shift.com
Open in
urlscan Pro
151.101.130.132
Public Scan
Effective URL: https://shift.com/
Submission: On March 04 via api from US
Summary
TLS certificate: Issued by R3 on March 1st 2021. Valid for: 3 months.
This is the only time shift.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN16509 (AMAZON-02, US)
PTR: server-13-225-81-108.fra2.r.cloudfront.net
www.datadoghq-browser-agent.com |
ASN15169 (GOOGLE, US)
PTR: 192.125.201.35.bc.googleusercontent.com
cdn.bc0a.com |
ASN15169 (GOOGLE, US)
PTR: 179.153.244.35.bc.googleusercontent.com
ixfd-api.bc0a.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-140-77.compute-1.amazonaws.com
t.getletterpress.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-11-29-5.eu-west-2.compute.amazonaws.com
aa.agkn.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-169.fra2.r.cloudfront.net
cdn.amplitude.com |
ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-121.deploy.static.akamaitechnologies.com
s.adroll.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
PTR: 186.112.201.35.bc.googleusercontent.com
edge.fullstory.com |
ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net
www.googleadservices.com |
ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net
9857906.fls.doubleclick.net |
ASN16509 (AMAZON-02, US)
d2hrivdxn8ekm8.cloudfront.net |
ASN54113 (FASTLY, US)
67d7af968723443bbb2bc0f344ecea48.js.ubembed.com |
ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com
rs.fullstory.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-31-194.eu-west-1.compute.amazonaws.com
d.adroll.mgr.consensu.org |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-74-23-153.eu-west-1.compute.amazonaws.com
d.adroll.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-218-118-19.us-west-2.compute.amazonaws.com
api.amplitude.com |
ASN14618 (AMAZON-AES, US)
rum-http-intake.logs.datadoghq.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-15.fra2.r.cloudfront.net
dvqigh9b7wa32.cloudfront.net |
ASN16509 (AMAZON-02, US)
d330aiyvva2oww.cloudfront.net |
ASN16509 (AMAZON-02, US)
d1lu3pmaz2ilpx.cloudfront.net |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-90-127.fra50.r.cloudfront.net
assets.ubembed.com |
Domain | Requested by | |
---|---|---|
7 | shift.com |
shift.com
|
4 | s.adroll.com |
1 redirects
shift.com
s.adroll.com |
4 | fonts.gstatic.com |
fonts.googleapis.com
|
3 | d1lu3pmaz2ilpx.cloudfront.net |
www.datadoghq-browser-agent.com
|
3 | www.facebook.com | |
3 | rs.fullstory.com |
www.datadoghq-browser-agent.com
|
3 | bat.bing.com |
shift.com
|
3 | connect.facebook.net |
shift.com
connect.facebook.net |
2 | www.google.de | |
2 | www.google.com | 1 redirects |
2 | googleads.g.doubleclick.net |
1 redirects
www.googleadservices.com
|
2 | rum-http-intake.logs.datadoghq.com |
www.datadoghq-browser-agent.com
|
2 | api.amplitude.com |
www.datadoghq-browser-agent.com
|
2 | 9857906.fls.doubleclick.net |
1 redirects
www.googletagmanager.com
|
2 | www.googleadservices.com |
shift.com
www.googleadservices.com |
2 | analytics1-api.shift.com |
www.datadoghq-browser-agent.com
|
2 | t.getletterpress.com |
www.datadoghq-browser-agent.com
|
2 | fonts.googleapis.com |
shift.com
|
1 | adservice.google.de |
adservice.google.com
|
1 | adservice.google.com |
9857906.fls.doubleclick.net
|
1 | assets.ubembed.com |
67d7af968723443bbb2bc0f344ecea48.js.ubembed.com
|
1 | d330aiyvva2oww.cloudfront.net |
www.datadoghq-browser-agent.com
|
1 | dvqigh9b7wa32.cloudfront.net |
www.datadoghq-browser-agent.com
|
1 | d.adroll.com | |
1 | d.adroll.mgr.consensu.org | 1 redirects |
1 | pt.ispot.tv | |
1 | 67d7af968723443bbb2bc0f344ecea48.js.ubembed.com |
www.googletagmanager.com
|
1 | d2hrivdxn8ekm8.cloudfront.net |
shift.com
|
1 | g.microsoft.com |
bat.bing.com
|
1 | edge.fullstory.com |
shift.com
|
1 | www.googletagmanager.com |
shift.com
|
1 | cdn.amplitude.com |
shift.com
|
1 | aa.agkn.com | |
1 | d18p8z0ptb8qab.cloudfront.net |
shift.com
|
1 | ixfd-api.bc0a.com |
www.datadoghq-browser-agent.com
|
1 | cdn.bc0a.com |
shift.com
|
1 | shiftcars1.imgix.net |
shift.com
|
1 | www.datadoghq-browser-agent.com |
shift.com
|
1 | www.shift.com | 1 redirects |
65 | 39 |
This site contains links to these domains. Also see Links.
Domain |
---|
blog.shift.com |
support.shift.com |
investors.shift.com |
www.facebook.com |
twitter.com |
www.linkedin.com |
www.instagram.com |
www.youtube.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
shift.com R3 |
2021-03-01 - 2021-05-30 |
3 months | crt.sh |
*.datadoghq-browser-agent.com Sectigo RSA Domain Validation Secure Server CA |
2019-04-08 - 2021-04-07 |
2 years | crt.sh |
upload.video.google.com GTS CA 1O1 |
2021-01-26 - 2021-04-20 |
3 months | crt.sh |
imgix.map.fastly.net GlobalSign CloudSSL CA - SHA256 - G3 |
2020-08-06 - 2021-08-07 |
a year | crt.sh |
*.gstatic.com GTS CA 1O1 |
2021-02-17 - 2021-05-12 |
3 months | crt.sh |
cdn.bc0a.com GTS CA 1D2 |
2021-02-26 - 2021-05-27 |
3 months | crt.sh |
ixfd-api.bc0a.com GTS CA 1D2 |
2021-03-04 - 2021-06-02 |
3 months | crt.sh |
*.cloudfront.net DigiCert Global CA G2 |
2020-05-26 - 2021-04-21 |
a year | crt.sh |
t.getletterpress.com Amazon |
2020-04-03 - 2021-05-03 |
a year | crt.sh |
*.agkn.com RapidSSL RSA CA 2018 |
2020-07-25 - 2022-09-18 |
2 years | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-08-07 - 2021-08-07 |
a year | crt.sh |
cdn.amplitude.com Amazon |
2020-11-18 - 2021-12-17 |
a year | crt.sh |
*.adroll.com DigiCert SHA2 Secure Server CA |
2020-01-29 - 2021-04-29 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2021-02-10 - 2021-05-10 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2021-02-17 - 2021-05-12 |
3 months | crt.sh |
edge.fullstory.com GTS CA 1D2 |
2021-02-23 - 2021-05-24 |
3 months | crt.sh |
www.bing.com Microsoft RSA TLS CA 02 |
2021-01-19 - 2021-07-19 |
6 months | crt.sh |
www.googleadservices.com GTS CA 1O1 |
2021-02-17 - 2021-05-12 |
3 months | crt.sh |
g.msn.com Microsoft RSA TLS CA 01 |
2020-10-06 - 2021-10-06 |
a year | crt.sh |
*.doubleclick.net GTS CA 1O1 |
2021-02-17 - 2021-05-12 |
3 months | crt.sh |
z.ssl.fastly.net GlobalSign CloudSSL CA - SHA256 - G3 |
2020-09-02 - 2021-04-23 |
8 months | crt.sh |
*.ispot.tv R3 |
2021-01-24 - 2021-04-24 |
3 months | crt.sh |
*.fullstory.com R3 |
2021-01-28 - 2021-04-28 |
3 months | crt.sh |
adroll.mgr.consensu.org Amazon |
2020-10-08 - 2021-11-07 |
a year | crt.sh |
*.amplitude.com COMODO RSA Domain Validation Secure Server CA |
2020-02-18 - 2022-02-13 |
2 years | crt.sh |
*.logs.datadoghq.com Sectigo RSA Domain Validation Secure Server CA |
2020-05-31 - 2022-05-31 |
2 years | crt.sh |
*.googleadservices.com GTS CA 1O1 |
2021-01-26 - 2021-04-20 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2021-01-26 - 2021-04-20 |
3 months | crt.sh |
assets.ubembed.com Amazon |
2020-04-04 - 2021-05-04 |
a year | crt.sh |
www.google.com GTS CA 1O1 |
2021-02-17 - 2021-05-12 |
3 months | crt.sh |
www.google.de GTS CA 1O1 |
2021-02-17 - 2021-05-12 |
3 months | crt.sh |
*.google.com GTS CA 1O1 |
2021-01-26 - 2021-04-20 |
3 months | crt.sh |
*.google.de GTS CA 1O1 |
2021-01-26 - 2021-04-20 |
3 months | crt.sh |
This page contains 4 frames:
Primary Page:
https://shift.com/
Frame ID: 147514B373808DAB0B7F8419802DCD6A
Requests: 61 HTTP requests in this frame
Frame:
https://9857906.fls.doubleclick.net/activityi;dc_pre=CNjqjqzBlu8CFfgOBgAdjbQCGQ;src=9857906;type=sitew0;cat=shift0;ord=2010077103128;gtm=2wg2o0;auiddc=1999550964.1614856525;~oref=https%3A%2F%2Fshift.com%2F
Frame ID: 123F826027E33AB4E2ADC90208CF17A7
Requests: 1 HTTP requests in this frame
Frame:
https://adservice.google.com/ddm/fls/i/dc_pre=CNjqjqzBlu8CFfgOBgAdjbQCGQ;src=9857906;type=sitew0;cat=shift0;ord=2010077103128;gtm=2wg2o0;auiddc=1999550964.1614856525;~oref=https%3A%2F%2Fshift.com%2F
Frame ID: 0D9E23E8086F623A42F65190E63A1B73
Requests: 1 HTTP requests in this frame
Frame:
https://adservice.google.de/ddm/fls/i/dc_pre=CNjqjqzBlu8CFfgOBgAdjbQCGQ;src=9857906;type=sitew0;cat=shift0;ord=2010077103128;gtm=2wg2o0;auiddc=1999550964.1614856525;~oref=https%3A%2F%2Fshift.com%2F
Frame ID: 0F8BACA4317CBA1940BE0B374DB869EF
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://www.shift.com/
HTTP 301
https://shift.com/ Page URL
Detected technologies
Varnish (Cache Tools) ExpandDetected patterns
- headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i
Page Statistics
9 Outgoing links
These are links going to different origins than the main page.
Title: Blog
Search URL Search Domain Scan URL
Title: FAQ
Search URL Search Domain Scan URL
Title: Learn more
Search URL Search Domain Scan URL
Title: Investor relations
Search URL Search Domain Scan URL
Title: Facebook Logo
Search URL Search Domain Scan URL
Title: Twitter Logo
Search URL Search Domain Scan URL
Title: LinkedIn Logo
Search URL Search Domain Scan URL
Title: Instagram Logo
Search URL Search Domain Scan URL
Title: Youtube Logo
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.shift.com/
HTTP 301
https://shift.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 34- https://9857906.fls.doubleclick.net/activityi;src=9857906;type=sitew0;cat=shift0;ord=2010077103128;gtm=2wg2o0;auiddc=1999550964.1614856525;~oref=https%3A%2F%2Fshift.com%2F HTTP 302
- https://9857906.fls.doubleclick.net/activityi;dc_pre=CNjqjqzBlu8CFfgOBgAdjbQCGQ;src=9857906;type=sitew0;cat=shift0;ord=2010077103128;gtm=2wg2o0;auiddc=1999550964.1614856525;~oref=https%3A%2F%2Fshift.com%2F
- https://s.adroll.com/j/exp/NUOJO4NABVCOZEGYYR3XDH/index.js HTTP 302
- https://s.adroll.com/j/exp/index.js
- https://d.adroll.mgr.consensu.org/consent/iabcheck/NUOJO4NABVCOZEGYYR3XDH?_s=6cd64ffdb83dec0ca16cedbfa04f616a&_b=2 HTTP 302
- https://d.adroll.com/consent/check/NUOJO4NABVCOZEGYYR3XDH/?_s=6cd64ffdb83dec0ca16cedbfa04f616a&_b=2
- https://googleads.g.doubleclick.net/pagead/viewthroughconversion/937256742/?random=196901572&cv=9&fst=1614856524673&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fshift.com%2F&tiba=Shift%20%7C%20The%20completely%20reimagined%20way%20to%20buy%20or%20sell%20a%20used%20car&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=TMFAYPTPLIT2zQbwj5XgBw&sscte=1&crd= HTTP 302
- https://www.google.com/pagead/1p-conversion/937256742/?random=196901572&cv=9&fst=1614856524673&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fshift.com%2F&tiba=Shift%20%7C%20The%20completely%20reimagined%20way%20to%20buy%20or%20sell%20a%20used%20car&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=TMFAYPTPLIT2zQbwj5XgBw&cid=CAQSKQCNIrLM9mCLNNOiygMmLi6GceeyqQkTqnhjuDKNwj4SDXNJM0Uyj9pG&random=4046381442&resp=GooglemKTybQhCsO HTTP 302
- https://www.google.de/pagead/1p-conversion/937256742/?random=196901572&cv=9&fst=1614856524673&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fshift.com%2F&tiba=Shift%20%7C%20The%20completely%20reimagined%20way%20to%20buy%20or%20sell%20a%20used%20car&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=TMFAYPTPLIT2zQbwj5XgBw&cid=CAQSKQCNIrLM9mCLNNOiygMmLi6GceeyqQkTqnhjuDKNwj4SDXNJM0Uyj9pG&random=4046381442&resp=GooglemKTybQhCsO&ipr=y
65 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
shift.com/ Redirect Chain
|
176 KB 56 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
consumer-v2-global_131d501d812a970322a8.css
shift.com/styles/ |
23 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
consumer-v2-app_acc8bbfbf162e3bfc227.css
shift.com/styles/ |
41 B 185 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
consumer-v2-home_018e2d348e9c91e3c133.css
shift.com/styles/ |
34 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
consumer-v2-app_acc8bbfbf162e3bfc227.bundle.js
shift.com/scripts/ |
217 KB 68 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
consumer-v2-home_018e2d348e9c91e3c133.bundle.js
shift.com/scripts/ |
221 KB 78 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
datadog-rum.js
www.datadoghq-browser-agent.com/ |
58 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
1 KB 538 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
6 KB 764 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
homepage_bmw_transparent.png
shiftcars1.imgix.net/static/ |
53 KB 53 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v15/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
autopilot_sdk.js
cdn.bc0a.com/autopilot/f00000000215138/ |
46 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
01630949175
ixfd-api.bc0a.com/api/ixf/1.0.0/get_capsule/f00000000215138/ |
3 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lp.js
d18p8z0ptb8qab.cloudfront.net/ |
100 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.min.js
shift.com/clientapi/consumer/get_segment_js_1/oD9PafeNRrJRbC3NL41R8DgV8SANLDZ9/ |
458 KB 99 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
tp2
t.getletterpress.com/com.snowplowanalytics.snowplow/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
tp2
t.getletterpress.com/com.snowplowanalytics.snowplow/ |
2 B 316 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
g.pixel
aa.agkn.com/adscores/ |
43 B 349 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
p
analytics1-api.shift.com/v1/ |
21 B 378 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
t
analytics1-api.shift.com/v1/ |
21 B 101 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
amplitude-5.2.2-min.gz.js
cdn.amplitude.com/libs/ |
54 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
roundtrip.js
s.adroll.com/j/ |
40 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
91 KB 25 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
160 KB 50 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fs.js
edge.fullstory.com/s/ |
201 KB 61 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bat.js
bat.bing.com/ |
28 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
32 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
identity.js
connect.facebook.net/signals/plugins/ |
11 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
710765445673763
connect.facebook.net/signals/config/ |
242 KB 69 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0
g.microsoft.com/clarity/ |
0 355 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0
bat.bing.com/action/ |
0 171 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0
bat.bing.com/action/ |
0 94 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
activityi;dc_pre=CNjqjqzBlu8CFfgOBgAdjbQCGQ;src=9857906;type=sitew0;cat=shift0;ord=2010077103128;gtm=2wg2o0;auiddc=1999550964.1614856525;~oref=https%3A%2F%2Fshift.com%2F
9857906.fls.doubleclick.net/ Frame 123F Redirect Chain
|
474 B 982 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tracker-latest.min.js
d2hrivdxn8ekm8.cloudfront.net/ |
10 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
67d7af968723443bbb2bc0f344ecea48.js.ubembed.com/ |
25 KB 6 KB |
Script
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TC-3996-1.gif
pt.ispot.tv/v2/ |
43 B 314 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
page
rs.fullstory.com/rec/ |
3 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.js
s.adroll.com/j/exp/ Redirect Chain
|
28 B 747 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.js
s.adroll.com/j/pre/NUOJO4NABVCOZEGYYR3XDH/4WHX622MNRGCHMRESNXGEI/ |
0 773 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
d.adroll.com/consent/check/NUOJO4NABVCOZEGYYR3XDH/ Redirect Chain
|
395 B 488 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
api.amplitude.com/ |
7 B 168 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
pub513ea1c05bd6cb56c4396792406780bc
rum-http-intake.logs.datadoghq.com/v1/input/ |
2 B 94 B |
Other
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
/
www.googleadservices.com/pagead/conversion/937256742/ |
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/937256742/ |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 101 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 297 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5a28e627
dvqigh9b7wa32.cloudfront.net/ |
43 B 489 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5a28e627
d330aiyvva2oww.cloudfront.net/ |
43 B 492 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5a28e627
d1lu3pmaz2ilpx.cloudfront.net/ |
43 B 450 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5a28e627
d1lu3pmaz2ilpx.cloudfront.net/ |
43 B 450 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5a28e627
d1lu3pmaz2ilpx.cloudfront.net/ |
43 B 432 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bundle.js
assets.ubembed.com/universalscript/releases/v0.179.0/ |
162 KB 46 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/937256742/ |
42 B 340 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/937256742/ |
42 B 552 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dc_pre=CNjqjqzBlu8CFfgOBgAdjbQCGQ;src=9857906;type=sitew0;cat=shift0;ord=2010077103128;gtm=2wg2o0;auiddc=1999550964.1614856525;~oref=https%3A%2F%2Fshift.com%2F
adservice.google.com/ddm/fls/i/ Frame 0D9E |
473 B 853 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
/
www.google.de/pagead/1p-conversion/937256742/ Redirect Chain
|
42 B 530 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dc_pre=CNjqjqzBlu8CFfgOBgAdjbQCGQ;src=9857906;type=sitew0;cat=shift0;ord=2010077103128;gtm=2wg2o0;auiddc=1999550964.1614856525;~oref=https%3A%2F%2Fshift.com%2F
adservice.google.de/ddm/fls/i/ Frame 0F8B |
194 B 877 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
bundle
rs.fullstory.com/rec/ |
29 B 91 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 147 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
pub513ea1c05bd6cb56c4396792406780bc
rum-http-intake.logs.datadoghq.com/v1/input/ |
2 B 93 B |
Other
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
api.amplitude.com/ |
7 B 167 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
bundle
rs.fullstory.com/rec/ |
29 B 88 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
76 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| initDD object| LongTaskObserver function| haveDOMAndCSS number| useDD object| LUX object| LUX_ae object| LUX_al object| DD_RUM object| INITIAL_DATA object| PAGE_DATA string| APPLICATION_IDENTIFIER string| SENTRY_DSN object| webpackJsonp object| __core-js_shared__ object| __SENTRY__ object| regeneratorRuntime object| GlobalSnowplowNamespace function| letterpress object| _shiftAnalytics object| analytics object| _shiftEnvelope object| BEJSSDKObserver function| jsElementReady object| BEJSSDK object| BEIXF function| positionLinkBlock function| _typeof object| Snowplow object| core object| amplitude function| Tracktor string| adroll_adv_id string| adroll_pix_id boolean| __adroll_loaded function| _fbq function| fbq object| dataLayer boolean| _fs_debug string| _fs_host string| _fs_org string| _fs_namespace function| FS object| uetq function| normalize function| UET object| google_tag_manager object| google_tag_data object| tatari string| _fs_loaded function| _fs_shutdown string| adroll_sid object| __adroll boolean| adroll_optout object| adroll_ext_network object| adroll_callbacks function| adroll_tpc_callback function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| ube boolean| __adroll_consent boolean| __adroll_consent_is_gdpr object| __adroll_consent_data string| __adroll_consent_user_country string| __adroll_consent_adv_country object| adroll_exp_list3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
shift.com/ | Name: _dd_s Value: rum=1&id=3af2e9d7-fcf9-4e33-84cc-a52321896f2d&created=1614856523809&expire=1614857423809 |
|
shift.com/ | Name: ajs_anonymous_id Value: %22e768ca47-f367-42f3-a8fc-2d9517d4ef85%22 |
|
shift.com/ | Name: session Value: MTYxNDg1NjUyM3xSaFVJWHVGemEtR20tcnBXNjR0REFwaE9vNnk5cmRZckRJMVp5WVhzZl90SGktc2ktMkc0LXRGVVpDQXZTS1BXb2xxdWdtSnFOVHZ6NVpmS2dDMDlBMlVKLTlEWWxPRDFWdTNwcjI3VTBpTWh4aWZKam4xbVBTMHh5R2w3SUpTZ3VYZF9Ec3R2VFVaUXZPUTh5NEphQW5wUlk5SzE0T2FiWHJ1MGh3cm41Mmw3dVlTenkxOD185A7cJ7zsr5mSuguxnfkFACqbwfEM25Hykmc0Y71q0UI= |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
67d7af968723443bbb2bc0f344ecea48.js.ubembed.com
9857906.fls.doubleclick.net
aa.agkn.com
adservice.google.com
adservice.google.de
analytics1-api.shift.com
api.amplitude.com
assets.ubembed.com
bat.bing.com
cdn.amplitude.com
cdn.bc0a.com
connect.facebook.net
d.adroll.com
d.adroll.mgr.consensu.org
d18p8z0ptb8qab.cloudfront.net
d1lu3pmaz2ilpx.cloudfront.net
d2hrivdxn8ekm8.cloudfront.net
d330aiyvva2oww.cloudfront.net
dvqigh9b7wa32.cloudfront.net
edge.fullstory.com
fonts.googleapis.com
fonts.gstatic.com
g.microsoft.com
googleads.g.doubleclick.net
ixfd-api.bc0a.com
pt.ispot.tv
rs.fullstory.com
rum-http-intake.logs.datadoghq.com
s.adroll.com
shift.com
shiftcars1.imgix.net
t.getletterpress.com
www.datadoghq-browser-agent.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.shift.com
13.224.194.15
13.224.194.169
13.225.81.108
142.250.185.70
143.204.90.127
151.101.130.132
151.101.193.131
151.101.194.132
216.58.212.130
23.218.208.121
2600:1f18:24e6:b901:8eb0:c6d:980f:8a5a
2600:9000:206f:7400:17:f683:1d40:21
2600:9000:20eb:5600:3:760:2800:21
2600:9000:2156:7200:17:3f5c:f800:21
2606:4700:10::6816:42d2
2620:1ec:c11::200
2a00:1450:4001:800::200a
2a00:1450:4001:803::2003
2a00:1450:4001:808::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:813::2004
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2003
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:1b::720
3.11.29.5
3.209.140.77
34.218.118.19
35.186.194.58
35.201.112.186
35.201.125.192
35.244.153.179
52.142.114.176
52.48.31.194
54.74.23.153
65.9.67.142
0227e0e4dea130eb6f3163aa3ab03720dce83a0e219c282189b03bc5b8a727e3
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
09f49ab50532b9e86ddaefc508ba615a1967a00e2453ed8ab6462605c9f95d64
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0fadbe1e06ca947cfe99260be96d47e427e047adb36abc1569b6650969de845c
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12c182334587c6874b1e78915983109cca8ab3657eb3ead8e04503e98a0067d7
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
14b0a4c94fb7ee8443e71efe38f829ccc409dd87e20babe5ebbc28c8a623dc07
19f963477dd5531231189d16f7ee7a29cd0b7ff20a57eceb8e503ab556705b12
2173f130ca59dc5554498343432f02f92ecce45c4f9381ea12b203a2978f33d4
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2c20051eda9418c887668afa0466a538d88521b772315c67ec6e63b3ebe2fc0a
35eb752a28e1c8a5f58c50b67ec0dc7fcb761c3fd3cce4d44ec899185d2b8bc5
38a40c145e6f8f92f49a1f86941f306089a78baaae99ba8de7acfa32155a6508
38dbed5c964e493b146496ff0e87ac4f0527dd0ead0a7e9ac9fa4bebc56e87ae
3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66
3f8e1aa48d2fa14d77bb76ecd9b9907dfe5018b8d499e5e03631df6a3085e008
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
67308ca7840558dd3126891677ef7b9f4d9004324ddd5684b2d2dc1368bfbc4c
6b4cb8b593e3f89c4985b73696ed1d9d1afbf7cc0fdd465ac0d79367ffd7387d
703177a682c79113fecf7fa2c0dbe0d8849cd0c84cabdb551a974bf710eeb229
7e39c9fec0ba502a85b2dee37cb740cd5014f126b6443c2cb9bbed1afa59f9b3
9433ae164344a383bafc107f85af5adf41214daebd80ff984cc8100539ad566a
959c3f8167eb03094ab1c686f2c90b97820e7ba360592096194401508fe8e56a
96b132f4e759fb38dd07589999ffeaadad04a5cace5bc234ff2ce1718ba58b4d
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
a65043453c51b8bedc3fc34f7539b177204372a5a50243fd5d902772b0744d80
ad7b1d75d37ac467b12a3ed07149e1455d914322ba93c6f885c7af427d2e50a1
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
aef23deda339b41ec1128bd29fb926bd6b5317b06583cfe713da67ae9db605ba
b643399710767e220dd2e5da8ae4ea284d8b7f1e936b50d77c2512d68d62ae98
b7420039cb6a68619a3b155d9d9011658987e6e4506284e6c5eb6efd8fd3fd0f
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
bbb4cc2dcde1b446e1e944793a5cb11ff8dcec18fd942a49d6161c6750daf396
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cd73bd2af9490bf3048dd914756575661baf5d71388f77064dac7f7fe91d359d
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
cfb127f1430558e50b411e501dbfd1604fcb0a2429ebf156324f6ea511195606
d3656b21d89e9e695671a4124d067655cbbc09add351f7d4c27a3645f562d254
d809002d645673b557b6a9b24e19656b332fec32784822d4ece44a905dc441a0
d80a4d4e7eb30d67603cd1c42ecc6e047ad1f599944e499c4b141f680842ac64
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6d378a81bb27c4e407790f0d2ae5aa330dc9d7ea6dbe464284d27797728975c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0ea1a730cefced5143502ba054dbbd2d84382a2b24a17cae1f42ebfd898f87c
f4f3638033b7d011cbd07e2922b54aff78ef31d11170da10c31c24beebc33ae1
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52