www.penfed-10kgiveaway.com
Open in
urlscan Pro
44.224.102.5
Public Scan
Submitted URL: http://www.penfed-10kgiveaway.com/
Effective URL: https://www.penfed-10kgiveaway.com/
Submission: On April 14 via manual from US
Effective URL: https://www.penfed-10kgiveaway.com/
Submission: On April 14 via manual from US
Summary
This website contacted 32 IPs
in 5 countries
across 25 domains to perform 93 HTTP transactions.
The main IP is 44.224.102.5, located in
Boardman, United States and
belongs to AMAZON-02, US.
The main domain is www.penfed-10kgiveaway.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on April 6th 2021. Valid for: a year.
This is the only time www.penfed-10kgiveaway.com was scanned on urlscan.io!
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on April 6th 2021. Valid for: a year.
This is the only time www.penfed-10kgiveaway.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
2
44.224.102.5
(Boardman, United States)
ASN16509 (AMAZON-02, US)
PTR: ec2-44-224-102-5.us-west-2.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-44-224-102-5.us-west-2.compute.amazonaws.com
| www.penfed-10kgiveaway.com |
21
13.225.84.193
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-193.fra2.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-193.fra2.r.cloudfront.net
| dcveehzef7grj.cloudfront.net |
14
143.204.101.214
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-214.fra50.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-214.fra50.r.cloudfront.net
| d368sjpgy6ngi6.cloudfront.net |
4
2a00:1450:4001:82a::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
4
2a00:1450:4001:82b::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.google-analytics.com |
6
3.250.252.43
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-3-250-252-43.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-3-250-252-43.eu-west-1.compute.amazonaws.com
| dpm.demdex.net | |
| pentagonfcu.demdex.net |
1
104.109.94.223
(Frankfurt am Main, Germany)
ASN16625 (AKAMAI-AS, US)
PTR: a104-109-94-223.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a104-109-94-223.deploy.static.akamaitechnologies.com
| www.everestjs.net |
1
142.250.185.194
(United States)
ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
| www.googleadservices.com |
1
99.84.156.113
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-99-84-156-113.txl52.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-99-84-156-113.txl52.r.cloudfront.net
| cdn.decibelinsight.net |
2
15.237.136.106
(Paris, France)
ASN16509 (AMAZON-02, US)
PTR: ec2-15-237-136-106.eu-west-3.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-15-237-136-106.eu-west-3.compute.amazonaws.com
| smetrics.penfed.org |
1
34.250.153.194
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-153-194.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-153-194.eu-west-1.compute.amazonaws.com
| cm.everesttech.net |
2
52.19.133.54
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-133-54.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-133-54.eu-west-1.compute.amazonaws.com
| sjourney.penfed.org |
1
2a00:1450:4001:810::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| googleads.g.doubleclick.net |
2
35.244.174.68
(Kansas City, United States)
ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
| idsync.rlcdn.com |
1
2620:116:800d:21:5a23:9c4e:e774:96c1
(United States)
ASN16509 (AMAZON-02, US)
ASN16509 (AMAZON-02, US)
| pixel.quantserve.com |
1
35.241.45.82
(Kansas City, United States)
ASN15169 (GOOGLE, US)
PTR: 82.45.241.35.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 82.45.241.35.bc.googleusercontent.com
| udc-neb.kampyle.com |
| Domain | Requested by | |
|---|---|---|
| 21 | dcveehzef7grj.cloudfront.net |
www.penfed-10kgiveaway.com
d368sjpgy6ngi6.cloudfront.net |
| 14 | d368sjpgy6ngi6.cloudfront.net |
www.penfed-10kgiveaway.com
d368sjpgy6ngi6.cloudfront.net |
| 5 | dpm.demdex.net |
assets.adobedtm.com
www.penfed-10kgiveaway.com |
| 4 | www.google-analytics.com |
assets.adobedtm.com
www.google-analytics.com |
| 4 | connect.facebook.net |
www.penfed-10kgiveaway.com
connect.facebook.net |
| 4 | www.googletagmanager.com |
www.penfed-10kgiveaway.com
assets.adobedtm.com www.googletagmanager.com |
| 4 | assets.adobedtm.com |
www.penfed-10kgiveaway.com
assets.adobedtm.com |
| 3 | www.facebook.com |
www.penfed-10kgiveaway.com
connect.facebook.net |
| 3 | stats.g.doubleclick.net |
www.google-analytics.com
|
| 3 | fonts.gstatic.com |
fonts.googleapis.com
|
| 3 | www.google.com |
www.penfed-10kgiveaway.com
|
| 2 | idsync.rlcdn.com | 2 redirects |
| 2 | www.google.de |
www.penfed-10kgiveaway.com
|
| 2 | gum.criteo.com |
1 redirects
static.criteo.net
|
| 2 | sjourney.penfed.org |
assets.adobedtm.com
|
| 2 | smetrics.penfed.org |
assets.adobedtm.com
|
| 2 | resources.digital-cloud.medallia.com |
assets.adobedtm.com
resources.digital-cloud.medallia.com |
| 2 | bat.bing.com |
www.penfed-10kgiveaway.com
|
| 2 | www.penfed-10kgiveaway.com | 1 redirects |
| 1 | udc-neb.kampyle.com | |
| 1 | nebula-cdn.kampyle.com |
resources.digital-cloud.medallia.com
|
| 1 | collection.decibelinsight.net |
cdn.decibelinsight.net
|
| 1 | pixel.quantserve.com | 1 redirects |
| 1 | googleads.g.doubleclick.net |
www.googleadservices.com
|
| 1 | lasteventf-tm.everesttech.net |
www.everestjs.net
|
| 1 | cm.everesttech.net | 1 redirects |
| 1 | pentagonfcu.demdex.net |
assets.adobedtm.com
|
| 1 | widget.us.criteo.com |
www.penfed-10kgiveaway.com
|
| 1 | sslwidget.criteo.com | 1 redirects |
| 1 | cdn.decibelinsight.net |
assets.adobedtm.com
|
| 1 | www.googleadservices.com |
www.googletagmanager.com
|
| 1 | www.gstatic.com |
www.google.com
|
| 1 | www.everestjs.net |
www.penfed-10kgiveaway.com
|
| 1 | fonts.googleapis.com |
d368sjpgy6ngi6.cloudfront.net
|
| 1 | static.criteo.net |
www.penfed-10kgiveaway.com
|
| 93 | 35 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| twitter.com |
| www.ussweeps.com |
| ussweeps.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| penfed-10kgiveaway.com Go Daddy Secure Certificate Authority - G2 |
2021-04-06 - 2022-04-06 |
a year | crt.sh |
| *.cloudfront.net DigiCert Global CA G2 |
2021-02-22 - 2022-02-21 |
a year | crt.sh |
| www.google.com GTS CA 1O1 |
2021-03-16 - 2021-06-08 |
3 months | crt.sh |
| assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-01-08 - 2021-09-30 |
9 months | crt.sh |
| *.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2021-04-14 - 2021-07-12 |
3 months | crt.sh |
| *.google-analytics.com GTS CA 1O1 |
2021-03-16 - 2021-06-08 |
3 months | crt.sh |
| *.facebook.com DigiCert SHA2 High Assurance Server CA |
2021-02-10 - 2021-05-10 |
3 months | crt.sh |
| upload.video.google.com GTS CA 1O1 |
2021-03-16 - 2021-06-08 |
3 months | crt.sh |
| *.demdex.net DigiCert TLS RSA SHA256 2020 CA1 |
2020-12-02 - 2022-01-02 |
a year | crt.sh |
| www.bing.com Microsoft RSA TLS CA 02 |
2021-01-19 - 2021-07-19 |
6 months | crt.sh |
| www.everestjs.net DigiCert SHA2 Secure Server CA |
2020-09-25 - 2021-09-30 |
a year | crt.sh |
| *.gstatic.com GTS CA 1O1 |
2021-03-23 - 2021-06-15 |
3 months | crt.sh |
| www.googleadservices.com GTS CA 1O1 |
2021-03-16 - 2021-06-08 |
3 months | crt.sh |
| resources.digital-cloud.medallia.com R3 |
2021-03-14 - 2021-06-12 |
3 months | crt.sh |
| *.decibelinsight.net Amazon |
2021-03-15 - 2022-04-13 |
a year | crt.sh |
| *.us.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2021-03-26 - 2021-06-23 |
3 months | crt.sh |
| *.g.doubleclick.net GTS CA 1C3 |
2021-03-23 - 2021-06-15 |
3 months | crt.sh |
| smetrics.penfed.org DigiCert TLS RSA SHA256 2020 CA1 |
2021-03-09 - 2022-04-09 |
a year | crt.sh |
| sjourney.penfed.org DigiCert SHA2 High Assurance Server CA |
2020-08-28 - 2021-09-29 |
a year | crt.sh |
| *.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2021-04-14 - 2021-07-12 |
3 months | crt.sh |
| *.google.com GTS CA 1O1 |
2021-03-16 - 2021-06-08 |
3 months | crt.sh |
| www.google.de GTS CA 1O1 |
2021-03-16 - 2021-06-08 |
3 months | crt.sh |
| *.everesttech.net GlobalSign Atlas R3 DV TLS CA 2020 |
2021-03-22 - 2022-04-23 |
a year | crt.sh |
| *.google.de GTS CA 1O1 |
2021-03-16 - 2021-06-08 |
3 months | crt.sh |
| *.kampyle.com GlobalSign Atlas R3 DV TLS CA 2020 |
2021-03-22 - 2022-04-23 |
a year | crt.sh |
This page contains 10 frames:
Primary Page:
https://www.penfed-10kgiveaway.com/
Frame ID: 63C799AC240C8AC582EB005F46E47050
Requests: 81 HTTP requests in this frame
Frame:
https://d368sjpgy6ngi6.cloudfront.net/customhtml.sweeps/27/images/twitter-white.svg?v=2
Frame ID: 87AB568E7470BE6463C72528DBDCF927
Requests: 1 HTTP requests in this frame
Frame:
https://d368sjpgy6ngi6.cloudfront.net/customhtml.sweeps/27/images/instagram-white.svg?v=2
Frame ID: 395CF55168D29CAF522FBCE407DF4389
Requests: 1 HTTP requests in this frame
Frame:
https://d368sjpgy6ngi6.cloudfront.net/customhtml.sweeps/27/images/facebook-white.svg?v=2
Frame ID: 43BA83B8824805A17A9ECF439B9DD941
Requests: 1 HTTP requests in this frame
Frame:
https://d368sjpgy6ngi6.cloudfront.net/customhtml.sweeps/27/images/linkedin-white.svg?v=2
Frame ID: 2E17601C99938E09796F867FC99B4C41
Requests: 1 HTTP requests in this frame
Frame:
https://d368sjpgy6ngi6.cloudfront.net/customhtml.sweeps/27/images/card-2.svg?v=2
Frame ID: 59F4DCCA97442C28E6F118250A4B6F04
Requests: 1 HTTP requests in this frame
Frame:
https://d368sjpgy6ngi6.cloudfront.net/customhtml.sweeps/27/images/card-3.svg?v=2
Frame ID: E5B6203F4ED27C61A21406A162D0F3E8
Requests: 1 HTTP requests in this frame
Frame:
https://d368sjpgy6ngi6.cloudfront.net/customhtml.sweeps/27/images/card-1.svg?v=2
Frame ID: 5968626275B8F794C85CA5EA77111BD2
Requests: 1 HTTP requests in this frame
Frame:
https://pentagonfcu.demdex.net/dest5.html?d_nsid=0
Frame ID: 281E083336EA515FE6258A9E4BF0A4FC
Requests: 4 HTTP requests in this frame
Frame:
https://gum.criteo.com/syncframe?topUrl=www.penfed-10kgiveaway.com
Frame ID: 393B28CEBA41D5FAA01B7B598E1C552F
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://www.penfed-10kgiveaway.com/
HTTP 302
https://www.penfed-10kgiveaway.com/ Page URL
Detected technologies
Varnish
(Cache Tools)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i
Apache
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Facebook
(Widgets)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /jquery[.-]([\d.]*\d)[^/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
- script /jquery-ui[.-]([\d.]*\d)[^/]*\.js/i
- script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
- script /jquery-ui.*\.js/i
jQuery UI
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /jquery-ui[.-]([\d.]*\d)[^/]*\.js/i
- script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
- script /jquery-ui.*\.js/i
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
URL: https://twitter.com/intent/tweet?text=Enter%20the%20PenFed%20$10k%20Giveaway%20for%20a%20chance%20to%20win%20$10,000!%20NO%20PURCH%20NEC.%20Must%20be%20legal%20resident%20of%2050%20US,%20DC,%20or%20PR,%20or%20permanent%20legal%20resident%20of%2050%20US,%20DC,%20or%20PR%20residing%20on%20an%20overseas%20US%20military%20installation,%20age%2018+%20to%20enter.%20Ends%205/31/21.%20%20https://bit.ly/3a58dOu&url=
Title: tweet
Title: tweet
Search URL Search Domain Scan URL
URL: https://www.ussweeps.com/?footer=true&utm_source=SS&utm_medium=MicroMobile&utm_campaign=App
Title: Create your own
Title: Create your own
Search URL Search Domain Scan URL
URL: https://ussweeps.com/?utm_source=SS&utm_medium=MicroMobile&utm_campaign=App
Title: Sweepstakes powered by us sweeps
Title: Sweepstakes powered by us sweeps
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.penfed-10kgiveaway.com/
HTTP 302
https://www.penfed-10kgiveaway.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 53- https://sslwidget.criteo.com/event?a=76170&v=5.6.2&p0=e%3Dexd%26site_type%3Dd%26ui_campaign%3Dgiveaway&p1=e%3Dvp%26p%3D1&p2=e%3Ddis&adce=1&tld=penfed-10kgiveaway.com&dtycbr=44675 HTTP 302
- https://widget.us.criteo.com/event?a=76170&v=5.6.2&p0=e%3Dexd%26site_type%3Dd%26ui_campaign%3Dgiveaway&p1=e%3Dvp%26p%3D1&p2=e%3Ddis&adce=1&tld=penfed-10kgiveaway.com&dtycbr=44675
- https://cm.everesttech.net/cm/dd?d_uuid=89936200926120039300943647425959507819 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=YHdcaAAAAMV2wSXM
- https://idsync.rlcdn.com/365868.gif?partner_uid=89936200926120039300943647425959507819 HTTP 307
- https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomODk5MzYyMDA5MjYxMjAwMzkzMDA5NDM2NDc0MjU5NTk1MDc4MTkQABoNCOi43YMGEgUI6AcQAEIASgA HTTP 307
- https://dpm.demdex.net/ibs:dpid=477&dpuuid=865925dca26cd99b987b8ec02284659c5d3c3fda31811646ec8b0a14b08bd03cb0da87c991749652
- https://pixel.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
- https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=wOGtQMOyrE_b6KJGxeW3QpDg-BTbtf5Hl-BN_o-8
- https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
- https://dpm.demdex.net/ibs:dpid=28645&dpuuid=VLv1kglTj-LqYAJXojyD-rSNguC2yms2&gdpr=0&gdpr_consent=
93 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
www.penfed-10kgiveaway.com/ Redirect Chain
|
86 KB 21 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-1.8.3.js
dcveehzef7grj.cloudfront.net/jquery-ui-1.9.2.custom/js/ |
261 KB 78 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-ui-1.11.3.js
dcveehzef7grj.cloudfront.net/jquery-ui-1.9.2.custom/js/ |
459 KB 112 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.customSelect.js
dcveehzef7grj.cloudfront.net/isotope/ |
7 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.cookie.js
dcveehzef7grj.cloudfront.net/js/ |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jstorage.js
dcveehzef7grj.cloudfront.net/js/jquery/plugins/ |
31 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
vtgsmb_fb_helper.js
dcveehzef7grj.cloudfront.net/js/facebook/ |
238 KB 37 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-ui-1.12.1.custom.css
dcveehzef7grj.cloudfront.net/css/datepicker/ |
35 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-ui-timepicker-addon.js
dcveehzef7grj.cloudfront.net/js/jquery/ |
36 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sweep.css.27.eng.css
d368sjpgy6ngi6.cloudfront.net/ |
117 KB 117 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
smbcommon-responsive-noedit.css
dcveehzef7grj.cloudfront.net/css/smb/ |
10 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
api.js
www.google.com/recaptcha/ |
850 B 698 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sweepform_validate.js
d368sjpgy6ngi6.cloudfront.net/customhtml.sweeps/27/js/ |
42 KB 42 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
launch-967ad5c0fc35.min.js
assets.adobedtm.com/cb40eb442b5e/c6f0b6813764/ |
520 KB 121 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ld.js
static.criteo.net/js/ld/ |
36 KB 12 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
loadingAnimation.gif
dcveehzef7grj.cloudfront.net/img/ |
6 KB 6 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
penfed-logo.png
d368sjpgy6ngi6.cloudfront.net/customhtml.sweeps/27/images/ |
7 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
demo.js
dcveehzef7grj.cloudfront.net/js/formBuilder/ |
17 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
formBuilder.js
dcveehzef7grj.cloudfront.net/js/formBuilder/ |
115 KB 27 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
form-builder.min.css
dcveehzef7grj.cloudfront.net/css/formbuilder/ |
110 KB 42 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
demo.css
dcveehzef7grj.cloudfront.net/css/formbuilder/ |
12 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
form-render.min.css
dcveehzef7grj.cloudfront.net/css/formbuilder/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
formRender.js
dcveehzef7grj.cloudfront.net/js/formBuilder/ |
26 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
spacer.gif
d368sjpgy6ngi6.cloudfront.net/customhtml.sweeps/27/images/ |
43 B 430 B |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dt-10kImg.png
d368sjpgy6ngi6.cloudfront.net/customhtml.sweeps/27/images/ |
348 KB 349 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
penfed-ftr-logo.jpg
d368sjpgy6ngi6.cloudfront.net/customhtml.sweeps/27/images/ |
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
iframeResizer.contentWindow.min.js
dcveehzef7grj.cloudfront.net/davidjbradshaw-iframe-resizer-7eb43c4/js/ |
9 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
97 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sdk.js
connect.facebook.net/en_US/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
loading_spinner.gif
dcveehzef7grj.cloudfront.net/img/ |
45 KB 46 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css2
fonts.googleapis.com/ |
7 KB 753 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
48 KB 19 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
id
dpm.demdex.net/ |
933 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ |
33 KB 12 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
AppMeasurement_Module_AudienceManagement.min.js
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ |
25 KB 9 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
88 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bat.js
bat.bing.com/ |
29 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
last-event-tag-latest.min.js
www.everestjs.net/static/le/ |
6 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
92 KB 24 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/mrdLhN7MywkJAAbzddTIjTaM/ |
334 KB 130 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
36 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gotham-bold.woff
dcveehzef7grj.cloudfront.net/webfonts/gotham-bold/ |
21 KB 21 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ |
19 KB 19 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v15/ |
19 KB 19 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
js
www.googletagmanager.com/gtag/ |
97 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
js
www.googletagmanager.com/gtag/ |
97 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
embed.js
resources.digital-cloud.medallia.com/wdcus/56048/onsite/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
di.js
cdn.decibelinsight.net/i/13557/67144/ |
172 KB 67 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3-Q050 |
collect
www.google-analytics.com/j/ |
4 B 76 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
squiggle-bg.jpg
d368sjpgy6ngi6.cloudfront.net/customhtml.sweeps/27/images/ |
10 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gotham-medium.woff
dcveehzef7grj.cloudfront.net/webfonts/gotham-medium/ |
21 KB 22 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ |
19 KB 19 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gotham-book.woff
dcveehzef7grj.cloudfront.net/webfonts/gotham-book/ |
32 KB 32 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
event
widget.us.criteo.com/ Redirect Chain
|
1 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
0
bat.bing.com/action/ |
0 93 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 96 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
twitter-white.svg
d368sjpgy6ngi6.cloudfront.net/customhtml.sweeps/27/images/ Frame 87AB |
2 KB 3 KB |
Document
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
instagram-white.svg
d368sjpgy6ngi6.cloudfront.net/customhtml.sweeps/27/images/ Frame 395C |
4 KB 4 KB |
Document
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
facebook-white.svg
d368sjpgy6ngi6.cloudfront.net/customhtml.sweeps/27/images/ Frame 43BA |
1 KB 2 KB |
Document
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
linkedin-white.svg
d368sjpgy6ngi6.cloudfront.net/customhtml.sweeps/27/images/ Frame 2E17 |
2 KB 3 KB |
Document
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
card-2.svg
d368sjpgy6ngi6.cloudfront.net/customhtml.sweeps/27/images/ Frame 59F4 |
3 KB 3 KB |
Document
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
card-3.svg
d368sjpgy6ngi6.cloudfront.net/customhtml.sweeps/27/images/ Frame E5B6 |
8 KB 8 KB |
Document
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
card-1.svg
d368sjpgy6ngi6.cloudfront.net/customhtml.sweeps/27/images/ Frame 5968 |
8 KB 8 KB |
Document
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
 Cookie set
dest5.html
pentagonfcu.demdex.net/ Frame 281E |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
id
smetrics.penfed.org/ |
48 B 516 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ibs:dpid=411&dpuuid=YHdcaAAAAMV2wSXM
dpm.demdex.net/ Redirect Chain
|
42 B 915 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
delivery
sjourney.penfed.org/rest/v1/ |
279 B 512 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
delivery
sjourney.penfed.org/rest/v1/ |
342 B 554 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3-Q050 |
collect
www.google-analytics.com/j/ |
2 B 27 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
syncframe
gum.criteo.com/ Frame 393B |
0 150 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
ga-audiences
www.google.com/ads/ |
42 B 88 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
lasteventf-tm.everesttech.net/ |
0 215 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sdk.js
connect.facebook.net/en_US/ |
216 KB 65 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3-Q050 |
collect
stats.g.doubleclick.net/j/ |
1 B 429 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1066691088/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3-Q050 |
collect
www.google-analytics.com/j/ |
2 B 25 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
2794721130558882
connect.facebook.net/signals/config/ |
254 KB 73 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3-Q050 |
collect
stats.g.doubleclick.net/j/ |
1 B 25 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
/
www.google.com/pagead/1p-user-list/1066691088/ |
42 B 66 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
/
www.google.de/pagead/1p-user-list/1066691088/ |
42 B 89 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ibs:dpid=477&dpuuid=865925dca26cd99b987b8ec02284659c5d3c3fda31811646ec8b0a14b08bd03cb0da87c991749652
dpm.demdex.net/ Frame 281E Redirect Chain
|
42 B 915 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.facebook.com/tr/ |
44 B 409 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
status
www.facebook.com/x/oauth/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
s57018938565112
smetrics.penfed.org/b/ss/penfedprod/10/JS-2.22.0-LBRU/ |
730 B 981 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ibs:dpid=1175&gdpr=0&dpuuid=wOGtQMOyrE_b6KJGxeW3QpDg-BTbtf5Hl-BN_o-8
dpm.demdex.net/ Frame 281E Redirect Chain
|
42 B 915 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ibs:dpid=28645&dpuuid=VLv1kglTj-LqYAJXojyD-rSNguC2yms2&gdpr=0&gdpr_consent=
dpm.demdex.net/ Frame 281E Redirect Chain
|
42 B 915 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
generic1618348645482.js
resources.digital-cloud.medallia.com/wdcus/56048/onsite/ |
310 KB 71 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
c.json
collection.decibelinsight.net/i/13557/67144/ |
7 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.facebook.com/tr/ |
44 B 147 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cool-2.1.15.min.js
nebula-cdn.kampyle.com/resources/onsite/js/ |
14 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
__cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ |
0 318 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
448 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| loadjscssfile boolean| checkTPCook object| setCookieReturnUrl function| $ function| jQuery string| __samesite_cook string| __secure_cook string| _pageId string| _profiletabURL string| _isFBFlowReq number| albumcount number| totalalbumcount number| totalvideocount number| videocount boolean| videofirstfetch number| prevtempval number| prevvideotempval boolean| firstfetch object| prevLinksArray number| prevLinksIndex number| curntLinkIndex object| prevVideoLinksArray number| prevVideoLinksIndex number| curntVideoLinkIndex boolean| dontincrement number| _contestId boolean| _publishFlow number| curntPhotoLinkIndex object| prevPhotoLinksArray string| _likeColorBoxWidth string| _perms boolean| _showPopup boolean| _showPopupAlways boolean| _isMobileView number| _entryId number| _nextEntryId string| _appUrl boolean| _hasHash boolean| _photoSweepsFlow string| _mediaSweepsFormUrl boolean| _fromProfileTab string| _voteType string| _voteUserId string| youselectedCopy string| selectaphotoCopy string| backtoalbumCopy string| backtophotoCopy string| previousCopy string| nextCopy string| selectanalbumCopy string| sorrynomorealbumsCopy string| sorrynomorephotosCopy string| sorrynoalbumCopy boolean| _isLikeVoteFlow boolean| _isLikeRateFlow boolean| _isLikeCommentFlow number| _likeFbPageId string| _promoType string| _promoId string| didFBConnectName boolean| _hasCouponForm number| _skipAskLogin number| _collectEmailAddress string| partnerString number| sessionCheckCount number| _votigoCampaignUserId string| likePerms object| _fbLoginResponse boolean| showingFBLikeGate string| _positionToScrollTo boolean| showFBLoginButton string| vLoginCopy string| _httpHost boolean| _isComboGallary boolean| _isSkipSignup boolean| isFBv2 string| graphAPIVersion string| graphAPIVersionString boolean| _loginforVote boolean| _isownerview string| _appType string| _restrictError boolean| _showFormDefault boolean| _hoverVoteMsging string| fbPhotosFieldsString string| fbVideosFieldsString string| fbFieldsString string| fbAlbumsFieldsString string| showVoteOptin boolean| showStateWhileVote string| _isEmbedFlow string| _fingerprintjsdecry string| _fingerprintjsenc string| _ssoFlow number| _has_data_encryption number| _version string| _postURL string| _formData number| _platformVersion string| _customVoteApiUrl string| _vtgVotLmtMsg boolean| _askCookiePerms boolean| _hasStorageAccess number| _jstrTTL string| _vTpLangKey boolean| is_chrome boolean| is_explorer boolean| is_firefox boolean| is_safari boolean| is_opera boolean| is_IOS function| v_IsAuthorisedFBUser function| v_ShowLikeFlow function| v_IsUserFan function| v_likeCreditFormFlowIsFan function| v_IsUserAuthenticated function| v_IsUserFanMobile function| v_CheckIfUserHasAuthorizedApp function| v_AfterFBConnect function| getFBUserDetails function| v_allowPromptPageFlow function| v_CheckIfUserIsFanOfFBPage function| logoutUserFromFacebook function| v_CheckIfUserIsFanOfFBPageCallback function| v_ShowFbLoginPopUp function| v_ShowFbLikeInOverlay function| v_ProvisionFBUserToVotigoDB function| v_ProvisionFBUserToVotigoDBCallback function| v_Trim function| setvariables function| v_SetAlbumLimit function| v_PictAlbumLimit function| launchInviteFriends function| launchInviteFriendsForSweeps function| v_ShowInviteFriendsOverlay function| v_launchShareThis function| v_launchShareThisNew function| v_SendCommentRequest function| v_SendVoteRequest function| getVotLmtKeyName function| setLocalVoteLimit function| checkLocalVoteLimit function| v_SendVoteRequestToVotigoDB function| v_SendVoteRequestToVotigoDBResponse function| v_SendVoteRequestToVotigoDBCallback function| v_TrackVoteRequestEventOnGoogle function| v_ReportAbuse function| v_SendReportAbuseToVotigoDB function| checkForYonderboundSessionFromClient function| v_SendSubmitLoginRequest function| showFBLoginImage function| v_SendSubmitLoginRequestFlow function| v_SendVoteLoginRequest function| v_SendRateLoginRequest function| v_SubscribeToFBEvents function| v_fbEdgeCreate function| v_fbEdgeRemove function| clearFileUpload function| v_CheckExtendedPermissions function| v_GetUserVideos function| v_GetVideosAjax function| v_GetUserVideosCallback function| v_GetUserAlbums function| v_GetAlbAjax function| v_GetUserAlbumsCallback function| v_GetAlbumPhotos function| v_GetAlbumPhotosCallback function| v_SetPhotoLogic function| setvideovariables function| resetphotovariables function| resetvidevariables function| v_SendNewRateRequest function| v_SendRateRequest function| v_SendRateRequestToVotigoDB function| v_SendRateRequestToVotigoDBCallback function| v_setSweepFormParams function| v_getFBMusicInfo function| v_doAdditionalInterestCollection function| v_checkforLikesPermissions function| v_askLogin function| v_prefillForm function| v_log function| postMCAuthData function| handleGigyaEmailLogin function| vtg_fbhelper_getURLParameter function| vtg_fbhelper_getParameterFromURL function| vtg_fbhelper_removeURLParameter function| checkPHPSesId function| hasValidTPCook function| setFBConnectName function| vtg_isValidEle function| v_getFBPageURL function| vtg_getStartedOverlay function| vtg_checkJStorageAccess function| vtg_hasStorageAccess function| vtg_requestStorageAccess function| v_setLogoutLink function| vtg_askStoragePerms function| getHostingURL function| v_AppendTPCookies function| v_setLocalTPSession function| v_getLocalTPParam function| v_redirectForLangOnLoad function| v_setLocalTPParamsOnLoad function| env_vars function| log_js_err number| _gaLdAtmpt function| getLatestGAVersion function| getAllGAIds function| gaSetCustomVars function| gaTrackSocialEvents function| gaTrackPage function| gaTrackEventOnLoad function| gaTrackEvents number| _albumLimit number| _pictLimit number| _videoLimit object| _accessToken boolean| hasAdditionalEntryForShare object| v_submitURL object| v_item_id object| _fbMusicInfo number| _fbLikesIterations string| _htmlCharError function| validateXSSPayload string| _instagramHasAuth string| _redirectingURL string| _sweepsType string| _hideRules string| _hideNewsLetterByDefault string| _newsLetterOptionLabel string| _rulesLabel string| _genderValues string| _countriesList string| _customData string| _rulesField string| _dobData string| _receiptAppData object| translatedLabels string| _minimumAge object| fieldArr object| stdFieldArr string| _showSecondaryNewsletterOptin string| _updatedNewsLetterHTML string| _updatedNewsLetterOptionsHTML string| _revealTriviaAnswers string| _defaultMediacorpSettings boolean| _hideNewsLetterFromForm string| _currentAction string| _previewType string| _captchaCode string| _maxQuestionField string| _SweepuserentryStateType string| _SweepuserentryStateList string| _appId string| _appName string| pleasewaittxt number| _photoSweepHashTagEnabled string| helpPreviewTxt number| isFbAuthCompleted boolean| _hasLiked function| trackTopShareViaAjax boolean| _enforceFbAuth boolean| _collectMusicInfo string| _isPreview boolean| _pinSweep string| uuid string| firstname string| secondname string| gender string| email string| edu_email string| valid_email string| confirm_email string| pinusername string| validpinusername string| donot_match string| dob boolean| isDobOn string| invaild_date string| rules string| address string| city string| state string| zipcode string| country string| missingcaptcha string| phone string| valid_phone string| entrytitle string| entrydescription string| photofile boolean| authInstgramSweep number| _isPhotoMandatory boolean| _isuserregistered boolean| _isZipcodeUsa string| _partnerString boolean| _validatEmailEDU function| trimData function| validatesweeps function| validatesignupform string| defaultLang string| currentLang function| showSweepFormHolder function| showSweepForm function| showSweepRules function| showPrivacyPolicy function| sweepsLog function| dimMeDown function| updateSearchParam function| updateLangParam function| updateLanguage number| _isFacebookFlowRequest function| updatePageBck object| _satellite boolean| __satelliteLoaded string| GoogleAnalyticsObject function| ga object| adobe function| Visitor object| s_c_il number| s_c_in function| getTimeParting object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate function| mboxReady function| gtag object| dataLayer object| uetq object| jscript function| dtm_notify string| deviceType object| criteo_q function| fbq function| _fbq function| addConfirmEmailField function| afterFormRenderChanges boolean| _hideNLchckdByDefault string| _storedchckdByDefaultVal function| _typeof object| fbUtils function| formBuilderHelpersFn function| formBuilderEventsFn function| AppMeasurement_Module_ActivityMap function| AppMeasurement_Module_AudienceManagement function| DIL function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| s object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_manager function| FormRenderFn string| _numQuestions boolean| pinflag boolean| showRulesinOverlay string| uuid_valid string| _whichFlowIsThis string| instagramTimeOut function| validateQuestionnaire string| fieldrequired string| htmltext object| disable function| handleGigyaSweepConnect function| valExists function| UET string| _channelInfoForTracking string| _curGAType object| _gaIDs function| fbAsyncInit function| checkForInput object| _da_ string| DecibelInsight function| decibelInsight object| jQuery18306380135608201738 object| $ele object| recaptcha function| AdCloudEvent string| imsOrgId string| rsid object| adCloudCookieData object| cookieInstance object| FB function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| _di_max_id object| _da_crcTable string| p object| b string| e object| f number| c object| s_i_penfedprod object| KAMPYLE_EMBED boolean| decibelInsight_initiated object| MDIGITAL object| KAMPYLE_CONSTANT object| KAMPYLE_FUNC object| KAMPYLE_DATA object| KAMPYLE_TARGETING object| KAMPYLE_ANIMATION object| KAMPYLE_VIEW object| KAMPYLE_MESSAGE object| KAMPYLE_UTILS object| KAMPYLE_EVENT_DISPATCHER object| MDIGITAL_ELEMENT_BUILDER object| COOLADATA_CODE object| KAMPYLE_COOLADATA object| KAMPYLE_COMMON object| KAMPYLE_THERMO_TEALEAF_FUNC object| KAMPYLE_CLICKTALE_FUNC object| KAMPYLE_SESSIONCAM object| KAMPYLE_SCREEN_CAPTURE object| KAMPYLE_ONSITE_SDK undefined| KAMPYLE_POLYFILLS object| KAMPYLE_INTEGRATION object| cooladata23 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .criteo.com/ | Name: uid Value: 2dd0c3b1-8b90-443a-b97f-234caf90f614 |
|
| .demdex.net/ | Name: dextp Value: 60-1-1618435176497|1175-1-1618435176598|28645-1-1618435176699 |
|
| .penfed-10kgiveaway.com/ | Name: gpv_v44 Value: no%20previous%20value |
|
| .penfed-10kgiveaway.com/ | Name: s_nr30 Value: 1618435176567-New |
|
| .demdex.net/ | Name: demdex Value: 89936200926120039300943647425959507819 |
|
| .penfed-10kgiveaway.com/ | Name: s_vnc365 Value: 1649971176569%26vn%3D1 |
|
| .penfed-10kgiveaway.com/ | Name: adcloud Value: {%22_les_v%22:%22y%2Cpenfed-10kgiveaway.com%2C1618436976%22} |
|
| .penfed-10kgiveaway.com/ | Name: _gat_gtag_UA_190361828_8 Value: 1 |
|
| .penfed-10kgiveaway.com/ | Name: s_ivc Value: true |
|
| .penfed-10kgiveaway.com/ | Name: _fbp Value: fb.1.1618435176517.23320091 |
|
| www.penfed-10kgiveaway.com/ | Name: CakeCookie[lang] Value: eng |
|
| .penfed-10kgiveaway.com/ | Name: _uetvid Value: 1d3ef0709d6711eb81081f21ccd3f745 |
|
| .penfed-10kgiveaway.com/ | Name: _gat_gtag_UA_104438296_15 Value: 1 |
|
| .penfed-10kgiveaway.com/ | Name: _uetsid Value: 1d3eb5309d6711eb9894214c1148778a |
|
| .penfed-10kgiveaway.com/ | Name: mbox Value: session#b3cdfb202cf04c4b903810755009ef8b#1618437037|PC#b3cdfb202cf04c4b903810755009ef8b.37_0#1681679977 |
|
| .penfed-10kgiveaway.com/ | Name: _gat_1a8be510b8c899b19652437157e22791 Value: 1 |
|
| www.penfed-10kgiveaway.com/ | Name: PHPSESSID Value: 0ab0bc968qmtj6uofhqc510n56 |
|
| .penfed-10kgiveaway.com/ | Name: _gid Value: GA1.2.1415682916.1618435176 |
|
| .penfed-10kgiveaway.com/ | Name: s_cc Value: true |
|
| .penfed-10kgiveaway.com/ | Name: _ga Value: GA1.2.395712768.1618435176 |
|
| .penfed-10kgiveaway.com/ | Name: AMCV_4B46D70754F9EFCB0A4C98C6%40AdobeOrg Value: 359503849%7CMCIDTS%7C18732%7CMCMID%7C89899817030522681440942825986238606657%7CMCAAMLH-1619039976%7C6%7CMCAAMB-1619039976%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1618442376s%7CNONE%7CMCSYNCSOP%7C411-18739%7CMCAID%7CNONE%7CvVersion%7C5.0.1 |
|
| .penfed-10kgiveaway.com/ | Name: at_check Value: true |
|
| .penfed-10kgiveaway.com/ | Name: AMCVS_4B46D70754F9EFCB0A4C98C6%40AdobeOrg Value: 1 |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
assets.adobedtm.com
bat.bing.com
cdn.decibelinsight.net
cm.everesttech.net
collection.decibelinsight.net
connect.facebook.net
d368sjpgy6ngi6.cloudfront.net
dcveehzef7grj.cloudfront.net
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
idsync.rlcdn.com
lasteventf-tm.everesttech.net
nebula-cdn.kampyle.com
pentagonfcu.demdex.net
pixel.quantserve.com
resources.digital-cloud.medallia.com
sjourney.penfed.org
smetrics.penfed.org
sslwidget.criteo.com
static.criteo.net
stats.g.doubleclick.net
udc-neb.kampyle.com
widget.us.criteo.com
www.everestjs.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.penfed-10kgiveaway.com
104.109.94.223
13.225.84.193
142.250.185.194
143.204.101.214
15.237.136.106
151.101.113.175
151.101.14.49
151.101.194.133
178.250.2.151
18.156.143.93
2620:116:800d:21:5a23:9c4e:e774:96c1
2620:1ec:c11::200
2a00:1450:4001:801::2003
2a00:1450:4001:801::200a
2a00:1450:4001:803::2003
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2002
2a00:1450:4001:813::2003
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::200e
2a00:1450:400c:c04::9b
2a00:1450:400c:c04::9d
2a02:2638:1::13
2a02:2638:1::3
2a02:26f0:10c:59b::1e80
2a03:2880:f013:d:face:b00c:0:3
2a03:2880:f113:81:face:b00c:0:25de
3.250.252.43
34.250.153.194
35.241.45.82
35.244.174.68
44.224.102.5
52.19.133.54
74.119.119.150
99.84.156.113
017465e56d5ab056a69821ab39eefc7a2418a40344e788818a8c9825850c5781
030235ab6fc1739381df015b815a93e2ed3921f09832954dbacde9991708e27a
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2
074a4114b694d621a5f20541f3a53780c53fbc6856e6bf9104833f4b43e933da
0e5e0919b23210b2297f4592d9b358b41b5eac279ada7073c8ab556b3b850a47
0f6204713c11eeb6d7648e3401617e22f8e88f96cd517a538dc018ac2ab7bdf2
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12b7200edd174ed37e39cc8d42c87ea5040131f0914a8789e93a8a74ee43388c
1573cb56b1f16d4c4327beabf9ef2d0eeb70082b9bb95876c28d5a5927f2d9a2
1620dd5a9ddf79105a6a155d84ed61fe6de8500b0ca7b49c3b3bd3bd2f445e1f
1ec9e7899b6cf38f09cfe137efd25c0e194f780e8814097ddffd3fa63ccb2ac3
1fe2437a79282fb26d2267e40cdb7ac59164d0ee5e5b9f955f05a49f686ab616
1fecaabe1534e767e0800fa08f30bdc94033a97092bde823632e9acaed31f1cc
208c692d3ce41e9172bd2f300f8588772194f3006735d893b52f06e4d1666922
22c659796366db008523563d21ad0e7c4e38d6d10d82814af4eae3a24888ffda
260bebdb07a9a925d59a7c266ffcc5cb73966a20096ac5a8c1e544c802bcc6fb
2612f693305c7b3e260fd28fa904fbf6d265a1f96d750ccbffccd5e90ad86dc9
3e72de5de67d6d80b65a114af684eaf880c53c250155a663cb17d677ff064bc1
44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
4ba41456684d03627c0f21de1f4ce4c9c8a30db4aac1c099616a6ab6d457dceb
4f5c74d1eaae1f41a58dcfa81a1dece10f6c583e506390e1b8d22714c533f9ec
5157a2d33d675108a0d10aec3a812f6c7ecf72b373496283ec2fdb54309ff44a
51a81ff5087d8ce810440d4ba5fc26db94dca3b0669746ef14f9e01385a6b995
52c7831e9f398acdb52400dda0795616401babb7e948e0c74195bf4080881f9f
546e0a6bf1909b9d6c4e869a7bc07f31270f8e5dcd98719bf7b148b6f2a478dc
55b84a29e9e7af4178c55c680bc855777b8ac216bdc554989d16b3584a4c71be
5c044b5c4feaecdb0ef5569d66bbfdfb84c77f4215541fb909919452fb912bf2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c56098cf72f622c0172dc8a069b76d75ede2f9fc0fbdcd3d7c7b3261ed0c316
716d144a3878d058f6cc2cb4efe93191d5a6d94173199bedffe73ff9966ebff9
71d66e87a9561f8cc70f06a466a5f75a77aa9cb55e8795e0539c514eff7cf7d3
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7cb31ea03b5f02c12d6535db7cf3c8b452b54dc6cc4d6156a174079f3d065ded
82c72b8006645e65090c656797554e8618bf680310ea6cc85d7d1af211b71a93
848265bbea728ec6c74034514f76314959b99004af5a44c9c6daff69f7062421
84d041026e1e856745c875c9df68a36149e9048220ab2812e0f836cbcf7c5a19
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
8ae82296385874ae8e0cd97db0512c1f5ae448a13b268dfefa7bfe78b782d42e
90b04a90f7272f869b0eb3659874f95e8f19475726a2c20bcc0635e915237373
9220724f53aa4e6e1ccbdae83ea2fc09ce8f114c04bc366b71c411129afecada
965574e97c29813feaa62a0a149731306ee4725e027603b937905375d3121c89
97f6f6d158ee6e2ab7c7c41f02dab9e462e9b5ba0a70e73807f2e1013b0432c8
9ddca568ff519cd935a816baec6f7bfce459656ec5022ec2ba6a6225891022eb
a400d0b7f6d96b95bfbae8da42cd7c7dcc8ebd4313ffbdbadc784c3873bc1a42
a5c038c598bec1b41d3c039defb14fc08bf07b25d5f9eda133b8643d6c1ab634
a6c03caac727d6682b4a9f0d0365a2193b5004cc806747604a8546fd5d83484a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afd12cda1d9bbac93f0d557424e202a18bac7078d051ca7650ff8b75b3b8f4bd
b057949b651d6da846b8a57737683043e42df7d85f9c3e45a6cd0df2c99af06c
b585c106b07ece471917dbb485daf0d641d18d108aafced9bd13b7641b9bb3e4
b79048269194de2a460e6b267695f420be996434fad12f90e3712a1c5b3b2544
b91c3c057ce468a4d188152479a9b9f4ae728427edde29a3b4449521f75a5439
bb02a3c53c5c142d55aa45923295c879f1205e39122871076f4fd896db39d647
bdae52969921860743eae4b33f08c2d9273affb9d461deafbf1e26edad6d58dc
cafb7ab7b5bc6dbb6b295c8294981fa915042a4d016f859fccc662c59c3d3924
cb62aecaf27b6b7725de04ea9de7b4e656e2e041b32385758c20faff9c87730c
cb81b2e9d73900d039e570a1e90c9e14aa30d9e89b3c2804374424805d91f4ec
cc16b6d50876b76ad2c5c9563d2a092ce67aac0e2efdf780858c2b11a8d8c904
cf055bc54c33d5ecff5505742c327dcaaf9e66faf2d9c15bcf959b19291fed17
d15a8b57ce0f9efd820187fa75318d7403b71480063f1183e8c9e589baa13b0e
d2f0522008bff05c6434e48ac8f11f7464331436a4d5d96a14a058a81a75c82e
d4dd364dec97b8bcfc7e733efc86f0807c0f57aad9e3eaa759d0043a10439580
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32
d8db3b249679e1ddbad3988affe2e229d166d6ed2cbcd9bc2f796234070d35aa
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfc2eeec5ab4d463511d6b526df5780d24a025b829c72df0a1ab1ae8ac5b5b74
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e397e92201022d95c7d9987e58ccb126c92c82fb130a0209107d6de869eaf4
e5f0058d3d737d25b691728bce12a7d0b77183781c936ca8152e28cacf9e6e3f
e69abd7e0cc82f336e61fea889e406ecbbeb7ece1df960231b7a9ba0d1dd1676
e7c9ef424562c710ebce03de90b4277405a3d204fc7909e10b724d59c03b894c
e8dac2824fb9388686540ae8312060b74fd5152df5813e2f3d24c7cca63e4483
eb17b3c24fb6a25b09fa3b28e8fe9d5467aa4766617f507951eea3650c857fd7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f55a1ada923319bb166c09913650d0d68745a578df53cf9f5f377cee96d7d530
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
f7e68581cf26a6c6ba7a07147fc8ffc04e12b84190f9a11cf0b826167054fd24