ebook.rxambassadors.com
Open in
urlscan Pro
172.67.220.87
Public Scan
Submission: On May 01 via api from US — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1P5 on April 16th 2024. Valid for: 3 months.
This is the only time ebook.rxambassadors.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN13335 (CLOUDFLARENET, US)
images.groovetech.io | |
matomo.groovetech.io |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN32934 (FACEBOOK, US)
www.facebook.com |
ASN15169 (GOOGLE, US)
PTR: 91.149.214.35.bc.googleusercontent.com
x.bidswitch.net |
ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
cm.g.doubleclick.net |
ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net |
ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
sync.outbrain.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com |
ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com |
ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-62-161.eu-west-1.compute.amazonaws.com
ipv4.d.adroll.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
adroll.com
11 redirects
s.adroll.com — Cisco Umbrella Rank: 3422 d.adroll.com — Cisco Umbrella Rank: 1607 ipv4.d.adroll.com — Cisco Umbrella Rank: 12294 x.adroll.com — Cisco Umbrella Rank: 5735 |
41 KB |
8 |
groovetech.io
images.groovetech.io — Cisco Umbrella Rank: 511331 matomo.groovetech.io — Cisco Umbrella Rank: 490967 |
489 KB |
6 |
infusionsoft.app
1 redirects
ir197.infusionsoft.app |
6 KB |
5 |
gstatic.com
fonts.gstatic.com |
78 KB |
5 |
fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 1791 ka-f.fontawesome.com — Cisco Umbrella Rank: 4267 |
101 KB |
3 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39 |
255 KB |
2 |
adnxs.com
1 redirects
ib.adnxs.com — Cisco Umbrella Rank: 252 |
2 KB |
2 |
casalemedia.com
1 redirects
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 629 |
2 KB |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180 |
71 KB |
2 |
groove.cm
app.groove.cm — Cisco Umbrella Rank: 442001 |
78 KB |
2 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33 |
281 KB |
2 |
rxambassadors.com
ebook.rxambassadors.com |
18 KB |
1 |
3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 409 |
140 B |
1 |
taboola.com
sync.taboola.com — Cisco Umbrella Rank: 1348 |
90 B |
1 |
yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 421 |
125 B |
1 |
pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 935 |
542 B |
1 |
outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 857 |
218 B |
1 |
openx.net
us-u.openx.net — Cisco Umbrella Rank: 528 |
273 B |
1 |
rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 378 |
239 B |
1 |
doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 262 |
409 B |
1 |
bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 375 |
235 B |
1 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 97 |
274 B |
1 |
google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2404 |
259 B |
1 |
infusionsoft.com
ir197.infusionsoft.com |
1 KB |
54 | 24 |
Domain | Requested by | |
---|---|---|
14 | d.adroll.com |
11 redirects
s.adroll.com
|
6 | ir197.infusionsoft.app |
1 redirects
ebook.rxambassadors.com
ir197.infusionsoft.app |
6 | images.groovetech.io |
ebook.rxambassadors.com
|
5 | fonts.gstatic.com |
fonts.googleapis.com
|
4 | ka-f.fontawesome.com |
kit.fontawesome.com
ebook.rxambassadors.com |
3 | www.googletagmanager.com |
ebook.rxambassadors.com
www.googletagmanager.com |
2 | ib.adnxs.com | 1 redirects |
2 | dsum-sec.casalemedia.com | 1 redirects |
2 | matomo.groovetech.io |
ebook.rxambassadors.com
matomo.groovetech.io |
2 | connect.facebook.net |
ebook.rxambassadors.com
connect.facebook.net |
2 | app.groove.cm |
ebook.rxambassadors.com
|
2 | fonts.googleapis.com |
ebook.rxambassadors.com
app.groove.cm |
2 | ebook.rxambassadors.com |
ebook.rxambassadors.com
|
1 | x.adroll.com | |
1 | ipv4.d.adroll.com | |
1 | eb2.3lift.com | |
1 | sync.taboola.com | |
1 | ups.analytics.yahoo.com | |
1 | image2.pubmatic.com | |
1 | sync.outbrain.com | |
1 | us-u.openx.net | |
1 | pixel.rubiconproject.com | |
1 | cm.g.doubleclick.net | |
1 | x.bidswitch.net | |
1 | www.facebook.com |
ebook.rxambassadors.com
|
1 | region1.google-analytics.com |
www.googletagmanager.com
|
1 | s.adroll.com |
ebook.rxambassadors.com
|
1 | ir197.infusionsoft.com |
ebook.rxambassadors.com
|
1 | kit.fontawesome.com |
ebook.rxambassadors.com
|
54 | 29 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
rxambassadors.com GTS CA 1P5 |
2024-04-16 - 2024-07-15 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-04-16 - 2024-07-09 |
3 months | crt.sh |
groove.cm E1 |
2024-03-09 - 2024-06-07 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2024-04-16 - 2024-07-09 |
3 months | crt.sh |
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-12-04 - 2025-01-03 |
a year | crt.sh |
groovetech.io E1 |
2024-04-14 - 2024-07-13 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-08-01 - 2024-07-30 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2024-02-09 - 2024-05-08 |
3 months | crt.sh |
s.adroll.com Amazon RSA 2048 M01 |
2023-06-03 - 2024-07-01 |
a year | crt.sh |
ka-f.fontawesome.com GTS CA 1P5 |
2024-03-05 - 2024-06-03 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2024-04-16 - 2024-07-09 |
3 months | crt.sh |
d.adroll.com Amazon RSA 2048 M01 |
2023-10-09 - 2024-11-07 |
a year | crt.sh |
*.adroll.com Amazon RSA 2048 M03 |
2023-10-23 - 2024-11-18 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://ebook.rxambassadors.com/
Frame ID: 8213F327E170F8E47540F214F4C3EAD6
Requests: 53 HTTP requests in this frame
Frame:
https://ir197.infusionsoft.app/app/webTracking/websiteTriggerIframe
Frame ID: A62221047957909E464AEF82B25910A9
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
EBook Landing PageDetected technologies
AdRoll (Advertising Networks) ExpandDetected patterns
- (?:a|s)\.adroll\.com
AppNexus (Advertising Networks) Expand
Detected patterns
- adnxs\.(?:net|com)
Facebook (Widgets) Expand
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- kit\.fontawesome\.com/([0-9a-z]+).js
Google Analytics (Analytics) Expand
Detected patterns
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
OpenX (Advertising Networks) Expand
Detected patterns
- https?://[^/]*\.openx\.net
PubMatic (Advertising Networks) Expand
Detected patterns
- https?://[^/]*\.pubmatic\.com
Rubicon Project (Advertising Networks) Expand
Detected patterns
- https?://[^/]*\.rubiconproject\.com
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 37- https://d.adroll.com/cm/b/out?adroll_fpc=13033f9f7a8621d6237019df7df6f8cb-1714564057370&pv=50229126697.140366&arrfrr=https%3A%2F%2Febook.rxambassadors.com%2F&advertisable=ZODE4MQSVFFGJPKSH52WP7 HTTP 302
- https://x.bidswitch.net/sync?dsp_id=44&user_id=NzI2MWJlZTAwYWIxZWE3ZjVjMGMzMWJiNWZmMDg1ODQ
- https://d.adroll.com/cm/g/out?adroll_fpc=13033f9f7a8621d6237019df7df6f8cb-1714564057370&pv=50229126697.140366&arrfrr=https%3A%2F%2Febook.rxambassadors.com%2F&advertisable=ZODE4MQSVFFGJPKSH52WP7 HTTP 302
- https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=cmG-4Aqx6n9cDDG7X_CFhA
- https://d.adroll.com/cm/index/out?adroll_fpc=13033f9f7a8621d6237019df7df6f8cb-1714564057370&pv=50229126697.140366&arrfrr=https%3A%2F%2Febook.rxambassadors.com%2F&advertisable=ZODE4MQSVFFGJPKSH52WP7 HTTP 302
- https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NzI2MWJlZTAwYWIxZWE3ZjVjMGMzMWJiNWZmMDg1ODQ&expiration=1746100057 HTTP 302
- https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NzI2MWJlZTAwYWIxZWE3ZjVjMGMzMWJiNWZmMDg1ODQ&expiration=1746100057&C=1
- https://d.adroll.com/cm/n/out?adroll_fpc=13033f9f7a8621d6237019df7df6f8cb-1714564057370&pv=50229126697.140366&arrfrr=https%3A%2F%2Febook.rxambassadors.com%2F&advertisable=ZODE4MQSVFFGJPKSH52WP7 HTTP 302
- https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NzI2MWJlZTAwYWIxZWE3ZjVjMGMzMWJiNWZmMDg1ODQ&expires=365
- https://d.adroll.com/cm/o/out?adroll_fpc=13033f9f7a8621d6237019df7df6f8cb-1714564057370&pv=50229126697.140366&arrfrr=https%3A%2F%2Febook.rxambassadors.com%2F&advertisable=ZODE4MQSVFFGJPKSH52WP7 HTTP 302
- https://us-u.openx.net/w/1.0/sd?id=537103138&val=7261bee00ab1ea7f5c0c31bb5ff08584&gdpr=1&gdpr_consent=
- https://d.adroll.com/cm/outbrain/out?adroll_fpc=13033f9f7a8621d6237019df7df6f8cb-1714564057370&pv=50229126697.140366&arrfrr=https%3A%2F%2Febook.rxambassadors.com%2F&advertisable=ZODE4MQSVFFGJPKSH52WP7 HTTP 302
- https://sync.outbrain.com/cookie-sync?p=adroll&uid=NzI2MWJlZTAwYWIxZWE3ZjVjMGMzMWJiNWZmMDg1ODQ&gdpr=1&gdpr_consent=&us_privacy=1---
- https://d.adroll.com/cm/pubmatic/out?adroll_fpc=13033f9f7a8621d6237019df7df6f8cb-1714564057370&pv=50229126697.140366&arrfrr=https%3A%2F%2Febook.rxambassadors.com%2F&advertisable=ZODE4MQSVFFGJPKSH52WP7 HTTP 302
- https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=NzI2MWJlZTAwYWIxZWE3ZjVjMGMzMWJiNWZmMDg1ODQ&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
- https://d.adroll.com/cm/r/out?adroll_fpc=13033f9f7a8621d6237019df7df6f8cb-1714564057370&pv=50229126697.140366&arrfrr=https%3A%2F%2Febook.rxambassadors.com%2F&advertisable=ZODE4MQSVFFGJPKSH52WP7 HTTP 302
- https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=NzI2MWJlZTAwYWIxZWE3ZjVjMGMzMWJiNWZmMDg1ODQ&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
- https://d.adroll.com/cm/taboola/out?adroll_fpc=13033f9f7a8621d6237019df7df6f8cb-1714564057370&pv=50229126697.140366&arrfrr=https%3A%2F%2Febook.rxambassadors.com%2F&advertisable=ZODE4MQSVFFGJPKSH52WP7 HTTP 302
- https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NzI2MWJlZTAwYWIxZWE3ZjVjMGMzMWJiNWZmMDg1ODQ
- https://d.adroll.com/cm/triplelift/out?adroll_fpc=13033f9f7a8621d6237019df7df6f8cb-1714564057370&pv=50229126697.140366&arrfrr=https%3A%2F%2Febook.rxambassadors.com%2F&advertisable=ZODE4MQSVFFGJPKSH52WP7 HTTP 302
- https://eb2.3lift.com/xuid?mid=4714&xuid=NzI2MWJlZTAwYWIxZWE3ZjVjMGMzMWJiNWZmMDg1ODQ&dongle=c85e
- https://d.adroll.com/cm/x/out?adroll_fpc=13033f9f7a8621d6237019df7df6f8cb-1714564057370&pv=50229126697.140366&arrfrr=https%3A%2F%2Febook.rxambassadors.com%2F&advertisable=ZODE4MQSVFFGJPKSH52WP7 HTTP 302
- https://ib.adnxs.com/setuid?entity=172&code=NzI2MWJlZTAwYWIxZWE3ZjVjMGMzMWJiNWZmMDg1ODQ HTTP 307
- https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNzI2MWJlZTAwYWIxZWE3ZjVjMGMzMWJiNWZmMDg1ODQ
- https://ir197.infusionsoft.app/app/webTracking/contact/1714564056223?contactId=0&screenResolution=1600x1200&plugins=&javaEnabled=false&domain=ebook.rxambassadors.com&location=https://ebook.rxambassadors.com/&referrer= HTTP 302
- https://ir197.infusionsoft.app/slices/spacer.gif
54 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
Primary Request
/
ebook.rxambassadors.com/ |
64 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
763 KB 141 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
inpage_published.css
app.groove.cm/groovepages/css/ |
462 KB 67 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
305 KB 102 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
211 KB 76 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
e7647a48d4.js
kit.fontawesome.com/ |
12 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
index.css
ebook.rxambassadors.com/ |
78 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzVlZTU5MTg4MTkwMDRkMDAxMzFiYTMxNi8xNjg3NzAzOTE5X1J4QW1iYXNzYWRvcnNFYm9vay1IYXJkLUNvdmVyLnBuZw.webp
images.groovetech.io/ZhrDj9CG2Ydui57UKxObYX69bIysPIB7xH8hMovtRdQ/rs:fit:0:0:0/g:no:0:0/c:0:0/ |
100 KB 101 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzVlZTU5MTg4MTkwMDRkMDAxMzFiYTMxNi8xNzEyNzc4MzQzX2Q0ZDE1ZTI4M2I0YjRhYjk4ZmY1MmEzN2RkZjA3ZjYyLnBuZw.webp
images.groovetech.io/Wfm7LTBK0TsyP1ibSFCZUBrjHh5jfj7cOVex5x_USv0/rs:fit:0:0:0/g:no:0:0/c:0:0/ |
28 KB 28 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzVlZTU5MTg4MTkwMDRkMDAxMzFiYTMxNi8xNjkwODIyMzk4X1J4QW1iYXNzYWRvckZseWVyODV4NTV2MjYucG5n.webp
images.groovetech.io/jpsM6wD4jQDJnEfrZq1v02ONuPOBNMn-6P7Us_0et-U/rs:fit:0:0:0/g:no:0:0/c:0:0/ |
92 KB 93 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzVlZTU5MTg4MTkwMDRkMDAxMzFiYTMxNi8xNzEyNzc5NTYwXzE2ODc3MDM5MTlSeEFtYmFzc2Fkb3JzRWJvb2tIYXJkQ292ZXJWMi53ZWJw.webp
images.groovetech.io/gnefvNT_sfmaVA-PgoRjc0zxebJWUB9Socga56kclmg/rs:fit:0:0:0/g:no:0:0/c:0:0/ |
83 KB 83 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
getTrackingCode
ir197.infusionsoft.app/app/webTracking/ |
7 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
overwriteRefererJs
ir197.infusionsoft.app/app/webform/ |
202 B 736 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
getTrackingCode
ir197.infusionsoft.app/app/webTracking/ |
7 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
timezoneInputJs
ir197.infusionsoft.com/app/timezone/ |
601 B 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzVlZTU5MTg4MTkwMDRkMDAxMzFiYTMxNi8xNzExMTMwOTc4X1J4QW1iYXNzYWRvcnNMb2dvMjAyNC5wbmc.webp
images.groovetech.io/fmfDBnWKXsDjnwQ3DEDLntF1-KAmw-_HXVAuims7-DY/rs:fit:0:0:0/g:no:0:0/c:0:0/ |
62 KB 63 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
inpage_published.js
app.groove.cm/groovepages/js/ |
31 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
738 KB 140 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
218 KB 59 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
roundtrip.js
s.adroll.com/j/ZODE4MQSVFFGJPKSH52WP7/ |
93 KB 28 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
free.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ |
59 KB 13 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ |
26 KB 5 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ |
3 KB 1 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
matomo.js
matomo.groovetech.io/ |
64 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
va9E4kDNxMZdWfMOD5Vvl4jL.woff2
fonts.gstatic.com/s/firasans/v17/ |
23 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2
fonts.gstatic.com/s/firasans/v17/ |
24 KB 25 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JTUSjIg69CK48gW7PXoo9Wlhyw.woff2
fonts.gstatic.com/s/bebasneue/v14/ |
13 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 259 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
213 KB 77 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1279234672959688
connect.facebook.net/signals/config/ |
56 KB 12 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ |
76 KB 77 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
matomo.php
matomo.groovetech.io/ |
0 434 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 274 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
websiteTriggerIframe
ir197.infusionsoft.app/app/webTracking/ Frame A622 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ZODE4MQSVFFGJPKSH52WP7
d.adroll.com/consent/check/ |
491 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PW73IRVVSBE6PKUEFKH4WB
d.adroll.com/segment/ZODE4MQSVFFGJPKSH52WP7/ |
42 B 2 KB |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sync
x.bidswitch.net/ Redirect Chain
|
43 B 235 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel
cm.g.doubleclick.net/ Redirect Chain
|
170 B 409 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
rum
dsum-sec.casalemedia.com/ Redirect Chain
|
43 B 730 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
out
d.adroll.com/cm/l/ |
42 B 180 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tap.php
pixel.rubiconproject.com/ Redirect Chain
|
0 239 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sd
us-u.openx.net/w/1.0/ Redirect Chain
|
43 B 273 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cookie-sync
sync.outbrain.com/ Redirect Chain
|
0 218 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Pug
image2.pubmatic.com/AdServer/ Redirect Chain
|
42 B 542 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync
ups.analytics.yahoo.com/ups/55980/ Redirect Chain
|
0 125 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rtb-h
sync.taboola.com/sg/adroll-network/1/ Redirect Chain
|
0 90 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
xuid
eb2.3lift.com/ Redirect Chain
|
37 B 140 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bounce
ib.adnxs.com/ Redirect Chain
|
43 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PW73IRVVSBE6PKUEFKH4WB
ipv4.d.adroll.com/seg4/ZODE4MQSVFFGJPKSH52WP7/ |
42 B 588 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
spacer.gif
ir197.infusionsoft.app/slices/ Redirect Chain
|
43 B 447 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
trigger
x.adroll.com/attribution/ |
2 B 641 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzVlZTU5MTg4MTkwMDRkMDAxMzFiYTMxNi8xNjg3MjczNDI5X1JYLUFtYmFzc2Fkb3ItTG9nby5wbmc.webp
images.groovetech.io/G5E2sQHz10vL_s2GaUzGrfUGGLCWIelWKJFaT5Ea17A/rs:fit:0:0:0/g:no:0:0/c:0:0/ |
98 KB 99 KB |
Other
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
56 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| gtag object| dataLayer function| fbq function| _fbq string| adroll_adv_id string| adroll_pix_id string| adroll_version boolean| __adroll_loaded object| adroll object| FontAwesomeKitConfig object| megamenuEvent function| setPageUrl function| urlWithQueryParam function| openQuickPopup string| websiteurl undefined| encodeSite object| _paq function| mergeContentSettings object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| link object| form number| j object| element object| input function| gpHandleTabChange object| site object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log function| __adroll__ string| adroll_sid object| __adroll boolean| adroll_sendrolling_cross_device object| adroll_form_fields object| adroll_third_party_forms object| adroll_third_party_detected object| adroll_snippet_errors undefined| adroll_tpc_callback object| __adroll_consent_data object| adroll_exp_list boolean| __adroll_consent boolean| __adroll_consent_is_gdpr string| __adroll_consent_user_country string| __adroll_consent_adv_country number| adroll_lex33_called object| __adroll_pxl_assistant_track object| adroll_currency object| adroll_conversion_value object| adroll_conversion_value_in_dollars string| adroll_seg_eid string| adroll_rule_type27 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.rxambassadors.com/ | Name: _ga_81WGK6S6RW Value: GS1.1.1714564056.1.0.1714564056.0.0.0 |
|
.rxambassadors.com/ | Name: _ga Value: GA1.1.799558068.1714564056 |
|
.rxambassadors.com/ | Name: _gcl_au Value: 1.1.393216396.1714564056 |
|
.infusionsoft.com/ | Name: __cf_bm Value: YHxKsU8XrBZYOgQWKQkNYH5FvKriZZaai32dwRP087E-1714564056-1.0.1.1-74p.XMn_XxUyVCjji7SsuvtiOslnzIkmudq1o_6C3ebplIDiZD1O8VY1UmEvpVVMVehPOHhkuxql2ghkKTsjNw |
|
ebook.rxambassadors.com/ | Name: _pk_id.4.38bd Value: daa9406e82a4596c.1714564056. |
|
ebook.rxambassadors.com/ | Name: _pk_ses.4.38bd Value: 1 |
|
ebook.rxambassadors.com/ | Name: hasVisitedPopupPage Value: true |
|
.rxambassadors.com/ | Name: _fbp Value: fb.1.1714564056571.1054609191 |
|
.d.adroll.com/ | Name: __adroll Value: 7261bee00ab1ea7f5c0c31bb5ff08584-a_1714564057 |
|
.d.adroll.com/ | Name: receive-cookie-deprecation Value: 1 |
|
.adroll.com/ | Name: receive-cookie-deprecation Value: 1 |
|
.adroll.com/ | Name: __adroll_shared Value: 7261bee00ab1ea7f5c0c31bb5ff08584-a_1714564057 |
|
.ebook.rxambassadors.com/ | Name: __adroll_fpc Value: 13033f9f7a8621d6237019df7df6f8cb-1714564057370 |
|
.ebook.rxambassadors.com/ | Name: __ar_v4 Value: %7CZODE4MQSVFFGJPKSH52WP7%3A20240431%3A1%7CPW73IRVVSBE6PKUEFKH4WB%3A20240431%3A1 |
|
.casalemedia.com/ | Name: CMID Value: ZjIr2bmqPeMAAHc7BDpWDAAA |
|
.casalemedia.com/ | Name: CMPS Value: 5286 |
|
.casalemedia.com/ | Name: CMPRO Value: 5286 |
|
.pubmatic.com/ | Name: KRTBCOOKIE_10 Value: 22808-NzI2MWJlZTAwYWIxZWE3ZjVjMGMzMWJiNWZmMDg1ODQ&KRTB&22883-NzI2MWJlZTAwYWIxZWE3ZjVjMGMzMWJiNWZmMDg1ODQ&KRTB&23504-NzI2MWJlZTAwYWIxZWE3ZjVjMGMzMWJiNWZmMDg1ODQ |
|
.pubmatic.com/ | Name: PugT Value: 1714564055 |
|
ir197.infusionsoft.app/ | Name: InfusionsoftTrackingCookie Value: baa536769e4a87e5bbd4fbb7c5c9559c |
|
.adnxs.com/ | Name: XANDR_PANID Value: q2fNnMb1u0hk6rfWr_o_duSK-ZAKrWMLRf27bvVQDtKcMrxNH-zzDbbirtebkt4Dx4fUI5KbzgNEFa4xCPwYxXAuQeHZqnmwHQOIt6pXK40. |
|
.adnxs.com/ | Name: receive-cookie-deprecation Value: 1 |
|
.adnxs.com/ | Name: uuid2 Value: 6800991582877340359 |
|
x.adroll.com/ | Name: ar_debug Value: 1 |
|
.infusionsoft.app/ | Name: cf_clearance Value: xXHIPuxowmGIH8pFgUarrLS7prWluNjfzS8rVS.36xc-1714564057-1.0.1.1-ou3kYKUBedxL1MbhlohMXIJGkON.7Denxl_Q9w40ywPweDGrNVvY3wEOXGwlqY3WbH90mU2jltR1RsYwe2PkYQ |
|
.adnxs.com/ | Name: anj Value: dTM7k!M4/rD>6NRF']wIg2GU!wT_eA!]tbPl@/@8$-^=$UfY:iZngt0A(+dRDxQYuF48j3]+Z-BAM02(Ha_+5ip@l8kDQB+i/00Kn=)aK+vhNV!_6-zQEVk`!?1OX1kbTP |
|
.infusionsoft.app/ | Name: __cf_bm Value: 50cSoE0HSFIcMDqA2023m6EX5SzQN2TrZ_3WIsSA_.0-1714564057-1.0.1.1-KDjx04Q9_Wl67ljwRaCFDcUghIT9nOoSrxns_UrFIQ8VwBsx1pH40O69Z6hhDkewZYIXCXPhT2kbUXukSMosHSkBID97yP_n8wo6aTUgHF0 |
86 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
app.groove.cm
cm.g.doubleclick.net
connect.facebook.net
d.adroll.com
dsum-sec.casalemedia.com
eb2.3lift.com
ebook.rxambassadors.com
fonts.googleapis.com
fonts.gstatic.com
ib.adnxs.com
image2.pubmatic.com
images.groovetech.io
ipv4.d.adroll.com
ir197.infusionsoft.app
ir197.infusionsoft.com
ka-f.fontawesome.com
kit.fontawesome.com
matomo.groovetech.io
pixel.rubiconproject.com
region1.google-analytics.com
s.adroll.com
sync.outbrain.com
sync.taboola.com
ups.analytics.yahoo.com
us-u.openx.net
www.facebook.com
www.googletagmanager.com
x.adroll.com
x.bidswitch.net
104.18.36.155
141.226.228.48
142.250.74.194
172.67.139.119
172.67.220.87
188.114.97.3
198.47.127.205
2001:4860:4802:34::36
2600:9000:2644:6000:6:9280:1080:93a1
2606:4700:4400::6812:2844
2606:4700:4400::ac40:922f
2606:4700:4400::ac40:9620
2a00:1450:4001:806::2008
2a00:1450:4001:810::200a
2a00:1450:4001:828::2003
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a05:d018:cc3:fe04:7973:f755:89a1:e81e
2a05:d018:cc3:fe08:e027:704:d2c3:34ef
2a06:98c1:3121::3
3.75.62.37
35.214.149.91
35.244.159.8
37.252.171.85
52.212.62.161
64.202.112.159
69.173.144.139
76.223.111.18
02f5dfc0c21e92f3c724260f035833e627513a1b91230cc490a1ea756c95e5e5
05e1c5ab630930849b48bda97cf06f4ada21ba20d160dc063f41dca6e03e33f6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bc797ab1f8c2a316ea535d24ab3b17c69e5ce1033d5cf96334f069284658415
2184219d1189dcb1a4016ae10c50a957891ac76dc435f34e7cb0f2dc8aadc2cd
240c38702c07727457bcbfc8ab95b79209da5dd48f94fef1bfee3a504b3d677d
275b09d758accadd72d4e8aa03c71bbd7c60dd39e8ddadaf75563c222bcc8092
29157fd18c2540c571f0abbb581cc9206d7afc347925876288a6650f1ffa7912
3cfdd59e9e0e188d35a16b7a2828ce5be17f058c3a9db0ffe9ded40d27f97ab4
45f1b654ec61c60215f597e30df063b0fee38c8a42f7046f99bf9bf3376971dc
4a3bcf92337495e8b29c3b9c4e69ff7c228d83c6d20c1ac34006c157f0dadf85
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5dc769a2041f4053af06540d1099ed4449cf32e3adab3ed4c89a34d830ed1f67
688d09aa15b1f88250ff2bcfdf6214d5f520ed0f7941417fc69ce5416d83fde1
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
6dec80bcccdf27cb0e4d578a6a4765311178a7c78f3886ff4e101555c0f9d360
713601c1e3e76d39801d007a718d2b536a7a081e31a51f22e99ff96d58e988e2
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
89ae1743656b75948be30cc4909efd3c61771b7bd9f6d53eb14cd9731d486b57
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9793493390fe5b824f980de1f5be974f081b20b363d165b48e46bc98eebfde78
aeb8ee318c92f27b04f8ab77fa71b2a3185a81c3ccf7c77adedaf29981465765
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b7fb003560fcdd5d3d095f2333d23f5850e298b6c8031352ec8262a7444a05bb
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc353ec71aa853a34fab629095f7943dafd229fad058589690c9599a13837a68
c34b30be3d196a455f134497a33073b653ec4a297bfb43d4b6f9720219b1d50a
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7
c770a7f79fe8ea425864ac22e397a471e472111220efeb83ce612f4c36a7df64
d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693
e2aad277b5ddbcbbb152a9c10767f5c2aca0cc3376139e6f767823a0206c23f2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3c80df772b944871d2b94599edee5100ce8b5b1fb228eb146474f52e60d375f
f8670aeae31081a6ca36e9723cc81c90185a11b910c6d0643643b63613fc7c69
fbafd37b04603f38be311dca28a3e5ff54b8117a0bf6b56ba37674367c863dd7
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda
fee015d1e8e65e8c5f05bf311c93c514879c995a25ae746f0a42e72c593ee1d2