denniscordray.com
Open in
urlscan Pro
34.69.219.172
Public Scan
Submission Tags: phishingrod
Submission: On June 24 via api from DE — Scanned from DE
Summary
TLS certificate: Issued by R3 on April 25th 2023. Valid for: 3 months.
This is the only time denniscordray.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 172.219.69.34.bc.googleusercontent.com
denniscordray.com |
ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-42.muc50.r.cloudfront.net
nexus.ensighten.com |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-138-0.eu-west-1.compute.amazonaws.com
dpm.demdex.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-93-119.eu-west-1.compute.amazonaws.com
statefarmmutualautomobileinsurancecompany.demdex.net |
ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-160.data.adobedc.net
smetrics.statefarm.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-242-252.eu-west-1.compute.amazonaws.com
cm.everesttech.net |
ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com |
ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
cm.g.doubleclick.net |
ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org | |
insight.adsrvr.org |
ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com |
ASN15169 (GOOGLE, US)
PTR: 133.70.198.104.bc.googleusercontent.com
peachy.prod.mirus.io |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-198-131.compute-1.amazonaws.com
usermatch.krxd.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-148-66.eu-west-1.compute.amazonaws.com
beacon.krxd.net |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net
11264551.fls.doubleclick.net |
ASN16509 (AMAZON-02, US)
PTR: server-108-138-15-119.fra56.r.cloudfront.net
js.adsrvr.org |
ASN32934 (FACEBOOK, US)
www.facebook.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
27 |
mirus.io
ephemera.mirus.io — Cisco Umbrella Rank: 58134 peachy.prod.mirus.io — Cisco Umbrella Rank: 59877 |
421 KB |
5 |
demdex.net
1 redirects
dpm.demdex.net — Cisco Umbrella Rank: 218 statefarmmutualautomobileinsurancecompany.demdex.net — Cisco Umbrella Rank: 11851 |
8 KB |
5 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 176 |
224 KB |
5 |
ensighten.com
nexus.ensighten.com — Cisco Umbrella Rank: 3081 |
75 KB |
4 |
doubleclick.net
3 redirects
cm.g.doubleclick.net — Cisco Umbrella Rank: 244 11264551.fls.doubleclick.net — Cisco Umbrella Rank: 49179 |
2 KB |
3 |
pinterest.com
ct.pinterest.com — Cisco Umbrella Rank: 755 |
1 KB |
3 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 101 |
266 B |
3 |
adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 375 js.adsrvr.org — Cisco Umbrella Rank: 1589 insight.adsrvr.org — Cisco Umbrella Rank: 592 |
5 KB |
2 |
pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 844 |
19 KB |
2 |
krxd.net
1 redirects
usermatch.krxd.net — Cisco Umbrella Rank: 1650 beacon.krxd.net — Cisco Umbrella Rank: 637 |
529 B |
2 |
yahoo.com
1 redirects
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1303 ups.analytics.yahoo.com — Cisco Umbrella Rank: 340 |
898 B |
2 |
statefarm.com
smetrics.statefarm.com — Cisco Umbrella Rank: 24648 |
2 KB |
1 |
google.com
adservice.google.com — Cisco Umbrella Rank: 107 |
401 B |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 82 |
87 KB |
1 |
rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 426 |
98 B |
1 |
everesttech.net
1 redirects
cm.everesttech.net — Cisco Umbrella Rank: 1106 |
517 B |
1 |
denniscordray.com
denniscordray.com |
128 KB |
61 | 17 |
Domain | Requested by | |
---|---|---|
25 | ephemera.mirus.io |
denniscordray.com
|
5 | connect.facebook.net |
denniscordray.com
connect.facebook.net |
5 | nexus.ensighten.com |
denniscordray.com
nexus.ensighten.com |
4 | dpm.demdex.net |
1 redirects
denniscordray.com
|
3 | ct.pinterest.com |
s.pinimg.com
|
3 | www.facebook.com | |
2 | s.pinimg.com |
denniscordray.com
s.pinimg.com |
2 | 11264551.fls.doubleclick.net |
1 redirects
www.googletagmanager.com
|
2 | peachy.prod.mirus.io |
denniscordray.com
|
2 | cm.g.doubleclick.net | 2 redirects |
2 | smetrics.statefarm.com |
nexus.ensighten.com
denniscordray.com |
1 | adservice.google.com |
11264551.fls.doubleclick.net
|
1 | insight.adsrvr.org |
js.adsrvr.org
|
1 | js.adsrvr.org |
www.googletagmanager.com
|
1 | www.googletagmanager.com |
nexus.ensighten.com
|
1 | beacon.krxd.net | |
1 | usermatch.krxd.net | 1 redirects |
1 | ups.analytics.yahoo.com | |
1 | cms.analytics.yahoo.com | 1 redirects |
1 | match.adsrvr.org |
denniscordray.com
|
1 | idsync.rlcdn.com |
denniscordray.com
|
1 | cm.everesttech.net | 1 redirects |
1 | statefarmmutualautomobileinsurancecompany.demdex.net |
nexus.ensighten.com
|
1 | denniscordray.com | |
61 | 24 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
denniscordray.com R3 |
2023-04-25 - 2023-07-24 |
3 months | crt.sh |
ephemera.mirus.io R3 |
2023-06-02 - 2023-08-31 |
3 months | crt.sh |
nexus.ensighten.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-10-07 - 2023-10-14 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2023-04-02 - 2023-07-01 |
3 months | crt.sh |
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-09-26 - 2023-10-27 |
a year | crt.sh |
smetrics.statefarm.com Entrust Certification Authority - L1K |
2023-01-20 - 2024-02-19 |
a year | crt.sh |
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA |
2023-02-02 - 2024-03-03 |
a year | crt.sh |
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020 |
2023-04-12 - 2024-05-13 |
a year | crt.sh |
peachy.prod.mirus.io R3 |
2023-06-13 - 2023-09-11 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-05-29 - 2023-08-21 |
3 months | crt.sh |
*.doubleclick.net GTS CA 1C3 |
2023-05-29 - 2023-08-21 |
3 months | crt.sh |
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-08-01 - 2023-08-08 |
a year | crt.sh |
*.google.com GTS CA 1C3 |
2023-05-29 - 2023-08-21 |
3 months | crt.sh |
This page contains 6 frames:
Primary Page:
https://denniscordray.com/
Frame ID: C3D1EA75D414F9B8DBC93EF153A9E0FA
Requests: 50 HTTP requests in this frame
Frame:
https://statefarmmutualautomobileinsurancecompany.demdex.net/dest5.html?d_nsid=0
Frame ID: 68DB9274C8792F84C20D2A1420C6F0A1
Requests: 6 HTTP requests in this frame
Frame:
https://11264551.fls.doubleclick.net/activityi;dc_pre=CLL5r5f32v8CFVWd_QcdnhoEVA;src=11264551;type=micro0;cat=micro002;ord=4030675879747;gtm=45He36l0;auiddc=1715180541.1687576183;u9=sf%3Aus%3Aagent-micro-s%3Ah2y4v1ys000;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fdenniscordray.com%2F
Frame ID: F009D0389141F6969CCD243BA48CD2A5
Requests: 2 HTTP requests in this frame
Frame:
https://insight.adsrvr.org/track/up?adv=3davbp4&ref=https%3A%2F%2Fdenniscordray.com%2F&upid=t8xbszz&upv=1.1.0
Frame ID: 73D03F83D15B07822330075204F7705F
Requests: 1 HTTP requests in this frame
Frame:
https://ct.pinterest.com/ct.html
Frame ID: B08A48AD0A630343D90BA726F453FF77
Requests: 1 HTTP requests in this frame
Frame:
https://www.facebook.com/tr/
Frame ID: 140892F12A8E74DE0AE686DA107A21B2
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
MO Auto & Home Insurance Agent Dennis Cordray - State Farm®Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Alpine.js (JavaScript frameworks) Expand
Detected patterns
- /alpine(?:\.min)?\.js
Ensighten (Tag Managers) Expand
Detected patterns
- //nexus\.ensighten\.com/
Facebook (Widgets) Expand
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtm\.js
Page Statistics
24 Outgoing links
These are links going to different origins than the main page.
Title: Log in
Search URL Search Domain Scan URL
Title: Create an account
Search URL Search Domain Scan URL
Title: Map & Directions
Search URL Search Domain Scan URL
Title: Get ID Card
Search URL Search Domain Scan URL
Title: Continue a saved quote
Search URL Search Domain Scan URL
Title: File a Claim
Search URL Search Domain Scan URL
Title: Send Payment
Search URL Search Domain Scan URL
Title: Understanding the insurance premium audit process As a business owner, you may be contacted to complete an insurance premium audit. Learn what that is and how you can be ready. Read More
Search URL Search Domain Scan URL
Title: What to do after a house fire After a house fire, there are several important steps in the recovery process. Get our tips to help keep your family safe and finances stable. Read More
Search URL Search Domain Scan URL
Title: Share the road with farm vehicles Rural road driving might feel safe & relaxing but they are shared with farm vehicles & have risks. Here are tips to help when driving in the country. Read More
Search URL Search Domain Scan URL
Title: View More Articles
Search URL Search Domain Scan URL
Title: Strands of Magic Play
Search URL Search Domain Scan URL
Title: Audio Transcript
Search URL Search Domain Scan URL
Title: Web Development for a good cause with 48in48 Play
Search URL Search Domain Scan URL
Title: Audio Transcript
Search URL Search Domain Scan URL
Title: full policy
Search URL Search Domain Scan URL
Title: Ads & Tracking
Search URL Search Domain Scan URL
Title: Terms of Use
Search URL Search Domain Scan URL
Title: Notice of Privacy Policy
Search URL Search Domain Scan URL
Title: State Privacy Rights
Search URL Search Domain Scan URL
Title: Security & Fraud
Search URL Search Domain Scan URL
Title: Accessibility
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 11- https://dpm.demdex.net/id?d_visid_ver=3.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1687576180456 HTTP 302
- https://dpm.demdex.net/id/rd?d_visid_ver=3.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1687576180456
- https://cm.everesttech.net/cm/dd?d_uuid=90149471049479817790763797066239842052 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZJZedAAAAE4_HAN-
- https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=OTAxNDk0NzEwNDk0Nzk4MTc3OTA3NjM3OTcwNjYyMzk4NDIwNTI= HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=OTAxNDk0NzEwNDk0Nzk4MTc3OTA3NjM3OTcwNjYyMzk4NDIwNTI=&google_tc= HTTP 302
- https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEA1Puc4vcKjV60axzJit3u4&google_cver=1?gdpr=0&gdpr_consent=
- https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=90149471049479817790763797066239842052&gdpr=0&gdpr_consent= HTTP 302
- https://ups.analytics.yahoo.com/ups/58782/cms?partner_id=ADOBE&_hosted_id=90149471049479817790763797066239842052&gdpr=0&gdpr_consent=
- https://usermatch.krxd.net/um/v2?partner=adobe&id=90149471049479817790763797066239842052 HTTP 302
- https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=90149471049479817790763797066239842052
- https://11264551.fls.doubleclick.net/activityi;src=11264551;type=micro0;cat=micro002;ord=4030675879747;gtm=45He36l0;auiddc=1715180541.1687576183;u9=sf%3Aus%3Aagent-micro-s%3Ah2y4v1ys000;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fdenniscordray.com%2F HTTP 302
- https://11264551.fls.doubleclick.net/activityi;dc_pre=CLL5r5f32v8CFVWd_QcdnhoEVA;src=11264551;type=micro0;cat=micro002;ord=4030675879747;gtm=45He36l0;auiddc=1715180541.1687576183;u9=sf%3Aus%3Aagent-micro-s%3Ah2y4v1ys000;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fdenniscordray.com%2F
61 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
denniscordray.com/ |
480 KB 128 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
resize
ephemera.mirus.io/img/ |
44 KB 45 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Bootstrap.js
nexus.ensighten.com/statefarm/mirus/ |
76 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/en_US/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
resize
ephemera.mirus.io/img/ |
58 KB 59 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
resize
ephemera.mirus.io/img/ |
966 B 1 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
191 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MecherleSans-SemiBold.woff2
ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/da39a3ee5e6b4b0d3255bfef95601890afd80709/fonts/sf/ |
31 KB 32 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MecherleSans-Bold.woff2
ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/da39a3ee5e6b4b0d3255bfef95601890afd80709/fonts/sf/ |
31 KB 31 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MecherleSans-Regular.woff2
ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/da39a3ee5e6b4b0d3255bfef95601890afd80709/fonts/sf/ |
31 KB 32 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MecherleSans-Medium.woff2
ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/da39a3ee5e6b4b0d3255bfef95601890afd80709/fonts/sf/ |
31 KB 32 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/en_US/ |
307 KB 87 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rd
dpm.demdex.net/id/ Redirect Chain
|
1 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
serverComponent.php
nexus.ensighten.com/statefarm/mirus/ |
498 B 806 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9cb8263dd45eb7b2261972b5b5a0e3f1.js
nexus.ensighten.com/statefarm/mirus/code/ |
162 KB 47 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
69d5dc5966916f224081bc390cacec5b.js
nexus.ensighten.com/statefarm/mirus/code/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9cfdc6df7821180d41d89355b6cdae29.js
nexus.ensighten.com/statefarm/mirus/code/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
resize
ephemera.mirus.io/img/ |
2 KB 2 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
resize
ephemera.mirus.io/img/ |
3 KB 3 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
resize
ephemera.mirus.io/img/ |
13 KB 13 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
resize
ephemera.mirus.io/img/ |
12 KB 12 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
alpineFileInput.js
ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/da39a3ee5e6b4b0d3255bfef95601890afd80709/js/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
alpine.js
ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/da39a3ee5e6b4b0d3255bfef95601890afd80709/js/ |
57 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lazysizes.js
ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/da39a3ee5e6b4b0d3255bfef95601890afd80709/js/ |
8 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scrollToElement.js
ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/da39a3ee5e6b4b0d3255bfef95601890afd80709/js/ |
491 B 597 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utils.js
ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/da39a3ee5e6b4b0d3255bfef95601890afd80709/js/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
svgIcon.js
ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/da39a3ee5e6b4b0d3255bfef95601890afd80709/js/ |
122 B 410 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
alpineContactForm.js
ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/da39a3ee5e6b4b0d3255bfef95601890afd80709/js/ |
111 KB 53 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dest5.html
statefarmmutualautomobileinsurancecompany.demdex.net/ Frame 68DB |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
id
smetrics.statefarm.com/ |
48 B 466 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=411&dpuuid=ZJZedAAAAE4_HAN-
dpm.demdex.net/ Redirect Chain
|
42 B 942 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
resize
ephemera.mirus.io/img/ |
7 KB 7 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
resize
ephemera.mirus.io/img/ |
9 KB 9 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
resize
ephemera.mirus.io/img/ |
1 KB 2 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
resize
ephemera.mirus.io/img/ |
4 KB 4 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
365868.gif
idsync.rlcdn.com/ Frame 68DB |
0 98 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s73422873546843
smetrics.statefarm.com/b/ss/sfglobalprod/10/JS-2.1.0/ |
1 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
resize
ephemera.mirus.io/img/ |
8 KB 9 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
resize
ephemera.mirus.io/img/ |
19 KB 20 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
resize
ephemera.mirus.io/img/ |
18 KB 18 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=771&dpuuid=CAESEA1Puc4vcKjV60axzJit3u4&google_cver=1
dpm.demdex.net/ Frame 68DB Redirect Chain
|
42 B 942 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
generic
match.adsrvr.org/track/cmf/ Frame 68DB |
70 B 265 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cms
ups.analytics.yahoo.com/ups/58782/ Frame 68DB Redirect Chain
|
0 125 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
pageviews
peachy.prod.mirus.io/record/3.0/projects/PID/events/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
pageviews
peachy.prod.mirus.io/record/3.0/projects/PID/events/ |
80 B 326 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
usermatch.gif
beacon.krxd.net/ Frame 68DB Redirect Chain
|
0 338 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
410 KB 87 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
activityi;dc_pre=CLL5r5f32v8CFVWd_QcdnhoEVA;src=11264551;type=micro0;cat=micro002;ord=4030675879747;gtm=45He36l0;auiddc=1715180541.1687576183;u9=sf%3Aus%3Aagent-micro-s%3Ah2y4v1ys000;uaa=;uab=;uafv...
11264551.fls.doubleclick.net/ Frame F009 Redirect Chain
|
485 B 394 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fbevents.js
connect.facebook.net/en_US/ |
112 KB 28 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
core.js
s.pinimg.com/ct/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
up_loader.1.1.0.js
js.adsrvr.org/ |
4 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
1673276772914128
connect.facebook.net/signals/config/ |
75 KB 20 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
up
insight.adsrvr.org/track/ Frame 73D0 |
0 181 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
1936962093151750
connect.facebook.net/signals/config/ |
300 KB 86 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 185 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.14eb2ef4.js
s.pinimg.com/ct/lib/ |
62 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dc_pre=CLL5r5f32v8CFVWd_QcdnhoEVA;src=11264551;type=micro0;cat=micro002;ord=4030675879747;gtm=45He36l0;auiddc=*;u9=sf%3Aus%3Aagent-micro-s%3Ah2y4v1ys000;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=...
adservice.google.com/ddm/fls/z/ Frame F009 |
42 B 401 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
ct.pinterest.com/user/ |
568 B 767 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
ct.pinterest.com/v3/ |
35 B 92 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 31 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ct.html
ct.pinterest.com/ Frame B08A |
565 B 403 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
www.facebook.com/tr/ Frame 1408 |
0 50 B |
Document
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
72 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 boolean| credentialless object| onbeforetoggle object| onscrollend object| dataLayer object| dl function| initSubmenu function| setImmediate function| clearImmediate object| peachyClient function| initQuoteForm object| FB object| ensBootstraps object| Bootstrapper function| Visitor object| s_c_il number| s_c_in object| visitor function| errorLogging string| sName string| h string| p string| t function| AppMeasurement_Module_ActivityMap function| AppMeasurement_Module_AudienceManagement function| AppMeasurement_Module_Media function| AppMeasurement function| s_gi function| s_pgicq boolean| _frstRun undefined| _scTempPrevURL object| _scHtml object| _langButtons undefined| _i string| s_account function| DIL number| s_objectID number| s_giq object| s string| s_urlPathEmber boolean| s_emberIndicator boolean| screenChange string| s_testsplitpath string| str string| newstr string| _scLang string| v object| __buffer function| intentEvent function| initFileInput function| initTabControl function| initContactForm object| Alpine object| lazySizes function| scrollToElement object| __mirus_utilities function| svgIcon string| k string| s_campaignSet number| prop31 object| s_i_sfglobalprod object| GTMdataLayer function| daGTMAdd object| google_tag_manager object| google_tag_data function| fbq function| _fbq function| pintrk function| ttd_dom_ready function| TTDUniversalPixelApi25 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
denniscordray.com/ | Name: __cheesecrd_version Value: master |
|
.denniscordray.com/ | Name: s_gad Value: 1 |
|
.demdex.net/ | Name: demdex Value: 90149471049479817790763797066239842052 |
|
.denniscordray.com/ | Name: AMCVS_AAD53BC75245B4BA0A490D4D%40AdobeOrg Value: 1 |
|
.everesttech.net/ | Name: everest_g_v2 Value: g_surferid~ZJZedAAAAE4_HAN- |
|
.statefarm.com/ | Name: s_ecid Value: MCMID%7C85588749483917655190091532871198301400 |
|
.denniscordray.com/ | Name: s_pre_pn Value: sf%3Aus%3Aagent-micro-s%3Ah2y4v1ys000 |
|
.denniscordray.com/ | Name: s_pre_v6 Value: denniscordray.com |
|
.denniscordray.com/ | Name: s_dl Value: 1 |
|
.denniscordray.com/ | Name: s_cm Value: typed%2Fbookmarkedundefinedtyped%2Fbookmarked |
|
.denniscordray.com/ | Name: s_ev32 Value: %5B%5B%27direct%2520load%27%2C%271687576180952%27%5D%5D |
|
.denniscordray.com/ | Name: s_session Value: s_prev_url%3Dhttps%3A%2F%2Fdenniscordray.com%2F%7Centry%3Dhttps%3A%2F%2Fdenniscordray.com%2F%7Cs_prev_channel%3Dsf%3Aundefined%3Aagent-micro-s%7Cs_prev_ch%3Dagent-micro-s%7Cs_prev_pn%3Dh2y4v1ys000%7Cs_prev_pageName%3Dsf%3Aundefined%3Aagent-micro-s%3Ah2y4v1ys000%7Cmc%3Ddirect%20load%7C |
|
.denniscordray.com/ | Name: s_cc Value: true |
|
.dpm.demdex.net/ | Name: dpm Value: 90149471049479817790763797066239842052 |
|
.denniscordray.com/ | Name: AMCV_AAD53BC75245B4BA0A490D4D%40AdobeOrg Value: 690614123%7CMCIDTS%7C19533%7CMCMID%7C85588749483917655190091532871198301400%7CMCAAMLH-1688180980%7C6%7CMCAAMB-1688180980%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1687583380s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19540%7CvVersion%7C3.1.0 |
|
.denniscordray.com/ | Name: AAMC_statefarmmutualautomobileinsurancecompany_0 Value: REGION%7C6 |
|
.denniscordray.com/ | Name: aam_uuid Value: 90149471049479817790763797066239842052 |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUn5tl2BCNdP6WEIsqguNiDEuIQEqsrhGBoN7yS3bTGKGiC6FWOrisKU5DCE0rY |
|
denniscordray.com/ | Name: keen Value: {%22uuid%22:%2239a7d2af-987e-4311-a999-c0a009d2e287%22%2C%22initialReferrer%22:null} |
|
.demdex.net/ | Name: dextp Value: 60-1-1687576180918|771-1-1687576181020|903-1-1687576181122|30646-1-1687576181223|66757-1-1687576181324 |
|
.yahoo.com/ | Name: A3 Value: d=AQABBHVelmQCEM6324fWojM3pQVj-IucRIMFEv__AP8AAAAAAOAXyiMAAAAAgA&S=AQAAAviovw3QAwrxqTJK0n4IwfM |
|
.krxd.net/ | Name: _kuid_ Value: PojhaJjC |
|
.denniscordray.com/ | Name: _gcl_au Value: 1.1.1715180541.1687576183 |
|
.denniscordray.com/ | Name: _fbp Value: fb.1.1687576183078.503367852 |
|
.denniscordray.com/ | Name: _pin_unauth Value: dWlkPU1HWmxaVEkxWVdRdE9URmtNUzAwTVdFMUxUZzBNekF0WkdNM09USXdPR1JpTVRsaA |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
11264551.fls.doubleclick.net
adservice.google.com
beacon.krxd.net
cm.everesttech.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
ct.pinterest.com
denniscordray.com
dpm.demdex.net
ephemera.mirus.io
idsync.rlcdn.com
insight.adsrvr.org
js.adsrvr.org
match.adsrvr.org
nexus.ensighten.com
peachy.prod.mirus.io
s.pinimg.com
smetrics.statefarm.com
statefarmmutualautomobileinsurancecompany.demdex.net
ups.analytics.yahoo.com
usermatch.krxd.net
www.facebook.com
www.googletagmanager.com
104.198.70.133
108.138.15.119
142.250.186.166
142.250.186.66
151.101.128.84
212.82.100.182
2a00:1450:4001:809::2002
2a00:1450:4001:827::2008
2a02:26f0:7100:8a8::1931
2a03:2880:f080:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a09:8280:1::1ce
3.219.198.131
3.71.149.231
34.249.242.252
34.254.148.66
34.69.219.172
35.244.174.68
35.71.131.137
52.208.93.119
52.49.138.0
63.140.62.160
99.84.88.42
0063ead0fc6b4ddafaf004c17771309a5931249b36c40781ced840a776b9755b
019cc0af7609ed3585de9fcdab04c9925163b592a5d369e4ff243480a82048d1
05bbdddeb7ffcd6c30dbccc889252ed44e81cc0f4ba52aca567dc541e6317e82
0dbf29032422c53a56ca00fbb4f82ef5caaf271fbc38cac33c40470293b5e57d
159ec23a6b35726aca57348e6615a6db4fa63c8bb12490cca4d260c8e05f9434
17eaa7db64a8a06f909a8bc130de5e6e1900dd26319990a619f92cfc40bb51be
1ad2c33eb993b68e3ec453490319b6103410c136cb6c0467cf7ad1a655b232f7
21d4a80744b439cb8dd504b6d5f1dd6fd9fe1ddcca9e46ab98d156f51e893c1b
2216372d2a6897645afcb7e85c421692de98fb7343399ce1e60947f109247e0f
26df32186ef5334a60cc1d305d161d0999c960b103341beda6064ce4f75c409b
2aa7b2df9307ad7122d68712d762bc14eecb5a214408cc3b9d16aa53ceb5ada2
2ec75106b4f1d8f462d2b9288513b52774c8baffa1127327896e09f3f2a4418d
3520d5b3e5b6e9df3351baca2d6d0bc8e9f3e1d273ba81decfa08d76854e5136
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3a1d18e1a9b8513dbd3e41562b1b9850617c8395557708ef51b875e60e9d9714
3a9d9fe5adbfc5fb082c5fd7ae9e1cbc7883e48b519c6414bf7f737dc7c33d73
452142b3ddf609268cc9e35391334d0043b4b2f7e6fe1e02240346bbdb0957c4
50f413502236be37797a1c4d60f65f9aac355677c5c3cbe6b0513212ecc180d1
5264432de13e06f79c4279b286e2026b93519c21a62058bcceabad4d84c5b3cb
584bbf6835718b424114a9b4bc335233b42b1a76cc43649f3a1894d6aab4bb67
586ce2550ab41fab373e892fabbec4d971dc8bdde4a7cbe338518887e842cb01
5cca16f85c6a40f7ea6ca088b90e94c1373056aa39cd8cd6e1ab936802dcc4ec
5d0f0407096d756184fee3329b904656d444a8a256b8fa9948caed8d70c10ece
621979ac3f2e3250fa99991adb00542da4442c26b67a5c61919e9612f984d55f
653d04364b0972444f4d87064a25f92fb31bd9e4db366cf5f867ee1ba482c253
65ef278e30afbed983418a214b2416651cd3ec093d648bb716d244e292f68965
70631bd26463dec237c04979288c57bf8566dd8c0590a30ed5760454e102df2d
734c888b490f0e385eca51abdc568dcb368b8c24d728c06e2acb5b4002f22c24
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
891eec21df42d40440bc9c3dee3aa2dda8ada02102865925b7edc7e4802f46f6
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8fc77b9318feeba56c0e0247073788cdc79bd410708402cc49b84c35a26d69b5
973f4bd7a8e9e28fe83cba90ad03d9bd09c07c6e38dc030be143ba5aaf4a9fb1
a625b6c6b53519e2d3ade793f54a6a8793b3be99b26dd25566f8d6edcc8a7fc8
a7e77c4ed00585a08b390d1459cb0358c5b5934caaaf983abd8f28ebadb832c6
af5760389b50f3fc6abb53180e3d83603df33ce34b56590789d225946f4fdf22
b66edfea76b7b2a5f1c3910d9b908601c0cd551310e7ba703b7b1f7527fadd96
b88addf5d189908f4b2a0e7d3f4a76a231a1de9b0affda6ca6953b8bee5965b8
bbc295f6fac3f15948aeb6d5c4d8f36a9b7f623eea173950770cd6fa9f91d1f6
befea78b20324739582ae2458e7b3677fd4ac77acbf60aaeb476e4fcd84e58b1
cfdc9706fe9b9ba84f87bb05a4c67a4c8dcc52297179fd44e00052e835cc9196
d38f7a25f1f8ea8a1878ea7c350e875cbd5dc89a9e19676b7098c027ef84eb13
d599ac64a683a6635e83ae06b947627fe995fedd193bda8d544f432d42a985aa
d5d846af69ae21888fb1575b889710f4e04e4eaa53cda328a9776582afc6a3a2
d835ef5a85deb9cccbe7c01f71fa555d72c25b49f07368645fba6022d79273a5
d98509f5351c7f8a41a5aa749a3ca3e1fe31984a4e8dddbe436508e69b77434e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef5e31e6fabf2c50c04f7e1d145057a291019705f23a8aa5c3b42ce0770d03af
f7cfb4cdf7425a86aa1490beb9d30512d3e8e34060923296ca9f2b6a9d987c2e
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
febd02fe012bc36b660ce777116be771782d1d32e3c4db82314b1fd9f0cfec9b