www.cosmopolitan.com
Open in
urlscan Pro
151.101.128.155
Public Scan
Effective URL: https://www.cosmopolitan.com/entertainment/celebs/a40229858/stranger-things-vecna-clues/?utm_source=facebook&utm_medium=socia...
Submission: On June 21 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2022 Q1 on April 6th 2022. Valid for: a year.
This is the only time www.cosmopolitan.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-69-250.compute-1.amazonaws.com
trib.al |
ASN54113 (FASTLY, US)
www.cosmopolitan.com | |
assets.hearstapps.com | |
hips.hearstapps.com | |
glimmer.hearstapps.com | |
jam.hearstapps.com | |
nitehawk.hearst.io | |
hdm-streaming-otfp.hearst.io |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
nexus.ensighten.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16625 (AKAMAI-AS, US)
PTR: a23-206-209-10.deploy.static.akamaitechnologies.com
a21018620252.cdn.optimizely.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-211-225-89.compute-1.amazonaws.com
logx.optimizely.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
42 |
hearstapps.com
assets.hearstapps.com — Cisco Umbrella Rank: 13818 hips.hearstapps.com — Cisco Umbrella Rank: 8778 glimmer.hearstapps.com — Cisco Umbrella Rank: 21946 jam.hearstapps.com — Cisco Umbrella Rank: 17274 |
1 MB |
11 |
cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 489 |
235 KB |
6 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 60 region1.google-analytics.com — Cisco Umbrella Rank: 9409 |
61 KB |
4 |
hearst.io
nitehawk.hearst.io — Cisco Umbrella Rank: 19064 hdm-streaming-otfp.hearst.io — Cisco Umbrella Rank: 26454 |
2 MB |
3 |
optimizely.com
cdn.optimizely.com — Cisco Umbrella Rank: 658 a21018620252.cdn.optimizely.com — Cisco Umbrella Rank: 116936 logx.optimizely.com — Cisco Umbrella Rank: 1257 |
90 KB |
3 |
ensighten.com
nexus.ensighten.com — Cisco Umbrella Rank: 2918 |
54 KB |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 96 |
100 KB |
2 |
speedcurve.com
cdn.speedcurve.com — Cisco Umbrella Rank: 6306 lux.speedcurve.com — Cisco Umbrella Rank: 18696 |
7 KB |
2 |
cosmopolitan.com
www.cosmopolitan.com — Cisco Umbrella Rank: 33277 |
52 KB |
1 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 125 |
442 B |
1 |
google.de
ampcid.google.de — Cisco Umbrella Rank: 45144 |
464 B |
1 |
google.com
ampcid.google.com — Cisco Umbrella Rank: 1759 |
535 B |
1 |
onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 818 |
432 B |
1 |
trib.al
1 redirects
trib.al — Cisco Umbrella Rank: 16807 |
466 B |
82 | 14 |
Domain | Requested by | |
---|---|---|
25 | assets.hearstapps.com |
www.cosmopolitan.com
assets.hearstapps.com |
12 | hips.hearstapps.com |
www.cosmopolitan.com
|
11 | cdn.cookielaw.org |
www.cosmopolitan.com
cdn.cookielaw.org |
5 | www.google-analytics.com |
nexus.ensighten.com
www.google-analytics.com |
4 | glimmer.hearstapps.com |
www.cosmopolitan.com
glimmer.hearstapps.com |
3 | hdm-streaming-otfp.hearst.io |
glimmer.hearstapps.com
|
3 | nexus.ensighten.com |
www.cosmopolitan.com
nexus.ensighten.com |
2 | www.googletagmanager.com |
assets.hearstapps.com
www.googletagmanager.com |
2 | www.cosmopolitan.com |
assets.hearstapps.com
|
1 | region1.google-analytics.com |
www.googletagmanager.com
|
1 | logx.optimizely.com |
cdn.optimizely.com
|
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | lux.speedcurve.com | |
1 | ampcid.google.de |
www.google-analytics.com
|
1 | ampcid.google.com |
www.google-analytics.com
|
1 | nitehawk.hearst.io |
glimmer.hearstapps.com
|
1 | geolocation.onetrust.com |
cdn.cookielaw.org
|
1 | a21018620252.cdn.optimizely.com |
cdn.optimizely.com
|
1 | jam.hearstapps.com |
assets.hearstapps.com
|
1 | cdn.optimizely.com |
www.cosmopolitan.com
|
1 | cdn.speedcurve.com |
www.cosmopolitan.com
|
1 | trib.al | 1 redirects |
82 | 22 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
cosmopolitan.com GlobalSign Atlas R3 DV TLS CA 2022 Q1 |
2022-04-06 - 2023-05-08 |
a year | crt.sh |
*.speedcurve.com GlobalSign Atlas R3 DV TLS CA H2 2021 |
2021-10-12 - 2022-11-13 |
a year | crt.sh |
cookielaw.org Cloudflare Inc ECC CA-3 |
2022-05-01 - 2023-05-01 |
a year | crt.sh |
nexus.ensighten.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-09-14 - 2022-10-12 |
a year | crt.sh |
cdn.optimizely.com DigiCert SHA2 Secure Server CA |
2021-12-24 - 2022-12-24 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-06-06 - 2022-08-29 |
3 months | crt.sh |
*.cdn.optimizely.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-06-03 - 2023-06-07 |
a year | crt.sh |
onetrust.com Cloudflare Inc ECC CA-3 |
2022-01-12 - 2023-01-12 |
a year | crt.sh |
*.google.com GTS CA 1C3 |
2022-06-06 - 2022-08-29 |
3 months | crt.sh |
*.google.de GTS CA 1C3 |
2022-06-06 - 2022-08-29 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2022-06-06 - 2022-08-29 |
3 months | crt.sh |
logx.optimizely.com Amazon |
2021-08-23 - 2022-09-21 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.cosmopolitan.com/entertainment/celebs/a40229858/stranger-things-vecna-clues/?utm_source=facebook&utm_medium=social-media&utm_campaign=socialflowFBCOS&fbclid=IwAR39h94jGvXbJKTQYVvcqatSbKUnNVRMnRkZj6jRzwwpYu0OnwZiytEwSUE
Frame ID: 9E074A61370114A7076AEEBE7D0BA5AF
Requests: 83 HTTP requests in this frame
Frame:
https://a21018620252.cdn.optimizely.com/client_storage/a21018620252.html
Frame ID: 5FB8A923E07741270DFD259C101CC3AF
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Stranger Things Fans Spotted Hints Vecna Was in Series OneGroupGroupBack ButtonSearch IconFilter IconPage URL History Show full URLs
-
http://trib.al/A6QbC8o?fbclid=IwAR39h94jGvXbJKTQYVvcqatSbKUnNVRMnRkZj6jRzwwpYu0OnwZiytEwSUE
HTTP 301
https://www.cosmopolitan.com/entertainment/celebs/a40229858/stranger-things-vecna-clues/?utm_source=faceb... Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Ensighten (Tag Managers) Expand
Detected patterns
- //nexus\.ensighten\.com/
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
OneTrust (Cookie compliance) Expand
Detected patterns
- cdn\.cookielaw\.org
- otSDKStub\.js
Optimizely (Analytics) Expand
Detected patterns
- optimizely\.com.*\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
54 Outgoing links
These are links going to different origins than the main page.
Title: Subscribe
Search URL Search Domain Scan URL
Title: Instagram
Search URL Search Domain Scan URL
Title: TikTok
Search URL Search Domain Scan URL
Title: Youtube
Search URL Search Domain Scan URL
Title: Clubhouse
Search URL Search Domain Scan URL
Title: Newsletter
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: Pinterest
Search URL Search Domain Scan URL
Title: Shop
Search URL Search Domain Scan URL
Title: Eau de Juice
Search URL Search Domain Scan URL
Title: Apparel
Search URL Search Domain Scan URL
Title: Accessories
Search URL Search Domain Scan URL
Title: Home Stuff
Search URL Search Domain Scan URL
Title: Obsessed with Astro
Search URL Search Domain Scan URL
Title: Win
Search URL Search Domain Scan URL
Title: Do Not Sell My Personal Information
Search URL Search Domain Scan URL
Title: Privacy Notice/Notice at Collection
Search URL Search Domain Scan URL
Title: Terms of Use
Search URL Search Domain Scan URL
Title: Subscribe
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: @mark..byers
Search URL Search Domain Scan URL
Title: #fyp
Search URL Search Domain Scan URL
Title: #zyxcba
Search URL Search Domain Scan URL
Title: #willbyers
Search URL Search Domain Scan URL
Title: #vecna
Search URL Search Domain Scan URL
Title: #noahschnpp
Search URL Search Domain Scan URL
Title: #strangerthings
Search URL Search Domain Scan URL
Title: #st4
Search URL Search Domain Scan URL
Title: #grandfatherclock
Search URL Search Domain Scan URL
Title: #fypã‚·
Search URL Search Domain Scan URL
Title: #fypage
Search URL Search Domain Scan URL
Title: #fup
Search URL Search Domain Scan URL
Title: #fupã‚·
Search URL Search Domain Scan URL
Title: ♬ original sound - MILLIE PROTECTOR
Search URL Search Domain Scan URL
Title: @4thgenyeonjunie
Search URL Search Domain Scan URL
Title: #clockchime
Search URL Search Domain Scan URL
Title: #strangerthingsseason3
Search URL Search Domain Scan URL
Title: #strangerthingsseason4
Search URL Search Domain Scan URL
Title: ♬ Stranger Things - Kyle Dixon & Michael Stein
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Subscribe
Search URL Search Domain Scan URL
Title: Media Kit
Search URL Search Domain Scan URL
Title: Work For Cosmo
Search URL Search Domain Scan URL
Title: Other Hearst Subscriptions
Search URL Search Domain Scan URL
Title: Your California Privacy Rights
Search URL Search Domain Scan URL
Title: Interest-Based Ads
Search URL Search Domain Scan URL
Title: Click here to opt out of Google Analytics
Search URL Search Domain Scan URL
Title: | Opens in a new Tab
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://trib.al/A6QbC8o?fbclid=IwAR39h94jGvXbJKTQYVvcqatSbKUnNVRMnRkZj6jRzwwpYu0OnwZiytEwSUE
HTTP 301
https://www.cosmopolitan.com/entertainment/celebs/a40229858/stranger-things-vecna-clues/?utm_source=facebook&utm_medium=social-media&utm_campaign=socialflowFBCOS&fbclid=IwAR39h94jGvXbJKTQYVvcqatSbKUnNVRMnRkZj6jRzwwpYu0OnwZiytEwSUE Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
82 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.cosmopolitan.com/entertainment/celebs/a40229858/stranger-things-vecna-clues/ Redirect Chain
|
235 KB 50 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
article.f495c65.js
assets.hearstapps.com/assets/dist/js/ |
238 KB 74 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.864c6f5.js
assets.hearstapps.com/assets/dist/js/shared/ |
84 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendors.2982034.js
assets.hearstapps.com/assets/dist/js/shared/ |
43 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-observer.9b75385.js
assets.hearstapps.com/assets/dist/js/ |
11 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
IconFont.92eec3ebb5186bf3919ebf3b44fc8984.woff2
assets.hearstapps.com/sites/cosmopolitan/assets/fonts/ |
5 KB 5 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7a337894-f253-4a5d-a63e-0d8275cedec5.4a2fddf.woff2
assets.hearstapps.com/sites/cosmopolitan/assets/fonts/ |
19 KB 19 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fonts-deferred.17e36b8.css
assets.hearstapps.com/sites/cosmopolitan/assets/css/ |
2 KB 871 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lux.js
cdn.speedcurve.com/js/ |
18 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
42 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
strangerthings-strangerthings4-1-00-51-29-19-1654535671.jpg
hips.hearstapps.com/hmg-prod.s3.amazonaws.com/images/ |
11 KB 11 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
steve-stranger-things-season-4-1653902688.jpeg
hips.hearstapps.com/hmg-prod.s3.amazonaws.com/images/ |
8 KB 8 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
moapt-hdm.latest.js
assets.hearstapps.com/moapt/ |
137 KB 42 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
affiliate-bundle.master.js
assets.hearstapps.com/commerce/release/ |
39 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
player.js
glimmer.hearstapps.com/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ |
20 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Bootstrap.js
nexus.ensighten.com/hearst/mag-dnt/ |
155 KB 41 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
us_cosmopolitan.js
cdn.optimizely.com/public/21018620252/s/ |
287 KB 89 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
standard-article.9acb3ad.css
assets.hearstapps.com/sites/cosmopolitan/assets/css/ |
190 KB 22 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
author-arrow.a0a710a.svg
assets.hearstapps.com/sites/cosmopolitan/assets/images/svgs/ |
1 KB 988 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6c923332-4923-424e-8a1e-e8d3e9b46961.78fccee.woff2
assets.hearstapps.com/sites/cosmopolitan/assets/fonts/ |
19 KB 19 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
24dd4e4a-ac1b-4a2d-8474-4187103f67a7.a9d5c9c.woff
assets.hearstapps.com/assets/fonts/ |
62 KB 62 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
51979662-0f05-44f3-be90-50e38a493b3f.5f23895.woff
assets.hearstapps.com/assets/fonts/ |
51 KB 51 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
underline-black.ca9ae59.svg
assets.hearstapps.com/sites/cosmopolitan/assets/images/svgs/ |
905 B 587 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
image-track-inview.620f50b.js
assets.hearstapps.com/assets/dist/js/shared/inview/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.cosmopolitan.com/auth/checkaccess/ |
2 B 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
renderer.js
jam.hearstapps.com/js/ |
53 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cos040122feacoverstory-014-1654475361.jpg
hips.hearstapps.com/hmg-prod.s3.amazonaws.com/images/ |
7 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
weekly-tarot-pull-2-1634312884.png
hips.hearstapps.com/hmg-prod.s3.amazonaws.com/images/ |
85 KB 85 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jennifer-lopez-and-ben-affleck-are-seen-on-september-26-news-photo-1655733897.jpg
hips.hearstapps.com/hmg-prod.s3.amazonaws.com/images/ |
9 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
image-from-ios-2-1582571697.jpg
hips.hearstapps.com/hmg-prod.s3.amazonaws.com/images/ |
5 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sunscreen-1644937408.png
hips.hearstapps.com/hmg-prod.s3.amazonaws.com/images/ |
96 KB 96 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
08433542-c495-4a4f-997e-c7384f5e7ae9_1565690997.png
hips.hearstapps.com/rover/profile_photos/ |
12 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
videojs.e6b6cc54.js
glimmer.hearstapps.com/static/ |
516 KB 134 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendors.e85d4b1f.js
glimmer.hearstapps.com/static/ |
464 KB 141 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
glimmer.6ebff447.js
glimmer.hearstapps.com/static/ |
285 KB 68 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
e8a34489-5d45-468d-b825-b29314aafe17.json
cdn.cookielaw.org/consent/e8a34489-5d45-468d-b825-b29314aafe17/ |
4 KB 2 KB |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
101 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a21018620252.html
a21018620252.cdn.optimizely.com/client_storage/ Frame 5FB8 |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
serverComponent.php
nexus.ensighten.com/hearst/mag-dnt/ |
275 B 417 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ |
153 B 432 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
e4b0c7c1-de4a-45f0-b3c7-10527a08a2a1
nitehawk.hearst.io/embeds/ |
167 KB 44 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
228a882e-c63f-4dbc-aad3-8c8ca16fcc92
https://www.cosmopolitan.com/ |
31 B 0 |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.36.0/ |
362 KB 86 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chrissy-cunningham-stranger-things-1654685584.jpeg
hips.hearstapps.com/hmg-prod.s3.amazonaws.com/images/ |
53 KB 53 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
4 KB 4 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cosmo-strangerthings-most-likely-to-1-1653666972.jpg
hips.hearstapps.com/vidthumb/images/ |
73 KB 73 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8c186447d7cd8a7818c8585561ae0e0e.js
nexus.ensighten.com/hearst/mag-dnt/code/ |
50 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
master.m3u8
hdm-streaming-otfp.hearst.io/561acfc9-610c-4ad8-be83-aa9b172e37cf/video_rover_16x9_240p_sd_1653667007_73597,video_rover_16x9_360p_sd_1653667007_94032,video_rover_16x9_720p_hd_1653667007_39347,video... |
2 KB 918 B |
XHR
application/x-mpegurl |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
165 KB 61 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
8ab59388-b225-4c05-8700-08e37a5a06c7
https://www.cosmopolitan.com/ |
5 KB 0 |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en-us.json
cdn.cookielaw.org/consent/e8a34489-5d45-468d-b825-b29314aafe17/13a6151b-2ccc-4545-977e-5ebbf328ecd9/ |
280 KB 43 KB |
Fetch
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iab2Data.json
cdn.cookielaw.org/vendorlist/ |
305 KB 42 KB |
Fetch
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
googleData.json
cdn.cookielaw.org/vendorlist/ |
60 KB 17 KB |
Fetch
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otTCF.js
cdn.cookielaw.org/scripttemplates/6.36.0/ |
68 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
publisher:getClientId
ampcid.google.com/v1/ |
74 B 535 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
video_rover_16x9_480p_sd_1653667007_44513.m3u8
hdm-streaming-otfp.hearst.io/561acfc9-610c-4ad8-be83-aa9b172e37cf/ |
2 KB 519 B |
XHR
application/x-mpegurl |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
c2030a58-fe07-4ca7-a63e-28d227777c92
https://www.cosmopolitan.com/ |
52 KB 0 |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
video_rover_16x9_480p_sd_1653667007_44513-1.ts
hdm-streaming-otfp.hearst.io/561acfc9-610c-4ad8-be83-aa9b172e37cf/ |
2 MB 2 MB |
XHR
video/mp2t |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
weekly-tarot-pull-2-1634312884.png
hips.hearstapps.com/hmg-prod.s3.amazonaws.com/images/ |
526 B 644 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sunscreen-1644937408.png
hips.hearstapps.com/hmg-prod.s3.amazonaws.com/images/ |
528 B 661 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
affiliatedisclaimer.b000166.js
assets.hearstapps.com/assets/dist/js/shared/modules/ |
1 KB 968 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
contenthistory.3c7dab1.js
assets.hearstapps.com/assets/dist/js/shared/shared/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
relatedmodules.8d95276.js
assets.hearstapps.com/assets/dist/js/shared/modules/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rightrail.cda1302.js
assets.hearstapps.com/assets/dist/js/shared/modules/ |
1 KB 853 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
socialbutton.33b7d05.js
assets.hearstapps.com/assets/dist/js/shared/modules/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jumptorecipe.5cd48da.js
assets.hearstapps.com/assets/dist/js/shared/modules/ |
874 B 659 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
stickyads.cb05027.js
assets.hearstapps.com/assets/dist/js/shared/modules/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otCenterRounded.json
cdn.cookielaw.org/scripttemplates/6.36.0/assets/ |
9 KB 3 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otPcCenter.json
cdn.cookielaw.org/scripttemplates/6.36.0/assets/v2/ |
59 KB 13 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/6.36.0/assets/ |
21 KB 4 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
publisher:getClientId
ampcid.google.de/v1/ |
3 B 464 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.c156d11.svg
assets.hearstapps.com/sites/cosmopolitan/assets/images/logos/ |
3 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7b092c64-bbae-4342-a10f-a0de6d3153d8.17f7cc3.woff
assets.hearstapps.com/assets/fonts/ |
63 KB 64 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
poweredBy_ot_logo.svg
cdn.cookielaw.org/logos/static/ |
3 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/j/ |
4 B 24 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.google-analytics.com/gtm/ |
110 KB 41 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
lux.speedcurve.com/lux/ |
0 108 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 442 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
events
logx.optimizely.com/v1/ |
0 365 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/ |
35 B 55 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 350 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/ |
35 B 55 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
92 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation object| LongTaskObserver object| LUX object| LUX_ae object| LUX_al object| HRST boolean| b undefined| s object| Modernizr string| SENTRY_DSN object| SENTRY_OPTIONS object| lazySizesConfig string| RUNTIME_GRAPHQL_URL string| RUNTIME_GRAPHQL_TOKEN string| ASSET_HOSTNAME string| CIAM_URL string| JOURNEY_URL object| CURRENT_SITE object| CURRENT_LOCALE object| requiresGDPRConsent boolean| MOBILE_AD_PROGRESS_BAR boolean| SELF_HOSTED_ADS boolean| SELF_HOSTED_AFFILIATE_TAGGING string| GLIMMER_BASE_URL string| PLAYER_URL boolean| STICKY_PLAYER_ENABLED boolean| MOBILE_STICKY_PLAYER_ENABLED boolean| GLIMMER_FILMSTRIP_ENABLED function| GDPR_CONSENT_MODAL string| GDPR_CONSENT_GROUPS object| cookie function| OptanonWrapper object| f object| m object| webpackJsonp object| Backbone function| $ object| regeneratorRuntime object| lazySizes function| jQuery object| picturefillCFG function| picturefill function| hearstPlayerCallback object| tp boolean| glimmerBundleStarted object| glimmerEnv function| getTCFConsent object| OneTrustStub object| gptLayer object| abd object| dataLayer function| gtag object| onMyloReady object| ensBootstraps object| Bootstrapper function| HDMVideoEvents object| hdmAe function| MOSVideoEvents string| k function| _ object| optimizely object| vttjs function| WebVTT function| _bb$iter function| videojs object| hearstPlayer string| OnetrustActiveGroups string| OptanonActiveGroups function| __tcfapi object| otStubData string| GoogleAnalyticsObject function| ga object| google_tag_manager object| google_tag_data object| gaplugins object| otTCF object| otIabModule object| Optanon object| OneTrust object| gaGlobal object| gaData object| google_optimize boolean| ga_modal_tracking13 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.cosmopolitan.com/entertainment/celebs/a40229858/stranger-things-vecna-clues | Name: _glimmerCookieTest Value: true |
|
www.cosmopolitan.com/ | Name: location_data Value: {"country_code":"DE","postal_code":"55278"} |
|
www.cosmopolitan.com/ | Name: lux_uid Value: 165583795991925503 |
|
www.cosmopolitan.com/ | Name: gpt_session_ab Value: s7 |
|
www.cosmopolitan.com/ | Name: gpt_origref Value: |
|
.cosmopolitan.com/ | Name: optimizelyEndUserId Value: oeu1655837960022r0.1267122143722712 |
|
.cosmopolitan.com/ | Name: mylo_status Value: unauthorized |
|
.cosmopolitan.com/ | Name: OptanonConsent Value: isIABGlobal=false&datestamp=Tue+Jun+21+2022+18%3A59%3A20+GMT%2B0000+(GMT)&version=6.36.0&hosts=&consentId=5be797b4-2035-46b6-96e6-d36b73089862&interactionCount=0&landingPath=https%3A%2F%2Fwww.cosmopolitan.com%2Fentertainment%2Fcelebs%2Fa40229858%2Fstranger-things-vecna-clues%2F%3Futm_source%3Dfacebook%26utm_medium%3Dsocial-media%26utm_campaign%3DsocialflowFBCOS%26fbclid%3DIwAR39h94jGvXbJKTQYVvcqatSbKUnNVRMnRkZj6jRzwwpYu0OnwZiytEwSUE&groups=C0001%3A1%2CBG374%3A0%2CC0004%3A0%2CC0003%3A0%2CC0002%3A0%2CC0005%3A0 |
|
.cosmopolitan.com/ | Name: AMP_TOKEN Value: %24NOT_FOUND |
|
.cosmopolitan.com/ | Name: _gid Value: GA1.2.1941228659.1655837961 |
|
.cosmopolitan.com/ | Name: _gat_glimmer_ga Value: 1 |
|
.cosmopolitan.com/ | Name: _ga_14TSFS899Q Value: GS1.1.1655837961.1.0.1655837961.0 |
|
.cosmopolitan.com/ | Name: _ga Value: GA1.1.1441164526.1655837961 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | frame-ancestors 'self'; |
Strict-Transport-Security | max-age=31557600; includeSubDomains |
X-Frame-Options | sameorigin |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
a21018620252.cdn.optimizely.com
ampcid.google.com
ampcid.google.de
assets.hearstapps.com
cdn.cookielaw.org
cdn.optimizely.com
cdn.speedcurve.com
geolocation.onetrust.com
glimmer.hearstapps.com
hdm-streaming-otfp.hearst.io
hips.hearstapps.com
jam.hearstapps.com
logx.optimizely.com
lux.speedcurve.com
nexus.ensighten.com
nitehawk.hearst.io
region1.google-analytics.com
stats.g.doubleclick.net
trib.al
www.cosmopolitan.com
www.google-analytics.com
www.googletagmanager.com
151.101.128.155
151.101.66.217
18.195.42.228
2001:4860:4802:34::36
23.206.209.10
2606:4700:10::6814:b844
2606:4700::6810:9540
2a00:1450:4001:80b::200e
2a00:1450:4001:80f::200e
2a00:1450:4001:810::200e
2a00:1450:4001:813::2008
2a00:1450:400c:c07::9d
2a02:26f0:ef:295::13b8
3.217.69.250
54.211.225.89
00bab1a0ca70bae23e6e733c1b78045476a2d2688aa0c5cf26fc7efa81ccaa0b
0294bd8af038bc705dee30b4bcbbbc3cf5def9409a1a4a26d1ecd6e89bc52436
037e29044cd22b5ed886132debba0179c8e5a034538b39ff4b99914e7c83a7d0
06b945334ff3cdb3916e4eb51470788285887e5eea1d62297185f97b9e11ad3b
08d5264af24b5af51ee34f02dc1495c26a2726607e4885be027e44864137f140
0bfc7f02a1d19f542a41b137b46c3c99e1a4d46a1d38a14831db5a06e0ce9376
0fa785e531d5a9ffd45f82db847fb492372a7258c3dc3cc4b5fd73b9a971127e
11068af9b902399f2d46da9c2b87832bb5580330085e8be4a091212dec959458
12d4a5d95c16a78a07e3dcd8dee7a6aeab46c007c7a34fe4155304d70da67603
1a6622bbfd2f4017f391cae1040e22f99a923116427a0ccb25543581f5d92257
1da25cf82f065474aadce40a8c7369f6df48e1847cb95c21bd9083488eff7390
1dc503a7b3008356db2afe506ba7bc327ca21283231e0e00ff0aeae69a3132e5
1eb9ac46d22f3755b3e83082a64f806caf3d22a306cbe79f15b784d1a3589b83
1f94185bf320b088eb3c40b75de95ac8516680f4036bd287131b34f9c058146a
1fec4fbd0a061b975dfd57a8b99d2c5cc911dd179730f812656210614b33005b
23fb01a0d39c710c0e3e1cb5d7c044bb4460cdcc82cb9501313b05f0dedefb33
24aad405954ebc1ecd33460d5e766d6deeeafae8d302397d0ab315a81222e6e6
2a5a1d574f5b86b001a8e8734e7ccd01cc74940506ed74fb4fe1f312553c6b34
3ad307061c4b284d1feca644549d60d4f787d20e6e60bd6db05367321816251a
3d60e10fba53f5b6e77f446aaf5e269faab5814035171ad710d5c3cffb9dce4f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
4c62544c073b883e5910cb8fc9d0149aee4d5b838a4446e3e729abf4226973ef
52ce23ee1d29ad5d451af65731ddd81b50746b536f08e89f7d6c9fac13019610
53b65b69e6d5f663f1c13d2c4ebce6a6d2a2add77644661deeadd5120c8c8502
59e7cf514795aad9605726bd0a8a2c332d639a8f424e609e322b2c8d7b478814
5ede40ca00d3e8e04ab2b5578f9d0482c5674ea4165647957fc21a1757bbf0a4
5ffe81972ece7cead2ffd25435349112a6515d189a5e9a2e1993b3f07c0e70a0
656baff7b4c30614be2380c6f6cb9fd26422292f18e4ac851f4b71b1b9408caa
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dcec3eb6417470a9ef4200c9aea43beb00e2bb9b9a4e1729063b4cfd7e191a9
6fba5ed9a21a948a1edf9f018055a8ed911df83da750fcb24177e2a3c539a085
73ed3661143eda670591d0aa37e0788870ad2e4cf70b80fe00524fe1a69b5c77
74c39b5ec5a61c19ff20d81c0418fabd61d6deb6ac0c967da28761d6b895ff7d
74c84b791ab1725dbd61a7afea4d7c358aadcaaf94dc476bfca3ccedc36395a5
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
814fb34061dee8da00864affa9f4933a6a527496fe1cdd678233c93060d045b2
82873f1a6ed2c39272722dfeb791b6a77bc304b3766799652651e7450dbdafe5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
834dde75c6c7f0763a2c1c1dd92e3c5efa71d678dce740007c5f6e3ce1e69d6f
881ec7583c487bbae48298d8d5ffd6d1fa6beef8fa8c56a4a27cf00fe7cb4e7a
895f72c77833ea0184bccbe5cfa597b9493bcc2e7feef12976aa270f06d88d8b
8bf020d6569a0becc7a917b9fd94b3c899858a074b8c03b1c5ded107d0b2f6de
924c24fb959eaa23bd2859e7a9d8707dd7b0b162ca80a5203b67cc918238f29d
93cfb830fed3ded32de50bfaf8e1d6ce9cd75e14f06cb8554fffe77aec7897c2
94da228c353d045b771f23f34e87db407653d29614705c5bdd8cf53dda514f56
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2f7a415ece0d54adce8aa25f723662aff3b9f1f948795a4af99b1f54b8fceb8
a7eb98523efa3004ce07cc931895dc85225169e049045854959a3004873cb5d8
abb8730627dfe01fbcbabbb2971e22e2e89dc1a01a5c303daf909b6519db1da4
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
afac62c2f528a63e8caebf0059833df9925901d0c1a52eb901970d54112fabab
b6b38f8ff5a4b743b7e64a5bf7075bb28e34c99281124cf7047a76c7544a9ddf
b74420758de35d9e305c4be91525ace39bc3961b99841ab0624834b863b7cd01
b7fda15495fe15e5387af66779b53156338f659804ffae7e6361e3fca9bec7fd
b880c81def5471e14d7818a6b9a8f9c52c473d8b61bf8e046807c217f9af88af
b9839a5779548b0b5eefef3a1233ac69b24bab830255f03c9b82d20419558950
ba978a5ebde3b4a4c44e9105ef6bb33166a78e9636d0e19f86be01121830da00
bc4dd74ca66904d316899349e8c8e120487adbe11765bd2714ae31899c1d9c35
c0dd9245a9689ccb33287e15de9171009ba74f652efe1ee805973751dd416770
c2c8f90cefcfe51de95b43937ed517a43e848145339bd102be1bfde4d2c99115
c44ef30004a4f128cef63a800ff7230ac114a30e542502a7cb51b5f7969f3224
c683cb9b13265a3ab44a835eadd72cac49874a500d5a544f072b6c410ff1c8b6
c894bc330ff57f6036dbfd86ab61127d5ea0126389a047b7a1de5749c717ac55
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd14007b2af9067305acf14109ea6daa709434fd78fdb81d2c8247b4b237aec0
d2e4092646dadebcd85afb6e5b8e89ced44e5862ab0b27032729f115526b81cf
da62c5785281b02964775fc3ffc38507b419d8197f3be2426b535bcf02d519fd
daa801d06aa654d8b9710ac233bb66589fee1404ccdb958dcf1ea59eceaa1b37
dfa613998c9579b57dc58cf3afd973e6ad8fff3378f604ee859e86c32bb1d21b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e81e3ea0c5c9ee7518a2a3b029df5f560086eabda9dc2aea14d259c168cc24ac
ebf7e7c8578866e9851d22764b0181f7083637f8e482e9ebac7d8c39ea67d52e
ed7540449a5674c1b0726f466d3bccd050724a9f76cb815f8ffbc45c8d86c3a3
eda9f6d5e1f9eb93128f9195930c4f2978ae3167db0c565dace10c0ff0a5d54d
eeb2a9c941d9eead0d69c453bb35bbf0843d62ab4fd649f9dd2cd54931c8d912
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fb17d24591726d8c55c99e91eadd7015782fcf28035c2e8a592a7d9a28fbf3af
ff12cda856af77c3cea57496c80c964e8a2592ae173734f8020e9cc9cd57523a