journeytorecovery.com
Open in
urlscan Pro
35.208.233.116
Public Scan
Effective URL: https://journeytorecovery.com/shop/?vgo_ee=R8%2FqhL1ahiJc9SrBP3CkYLT3B7hs157s55vmbNe8CrY%3D
Submission: On January 19 via api from US — Scanned from DE
Summary
TLS certificate: Issued by R3 on January 12th 2023. Valid for: 3 months.
This is the only time journeytorecovery.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-197-102.compute-1.amazonaws.com
journeytorecovery.lt.acemlnc.com |
ASN19527 (GOOGLE-2, US)
PTR: 116.233.208.35.bc.googleusercontent.com
journeytorecovery.com |
ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
partner.googleadservices.com |
ASN60068 (CDN77 ^_^, GB)
PTR: unn-169-150-247-37.datapacket.com
to.getnitropack.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
46 |
journeytorecovery.com
journeytorecovery.com |
2 MB |
8 |
googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 156 |
205 KB |
5 |
google.com
region1.analytics.google.com — Cisco Umbrella Rank: 4562 adservice.google.com — Cisco Umbrella Rank: 70 www.google.com — Cisco Umbrella Rank: 2 |
2 KB |
4 |
doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 |
5 KB |
3 |
google.de
www.google.de — Cisco Umbrella Rank: 5983 adservice.google.de — Cisco Umbrella Rank: 8470 |
1 KB |
3 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 22 region1.google-analytics.com — Cisco Umbrella Rank: 2439 |
21 KB |
3 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 41 |
198 KB |
3 |
wp.com
stats.wp.com — Cisco Umbrella Rank: 2733 pixel.wp.com — Cisco Umbrella Rank: 2493 |
7 KB |
1 |
getnitropack.com
to.getnitropack.com — Cisco Umbrella Rank: 14767 |
469 B |
1 |
googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 813 |
704 B |
1 |
acemlnc.com
1 redirects
journeytorecovery.lt.acemlnc.com |
243 B |
77 | 11 |
Domain | Requested by | |
---|---|---|
46 | journeytorecovery.com |
journeytorecovery.com
|
6 | pagead2.googlesyndication.com |
journeytorecovery.com
pagead2.googlesyndication.com tpc.googlesyndication.com |
3 | www.googletagmanager.com |
journeytorecovery.com
www.googletagmanager.com |
2 | tpc.googlesyndication.com |
pagead2.googlesyndication.com
tpc.googlesyndication.com |
2 | www.google.com |
journeytorecovery.com
tpc.googlesyndication.com |
2 | www.google.de |
journeytorecovery.com
|
2 | stats.g.doubleclick.net |
www.googletagmanager.com
www.google-analytics.com |
2 | region1.analytics.google.com |
www.googletagmanager.com
|
2 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
2 | googleads.g.doubleclick.net |
pagead2.googlesyndication.com
|
2 | stats.wp.com |
journeytorecovery.com
|
1 | to.getnitropack.com |
journeytorecovery.com
|
1 | adservice.google.com |
pagead2.googlesyndication.com
|
1 | adservice.google.de |
pagead2.googlesyndication.com
|
1 | partner.googleadservices.com |
pagead2.googlesyndication.com
|
1 | pixel.wp.com |
journeytorecovery.com
|
1 | region1.google-analytics.com |
www.googletagmanager.com
|
1 | journeytorecovery.lt.acemlnc.com | 1 redirects |
77 | 18 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.facebook.com |
www.youtube.com |
www.linkedin.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.journeytorecovery.com R3 |
2023-01-12 - 2023-04-12 |
3 months | crt.sh |
*.wp.com Sectigo ECC Domain Validation Secure Server CA |
2022-11-14 - 2023-12-15 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-12-12 - 2023-03-06 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2023-01-02 - 2023-03-27 |
3 months | crt.sh |
www.google.de GTS CA 1C3 |
2023-01-02 - 2023-03-27 |
3 months | crt.sh |
*.googleadservices.com GTS CA 1C3 |
2023-01-02 - 2023-03-27 |
3 months | crt.sh |
*.google.de GTS CA 1C3 |
2022-12-12 - 2023-03-06 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2022-12-12 - 2023-03-06 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2022-12-12 - 2023-03-06 |
3 months | crt.sh |
*.getnitropack.com Sectigo RSA Domain Validation Secure Server CA |
2022-12-19 - 2023-12-19 |
a year | crt.sh |
tpc.googlesyndication.com GTS CA 1C3 |
2022-12-12 - 2023-03-06 |
3 months | crt.sh |
This page contains 5 frames:
Primary Page:
https://journeytorecovery.com/shop/?vgo_ee=R8%2FqhL1ahiJc9SrBP3CkYLT3B7hs157s55vmbNe8CrY%3D
Frame ID: 5606E2191BA994D340718F88BD11F3AE
Requests: 71 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20230117/r20190131/zrt_lookup.html
Frame ID: D6F0499E62D8A27BC896896D123D0E11
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3310169887216449&output=html&adk=1812271804&adf=3025194257&lmt=1674131182&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fjourneytorecovery.com%2Fshop%2F%3Fvgo_ee%3DR8%252FqhL1ahiJc9SrBP3CkYLT3B7hs157s55vmbNe8CrY%253D&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674131181797&bpp=3&bdt=897&idt=329&shv=r20230117&mjsv=m202301030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3140731849462&frm=20&pv=2&ga_vid=597988711.1674131182&ga_sid=1674131182&ga_hid=1934029059&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071640&oid=2&pvsid=135513148618439&tmod=66194617&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=359
Frame ID: 487776759A2AA5BB73A616582A537E25
Requests: 1 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E3E003DE5145CA89673201056F6A2ADE
Requests: 2 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/aframe
Frame ID: 1ECA5FD66541B9B6C09A446C49AA85F2
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
Mental Health Worksheets | Journey To RecoveryPage URL History Show full URLs
-
https://journeytorecovery.lt.acemlnc.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZqb3VybmV5dG9yZWNvdmVyeS5jb2...
HTTP 302
https://journeytorecovery.com/shop/?vgo_ee=R8%2FqhL1ahiJc9SrBP3CkYLT3B7hs157s55vmbNe8CrY%3D Page URL
Detected technologies
WordPress (CMS) ExpandDetected patterns
- <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
- /wp-(?:content|includes)/
Font Awesome (Font Scripts) Expand
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google AdSense (Advertising Networks) Expand
Detected patterns
- googlesyndication\.com/
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Title: Facebook-f
Search URL Search Domain Scan URL
Title: Youtube
Search URL Search Domain Scan URL
Title: Linkedin-in
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://journeytorecovery.lt.acemlnc.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZqb3VybmV5dG9yZWNvdmVyeS5jb20lMkZzaG9wJTJG&sig=DJfKA2SVNrug6HzD7v7NM4yWByDSjdF5a6uSZBRNsPc7&iat=1674112519&a=%7C%7C25323960%7C%7C&account=journeytorecovery.activehosted.com&email=R8%2FqhL1ahiJc9SrBP3CkYLT3B7hs157s55vmbNe8CrY%3D&s=29ae3320b397a5132e819c6754c0c907&i=733A4896A1A5314
HTTP 302
https://journeytorecovery.com/shop/?vgo_ee=R8%2FqhL1ahiJc9SrBP3CkYLT3B7hs157s55vmbNe8CrY%3D Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
77 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
journeytorecovery.com/shop/ Redirect Chain
|
300 KB 29 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
siteground-optimizer-combined-css-b7b9a0633bfbefc880388bbf82c96718.css
journeytorecovery.com/wp-content/uploads/siteground-optimizer-assets/ |
2 MB 217 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
journeytorecovery.com/wp-includes/js/jquery/ |
88 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s-202303.js
stats.wp.com/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
113 KB 45 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cropped-JtR-logo.png
journeytorecovery.com/wp-content/uploads/2018/09/ |
24 KB 24 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Checklist-A-CLOSER-LOOK-AT-DOUBT-250x324.jpg
journeytorecovery.com/wp-content/uploads/ |
8 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Checklist-ANXIETY-SYMPTOMS-1-250x324.jpg
journeytorecovery.com/wp-content/uploads/ |
7 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
POWERPOINT-8-250x250.png
journeytorecovery.com/wp-content/uploads/ |
85 KB 86 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Checklist-COMMON-AUTOMATIC-NEGATIVE-THOUGHTS-1-250x324.jpg
journeytorecovery.com/wp-content/uploads/ |
8 KB 8 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Checklist-COMMON-AVOIDANCE-PATTERNS-250x324.jpg
journeytorecovery.com/wp-content/uploads/ |
9 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Checklist-DEVELOPING-AN-ACTIVE-LIFESTYLE-1-250x324.jpg
journeytorecovery.com/wp-content/uploads/ |
10 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
POWERPOINT-7-250x250.png
journeytorecovery.com/wp-content/uploads/ |
98 KB 98 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
POWERPOINT-10-250x250.png
journeytorecovery.com/wp-content/uploads/ |
85 KB 85 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
POWERPOINT-20-250x250.png
journeytorecovery.com/wp-content/uploads/ |
91 KB 91 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
POWERPOINT-17-250x250.png
journeytorecovery.com/wp-content/uploads/ |
81 KB 81 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Checklist-FOCUS-ON-POSITIVE-QUALITIES-250x324.jpg
journeytorecovery.com/wp-content/uploads/ |
9 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Checklist-HEALTHY-SELF-ESTEEM-CHECKLIST-250x324.jpg
journeytorecovery.com/wp-content/uploads/ |
9 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Checklist-LOW-SELF-ESTEEM-CHECKLIST-1-250x324.jpg
journeytorecovery.com/wp-content/uploads/ |
9 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
POWERPOINT-14-250x250.png
journeytorecovery.com/wp-content/uploads/ |
68 KB 69 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Checklist-MANAGING-STRESS-AND-ANXIETY-250x324.jpg
journeytorecovery.com/wp-content/uploads/ |
10 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Checklist-NEVER-GIVE-UP-250x324.jpg
journeytorecovery.com/wp-content/uploads/ |
10 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Checklist-PHYSICAL-AND-PSYCHOLOGICAL-SYMPTOMS-OF-STRESS-250x324.jpg
journeytorecovery.com/wp-content/uploads/ |
9 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
POWERPOINT-11-250x250.png
journeytorecovery.com/wp-content/uploads/ |
87 KB 88 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
POWERPOINT-18-250x250.png
journeytorecovery.com/wp-content/uploads/ |
73 KB 73 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
POWERPOINT-6-250x250.png
journeytorecovery.com/wp-content/uploads/ |
100 KB 100 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Checklist-SIGNS-AND-SYMPTOMS-OF-ANXIETY-DISORDERS-250x324.jpg
journeytorecovery.com/wp-content/uploads/ |
10 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Checklist-SOCIAL-ANXIETY-IN-EVERYDAY-SITUATIONS-250x324.jpg
journeytorecovery.com/wp-content/uploads/ |
11 KB 11 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Checklist-SOCIAL-INSECURITY-1-250x324.jpg
journeytorecovery.com/wp-content/uploads/ |
7 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Checklist-STATEMENTS-OF-TIME-MANAGEMENT-PROGRESS-1-250x324.jpg
journeytorecovery.com/wp-content/uploads/ |
11 KB 11 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
POWERPOINT-9-250x250.png
journeytorecovery.com/wp-content/uploads/ |
46 KB 47 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JtR-logo-250x75.png
journeytorecovery.com/wp-content/uploads/2018/09/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
activecampaign-for-woocommerce-public.js
journeytorecovery.com/wp-content/plugins/activecampaign-for-woocommerce/public/js/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wp-polyfill.min.js
journeytorecovery.com/wp-includes/js/dist/vendor/ |
17 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hooks.min.js
journeytorecovery.com/wp-includes/js/dist/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i18n.min.js
journeytorecovery.com/wp-includes/js/dist/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
e-202303.js
stats.wp.com/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ |
143 KB 49 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
siteground-optimizer-combined-js-4cdc1daec65dff5779f07c33ccf06460.js
journeytorecovery.com/wp-content/uploads/siteground-optimizer-assets/ |
954 KB 229 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVc.ttf
journeytorecovery.com/wp-content/uploads/oceanwp-webfonts/ |
31 KB 20 KB |
Font
application/x-font-ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4gaVc.ttf
journeytorecovery.com/wp-content/uploads/oceanwp-webfonts/ |
31 KB 20 KB |
Font
application/x-font-ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjr0B4gaVc.ttf
journeytorecovery.com/wp-content/uploads/oceanwp-webfonts/ |
31 KB 20 KB |
Font
application/x-font-ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
eicons.woff2
journeytorecovery.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/ |
91 KB 92 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fa-solid-900.woff2
journeytorecovery.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ |
76 KB 77 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fa-brands-400.woff2
journeytorecovery.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ |
75 KB 75 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVc.ttf
journeytorecovery.com/wp-content/uploads/oceanwp-webfonts/ |
31 KB 20 KB |
Font
application/x-font-ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301030101/ |
358 KB 118 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230117/r20190131/ Frame D6F0 |
10 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
222 KB 77 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
217 KB 76 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
4 B 213 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 351 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.analytics.google.com/g/ |
0 351 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 47 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 501 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 446 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
g.gif
pixel.wp.com/ |
50 B 116 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cookie.js
partner.googleadservices.com/gampad/ |
409 B 704 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.de/adsid/ |
107 B 792 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.com/adsid/ |
107 B 549 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ads
googleads.g.doubleclick.net/pagead/ Frame 4877 |
0 188 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
journeytorecovery.com/shop/ |
0 0 |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
journeytorecovery.com/shop/ |
15 B 236 B |
Ping
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 501 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
journeytorecovery.com/ |
2 KB 995 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar
pagead2.googlesyndication.com/getconfig/ |
15 KB 11 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
to.getnitropack.com/ |
20 B 469 B |
Ping
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar2.js
tpc.googlesyndication.com/sodar/ |
17 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E3E0 |
13 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aframe
www.google.com/recaptcha/api2/ Frame 1ECA |
783 B 971 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js
pagead2.googlesyndication.com/bg/ Frame E3E0 |
36 KB 16 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ Frame 1ECA |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
admin-ajax.php
journeytorecovery.com/wp-admin/ |
800 B 693 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.analytics.google.com/g/ |
0 54 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
102 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| oncontentvisibilityautostatechange undefined| $ function| jQuery function| gtag object| dataLayer object| wc_memberships_blocks_common object| somdn_script_params object| woocommerce_params object| wc_cart_fragments_params object| public_vars object| oceanwpLocalize object| product_table_params function| setImmediate function| clearImmediate object| wp function| sprintf function| vsprintf object| ElementorProFrontendConfig object| elementorFrontendConfig object| _stq object| _wca object| _tkq object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady function| st_go function| linktracker_init object| wpcom function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages function| a object| heartbeatData number| proxyPurgeOnly object| nitroData undefined| xhr function| _extends function| _slicedToArray object| runtime object| ___FONT_AWESOME___ object| fontawesome-free-shims object| NPTelemetryMetadata object| webVitals object| lazySizes function| Cookies function| EvEmitter function| imagesLoaded object| oceanwp function| jQueryBridget function| getSize function| matchesSelector object| fizzyUIUtils function| Flickity function| Unipointer function| Unidragger object| oceanwpWooCustomFeatures function| FormSerializer object| webpackChunkelementor_pro object| webpackChunkelementor object| elementorModules object| regeneratorRuntime object| elementorProFrontend function| Waypoint function| Swiper function| ShareLink object| DialogsManager object| elementorFrontend function| Sticky object| GoogleGcLKhOms object| google_image_requests12 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.journeytorecovery.com/ | Name: tk_or Value: %22%22 |
|
.journeytorecovery.com/ | Name: tk_r3d Value: %22%22 |
|
.journeytorecovery.com/ | Name: tk_lr Value: %22%22 |
|
.journeytorecovery.com/ | Name: _gid Value: GA1.2.1362440435.1674131182 |
|
.journeytorecovery.com/ | Name: _gat_gtag_UA_169226604_2 Value: 1 |
|
.journeytorecovery.com/ | Name: _ga_K056W8WTHD Value: GS1.1.1674131182.1.0.1674131182.0.0.0 |
|
.journeytorecovery.com/ | Name: _ga Value: GA1.1.597988711.1674131182 |
|
.journeytorecovery.com/ | Name: _ga_36WMMNNQZ3 Value: GS1.1.1674131182.1.1.1674131182.60.0.0 |
|
journeytorecovery.com/ | Name: nitroCachedPage Value: 0 |
|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
.journeytorecovery.com/ | Name: __gads Value: ID=40a9cf51d20391ff-22e5976854db00dc:T=1674131182:RT=1674131182:S=ALNI_Mae_YNdCLgMaJDjpTE0y_kLiju9-g |
|
.journeytorecovery.com/ | Name: __gpi Value: UID=0000093db4396c99:T=1674131182:RT=1674131182:S=ALNI_Ma7FsTsaCbvMCf3iBwOKJQPjwVL6g |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
adservice.google.com
adservice.google.de
googleads.g.doubleclick.net
journeytorecovery.com
journeytorecovery.lt.acemlnc.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.wp.com
region1.analytics.google.com
region1.google-analytics.com
stats.g.doubleclick.net
stats.wp.com
to.getnitropack.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
169.150.247.37
192.0.76.3
2001:4860:4802:32::36
2001:4860:4802:34::36
2a00:1450:4001:806::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:812::2002
2a00:1450:4001:828::2003
2a00:1450:400c:c0b::9a
2a00:1450:400d:802::2002
2a00:1450:400d:806::2001
2a00:1450:400d:808::2002
2a00:1450:400d:80c::2004
2a00:1450:400d:80d::2008
34.232.197.102
35.208.233.116
01c3955df67a9b9d1367957e2c187729eae46b72e92c2b52bdb217b14a8fc874
0897e170a726b49fd206e56218073ef771652e0d082c96d1f00d5fa64e792a32
0d61b6068758cedeadf4e7899d7be7003a78ab45ca83fe64324aa170a9398569
0e192706168072586451cfd7e85f2f39f80f732a0fe6f9b6703e573c50fea63b
12f3a47a6b6d5b6fe997e966c9682f89b65da04b86229c310a275093069ef3d9
15ecd2c95dbae27cb05d094955791c6cabbc022fff88c43ad375a61642666f52
174b1eb5b004eec287072ba546d777b06346a3c679e4110f9e4239ba82ef921e
1a7b380fc6130ef4b60fc126e1b5da7e730139923de2ab6753539b415c378ae1
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b
294ed1734fd63bdeca41e4ac6d668c513ea6932b0030ee10c605d09efba1900e
2acb24ea367fd193d495c9c114efd6ff78861d8c2e28a9cb31b01c5cb7d2758c
2b3a7890824e180e9766ab7a7b32e8f42a39cb473cb6dc4b299b2f27d121ec84
3ad4a59a4f64adc2baafadfd7d3303619500ff50ee5238135fe40b31cce4ad36
3b6416f5691baf842ce74812f2e687dceb9fbcef87d5e4a4a757c657b2a70da5
3d6fb374a2d55fb89463f149a7cfc1bd028c368d3c39ac7df41b2ed011af2421
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
52469826c85e90c72d3eff46dbfbdaee671aaf25af53c200281087aaf0058fbc
53800f8a13e63e6d65583ae1a6520132e1591c9cda8760812cb41cc7d75b6ce3
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a929a9058708d6fe5a640fa32dd8108be265fd8e44842e7a8a5fb3add356e87
5d3f0567c1057e9e9650baa053ca3f26d1181253c116e1a670f9039a40172537
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64e33c3a5f7b6737d8e187339c483ebfec303f6c07adcadd01d858665ecc60b9
65f681fcdeef4164643e9ce8c69701208136d3815a3eeaf9d95898aa8b94bad7
66bfee5ea8ad1641eefc3b6aa0621df1326cc1ab7394038f9d02fa3746ec16e8
6833db6a05e8c7a3b870e64cbd8a828324e56f1d0becbfffe6452a5a441fca09
6ff2a4484675597b63ceb53830885e7c97326d0a3500183a1cc50a8518dfc111
72bb6f08e6031b460fa0795d754fb0617cef0a9cf84f37814a036a42ac7adc2e
73cfbf48b1b53c90dd0c11072468c88713e8d367152b3a243a0be81af49f36ad
7464e887ea5b035769ef9f5fb72fec12f56b94bd1c1f144255e8d5b95e3d362b
7faf2fee5a715e1668f517f67a4b21cddd539b978678ce1bfd48a597044079e1
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87fb5bb0d8e0ca0c4d21f594e8503eb6a0023956a9eca832c11fad8ebeba3594
88aaa00ed63445a1d87d9d2c4473d0b8ed19a8365c8fdfa5b4ce13580229fcc7
8fdbf9efc2a3dee59ac086edff2cca2c66184470cb4d88cf8eacc574a45cef51
902796e466bcccf842d6d111abb8ec53d5ba7c46c6494dab92e95a8a0eec5453
94a038086bb4555c0caa75846cd3b19d222b366147659c221b19b956d361ffa1
9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9ee9cb41c844441fcc8439eb7440b0aaef2f2655b76868747f40bed857ba0f64
9ff112a076ad7e5d41e3c91045297855a20a486d3690fb2e359963fba31eecb0
a2f8e1e6d9545144e438b866afd51f8ccf55647d294e247b6e89ad558e196411
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4d2b5c10747a9a02c401ece039329ec75c8a8f1dc4de0c7fb53a4ebde5555e4
a53b11da4b36b1432e82d70033700b81e68cf16556746e06ac0dd59648253507
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afdb7679861e2317ccd44fa42faf929b562fb978b76a351693acca5ea4c572b3
b0aa8db044f6bb4df8fd05c9c5d5687de8766a1fb744d887b26a3879e8675796
b14e828cf0e3d31af68db645e32ec8c04a113529f475d9d04bc9d1bafc67c626
b704c49247f84418757409ffd760572dea5b24bfc3508c6cfab0309437b0936e
b73bc3f3d4a649a2e87fc6ee054f03cf06f08ee2a9c92285f24954567b3a3ddb
ba9417a5d3df9145273957886daf28f5e4a07100beaf7b461bc0a635b9e731a0
bf49785b73ab28249e619ca40cdd20bdf5407996391cb100c09e73866d31d8cf
c2f7c1e2036d3c26ba895bcc3d1315a639ba6c067f429328a564a62653871ea9
c632bd9c762bc146066f2ccf9ec7e37b71fa26df06345845e2e189b5f7e2990a
c8394bd3e0f521be5caa7d3f4dfd8f5a80ab6708b9375a4f96e62f3b4194634b
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cf28d6dfbafa227289038f7485a6d87672135e98f1ae11c60af8a178c01ac76b
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebfa867343ff977c4279516d5a7119593951041b25cdf785b29d18fd39468838
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f25b887a44d62a926f8c2adc831b3d2cb3886e6eb0b3db8c7a79b66ab0bdba77
f34ddad33312383767d76ec073f52368dd2c37e39fad71ca2949f9ce8f21521d
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1