
https://hillybillyrus.co/?a=352&c=14&s1=&s2=1021a0c47fa55ef18f7044054e45e7 HTTP 302
https://exoduseffect.com/?affId=352&c1=&c2=1021a0c47fa55ef18f7044054e45e7&c3=&id=130979502&affid=352&... Page URL
Detected technologies
Ruby on Rails (Web Frameworks) ExpandDetected patterns
Amplitude (Analytics) Expand
Detected patterns
- cdn\.amplitude\.com
Cloudflare Browser Insights (Analytics) Expand
Detected patterns
- static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Google Font API (Font Scripts) Expand
Detected patterns
- googleapis\.com/.+webfont
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Network Advertising Initiative opt-out page
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://links.conservative-politics.com/a/1537/click/15674/3953758/b1a08e0aba4b59ead9daa9dd1c1af5155af26746/15f921147f95a669a055c21235c5b897ef62258d/
HTTP 308
https://links.conservative-politics.com/a/1537/click/15674/3953758/b1a08e0aba4b59ead9daa9dd1c1af5155af26746/15f921147f95a669a055c21235c5b897ef62258d/ HTTP 302
https://rdr.lnktch.com/aff_c?offer_id=1026&aff_id=1029&aff_sub=cp1121&file_id=2761 HTTP 302
https://go.offerwave.org/aff_c?offer_id=1105&aff_id=1002&aff_click_id=10289bdebd060279c4a232b5f1e924 HTTP 302
https://hillybillyrus.co/?a=352&c=14&s1=&s2=1021a0c47fa55ef18f7044054e45e7 HTTP 302
https://exoduseffect.com/?affId=352&c1=&c2=1021a0c47fa55ef18f7044054e45e7&c3=&id=130979502&affid=352&cid=984&s1=&s2=1021a0c47fa55ef18f7044054e45e7&s3=&s4=&s5= Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 27- https://rp.liadm.com/j?dtstmp=1700616137932&aid=a-06ld&se=e30&duid=875ea714f6f7--01hft9xv2dj05hy76qy78ge93r&tna=v2.11.1&pu=https%3A%2F%2Fexoduseffect.com%2F%3FaffId%3D352%26c1%3D%26c2%3D1021a0c47fa55ef18f7044054e45e7%26c3%3D%26id%3D130979502%26affid%3D352%26cid%3D984%26s1%3D%26s2%3D1021a0c47fa55ef18f7044054e45e7%26s3%3D%26s4%3D%26s5%3D&wpn=lc-bundle&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI- HTTP 302
- https://rp4.liadm.com/j?se=e30&duid=875ea714f6f7--01hft9xv2dj05hy76qy78ge93r&aid=a-06ld&tna=v2.11.1&dtstmp=1700616137932&n3pc=true&wpn=lc-bundle&i6=MjAwMToxYWY4OjQwMjA6YTAzNDoxMDAwOjoxNA%3D%3D&pu=https%3A%2F%2Fexoduseffect.com%2F%3FaffId%3D352%26c1%3D%26c2%3D1021a0c47fa55ef18f7044054e45e7%26c3%3D%26id%3D130979502%26affid%3D352%26cid%3D984%26s1%3D%26s2%3D1021a0c47fa55ef18f7044054e45e7%26s3%3D%26s4%3D%26s5%3D&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-
- https://gum.criteo.com/sid/json?origin=onetag&domain=exoduseffect.com&sn=ChromeSyncframe&so=0&topUrl=exoduseffect.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
- https://mug.criteo.com/sid?cpp=iB0rvnwwUUtBRzZ3aDI0NmtYUmoxR3FMVXVVWXRhNTZCc1p6ZW4zM0UrdzY1andWYUFDL2Z3aTVXa3A4Q3MwV1lxY1JudHBpQitnK3c4M1V0T1hvQTQ0NzNGRWRkVnhSNmZ4RjFqUVpMYklZdmFzckRsUXpHMEozMnZOSzNqYjBQRGlaMUkvd3p2RVU1K2VCaXQ3WGoyNHo0UkpabjEzd0E4VnJQWVRxcDRRRStZeEZWaVpnY0o1QzVXRWxBR0Y2Z1BkamhXeENwUzBjUFliejdrZDZwTzRzLzdUMldHc1dVY0RQUnYraWJ4dUxJWnBWLzdtaGJpMUtYMUNyUTNRUlZHUm8ybVJMbWw2Wldkcmc2ckxWQUs5eDVQREowN1QyZkMydmVOV1VPWG1nNXM4UT18&cppv=2
- https://sslwidget.criteo.com/event?a=95287&v=5.20.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=_dBttV9NVTVCeFVNdFJQaVVWUmhXTUxCcVBJN3JhSllrOHRCNjA4R1lDWThGMkJ2c0luZGphUkV6SUxFSjk3YW1SMVVWOGkzcGZhTEZ6eENlRjlyd0FFbXUlMkIlMkY4amdkbkZCMmM4TDBhViUyRnlHYVhJYlhiaSUyQmJoJTJCVkVmZjBtV2oxUlozQ1VpNHZPNXYyN2NHVjQlMkJFZXJKbm1KMk1qR1pVY2FVdEt5T0I4WTlqWmVLVDglM0Q&tld=exoduseffect.com&dy=1&fu=https%253A%252F%252Fexoduseffect.com%252F%253FaffId%253D352%2526c1%253D%2526c2%253D1021a0c47fa55ef18f7044054e45e7%2526c3%253D%2526id%253D130979502%2526affid%253D352%2526cid%253D984%2526s1%253D%2526s2%253D1021a0c47fa55ef18f7044054e45e7%2526s3%253D%2526s4%253D%2526s5%253D&ceid=62a02682-1f22-45e9-bd43-ddb8f493472d&dtycbr=26969 HTTP 302
- https://widget.us.criteo.com/event?a=95287&v=5.20.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=_dBttV9NVTVCeFVNdFJQaVVWUmhXTUxCcVBJN3JhSllrOHRCNjA4R1lDWThGMkJ2c0luZGphUkV6SUxFSjk3YW1SMVVWOGkzcGZhTEZ6eENlRjlyd0FFbXUlMkIlMkY4amdkbkZCMmM4TDBhViUyRnlHYVhJYlhiaSUyQmJoJTJCVkVmZjBtV2oxUlozQ1VpNHZPNXYyN2NHVjQlMkJFZXJKbm1KMk1qR1pVY2FVdEt5T0I4WTlqWmVLVDglM0Q&tld=exoduseffect.com&dy=1&fu=https%253A%252F%252Fexoduseffect.com%252F%253FaffId%253D352%2526c1%253D%2526c2%253D1021a0c47fa55ef18f7044054e45e7%2526c3%253D%2526id%253D130979502%2526affid%253D352%2526cid%253D984%2526s1%253D%2526s2%253D1021a0c47fa55ef18f7044054e45e7%2526s3%253D%2526s4%253D%2526s5%253D&ceid=62a02682-1f22-45e9-bd43-ddb8f493472d&dtycbr=26969
55 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
exoduseffect.com/ Redirect Chain
|
123 KB 37 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a-06ld.min.js
b-code.liadm.com/ |
47 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ld.js
dynamic.criteo.com/js/ld/ |
46 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ |
13 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
global.css
exoduseffect.com/assets/style/ |
15 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.1/ |
88 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
global.js
exoduseffect.com/assets/scripts/ |
11 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
VSL.css
exoduseffect.com/assets/style/ |
8 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
slideInOnScroll.css
exoduseffect.com/assets/style/ |
2 KB 928 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
video-js.css
vjs.zencdn.net/7.20.2/ |
46 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
video.min.js
vjs.zencdn.net/7.20.2/ |
569 KB 159 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pushwoosh-web-notifications.js
cdn.pushwoosh.com/webpush/v3/ |
179 KB 43 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
heroDesktopA1t.png
exoduseffect.com/assets/images/hero/ |
458 KB 459 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ctaDesktop.jpg
exoduseffect.com/assets/images/lander/VSL/ |
47 KB 47 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ctaMobile.jpg
exoduseffect.com/assets/images/lander/VSL/ |
27 KB 28 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
price67.jpg
exoduseffect.com/assets/images/lander/VSL/ |
21 KB 21 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
trustDesktop.jpg
exoduseffect.com/assets/images/lander/VSL/ |
15 KB 16 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ajaxYellow.svg
exoduseffect.com/assets/images/ |
3 KB 935 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bulletBible.png
exoduseffect.com/assets/images/lander/ |
62 KB 62 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bulletHealing.png
exoduseffect.com/assets/images/lander/ |
50 KB 50 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bulletChristian.png
exoduseffect.com/assets/images/lander/ |
55 KB 56 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bulletGovernment.png
exoduseffect.com/assets/images/lander/ |
44 KB 44 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
email-decode.min.js
exoduseffect.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
squeeze.css
exoduseffect.com/assets/style/ |
4 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fsLandscape.css
exoduseffect.com/assets/style/VSL/ |
794 B 902 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
slideInOnScroll.js
exoduseffect.com/assets/scripts/ |
729 B 822 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
squeeze.js
exoduseffect.com/assets/scripts/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ |
20 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
j
rp4.liadm.com/ Redirect Chain
|
13 B 318 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
amplitude-7.2.1-min.gz.js
cdn.amplitude.com/libs/ |
59 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cover_HD.jpg
exoduseffect.com/assets/images/VSL/ |
393 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
timelineSegmentRight.png
exoduseffect.com/assets/images/lander/ |
24 KB 24 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
timelineSegmentLeft.png
exoduseffect.com/assets/images/lander/ |
24 KB 24 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
4 KB 4 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
EE_20211031_MethuselehSecret_16x9.m3u8
cdn.rhvsl.com/videos/EE_20211031_MethuselehSecret_16x9/ |
1 KB 781 B |
XHR
application/x-mpegurl |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
syncframe
gum.criteo.com/ Frame 7B04 |
15 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
4f7d1ce0-994b-4df6-96aa-3fd93880200b
https://exoduseffect.com/ |
6 KB 0 |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
f398d57d-8c4f-4353-9661-06d35ee7a4c3
https://exoduseffect.com/ |
78 KB 0 |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
04207925-839c-418b-986a-f2ece8923fd0
https://exoduseffect.com/ |
78 KB 0 |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
unmute.svg
exoduseffect.com/assets/images/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
13 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sid
mug.criteo.com/ Frame 7B04 Redirect Chain
|
452 B 678 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
rum
exoduseffect.com/cdn-cgi/ |
0 141 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
import
exoduseffect.com/ajax/click/ |
77 B 1013 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
api.amplitude.com/ |
7 B 227 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
event
widget.us.criteo.com/ Redirect Chain
|
10 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
EE_20211031_MethuselehSecret_16x9hls10_v4.m3u8
cdn.rhvsl.com/videos/EE_20211031_MethuselehSecret_16x9/ |
29 KB 3 KB |
XHR
application/x-mpegurl |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
EE_20211031_MethuselehSecret_16x9hls_audio_160k_v4.m3u8
cdn.rhvsl.com/videos/EE_20211031_MethuselehSecret_16x9/ |
38 KB 4 KB |
XHR
application/x-mpegurl |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
EE_20211031_MethuselehSecret_16x9hls10.ts
cdn.rhvsl.com/videos/EE_20211031_MethuselehSecret_16x9/ |
1 MB 1 MB |
XHR
video/mp2t |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
u-4n0qyriQwlOrhSvowK_l52_wFZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ |
19 KB 19 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v30/ |
20 KB 20 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ |
47 KB 47 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
44 B 0 |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
82 B 0 |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
90 B 0 |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
38 B 0 |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
EE_20211031_MethuselehSecret_16x9hls_audio_160k.ts
cdn.rhvsl.com/videos/EE_20211031_MethuselehSecret_16x9/ |
224 KB 224 KB |
XHR
audio/mp2t |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
api.amplitude.com/ |
7 B 227 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
67 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| documentPictureInPicture object| WebFontConfig object| Criteo object| criteo_q object| LI object| __li__evt_bus object| liQ object| liQ_instances function| $ function| jQuery string| testIP string| deviceType string| ipAddress boolean| HELP_IMPROVE_VIDEOJS number| totalReducer number| totalPercentTime number| trueReducerTime number| trueReducer function| getCookieAmplitude function| setCookieAmplitude object| userID object| identify object| amplitude object| vttjs function| WebVTT function| videojs boolean| pushAvailable boolean| permissionGranted boolean| permissionDenied object| pushTags object| pushEvents number| delay object| Pushwoosh function| promptPush function| hidePushWidget function| showPushWidget function| subscribePush function| unsubscribePush function| onPushSubscribeSuccess function| addPushTags function| addPushEventsBulk function| addPushEvent boolean| CTATriggered boolean| videoControls boolean| prePopCTA boolean| autoplay function| showCart function| showButtonOverlay function| fullscreenCTA string| aspectRatio object| embed1 object| WebFont boolean| windowExit object| __cfBeacon function| validEmail boolean| exitPopEnabled function| setExitPop function| unsetExitPop function| getCookie function| setCookie function| lightbox object| Modernizr function| lity boolean| squeezeStarted function| optIn function| hideSqueeze20 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
exoduseffect.com/ajax/click | Name: Affiliate Value: a%3A6%3A%7Bs%3A4%3A%22type%22%3Bs%3A4%3A%22cake%22%3Bs%3A4%3A%22AFID%22%3Bs%3A3%3A%22352%22%3Bs%3A6%3A%22subIDs%22%3Ba%3A5%3A%7Bs%3A2%3A%22s1%22%3Bs%3A0%3A%22%22%3Bs%3A2%3A%22s2%22%3Bs%3A30%3A%221021a0c47fa55ef18f7044054e45e7%22%3Bs%3A2%3A%22s3%22%3Bs%3A0%3A%22%22%3Bs%3A2%3A%22s4%22%3Bs%3A0%3A%22%22%3Bs%3A2%3A%22s5%22%3Bs%3A0%3A%22%22%3B%7Ds%3A4%3A%22UTMs%22%3Ba%3A0%3A%7B%7Ds%3A9%3A%22requestID%22%3Bs%3A9%3A%22130979502%22%3Bs%3A6%3A%22campID%22%3Bs%3A3%3A%22984%22%3B%7D |
|
.liadm.com/j | Name: lidid Value: 79bb6572-0b02-472f-9f3a-0ec3a7dde1fc |
|
links.conservative-politics.com/ | Name: _session_id Value: 97948f958382f065e2dad0930915ff22 |
|
rdr.lnktch.com/ | Name: enc_aff_session_1026 Value: ENC0330f8e2ecbf40cbbad54fa73b671ecb5b0f5e44fb0be5ae025b937952a8b3e6eee8dbb6279717139ce80e7954773c9fd896a6746e01dc705aafbac99f6149ed4d161f876f3ec07af5c565894e14ed3a5a831f2c5c8f90e1d00af5d3fee60a706d86de14627b06d0ef45ff95ffb6d327e94ad4a907fc900449951f012970b71de005f2b3e2 |
|
rdr.lnktch.com/ | Name: ho_mob Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMTkiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IFg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgTGlrZSBHZWNrbykgQ2hyb21lLzExOS4wLjYwNDUuMTU5IFNhZmFyaS81MzcuMzYiLCJhY2NlcHRfbGFuZ3VhZ2UiOiJubC1OTCxubDtxPTAuOSIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ== |
|
go.offerwave.org/ | Name: enc_aff_session_1105 Value: ENC03a62fc4ad2d4677bc1c3a0ec57d61aac656e13d84cd223353a1478036ef693f699721559348b7f27c4dbbd9176babe3ed3f8b571dd24f8f10ffa988e69b23c590dadccad49025d2446e143640cee1030a37b1f65b4004d084642e9bdc80024cf9c633452bb0a67251696b92b30762c068eb77b85dbafc518c4950cea6be227b7f2bd96dc6 |
|
go.offerwave.org/ | Name: ho_mob Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMTkiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IFg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgTGlrZSBHZWNrbykgQ2hyb21lLzExOS4wLjYwNDUuMTU5IFNhZmFyaS81MzcuMzYiLCJhY2NlcHRfbGFuZ3VhZ2UiOiJubC1OTCxubDtxPTAuOSIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ== |
|
.hillybillyrus.co/ | Name: st Value: meqp/Smgu1VPKM4o5MS6UURXtdI9Afd2/gliXlQLoSLelHCYcJoVIQ== |
|
.hillybillyrus.co/ | Name: tym Value: cGuj6fuVN+kQUi3finK7W0RXtdI9Afd2/gliXlQLoSLelHCYcJoVIQ== |
|
.hillybillyrus.co/ | Name: c11 Value: meqp/Smgu1Ug+rcXtm671QsSnGSncF0rvvVUcndJohrJfr9pwQ+rZw== |
|
.exoduseffect.com/ | Name: PHPSESSID Value: pbtfemhfengd2gh00sr0ot04gl |
|
exoduseffect.com/ | Name: Affiliate Value: a%3A6%3A%7Bs%3A4%3A%22type%22%3Bs%3A4%3A%22cake%22%3Bs%3A4%3A%22AFID%22%3Bs%3A3%3A%22352%22%3Bs%3A6%3A%22subIDs%22%3Ba%3A5%3A%7Bs%3A2%3A%22s1%22%3Bs%3A0%3A%22%22%3Bs%3A2%3A%22s2%22%3Bs%3A30%3A%221021a0c47fa55ef18f7044054e45e7%22%3Bs%3A2%3A%22s3%22%3Bs%3A0%3A%22%22%3Bs%3A2%3A%22s4%22%3Bs%3A0%3A%22%22%3Bs%3A2%3A%22s5%22%3Bs%3A0%3A%22%22%3B%7Ds%3A4%3A%22UTMs%22%3Ba%3A0%3A%7B%7Ds%3A9%3A%22requestID%22%3Bs%3A9%3A%22130979502%22%3Bs%3A6%3A%22campID%22%3Bs%3A3%3A%22984%22%3B%7D |
|
.exoduseffect.com/ | Name: _li_dcdm_c Value: .exoduseffect.com |
|
.exoduseffect.com/ | Name: _lc2_fpi Value: 875ea714f6f7--01hft9xv2dj05hy76qy78ge93r |
|
.exoduseffect.com/ | Name: _lc2_fpi_meta Value: {%22w%22:1700616137805} |
|
.criteo.com/ | Name: uid Value: b55da7c3-1f96-4eea-b3f8-7d1370c00757 |
|
.criteo.com/ | Name: receive-cookie-deprecation Value: 1 |
|
.exoduseffect.com/ | Name: amp_0a2f9a Value: ano3Kn1n11s9gL6g3xU_gs...1hfq9tret.1hfq9trf1.1.1.2 |
|
.exoduseffect.com/ | Name: cto_bundle Value: _dBttV9NVTVCeFVNdFJQaVVWUmhXTUxCcVBJN3JhSllrOHRCNjA4R1lDWThGMkJ2c0luZGphUkV6SUxFSjk3YW1SMVVWOGkzcGZhTEZ6eENlRjlyd0FFbXUlMkIlMkY4amdkbkZCMmM4TDBhViUyRnlHYVhJYlhiaSUyQmJoJTJCVkVmZjBtV2oxUlozQ1VpNHZPNXYyN2NHVjQlMkJFZXJKbm1KMk1qR1pVY2FVdEt5T0I4WTlqWmVLVDglM0Q |
|
.liadm.com/ | Name: lidid Value: 79bb6572-0b02-472f-9f3a-0ec3a7dde1fc |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
api.amplitude.com
b-code.liadm.com
cdn.amplitude.com
cdn.pushwoosh.com
cdn.rhvsl.com
dynamic.criteo.com
exoduseffect.com
fonts.googleapis.com
fonts.gstatic.com
go.offerwave.org
gum.criteo.com
hillybillyrus.co
links.conservative-politics.com
mug.criteo.com
rdr.lnktch.com
rp.liadm.com
rp4.liadm.com
sslwidget.criteo.com
static.cloudflareinsights.com
vjs.zencdn.net
widget.us.criteo.com
178.250.1.9
195.201.193.122
2600:1f18:730:b150:eb25:45ce:77e9:f9d8
2600:9000:2127:f600:8:8845:1500:93a1
2600:9000:223c:b200:8:438b:bcc0:93a1
2606:4700:3031::ac43:af51
2606:4700::6810:3965
2a00:1450:4001:808::200a
2a00:1450:4001:80b::2003
2a00:1450:4001:82f::200a
2a02:2638:3::c
2a02:2638:3::e
2a04:4e42:600::729
2a06:98c1:3120::3
2a06:98c1:3121::3
34.224.144.142
35.238.129.105
52.89.67.20
54.246.135.161
65.9.94.113
74.119.119.150
03ee34a40289cd59a27b110b7eecaf6af7dd295854dd3c9adbf0c087772dfbcc
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
0cae8e83dad94482a912994298cec5e5a718d9085df6b1b2c16381321f18269e
10c61058d7b2a016cd6de6887a2fd4c4baf43babd098120c573cf5f386b5d37a
11304753a6e8a7ebf0895d573068099ea673f96f839519f184fc1e2a8f191039
12158fd97c85065bd9d74f4f8671330e517155ee7625709622b11a13dc40d81e
14ca7f5dab60d993d6e496de40a3584f23ffa09ae0f78dc75c7c1f233bd703dd
1e8af1c8306411c684130fcf7d46fa10b1906898bcc781a822e5d4a38ae2cce8
1ed12277aba156d274bf2da29af0bb5c292e7cf7440325a02530973890e3bde4
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2ab0932269d9897fd43c2bcda82dc75121d96bea933bd64726bc772e054ca7ab
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
4534203d73df094bf991ad0f42631889f0a020e90a00b311e76406822f5512ff
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0
55a979130309c3f0d4398298f648e90a8ded2df500fdf3c758e9051ecf6229cb
574be775e6c5a0ceee6f9a3b93c92fc987fb0f9bdb12f932fa2f25d05ee93c58
5c25a6d6da45756d71b02cfe4d0a10a1e76418f1c0b5fffc41acb66ea33ab4a6
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
5c4a350b6e7bb99c2d283483f408a0cb80f52e0b218dc714da763befadecfea8
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
6f6ebbe7e1914d6d9f9ddc77b839c213cea96ad6cf3a49c11ae28ddfdbf5a047
73035e8c2ba7bc19f518e6b1bc729d538a7a9b7ed2f8ca0b31eb21ef61911631
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
89023b58f2a45258a944bc9f9cd9ffcbb5baa350203010d6c2056c2530958e9c
894414923299d190ceae912201e37304313c196d0609527ee1bbe71ac82a64f5
9610f2eb64f61bb371cc3a7f7b7490d943411dc87b87de50ff57547f1cdc3b83
9898853d870512fc480af73452d00d17a5d0c62d3329560d80542f1397b82330
9ae6c6e66ff78c9974dcde78fb9d202af1fc24cd2a350f6161f003b0b63e1808
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
a27e6ba50178a819e42dffd9a869400cb508ade0b338aaaec0097abb00abd53f
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a600e503fc0dcb171bd2ce6b639bbb5cf35b91ccc3c045324a7a4e2603683a0f
abd87251504843aba43e41c58605e54abc8489c79caad3c1e9eaa02d155cd90e
ac44379074e49d91a5210543573b5d7d6f8aa2d3bc0a9cf224cafd00246fa96b
ad4eaecaf0f46fdb2f7992fa683f1e72016b0e4409ceca58b5c2943b47a838c7
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
b244a26859fdae402a347540217ac9b839528bfd823b8497f07e09f19f9fb714
b831ae5e3e3543e889b9d392304d34df304a331dc845355599727f22e62fc5fd
baac471c1c739eb5df38c043ab97d3ecf23aab472f70511af0d433da2253456b
bc13493bc8bca6e3491b1186edf38f300ac54e774cde5ae947e43ea8246e9ad4
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
bfd1dfa6765654e85cec85dc6cdb53ad64cc3a3a64d0e010b35838f2c762a6f3
c2cd57ce936aabbe33e8c94f2696f85c98dfeefaf2b172031d5f60b2cf76c955
c7c2fbcdf7ea62bdeae2d3b3a1e7fe72278e4d3438ff9ec98713a08d6b0d4c5a
d06369f9f3c19f740f501a82608d9b1cdbff34ef17ab042d246107253ef3c77d
d852a478da86a57ea6001d3c6189a400023c810dcb89fc57e64c8283dff7ee9f
e38372d8696f210809f6821f0b00c84e57beff6b12b40bdba9954c257bb3b0a9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e814fda4b3a0b92c9a44cbb8d9ce5f220aad949224f9eb4a7fc31c3d9d8e2c1d
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6b9eebb05461840790fc804b4590323ef12a57fe5af7fcdeed2d798e572844b
f8292a9732b3919a49b08399258dff7cccc6e219e460d4ab758342491751345f
f9cf00da3ed66835c3383eefe3ece96b304fe05d61d742104bbfafcde4ca282b