![](/screenshots/3764a1d4-e22e-49db-bd47-8dfa1b0b901b.png)
www.grouptoursite.com
Open in
urlscan Pro
2a06:98c1:3120::3
Public Scan
Effective URL: https://www.grouptoursite.com/
Submission: On June 25 via api from US — Scanned from NL
Summary
TLS certificate: Issued by WE1 on June 25th 2024. Valid for: 3 months.
This is the only time www.grouptoursite.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN16509 (AMAZON-02, US)
d1nldbz8jmu82w.cloudfront.net |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-14.fra60.r.cloudfront.net
js.driftt.com |
ASN13335 (CLOUDFLARENET, US)
api.omappapi.com | |
z.omappapi.com |
ASN20940 (AKAMAI-ASN1, NL)
cdn.optimizely.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f8.1e100.net
www.googletagmanager.com |
ASN16625 (AKAMAI-AS, US)
PTR: a23-215-21-78.deploy.static.akamaitechnologies.com
a24099230963.cdn.optimizely.com |
ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net
10100557.fls.doubleclick.net |
ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net
ad.doubleclick.net |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 189.241.49.34.bc.googleusercontent.com
logx.optimizely.com |
ASN32934 (FACEBOOK, US)
www.facebook.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-73.fra60.r.cloudfront.net
js.driftt.com |
ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f14.1e100.net
www.google-analytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
opmnstr.com
a.opmnstr.com — Cisco Umbrella Rank: 42613 |
80 KB |
8 |
cloudfront.net
d1nldbz8jmu82w.cloudfront.net |
190 KB |
7 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 71 region1.google-analytics.com — Cisco Umbrella Rank: 2355 |
21 KB |
7 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81 |
543 KB |
7 |
goaheadtours.com
assets.goaheadtours.com — Cisco Umbrella Rank: 386205 |
198 KB |
4 |
doubleclick.net
1 redirects
stats.g.doubleclick.net — Cisco Umbrella Rank: 136 10100557.fls.doubleclick.net — Cisco Umbrella Rank: 516525 ad.doubleclick.net — Cisco Umbrella Rank: 164 |
1 KB |
4 |
omappapi.com
a.omappapi.com — Cisco Umbrella Rank: 6999 api.omappapi.com — Cisco Umbrella Rank: 7102 z.omappapi.com — Cisco Umbrella Rank: 18064 |
15 KB |
3 |
bing.com
bat.bing.com — Cisco Umbrella Rank: 361 |
14 KB |
3 |
optimizely.com
cdn.optimizely.com — Cisco Umbrella Rank: 805 a24099230963.cdn.optimizely.com — Cisco Umbrella Rank: 285454 logx.optimizely.com — Cisco Umbrella Rank: 1655 |
90 KB |
3 |
driftt.com
js.driftt.com — Cisco Umbrella Rank: 7548 |
62 KB |
2 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 114 |
3 KB |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 204 |
72 KB |
2 |
grouptoursite.com
www.grouptoursite.com |
5 KB |
1 |
gstatic.com
fonts.gstatic.com |
33 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 83 |
1004 B |
1 |
dwin1.com
www.dwin1.com — Cisco Umbrella Rank: 5178 |
15 KB |
1 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 381 |
3 KB |
72 | 17 |
Domain | Requested by | |
---|---|---|
17 | a.opmnstr.com |
www.grouptoursite.com
a.opmnstr.com |
8 | d1nldbz8jmu82w.cloudfront.net |
www.grouptoursite.com
|
7 | www.googletagmanager.com |
www.grouptoursite.com
www.googletagmanager.com |
7 | assets.goaheadtours.com |
www.grouptoursite.com
|
6 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com www.grouptoursite.com |
3 | bat.bing.com |
www.googletagmanager.com
bat.bing.com www.grouptoursite.com |
3 | js.driftt.com |
www.grouptoursite.com
js.driftt.com |
2 | www.facebook.com |
www.grouptoursite.com
|
2 | 10100557.fls.doubleclick.net |
1 redirects
www.googletagmanager.com
|
2 | connect.facebook.net |
www.grouptoursite.com
connect.facebook.net |
2 | a.omappapi.com |
a.opmnstr.com
|
2 | www.grouptoursite.com | |
1 | z.omappapi.com |
a.opmnstr.com
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | fonts.googleapis.com |
a.opmnstr.com
|
1 | logx.optimizely.com |
cdn.optimizely.com
|
1 | region1.google-analytics.com |
www.googletagmanager.com
|
1 | ad.doubleclick.net |
www.grouptoursite.com
|
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | a24099230963.cdn.optimizely.com |
cdn.optimizely.com
|
1 | www.dwin1.com |
www.googletagmanager.com
|
1 | cdn.jsdelivr.net |
www.googletagmanager.com
|
1 | cdn.optimizely.com |
www.googletagmanager.com
|
1 | api.omappapi.com |
a.opmnstr.com
|
72 | 24 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.goaheadtours.com |
app.monstercampaigns.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
grouptoursite.com WE1 |
2024-06-25 - 2024-09-23 |
3 months | crt.sh |
*.cloudfront.net Amazon RSA 2048 M01 |
2023-10-10 - 2024-09-19 |
a year | crt.sh |
goaheadtours.com GTS CA 1P5 |
2024-05-25 - 2024-08-23 |
3 months | crt.sh |
a.opmnstr.com R3 |
2024-05-12 - 2024-08-10 |
3 months | crt.sh |
*.google-analytics.com WR2 |
2024-06-03 - 2024-08-26 |
3 months | crt.sh |
drift.com Amazon RSA 2048 M02 |
2023-08-15 - 2024-09-11 |
a year | crt.sh |
a.omappapi.com R3 |
2024-05-12 - 2024-08-10 |
3 months | crt.sh |
omappapi.com WE1 |
2024-06-16 - 2024-09-14 |
3 months | crt.sh |
cdn.optimizely.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-09-01 - 2024-09-04 |
a year | crt.sh |
www.bing.com Microsoft Azure RSA TLS Issuing CA 04 |
2024-06-19 - 2024-12-16 |
6 months | crt.sh |
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3 |
2023-09-27 - 2024-10-28 |
a year | crt.sh |
*.dwin1.com Amazon RSA 2048 M03 |
2023-10-18 - 2024-11-15 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2024-04-03 - 2024-07-02 |
3 months | crt.sh |
*.cdn.optimizely.com GeoTrust RSA CA 2018 |
2024-01-25 - 2025-01-27 |
a year | crt.sh |
*.g.doubleclick.net WR2 |
2024-06-03 - 2024-08-26 |
3 months | crt.sh |
*.doubleclick.net WR2 |
2024-06-03 - 2024-08-26 |
3 months | crt.sh |
logx.optimizely.com WR3 |
2024-05-23 - 2024-08-21 |
3 months | crt.sh |
upload.video.google.com WR2 |
2024-06-03 - 2024-08-26 |
3 months | crt.sh |
*.gstatic.com WR2 |
2024-06-03 - 2024-08-26 |
3 months | crt.sh |
This page contains 5 frames:
Primary Page:
https://www.grouptoursite.com/
Frame ID: 786B08BDA1876C112DDD67C10B414401
Requests: 68 HTTP requests in this frame
Frame:
https://a24099230963.cdn.optimizely.com/client_storage/a24099230963.html
Frame ID: FB4EC70566882CFB48F3DFD23F818514
Requests: 1 HTTP requests in this frame
Frame:
https://10100557.fls.doubleclick.net/activityi;dc_pre=CJKf6aGr94YDFf81-QAdtigIoA;src=10100557;type=sa001;cat=gat_s0;ord=9487091566086;npa=1;auiddc=1791941076.1719338560;u3=https%3A%2F%2Fwww.grouptoursite.com%2F;ps=1;pcor=648991798;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46j0z8811745238za201zb811745238;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.grouptoursite.com%2F
Frame ID: E8DEAFAC16D6D2244440F962F0E7468B
Requests: 1 HTTP requests in this frame
Frame:
https://js.driftt.com/core?d=1&embedId=m5k7y7ds347b&eId=m5k7y7ds347b®ion=US&forceShow=false&skipCampaigns=false&sessionId=3eb9df6f-979e-48bc-9274-cae13465dad6&sessionStarted=1719338564.12&campaignRefreshToken=05f6f4ba-22d2-42c4-a162-72730408bfe1&hideController=false&pageLoadStartTime=1719338559432&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.grouptoursite.com%2F
Frame ID: 150E33B049EE8941D412B86B56D80140
Requests: 1 HTTP requests in this frame
Frame:
https://js.driftt.com/core/chat?d=1®ion=US&driftEnableLog=false&pageLoadStartTime=1719338559432
Frame ID: A72E709CE0CEAC5D0751C7EFF189CF4E
Requests: 1 HTTP requests in this frame
Screenshot
![](/screenshots/3764a1d4-e22e-49db-bd47-8dfa1b0b901b.png)
Page Title
404: This page could not be foundPage URL History Show full URLs
-
http://www.grouptoursite.com/
HTTP 307
https://www.grouptoursite.com/ Page URL
Detected technologies
Detected patterns
- dwin1\.com
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
![](/vendor/wappa/icons/Google Font API.png)
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
![](/vendor/wappa/icons/Google Tag Manager.png)
Detected patterns
- googletagmanager\.com/ns\.html[^>]+></iframe>
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
![](/vendor/wappa/icons/Optimizely.png)
Detected patterns
- optimizely\.com.*\.js
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
Title: Terms & Conditions
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Title: Book this month to lock in savingsâ€
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.grouptoursite.com/
HTTP 307
https://www.grouptoursite.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 37- https://10100557.fls.doubleclick.net/activityi;src=10100557;type=sa001;cat=gat_s0;ord=9487091566086;npa=1;auiddc=1791941076.1719338560;u3=https%3A%2F%2Fwww.grouptoursite.com%2F;ps=1;pcor=648991798;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46j0z8811745238za201zb811745238;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.grouptoursite.com%2F HTTP 302
- https://10100557.fls.doubleclick.net/activityi;dc_pre=CJKf6aGr94YDFf81-QAdtigIoA;src=10100557;type=sa001;cat=gat_s0;ord=9487091566086;npa=1;auiddc=1791941076.1719338560;u3=https%3A%2F%2Fwww.grouptoursite.com%2F;ps=1;pcor=648991798;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46j0z8811745238za201zb811745238;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.grouptoursite.com%2F
72 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.grouptoursite.com/ Redirect Chain
|
16 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
EFCircularSub-Black.woff2
d1nldbz8jmu82w.cloudfront.net/ |
38 KB 39 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
EFCircularSub-Bold.woff2
d1nldbz8jmu82w.cloudfront.net/ |
39 KB 39 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
EFCircularSub-Book.woff2
d1nldbz8jmu82w.cloudfront.net/ |
36 KB 36 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
EFCircularSub-Light.woff2
d1nldbz8jmu82w.cloudfront.net/ |
38 KB 38 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
EFCircularSub-Medium.woff2
d1nldbz8jmu82w.cloudfront.net/ |
37 KB 38 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webpack-e5108aeecfc3e7f070df.js
assets.goaheadtours.com/web-groups-microsite/1717200128/_next/static/chunks/ |
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
framework-87973da4fb08311ce6fa.js
assets.goaheadtours.com/web-groups-microsite/1717200128/_next/static/chunks/ |
146 KB 43 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main-0780dc073edca84dd826.js
assets.goaheadtours.com/web-groups-microsite/1717200128/_next/static/chunks/ |
59 KB 19 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_app-5fc897e4fbdc07642d03.js
assets.goaheadtours.com/web-groups-microsite/1717200128/_next/static/chunks/pages/ |
611 KB 133 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_error-e69890b6db18dcbc6fa4.js
assets.goaheadtours.com/web-groups-microsite/1717200128/_next/static/chunks/pages/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_buildManifest.js
assets.goaheadtours.com/web-groups-microsite/1717200128/_next/static/Dg0473kYgZippisgXwfRM/ |
931 B 657 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_ssgManifest.js
assets.goaheadtours.com/web-groups-microsite/1717200128/_next/static/Dg0473kYgZippisgXwfRM/ |
77 B 392 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.min.js
a.opmnstr.com/app/js/ |
51 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
453 KB 133 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
EFCircularSub-Bold.woff2
d1nldbz8jmu82w.cloudfront.net/ |
39 KB 0 |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
EFCircularSub-Light.woff2
d1nldbz8jmu82w.cloudfront.net/ |
38 KB 0 |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
m5k7y7ds347b.js
js.driftt.com/include/1719338700000/ |
221 KB 62 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.min.css
a.omappapi.com/app/js/ |
10 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
50504
api.omappapi.com/v2/embed/ |
37 KB 6 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
25065710806.js
cdn.optimizely.com/js/ |
295 KB 90 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
destination
www.googletagmanager.com/gtag/ |
232 KB 84 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
destination
www.googletagmanager.com/gtag/ |
227 KB 82 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
destination
www.googletagmanager.com/gtag/ |
227 KB 82 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bat.js
bat.bing.com/ |
45 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
destination
www.googletagmanager.com/gtag/ |
204 KB 74 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
search-insights@2.2.1
cdn.jsdelivr.net/npm/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
25957.js
www.dwin1.com/ |
49 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
219 KB 59 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
td
www.googletagmanager.com/ |
0 130 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
248 KB 88 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5.ad5ae419.min.js
a.opmnstr.com/app/js/ |
16 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4.d8754c5b.min.js
a.opmnstr.com/app/js/ |
48 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a24099230963.html
a24099230963.cdn.optimizely.com/client_storage/ Frame FB4E |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
3 B 150 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 350 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 194 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
activityi;dc_pre=CJKf6aGr94YDFf81-QAdtigIoA;src=10100557;type=sa001;cat=gat_s0;ord=9487091566086;npa=1;auiddc=1791941076.1719338560;u3=https%3A%2F%2Fwww.grouptoursite.com%2F;ps=1;pcor=648991798;uaa...
10100557.fls.doubleclick.net/ Frame E8DE Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
activity;register_conversion=1;src=10100557;type=sa001;cat=gat_s0;ord=9487091566086;npa=1;auiddc=1791941076.1719338560;u3=https%3A%2F%2Fwww.grouptoursite.com%2F;ps=1;pcor=648991798;uaa=x86;uab=64;u...
ad.doubleclick.net/ |
0 24 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
13.e8c894f8.min.js
a.opmnstr.com/app/js/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
20.41293cba.min.js
a.opmnstr.com/app/js/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
643626722363066
connect.facebook.net/signals/config/ |
60 KB 12 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5065967.js
bat.bing.com/p/action/ |
0 117 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0
bat.bing.com/action/ |
0 362 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
19.b4e5b44b.min.js
a.opmnstr.com/app/js/ |
4 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
27.b5b10bd4.min.js
a.opmnstr.com/app/js/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
32.b9065693.min.js
a.opmnstr.com/app/js/ |
11 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
10.d6ea746c.min.js
a.opmnstr.com/app/js/ |
33 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0.3271ac0a.min.js
a.opmnstr.com/app/js/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9.09463684.min.js
a.opmnstr.com/app/js/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
11.f24aae20.min.js
a.opmnstr.com/app/js/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
28.b1a68bf1.min.js
a.opmnstr.com/app/js/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
26.ece538f7.min.js
a.opmnstr.com/app/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
16.f8b2cea4.min.js
a.opmnstr.com/app/js/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1.b1faf420.min.js
a.opmnstr.com/app/js/ |
11 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
21.40afa0f2.min.js
a.opmnstr.com/app/js/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
events
logx.optimizely.com/v1/ |
0 390 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 274 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ |
67 B 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
4 KB 1004 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
eaec23eaca6460c2be846938b82116bc-optin.json
a.omappapi.com/app/campaign-views/71243615b528/piku467vs4lzzgi0pcol/ |
25 KB 5 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ |
32 KB 33 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
EFCircularSub-Medium.woff2
d1nldbz8jmu82w.cloudfront.net/ |
37 KB 0 |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i
z.omappapi.com/v3/ |
0 134 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
core
js.driftt.com/ Frame 150E |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chat
js.driftt.com/core/ Frame A72E |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
collect
www.google-analytics.com/ |
35 B 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
collect
www.google-analytics.com/ |
35 B 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
www.grouptoursite.com/ |
1 KB 505 B |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
collect
www.google-analytics.com/ |
35 B 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
92 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 undefined| event object| fence object| sharedStorage object| dataLayer object| webpackChunk_N_E object| _N_E object| __SSG_MANIFEST object| __BUILD_MANIFEST object| regeneratorRuntime object| __NEXT_DATA__ object| __NEXT_P object| next function| drift undefined| driftt object| webpackChunkom_api_js object| _omapp function| OptinMonsterApp boolean| om_loaded object| om56830_50504 object| _omq function| omq object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| GoogleAnalyticsObject function| ga function| aa string| AlgoliaAnalyticsObject function| fbq function| _fbq string| DATALAYER_OBJECT_NAME function| referrerOverride function| sendCampaignData function| initNewOptimizelyIntegration function| initOptimizelyIntegration object| optimizely function| GTMSessionDuration object| gtmSessionDuration function| onYouTubeIframeAPIReady object| 3eiXJRXgVuLsYGH9303q object| _driftFrames object| __post_robot_10_0_46__ string| __DRIFT_ENV__ string| __DRIFT_BUILD_ID__ string| __DRIFT_BRANCH__ boolean| drift_invoked object| AlgoliaAnalytics undefined| _ object| gaplugins object| gaGlobal object| gaData function| UET function| UET_init function| UET_push object| AWIN object| Sha256 object| Utf8 function| AwinCustomEvent object| ompiku467vs4lzzgi0pcol object| omo3gzeesshr4g4xmvylsx object| omlqpt60dhz7ymiepyrfv6 object| omgpgt7yfbsjohc3cgxcgs object| omewrbzwooyypuk0wyujpw object| omrlnci2dpqms4evs0stre object| omos3pb9x0pewqyfig1jkg object| omfosdh1udqaunoucyxdev object| oma91itlxomm57ccxlxhh3 object| omriqf724h3zqcnzmqywne object| omyjlevz1ugflgktc1sw0a object| omw6yrh5ytnpbpmqkyyt88 object| omxq6od8fcvpqmfskr8qy0 object| omyfs5xfyfe1hfgmbpqqdv object| omtzl9zzkczg5u1nrlxhpw object| ueto_b49a564bbb object| uetq object| gtm undefined| hotjarId object| _omns object| drift_event_listeners string| drift_display_mode string| drift_campaign_refresh number| drift_page_view_started number| drift_session_started string| drift_session_id object| drift_frameFactory object| drift_audio_context22 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.goaheadtours.com/ | Name: __cf_bm Value: imcNc0kJA4uAYyEIsHqYI6VBK2ucTq1i_qJpWQ23sZk-1719338559-1.0.1.1-9xmcVse_MBD5NZR_fWKzI979zNE1ISNDqZ2NpxE.QulPP6jImgwKMpMB7F8FhN75HRf8HXo0gcuCe.8fQEXobw |
|
.goaheadtours.com/ | Name: _cfuvid Value: 42Kv3NwSBVPKpyTipmzAb_xCe0xN0nnF09RyvAUmk4c-1719338559597-0.0.1.1-604800000 |
|
www.grouptoursite.com/ | Name: _omappvp Value: 92n0ltsW3na8Pu4FYavUB0kS0Lt0QD5Qwc6Lm8r6RmonPQefldCrTD4GjECBA6eSaaIRe4umKbd88oEP8BC9OP8af5y2qXnD |
|
www.grouptoursite.com/ | Name: _omappvs Value: 1719338560319 |
|
.grouptoursite.com/ | Name: _gcl_au Value: 1.1.1791941076.1719338560 |
|
www.grouptoursite.com/ | Name: _ALGOLIA Value: anonymous-c7515eb7-ec17-4eb4-86d6-d16006e78a00 |
|
.grouptoursite.com/ | Name: optimizelyEndUserId Value: oeu1719338561040r0.9522356157845262 |
|
.grouptoursite.com/ | Name: _gid Value: GA1.2.780738963.1719338561 |
|
.grouptoursite.com/ | Name: _dc_gtm_UA-321712-14 Value: 1 |
|
.grouptoursite.com/ | Name: _ga_9HD5J7F13C Value: GS1.1.1719338561.1.0.1719338561.0.0.0 |
|
.grouptoursite.com/ | Name: _uetsid Value: 1dbc74d0331d11efaf34c30835a10080 |
|
.grouptoursite.com/ | Name: _uetvid Value: 1dbf50e0331d11efadcee3ad72f39778 |
|
.bing.com/ | Name: MUID Value: 201DB8B0FB446C483B1FAC19FAEE6D56 |
|
.bat.bing.com/ | Name: MR Value: 0 |
|
.doubleclick.net/ | Name: ar_debug Value: 1 |
|
.grouptoursite.com/ | Name: _fbp Value: fb.1.1719338562199.258053718701725498 |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUmk77r78UOb8GaVImuP-C3rt5zNzqxURSdGnfRVGg7bJTdaeGwcHRZS0HKLp3M |
|
.doubleclick.net/ | Name: receive-cookie-deprecation Value: 1 |
|
www.grouptoursite.com/ | Name: omSeen-piku467vs4lzzgi0pcol Value: 1719338563382 |
|
www.grouptoursite.com/ | Name: drift_campaign_refresh Value: 05f6f4ba-22d2-42c4-a162-72730408bfe1 |
|
.grouptoursite.com/ | Name: _ga Value: GA1.2.581087556.1719338561 |
|
www.grouptoursite.com/ | Name: ga_session_duration Value: 7 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | frame-ancestors https://app.storyblok.com http://app.storyblok.com/ |
Strict-Transport-Security | max-age=15552000; includeSubDomains; preload |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
10100557.fls.doubleclick.net
a.omappapi.com
a.opmnstr.com
a24099230963.cdn.optimizely.com
ad.doubleclick.net
api.omappapi.com
assets.goaheadtours.com
bat.bing.com
cdn.jsdelivr.net
cdn.optimizely.com
connect.facebook.net
d1nldbz8jmu82w.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
js.driftt.com
logx.optimizely.com
region1.google-analytics.com
stats.g.doubleclick.net
www.dwin1.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.grouptoursite.com
z.omappapi.com
142.250.185.168
142.250.185.198
142.250.186.166
172.217.16.206
18.245.86.14
18.245.86.73
2001:4860:4802:32::36
23.215.21.78
2400:52e0:1e00::1079:1
2600:9000:2117:a600:f:8ce2:fb80:93a1
2600:9000:2761:d200:13:b371:9a00:21
2606:4700:3108::ac42:2af8
2606:4700::6811:8f9f
2620:1ec:c11::237
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::200a
2a00:1450:4001:812::2008
2a00:1450:4001:81c::2003
2a00:1450:400c:c04::9c
2a02:26f0:7100:89c::13b8
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:400::485
2a06:98c1:3120::3
34.49.241.189
0252332f71f20c75ef6781c91cc2723e85e01818fe6f7728df8620f81360a5f9
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
0419af108684c7be468d5b2e8813d0f8c6a8dfe6e903f321fb5fb94b538f3f41
07d4b62f608044fc01e65efc37db945c99e634a82a5264844ab092a2d79f9e4e
0ba898ffa07be7a7bbf859950bfa5c8214829033187f04ea071f09f917066ff1
0d47dbbac748871e5314dc3f196d618bd32e3f102be480b8dc6fdfe2690d676e
0e240b19b509aa542fb8be20f479e930b4ce6b96f162f4aacda5be402a3b3cf6
0eda2d79fdf30430ab5f92099925b7be33b19df9e56cb8d80d982abda178f49e
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2037c0cffae2688b5332df106c910e1532df3643c28b9023ff746645acda3f70
318b3811fff78b9d51b1385ccafe830b1b731407f73d12aba87704ce4c8c478c
34900e5c01c47dda00cb89fdf6812ec70967b6a5b3cc29f4aa82deb441f47ca7
3ac309da05ea2b78cf19874907cd99e93c750da980260aa7116f0d52b9c06427
40f5fcdf443b5777b6c40b7bcfb16ffb819fb166c7fb03dc4d3051f298b3a0c5
419e9ceec0f42d8d507ffd2bc953430abeb29bd2612358428d7b217deb284c5d
5458a9f21259f3a858100f2af976908632b9583ff4f3a2add050063f91ac861f
569f041ebf1517bc89897ddeb38835b9d93afed9d870742c4e8b967464617b54
5fd85023d4b7e68daa580930db825421c34ce8a005748eca44c2396922b2402e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bc1a762256ae3c0b7ef743836202c44e3120d05069ea81d5d86c112901ffdac
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
7145f523095f6104f82d9dbd26409181378e073eecfa04beec262ae8e99fc02f
753fb193306c662fa5918a839c29e6ac2aa6f6bc9067897914f7f88cb0b7b13a
767b301512f42330c4d9593417f8b0c9ba53f7f8d09d1f0a35a0b94576fd697a
76e0cb78cc3495b6f1d43ce22fcd3b86eb896c36449130fa6f57d5d78d24f326
7ce730c88c3e9b94213f122d60df45837854975bb99a738f5a1c6890dd897fa5
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85ac85413190c43521f591c1a6396da00ca53691e1f5efa474b98eb19355864e
8a1eb7723479d7ad4d51284d9717f4b01368c72d67a29acfcc2a253cccddb497
8bea43a9ea37aa3cb1e00bdb138fb4d55b2f3b469914a3e6920b77d1eb114954
978277c7385002bbd8eca4f51d7bdac7424ef8c6d267066e36b018b25bf88f7a
99142e3048ff980fa6ac618f8f99305efdf4bd1afa17aa842ae535a59716936d
9f4951170f17592fd277fcf1fb466699c0c6b653648f48e75f7b9be459eb68fb
a6117ff5cc0820717586d0f2ca8695cad42bf4194bcd64bcfb089c868dd9f292
a7261c03942fe3aeae6c21a5e0d467a14b728a707eaf7e1d294a93683032d761
a8e8b78aa3a03c4da90595ae6701a7354f96b39eb7c2bfe8d48eea3c598a900e
a91de84cd8701030eadfc284d5618b31d294afb744c5b0308b099b1619092138
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ade30ddbc83c165140e004aa0bbe5f843cb479538451cdc208cb47e718e1593d
b8287491cb8717de986a7e5bef74cee255e1d3ec641072785930a6d19b2338bf
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bca12f3fc5e46a28701bb4c489d1d9479c4772dd2566207865b94d91a3dc8e50
bd6f4bcdea6ade72ddbcfa9146120c9d4d447214f279350d0c1a0a99ed4da063
c0ff3b79decb22caa3569b843109a627e44621aa335370fb1deea40339ad3b00
d83d361136601a200b9c09cc3bb4399fe7e56610e2b22cb3727c323333de175c
daadb284b728162d2dc8e3892267fb1a9b3b720141af310852d0e2820a055b38
dc5d4b967ffff9726af04edc42a6fd8c0d270e5d3cf4585ce67ddb2e63848935
dd46cd5b40060d4af54ab1826b49823e50e5765743b99854f649cd3328df54fd
de14592957c07f7d86d506b4b33e19cc581fde9391d6f90b55c84e551d870025
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0d2e872be145886fa21dbfb0bdd82a6dd87de09470f3b4dc8a93c9548f1d365
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a9f71c0f5db8d6a5a4d6e428c09eb82eb1f1fdf530707e22c1d2340ebf1361
e73b7223482a81cc6c1e44b7aa3387023ce1d22850f242c2b7c3c869b1ddebe8