![](/screenshots/3e0306f8-ff0c-4316-bc4c-e91fb7f72b57.png)
www.afscme.org
Open in
urlscan Pro
2600:9000:2006:7c00:1:e0:5fc0:93a1
Public Scan
Effective URL: https://www.afscme.org/now/health-care-matters
Submission: On August 02 via manual from US
Summary
TLS certificate: Issued by Amazon on March 29th 2018. Valid for: a year.
This is the only time www.afscme.org was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 52.73.91.247 52.73.91.247 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
26 | 2600:9000:200... 2600:9000:2006:7c00:1:e0:5fc0:93a1 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 | 2a00:1450:400... 2a00:1450:4001:81d::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 151.101.14.51 151.101.14.51 | 54113 (FASTLY) (FASTLY - Fastly) | |
1 | 151.101.12.233 151.101.12.233 | 54113 (FASTLY) (FASTLY - Fastly) | |
4 | 104.111.228.202 104.111.228.202 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
1 3 | 2a00:1450:400... 2a00:1450:4001:81d::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 2a00:1450:400... 2a00:1450:4001:81d::2008 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
3 | 2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
5 | 2a00:1450:400... 2a00:1450:4001:814::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 52.216.104.101 52.216.104.101 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 6 | 2a00:1450:400... 2a00:1450:4001:81d::2004 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 3 | 216.58.214.34 216.58.214.34 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 1 | 2a00:1450:400... 2a00:1450:400c:c00::9a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 2a00:1450:400... 2a00:1450:4001:81d::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
3 | 2a03:2880:f11... 2a03:2880:f11c:8186:face:b00c:0:50fb | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
1 | 2a00:1450:400... 2a00:1450:4001:825::2002 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 2a00:1450:400... 2a00:1450:4001:825::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 2.18.233.40 2.18.233.40 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
1 2 | 54.217.222.55 54.217.222.55 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
6 7 | 46.51.170.95 46.51.170.95 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 | 2a00:1288:110... 2a00:1288:110:833::4000 | 34010 (YAHOO-IRD) (YAHOO-IRD) | |
1 2 | 18.153.11.1 18.153.11.1 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 | 185.33.223.200 185.33.223.200 | 29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus) | |
2 2 | 52.73.117.100 52.73.117.100 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
1 2 | 139.61.74.125 139.61.74.125 | 15026 (ACXIOM) (ACXIOM - Acxiom Corporation) | |
1 2 | 173.241.240.143 173.241.240.143 | 36089 (OPENX-AS1) (OPENX-AS1 - OPENX TECHNOLOGIES) | |
68 | 24 |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-73-91-247.compute-1.amazonaws.com
ceros.salesloftlinks.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
www.afscme.org |
ASN54113 (FASTLY - Fastly, US)
creative-services.ceros.com |
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-228-202.deploy.static.akamaitechnologies.com
s7.addthis.com | |
m.addthisedge.com |
ASN15169 (GOOGLE - Google LLC, US)
cse.google.com | |
www.google-analytics.com |
ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s09-in-f34.1e100.net
www.googleadservices.com | |
cm.g.doubleclick.net |
ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com |
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-233-40.deploy.static.akamaitechnologies.com
s.adroll.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-217-222-55.eu-west-1.compute.amazonaws.com
d.adroll.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-46-51-170-95.eu-west-1.compute.amazonaws.com
d.adroll.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-153-11-1.eu-central-1.compute.amazonaws.com
x.bidswitch.net |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-73-117-100.compute-1.amazonaws.com
idsync.rlcdn.com |
ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US)
PTR: ox-173-241-240-143.xa.dc.openx.org
us-u.openx.net |
Domain | Requested by | |
---|---|---|
26 | www.afscme.org |
www.afscme.org
|
9 | d.adroll.com |
7 redirects
s.adroll.com
|
6 | www.google.com |
1 redirects
cse.google.com
www.google.com www.afscme.org |
5 | fonts.gstatic.com |
www.afscme.org
|
3 | www.facebook.com |
www.afscme.org
|
3 | connect.facebook.net |
www.afscme.org
connect.facebook.net |
3 | s7.addthis.com |
www.afscme.org
s7.addthis.com |
2 | cm.g.doubleclick.net | 2 redirects |
2 | us-u.openx.net | 1 redirects |
2 | rrc.rlcdn.com | 1 redirects |
2 | idsync.rlcdn.com | 2 redirects |
2 | x.bidswitch.net | 1 redirects |
2 | s.adroll.com |
www.afscme.org
|
2 | www.google.de |
www.afscme.org
|
2 | www.google-analytics.com |
1 redirects
www.googletagmanager.com
|
2 | view.ceros.com |
www.afscme.org
creative-services.ceros.com |
1 | ib.adnxs.com | |
1 | ads.yahoo.com | |
1 | www.googleapis.com |
www.afscme.org
|
1 | googleads.g.doubleclick.net |
www.googleadservices.com
|
1 | stats.g.doubleclick.net | 1 redirects |
1 | www.googleadservices.com |
www.googletagmanager.com
|
1 | m.addthisedge.com |
s7.addthis.com
|
1 | s3.amazonaws.com |
www.afscme.org
|
1 | www.googletagmanager.com |
www.afscme.org
|
1 | cse.google.com |
www.afscme.org
|
1 | creative-services.ceros.com |
www.afscme.org
|
1 | fonts.googleapis.com |
www.afscme.org
|
1 | ceros.salesloftlinks.com | 1 redirects |
68 | 29 |
This site contains links to these domains. Also see Links.
Domain |
---|
employeeconnect.afscme.org |
www.trilogyinteractive.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.afscme.org Amazon |
2018-03-29 - 2019-04-29 |
a year | crt.sh |
view.ceros.com DigiCert SHA2 Secure Server CA |
2018-07-30 - 2020-04-16 |
2 years | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.afscme.org/now/health-care-matters
Frame ID: 25FEE03214F8E22BC0F1F1CF4396177A
Requests: 67 HTTP requests in this frame
Frame:
https://view.ceros.com/trilogy-interactive/aca-story-desktop?heightOverride=11000
Frame ID: 82A7275A46CAE22DB54DA164345EDFB6
Requests: 1 HTTP requests in this frame
Screenshot
![](/screenshots/3e0306f8-ff0c-4316-bc4c-e91fb7f72b57.png)
Page URL History Show full URLs
-
https://ceros.salesloftlinks.com/c/a6900a97-8b21-486a-9c74-8dd167e9f04d/aHR0cHM6Ly93d3cuYWZzY21lLm9yZy9ub3cva...
HTTP 302
https://www.afscme.org/now/health-care-matters Page URL
Detected technologies
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Detected patterns
- env /^adroll_/i
Detected patterns
- env /^addthis/i
Detected patterns
- script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
- env /^gaGlobal$/i
![](/vendor/wappa/icons/Google Font API.png)
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
![](/vendor/wappa/icons/Google Tag Manager.png)
Detected patterns
- env /^google_tag_manager$/i
Detected patterns
- env /^Modernizr$/i
Detected patterns
- script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
- script /jquery.*\.js/i
- env /^jQuery$/i
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: IU Staff Connect
Search URL Search Domain Scan URL
Title: Trilogy
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://ceros.salesloftlinks.com/c/a6900a97-8b21-486a-9c74-8dd167e9f04d/aHR0cHM6Ly93d3cuYWZzY21lLm9yZy9ub3cvaGVhbHRoLWNhcmUtbWF0dGVycw==/www-afscme-org-now-health-care-matters
HTTP 302
https://www.afscme.org/now/health-care-matters Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 47- https://www.google-analytics.com/r/collect?v=1&_v=j68&a=1401715031&t=pageview&_s=1&dl=https%3A%2F%2Fwww.afscme.org%2Fnow%2Fhealth-care-matters&ul=en-us&de=UTF-8&dt=AFSCME%20%7C%20Health%20Care%20Matters&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAAAB~&jid=904577403&gjid=1687897088&cid=527681716.1533243812&tid=UA-6262329-6&_gid=1543915397.1533243812&_r=1>m=G7nNTM97X&z=950443215 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6262329-6&cid=527681716.1533243812&jid=904577403&_gid=1543915397.1533243812&gjid=1687897088&_v=j68&z=950443215 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6262329-6&cid=527681716.1533243812&jid=904577403&_v=j68&z=950443215 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6262329-6&cid=527681716.1533243812&jid=904577403&_v=j68&z=950443215&slf_rd=1&random=330498950
- https://d.adroll.com/pixel/OK6X4IJ3LVHJ3AVGO3OVN6/JLZQCGJXHFF7XFILIZ3QSQ?pv=71372624538.9517&cookie=&adroll_s_ref=&keyw=&arrfrr=https%3A%2F%2Fwww.afscme.org%2Fnow%2Fhealth-care-matters HTTP 302
- https://s.adroll.com/pixel/OK6X4IJ3LVHJ3AVGO3OVN6/JLZQCGJXHFF7XFILIZ3QSQ/EJJ3MV7EZ5DDTE5EZJWJ24.js
- https://d.adroll.com/cm/r/out?advertisable=OK6X4IJ3LVHJ3AVGO3OVN6 HTTP 302
- https://ads.yahoo.com/pixel?id=2498203&t=2&piggyback=https%3A%2F%2Fads.yahoo.com%2Fcms%2Fv1%3Fesig%3D1~bf4e7dc4546a90c08591652d78a230d3f2ef5733%26nwid%3D10001032567%26sigv%3D1%26gdpr%3D1%26gdpr_consent%3DBOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
- https://d.adroll.com/cm/b/out?advertisable=OK6X4IJ3LVHJ3AVGO3OVN6 HTTP 302
- https://x.bidswitch.net/sync?dsp_id=44&user_id=OTdmYTBjMDc5M2U1ZDBiNjk5MmQ5NDk0M2U4Y2YxZGU HTTP 302
- https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=OTdmYTBjMDc5M2U1ZDBiNjk5MmQ5NDk0M2U4Y2YxZGU
- https://d.adroll.com/cm/x/out?advertisable=OK6X4IJ3LVHJ3AVGO3OVN6 HTTP 302
- https://ib.adnxs.com/pxj?bidder=172&seg=802787&action=setuid(%27OTdmYTBjMDc5M2U1ZDBiNjk5MmQ5NDk0M2U4Y2YxZGU%27)
- https://d.adroll.com/cm/l/out?advertisable=OK6X4IJ3LVHJ3AVGO3OVN6 HTTP 302
- https://idsync.rlcdn.com/377928.gif?partner_uid=97fa0c0793e5d0b6992d94943e8cf1de HTTP 307
- https://idsync.rlcdn.com/1000.gif?memo=CMiIFxIrCicIARDqIhogOTdmYTBjMDc5M2U1ZDBiNjk5MmQ5NDk0M2U4Y2YxZGUQABoNCKXjjdsFEgUI6AcQAA HTTP 307
- https://rrc.rlcdn.com/474649.gif HTTP 302
- https://rrc.rlcdn.com/474649.gif?redirect=1
- https://d.adroll.com/cm/o/out?advertisable=OK6X4IJ3LVHJ3AVGO3OVN6 HTTP 302
- https://us-u.openx.net/w/1.0/sd?id=537103138&val=97fa0c0793e5d0b6992d94943e8cf1de HTTP 302
- https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=97fa0c0793e5d0b6992d94943e8cf1de
- https://d.adroll.com/cm/g/out?advertisable=OK6X4IJ3LVHJ3AVGO3OVN6&google_nid=adroll5 HTTP 302
- https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=l_oMB5Pl0LaZLZSUPozx3g&google_ula=1535926 HTTP 302
- https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=l_oMB5Pl0LaZLZSUPozx3g&google_ula=1535926&google_tc= HTTP 302
- https://d.adroll.com/cm/g/in?google_ula=1535926,0
68 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
health-care-matters
www.afscme.org/now/ Redirect Chain
|
47 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
reset.css
www.afscme.org/now-theme/css/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
type.css
www.afscme.org/now-theme/css/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
header.css
www.afscme.org/now-theme/css/ |
24 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
global.css
www.afscme.org/now-theme/css/ |
27 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
slick.css
www.afscme.org/now-theme/css/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
forms.css
www.afscme.org/now-theme/css/ |
4 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
www.afscme.org/now-theme/css/ |
20 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
now-ceros-post.css
www.afscme.org/now-theme/css/ |
0 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.ti-desktop.jquery-1.11.1-ui-1.11.2-6.js
www.afscme.org/now-theme/scripts/ |
192 KB 192 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
site.js
www.afscme.org/now-theme/scripts/ |
2 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
slick.js
www.afscme.org/now-theme/scripts/ |
80 KB 80 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
smooth-scroll.min.js
www.afscme.org/now-theme/scripts/ |
3 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.popupoverlay.js
www.afscme.org/now-theme/scripts/ |
30 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.waypoints.min.js
www.afscme.org/now-theme/scripts/ |
9 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sticky.min.js
www.afscme.org/now-theme/scripts/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
css
fonts.googleapis.com/ |
17 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
banners.css
www.afscme.org/now-theme/css/ |
14 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
scroll-proxy.min.js
view.ceros.com/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
embedded-variant-switcher-v2.min.js
creative-services.ceros.com/customer-success/varying-embed-tag-generator/ |
1010 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
addthis_widget.js
s7.addthis.com/js/300/ |
349 KB 112 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-acu.svg
www.afscme.org/now-theme/img/ |
106 KB 107 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-public-safety.svg
www.afscme.org/now-theme/img/ |
216 KB 216 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-una.svg
www.afscme.org/now-theme/img/ |
108 KB 109 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-retirees.svg
www.afscme.org/now-theme/img/ |
16 KB 17 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-next-wave.svg
www.afscme.org/now-theme/img/ |
5 KB 6 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
print.css
www.afscme.org/now-theme/css/ |
22 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
cse.js
cse.google.com/ |
5 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
gtm.js
www.googletagmanager.com/ |
62 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
fbevents.js
connect.facebook.net/en_US/ |
43 KB 13 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v18/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icomoon.woff2
s3.amazonaws.com/icomoon.io/31537/AFSCMEBlog/ |
4 KB 5 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQk6YvM.woff2
fonts.gstatic.com/s/robotocondensed/v16/ |
10 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
20180731-CarsonCity-Header.png
www.afscme.org/now/image/ |
497 KB 498 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
20180801-EMSLocal2960-Header.png
www.afscme.org/now/image/ |
2 MB 2 MB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
20180802-NYCHospitals-Header.png
www.afscme.org/now/image/ |
372 KB 373 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYb9lecyU.woff2
fonts.gstatic.com/s/robotocondensed/v16/ |
10 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
1490917327891450
connect.facebook.net/signals/config/ |
80 KB 16 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
jsapi
www.google.com/ |
26 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
KFOlCnqEu92Fr1MmYUtfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v18/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYb9lecyU.woff2
fonts.gstatic.com/s/robotocondensed/v16/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
_ate.track.config_resp
m.addthisedge.com/live/boost/afscme/ |
2 KB 790 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
analytics.js
www.google-analytics.com/ |
34 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
conversion_async.js
www.googleadservices.com/pagead/ |
18 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aca-story-desktop
view.ceros.com/trilogy-interactive/ Frame 82A7 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
default+en.css
www.google.com/uds/api/search/1.0/ddc80d38c7e2cb7b462cb57d9710fb58/ |
45 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
default.css
www.google.com/cse/static/style/look/v2/ |
14 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
default+en.I.js
www.google.com/uds/api/search/1.0/ddc80d38c7e2cb7b462cb57d9710fb58/ |
308 KB 89 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
/
www.facebook.com/tr/ |
44 B 147 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/997000204/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
generate_204
www.googleapis.com/ |
0 40 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
/
www.google.com/ads/user-lists/997000204/ |
42 B 112 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
/
www.google.de/ads/user-lists/997000204/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
layers.b01bacf303e2cf5c81a0.js
s7.addthis.com/static/ |
260 KB 74 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
/
www.facebook.com/tr/ |
44 B 101 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
roundtrip.js
s.adroll.com/j/ |
29 KB 10 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
OK6X4IJ3LVHJ3AVGO3OVN6
d.adroll.com/consent/check/ |
34 B 194 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
EJJ3MV7EZ5DDTE5EZJWJ24.js
s.adroll.com/pixel/OK6X4IJ3LVHJ3AVGO3OVN6/JLZQCGJXHFF7XFILIZ3QSQ/ Redirect Chain
|
4 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
132.43c7365b6d0b57a8b41f.js
s7.addthis.com/static/ |
418 B 602 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
1059024640792337
connect.facebook.net/signals/config/ |
80 KB 16 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pixel
ads.yahoo.com/ Redirect Chain
|
0 1 KB |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sync
x.bidswitch.net/ul_cb/ Redirect Chain
|
43 B 575 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pxj
ib.adnxs.com/ Redirect Chain
|
0 591 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
474649.gif
rrc.rlcdn.com/ Redirect Chain
|
43 B 585 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
sd
us-u.openx.net/w/1.0/ Redirect Chain
|
43 B 255 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
in
d.adroll.com/cm/g/ Redirect Chain
|
42 B 510 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
/
www.facebook.com/tr/ |
44 B 249 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
98 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| JumpURL function| is_numeric object| ti function| $ function| jQuery object| jQuery111106468124415530063 object| html5 object| Modernizr function| startList object| Trilogy object| smoothScroll function| Waypoint object| waypoints object| dataLayer function| fbq function| _fbq string| adroll_adv_id string| adroll_pix_id boolean| CEROS_SCROLL_PROXY_LOADED function| sendViewportPositionEvent object| addthis_config function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto object| __gcse object| google_tag_manager object| $this object| form_opts number| a object| addthis_share string| GoogleAnalyticsObject function| ga number| googleLT_ object| google object| Y function| google_exportSymbol function| google_exportProperty object| gaplugins object| gaGlobal object| gaData function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO string| UDS_ServiceBase string| UDS_ApiKey boolean| UDS_KeyVerified boolean| UDS_LoadFailure string| UDS_CurrentLocale string| UDS_ShortDatePattern string| UDS_Version string| UDS_JSHash function| GwebSearch function| GcustomwebSearch function| GbookSearch function| GblogSearch function| GvideoSearch function| GnewsSearch function| GlocalSearch function| GimageSearch function| GcustomimageSearch function| GpatentSearch function| GSearch function| GSearchControl function| GSearchForm function| GsearcherOptions function| GdrawOptions number| ___gcse_nc_ object| oattr object| _atw boolean| __adroll_loaded string| adroll_sid object| __adroll boolean| adroll_optout object| adroll_ext_network object| adroll_callbacks undefined| adroll_tpc_callback boolean| __adroll_consent object| adroll_currency object| adroll_conversion_value object| adroll_conversion_value_in_dollars string| addthis_exclude boolean| addthis_use_personalization string| addthis_options_default string| addthis_options_rank string| addthis_options object| __callbacks0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ads.yahoo.com
ceros.salesloftlinks.com
cm.g.doubleclick.net
connect.facebook.net
creative-services.ceros.com
cse.google.com
d.adroll.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
idsync.rlcdn.com
m.addthisedge.com
rrc.rlcdn.com
s.adroll.com
s3.amazonaws.com
s7.addthis.com
stats.g.doubleclick.net
us-u.openx.net
view.ceros.com
www.afscme.org
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googleapis.com
www.googletagmanager.com
x.bidswitch.net
104.111.228.202
139.61.74.125
151.101.12.233
151.101.14.51
173.241.240.143
18.153.11.1
185.33.223.200
2.18.233.40
216.58.214.34
2600:9000:2006:7c00:1:e0:5fc0:93a1
2a00:1288:110:833::4000
2a00:1450:4001:814::2003
2a00:1450:4001:81d::2003
2a00:1450:4001:81d::2004
2a00:1450:4001:81d::2008
2a00:1450:4001:81d::200a
2a00:1450:4001:81d::200e
2a00:1450:4001:825::2002
2a00:1450:4001:825::200a
2a00:1450:400c:c00::9a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8186:face:b00c:0:50fb
46.51.170.95
52.216.104.101
52.73.117.100
52.73.91.247
54.217.222.55
0755e6156e4b9d2b5799410d3202aa8d3a03e1db0f6a55fd65c9ba585ce4d05d
0ae822b18c929c3cf57ce3fcc6132fa43c469d9c28216355b617dffd60b76ff9
0b24bee7f9abca26d356171aaf3764bc70cc2fd84d769224fdaccfe1161d7711
0b6f56d06a7ccdd66b29abec6ae10451893ee7f25cdff86e3e5dfc771c75016a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
111743321f095230f3cb4ec0035fc50002a79fc5a723de521a61fc549b7491fd
205ba4d2d6e17088c4669afe06dca230b733e3da3644a2411ed6f0b0e2cc55ad
210ce3869572640906f4b3216d111907c74e554706ec7f3c71eb13049da1c5b7
24e52f3d9583171bcaa45172261052d86ab0b98bac201aee1c123bf8d1313b69
25859bea12525f79fec67d2942e0766f71a531d503209217ef59e8c2fddb70f8
30e2270bd3636d79c73207ed7d4d67729228eee31fc55d42797e7b1228888392
3184cf0ad08a1d1717d57dec220001ab34e08bd3c337de3b5b59ed226edd05f5
3ed6a32017b29ab490e947a9326bf0f598671a833eddef18a2ae65df7b8d593f
3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3
4bcd727bd8bd3cf7790b66f487da9c3d5e7d8487c96060d050ab60e10afd9f63
4c443da63572b9e472c7e47e4ceba5a30628d2423cb96515e1e13f1ae08877d3
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fb17d743d9ea57314804877f4476d99662b68730562ee4da7f0efb1150685b6
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
59f01477998cd39a7a5375d76cc5b82535836063afd7d2e49aaa50ef480a78bf
5b62fe33af2d31667675a03d51c4de38aa31274544efd68f32f715d616e47c31
5e57191a948b452988e5e3574960b0c9364e4c256f78859219655c2b3e0a869d
6044922957266eb05bb331852583912d46bd6c299baac1cffa633f1dd557c589
62c02e22972b39dbc77c3c109a8d76b68f18b313ac0b62e3042d2d1de34168bc
69a68ca3adff6be1e5c55cc8545590949582e16aa3a2faa3f46335a49bb97769
6f10e38b9396d85a6a89d09eb1ee168d2d208ec786d267f3821d163acc7e5c4e
74d20a83bcf3d4221b5c6eff168f23c96c5ac91a66a7606665649e876ae534ed
7ae61daa41036a1dec5f62ee72f895d88095835dded2f973ea8eeccae9bea818
8edb70727e34459cbb330755b021158fd0d40b9882857ca60c7d573b362676ff
917058ed8172c079837203e369217949a6fbb224966bee9e9dba19b1df2072b0
921f39aeb3bdec8cffe8996380a218f8432988f7e9b7506529972b4d2719163a
9b0c2f16e3d07baaeea47f951deb1f8bd7ecdf87f00a3e11e26c0ba090ba8702
9f55b181378c94e197cc7465d07ce2fcfc75b8430a3c2d97c9604c43b31518af
a1d5b1e9bc69dc156c1ff7feb2080b1a55aec74716ba607c2d6850a579de3f8a
a319525d284a6601f494a8c32f74f8fdc2ec75cb1d5fda04b774dac68d15dc5a
a32cf4cbacae0c02bd7047d9cd93b4a95ae9bfde846b27699bd643c0909eed34
aac9552f07e57bcbfa55fd1ecf3a698bfaf85fcba44fd1abeaf75e2ec9bc0caf
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b01f7895ddcc21fc54cb898aa8e6590c3f4f90dc4574fc5ba3d80b2c9e2f520d
b6143b6b4d86918d18cd84b60ae0f37f74522fc145896a4f9645746070cb28d4
b8d94821a2f4e0548a2c92badc8794b87e783d5da4407b71bc1c117a6ae59c2c
c389d2c60cd588381a115d2bad194492123fbd5b73f86a85149ec4e5de8503f6
c6a13a885710ba5f2094f58b67d9f0af0f8d7c13933694975c23913591a23dca
c90f9ec5d1615a46d49bd25b51194c811d2328caea47a5bd82548497663e5c93
ca2cc267409f374d79e833aeee65c1b46313b005f5ecc5777637522f93f2aad2
cb53c79c9b3b10fe05ba7b303e23127d4f37ae34e1a102f0274ab64b69a78999
cef0a5dfd33c607dab2a706be11c5e8bb03c597ed9a2e404b64d44cef67164e7
d525f9f0b1b422bcfa949220c9a25c34d3b971db5e5b5a2f4efea62dc4b2c27b
db5802c7e00ff038c3ff601b55689585f510dc1938108c5bdc07a9f7ad4fc0fe
e2e92e7a5b21d47735b9bd283923ed6374301e933856c67bd6ee816e5141d39a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e65af88188312e3e46726eeb0632fc3e6817eb1db82d80d045c0fa53f2432364
e697f1539179dcfa110719e4da609893f2163d4b4de6a455e051e3c500b8d860
e8119286fae5f9b0cad99813d260c364831316a0f69c02f8fa5763123e356844
e9672ed763e1eee19ad9c2332da50e588c51565ecf84ca248530f4871a83ad90
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3ca766f15c08a52b36c3d080fa934f2c5b3c758e8c8a6e099d464e8375e4a8b
f4afc751fc24c5ed55781e610f3d7469af1cc9ae90bd6b7093076c6f4317a395
f7c386915e39d8a925fe10d15744a9da95ac8f90423e12728e7fc3c5e34f4559