![](/screenshots/6065a418-95f3-4005-88f2-69e4022150dc.png)
rustygriswold.ca
Open in
urlscan Pro
104.18.153.16
Public Scan
Submission Tags: phishingrod
Submission: On February 14 via api from DE — Scanned from CA
Summary
TLS certificate: Issued by GTS CA 1P5 on December 16th 2023. Valid for: 3 months.
This is the only time rustygriswold.ca was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
16 | 104.18.153.16 104.18.153.16 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 142.251.167.97 142.251.167.97 | 15169 (GOOGLE) (GOOGLE) | |
11 | 172.253.63.155 172.253.63.155 | 15169 (GOOGLE) (GOOGLE) | |
1 | 216.239.38.181 216.239.38.181 | 15169 (GOOGLE) (GOOGLE) | |
1 | 142.250.31.155 142.250.31.155 | 15169 (GOOGLE) (GOOGLE) | |
1 | 142.250.31.94 142.250.31.94 | 15169 (GOOGLE) (GOOGLE) | |
1 6 | 142.251.16.157 142.251.16.157 | 15169 (GOOGLE) (GOOGLE) | |
13 | 172.253.63.113 172.253.63.113 | 15169 (GOOGLE) (GOOGLE) | |
8 | 172.253.122.132 172.253.122.132 | 15169 (GOOGLE) (GOOGLE) | |
1 2 | 172.253.63.147 172.253.63.147 | 15169 (GOOGLE) (GOOGLE) | |
2 | 142.251.163.155 142.251.163.155 | 15169 (GOOGLE) (GOOGLE) | |
60 | 12 |
ASN15169 (GOOGLE, US)
PTR: ww-in-f97.1e100.net
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
PTR: bi-in-f155.1e100.net
pagead2.googlesyndication.com |
ASN15169 (GOOGLE, US)
PTR: bj-in-f155.1e100.net
stats.g.doubleclick.net |
ASN15169 (GOOGLE, US)
PTR: bj-in-f94.1e100.net
www.google.ca |
ASN15169 (GOOGLE, US)
PTR: bl-in-f157.1e100.net
googleads.g.doubleclick.net |
ASN15169 (GOOGLE, US)
PTR: bi-in-f113.1e100.net
fundingchoicesmessages.google.com |
ASN15169 (GOOGLE, US)
PTR: bh-in-f132.1e100.net
tpc.googlesyndication.com |
ASN15169 (GOOGLE, US)
PTR: wv-in-f155.1e100.net
www.googleadservices.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
19 |
googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 120 tpc.googlesyndication.com — Cisco Umbrella Rank: 158 |
482 KB |
16 |
google.com
1 redirects
analytics.google.com — Cisco Umbrella Rank: 177 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 659 www.google.com — Cisco Umbrella Rank: 2 |
74 KB |
16 |
rustygriswold.ca
rustygriswold.ca |
371 KB |
7 |
doubleclick.net
1 redirects
stats.g.doubleclick.net — Cisco Umbrella Rank: 113 googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 |
53 KB |
2 |
googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 141 |
|
1 |
google.ca
www.google.ca — Cisco Umbrella Rank: 8927 |
408 B |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 52 |
93 KB |
60 | 7 |
Domain | Requested by | |
---|---|---|
16 | rustygriswold.ca |
rustygriswold.ca
|
13 | fundingchoicesmessages.google.com |
pagead2.googlesyndication.com
|
11 | pagead2.googlesyndication.com |
rustygriswold.ca
pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com |
8 | tpc.googlesyndication.com |
pagead2.googlesyndication.com
tpc.googlesyndication.com googleads.g.doubleclick.net |
6 | googleads.g.doubleclick.net |
1 redirects
pagead2.googlesyndication.com
googleads.g.doubleclick.net |
2 | www.googleadservices.com | |
2 | www.google.com |
1 redirects
tpc.googlesyndication.com
|
1 | www.google.ca |
rustygriswold.ca
|
1 | stats.g.doubleclick.net |
www.googletagmanager.com
|
1 | analytics.google.com |
www.googletagmanager.com
|
1 | www.googletagmanager.com |
rustygriswold.ca
|
60 | 11 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.facebook.com |
twitter.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
rustygriswold.ca GTS CA 1P5 |
2023-12-16 - 2024-03-15 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2024-01-09 - 2024-04-02 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2024-01-09 - 2024-04-02 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2024-01-09 - 2024-04-02 |
3 months | crt.sh |
*.google.ca GTS CA 1C3 |
2024-01-09 - 2024-04-02 |
3 months | crt.sh |
tpc.googlesyndication.com GTS CA 1C3 |
2024-01-09 - 2024-04-02 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2024-01-09 - 2024-04-02 |
3 months | crt.sh |
www.googleadservices.com GTS CA 1C3 |
2024-01-09 - 2024-04-02 |
3 months | crt.sh |
This page contains 8 frames:
Primary Page:
https://rustygriswold.ca/
Frame ID: 090EC86FD4C87FD867FD1A6E3D5F2510
Requests: 48 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20240212/r20190131/zrt_lookup_fy2021.html
Frame ID: F18A9965817600272C048B72569A67CC
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5452915446355382&output=html&adk=1812271804&adf=3025194257&lmt=1707589931&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x945_l%7C140x945_r&format=0x0&url=https%3A%2F%2Frustygriswold.ca%2F&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=1&asro=0&aseiel=1~2~4~6~8~16~18&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707939578162&bpp=6&bdt=1382&idt=312&shv=r20240212&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2404932100666&frm=20&pv=2&ga_vid=1525237716.1707939577&ga_sid=1707939579&ga_hid=310106695&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31081035%2C31081107%2C31081141%2C44798934%2C95324580%2C95325067%2C31081135%2C95322180%2C95320870%2C95324155%2C95324161%2C95325078&oid=2&pvsid=3342713618359800&tmod=1992038180&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=343
Frame ID: C8E51C93BE2B7F7F1743A044E65AA61D
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 04F6DCCD79587FD0F3E54CE915C5EB37
Requests: 10 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A9D2AC253CB7DBED56822C43CEDDB623
Requests: 3 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/aframe
Frame ID: EF5606A4D5205B5F8E9C99B25336A81F
Requests: 2 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1660EE5F83AB1F5886F154B4C0499AC8
Requests: 2 HTTP requests in this frame
Frame:
https://pagead2.googlesyndication.com/bg/lNhlv5sea-oDTsdMVC1Eb9NbJKPPeymnKy6ovSZ5Mj0.js
Frame ID: 53B47CB6C126DA08D5ABBEE29707B144
Requests: 1 HTTP requests in this frame
Screenshot
![](/screenshots/6065a418-95f3-4005-88f2-69e4022150dc.png)
Page Title
Rusty Griswold Light Display – Illuminating your holidays with pixel lights, articles, tools, and recipes.Detected technologies
Detected patterns
- /wp-(?:content|includes)/
Detected patterns
- googlesyndication\.com/
Detected patterns
![](/vendor/wappa/icons/Google Tag Manager.png)
Detected patterns
- googletagmanager\.com/gtag/js
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 47- https://www.google.com/pagead/drt/ui HTTP 302
- https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
- https://googleads.g.doubleclick.net/pagead/adview?ai=CCTRZ-hbNZeH7IpDOo9kP6JKlmAW5ksmOVOy76ZLnEODmtq30FhABIJbk8IoBYP2gmYHoA6ABluuvzQPIAQKpAq2H9Lf6zag-qAMByAPJBKoE3AFP0EYUpUvfZFOCcPK0m1qqD8crJnXTAsg1v_pTXaPTPc7krrBKj9PA95wiCwC5OUyaY61XsWEAzgXL6k5E6e-VYHWpk34_oWAPPDE4RKF0mAP2B8zAmVy6vEUuD3j-IpIotc8CjmjZOoC6nmCe9piXqjplTk7E1VsHQwTDPlW28c5ypFe_3wuGGyVohfCASgwQCsq09RCXWZzafAMJROwGiJT_QbsWwn0WVWIQixfBOETuS6XpH0D8iLLSV8bzL40pZ4BynW8wZfxbHcXILbIT0qIYQCceQOxe9xANwASKu9iJQYgFipL7cZIFBAgEGAGSBQQIBRgEoAYCgAfSlNAyqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH1ckbqAemvhvYBwHyBwQQ2vUU0ggkCIBhEAEYHzICigI6CYBAgMCAgICgCEi9_cE6WNKgg9_Kq4QDmgkdaHR0cHM6Ly93d3cuZGVsaWdodGZvb3RzcGEuY2GACgHICwHaDBAKChDgzdi7r5DX_mcSAgED2BMC0BUBgBcBshccChoIABIUcHViLTU0NTI5MTU0NDYzNTUzODIYAA&sigh=Ji9NlsPukso&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwAvHhf_egWYNF37s-o7aFq6fw2o9zai2xAAUuFHfPYlMQU5t7xXYK66WoCohuQQF_1de0O_9L33poR8-AMpc4LRXBgWbhtND7tTki8NrT0YAQ&cbvp=2&vis=1&nis=5 HTTP 302
- https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x28a984963416f20a0000000000000000%22,%222%22:%220xcc917372d2a377260000000000000000%22,%223%22:%220xc1a758e776c5ed970000000000000000%22,%224%22:%220x82e7f22fc610e5820000000000000000%22,%225%22:%220x201a5fd3c55e3ff60000000000000000%22},%22debug_key%22:%225330579791983464281%22,%22debug_reporting%22:true,%22destination%22:%22https://delightfootspa.ca%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22967570838%22],%2222%22:[%22true%22],%224%22:[%2202-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228471498011626790465%22}&andc=true
60 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
rustygriswold.ca/ |
155 KB 27 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wpo-minify-header-c06332b3.min.css
rustygriswold.ca/wp-content/cache/wpo-minify/1707416990/assets/ |
472 KB 67 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wpo-minify-header-15f3209e.min.js
rustygriswold.ca/wp-content/cache/wpo-minify/1707416990/assets/ |
203 KB 72 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
270 KB 93 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
wpo-minify-header-45ee05e8.min.js
rustygriswold.ca/wp-content/cache/wpo-minify/1707416990/assets/ |
321 B 450 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ |
152 KB 51 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TransparentLogo.png
rustygriswold.ca/wp-content/uploads/2023/01/ |
37 KB 37 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
wpo-minify-footer-36505ce7.min.js
rustygriswold.ca/wp-content/cache/wpo-minify/1707416990/assets/ |
263 KB 78 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
wpo-minify-footer-f2681918.min.js
rustygriswold.ca/wp-content/cache/wpo-minify/1707416990/assets/ |
70 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
37 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
380 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
TransparentLogo-Copy-1-1024x318.png
rustygriswold.ca/wp-content/uploads/2023/01/ |
33 KB 33 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
RustyVidtoGif.mp4
rustygriswold.ca/wp-content/uploads/2023/12/ |
10 MB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
547 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
552 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
177 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
515 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
242 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
142.1345ea6b13b00771d513.js
rustygriswold.ca/wp-content/themes/blocksy/static/bundle/ |
7 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
chch-150x150.png
rustygriswold.ca/wp-content/uploads/2023/01/ |
6 KB 6 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
output-onlinejpgtools-2-150x150.png
rustygriswold.ca/wp-content/uploads/2023/01/ |
8 KB 8 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ctvtoronto-300x169.png
rustygriswold.ca/wp-content/uploads/2023/01/ |
9 KB 9 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
BurlingtonToday.com-Logo.jpg
rustygriswold.ca/wp-content/uploads/2023/01/ |
7 KB 7 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
text-editor.2c35aafbe5bf0e127950.bundle.min.js
rustygriswold.ca/wp-content/plugins/elementor/assets/js/ |
1 KB 851 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
video.fea4f8dfdf17262f23e8.bundle.min.js
rustygriswold.ca/wp-content/plugins/elementor/assets/js/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
195 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
analytics.google.com/g/ |
0 255 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 255 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.ca/ads/ |
42 B 408 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402120101/ |
406 KB 138 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240212/r20190131/ Frame F18A |
9 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ads
googleads.g.doubleclick.net/pagead/ Frame C8E5 |
134 KB 44 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar
pagead2.googlesyndication.com/getconfig/ |
16 KB 12 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402120101/ |
165 KB 56 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ca-pub-5452915446355382
fundingchoicesmessages.google.com/i/ |
182 KB 61 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar2.js
tpc.googlesyndication.com/sodar/ |
17 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/ Frame 04F6 |
9 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AGSKWxXkNQckoJtxBZ9lUvjb4WkeyHVaAyPhVZY0ek4yWSz71lZiHlBBE2Sz1j0jvya7rpb8phTu3KpWqCJgSGDvfR8R6HG1wKkwSRAkWasV4MCQ5qeofHei9_NfysYjvLNobRoY5A9N4w==
fundingchoicesmessages.google.com/f/ |
10 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A9D2 |
13 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aframe
www.google.com/recaptcha/api2/ Frame EF56 |
829 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240212/r20110914/ Frame 04F6 |
23 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
s
googleads.g.doubleclick.net/pagead/drt/ Frame 1660 |
143 B 166 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240212/r20110914/client/ Frame 04F6 |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240212/r20110914/client/ Frame 04F6 |
20 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
17897720544100133849
tpc.googlesyndication.com/simgad/ Frame 04F6 |
34 KB 35 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 04F6 |
204 KB 61 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240212/r20110914/client/ Frame 04F6 |
36 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js
pagead2.googlesyndication.com/bg/ Frame A9D2 |
39 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
si
googleads.g.doubleclick.net/pagead/drt/ Frame 1660 Redirect Chain
|
0 17 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 04F6 |
210 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.googleadservices.com/pagead/ar-adview/ Frame 04F6 Redirect Chain
|
0 0 |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ Frame EF56 |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
lNhlv5sea-oDTsdMVC1Eb9NbJKPPeymnKy6ovSZ5Mj0.js
pagead2.googlesyndication.com/bg/ Frame 53B4 |
51 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
generate_204
tpc.googlesyndication.com/ Frame A9D2 |
0 10 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
/
www.googleadservices.com/pagead/ar-adview/ Frame |
0 0 |
Preflight
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
banner_skyscraper.
fundingchoicesmessages.google.com/f/AGSKWxXSc7glMs4dfriycHn-AUsLpP7KG-YGCP0oytVGnWwVNrV5vGL69_saq7gsVlxTHUpy5zO3WJyO77VB0HZyHXfh3B0XxGQMleutAvbmcv4hcf5QnrkhK5iGdruomey284o8JbBJXzWp_vMiabEAhryfq6AZY... |
54 B 110 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ |
146 KB 50 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxXapD6pQQdehCXk7Ya7k3OUweTCpvoyEkEEVc6oYT8yO4cAZpSNs3ZcBU6OMVJ9hibW_9DrYW9s9ht595pK-MENKC7gnSJ_U73yhhhHnHhVpHfp35Bj_oC6CDtl2obgWSE8sFKowQ==
fundingchoicesmessages.google.com/el/ |
0 29 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxXapD6pQQdehCXk7Ya7k3OUweTCpvoyEkEEVc6oYT8yO4cAZpSNs3ZcBU6OMVJ9hibW_9DrYW9s9ht595pK-MENKC7gnSJ_U73yhhhHnHhVpHfp35Bj_oC6CDtl2obgWSE8sFKowQ==
fundingchoicesmessages.google.com/el/ |
0 29 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxXapD6pQQdehCXk7Ya7k3OUweTCpvoyEkEEVc6oYT8yO4cAZpSNs3ZcBU6OMVJ9hibW_9DrYW9s9ht595pK-MENKC7gnSJ_U73yhhhHnHhVpHfp35Bj_oC6CDtl2obgWSE8sFKowQ==
fundingchoicesmessages.google.com/el/ |
0 29 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxXapD6pQQdehCXk7Ya7k3OUweTCpvoyEkEEVc6oYT8yO4cAZpSNs3ZcBU6OMVJ9hibW_9DrYW9s9ht595pK-MENKC7gnSJ_U73yhhhHnHhVpHfp35Bj_oC6CDtl2obgWSE8sFKowQ==
fundingchoicesmessages.google.com/el/ |
0 29 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
AGSKWxX6nVDTPaA6G8duoNZ_pgwx1AC8R8sbYol2HDG7zso_t4a-x49DceQ9Ku8eeysy468EFmHK7BaLnR89NARk2mCE3Ts2KomVdJ6sUF0llQ13BIEa6ew_7TSqNfe-bBuhYanvsxQ49Q==
fundingchoicesmessages.google.com/f/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxXapD6pQQdehCXk7Ya7k3OUweTCpvoyEkEEVc6oYT8yO4cAZpSNs3ZcBU6OMVJ9hibW_9DrYW9s9ht595pK-MENKC7gnSJ_U73yhhhHnHhVpHfp35Bj_oC6CDtl2obgWSE8sFKowQ==
fundingchoicesmessages.google.com/el/ |
0 29 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
AGSKWxUsvXXWvZNjX7pL_0-S-r1KerOAiAmazbZTpn5rTTUwrSpJmumELe8uUbeBOj3WmF3eDT65MTg5_R-x_3Or2nTB1du9BzGVTxBpiPQpPK6UV0a1-xbE3vdj7JNtujOSSs6B599TRQ==
fundingchoicesmessages.google.com/f/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
AGSKWxWyjy8w9W8cMNwIwidafdmEioFFSM8I_kPvOyJefdQyL7xEvc6fqaRkz0T1FHO41pWs2SQwd957J6QZj78ggFAdHwN74GJwiJYXSBYaiWdAbfOMQ1CxvuRTzsWLG2QqpGNuLRYx5w==
fundingchoicesmessages.google.com/f/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxWVWBb_WSysPRkyGorBJiwlVUc1a3LJrOWrDrPDpcmWbrfTcluuh1vOw3d11ZCbWAC5DBYeljG_1ZBVe9RNcGueic7FqnLlX3DLeFZ79THMYJ0seRPwF_JeARxMZT6702flqsncKA==
fundingchoicesmessages.google.com/el/ |
0 29 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxXapD6pQQdehCXk7Ya7k3OUweTCpvoyEkEEVc6oYT8yO4cAZpSNs3ZcBU6OMVJ9hibW_9DrYW9s9ht595pK-MENKC7gnSJ_U73yhhhHnHhVpHfp35Bj_oC6CDtl2obgWSE8sFKowQ==
fundingchoicesmessages.google.com/el/ |
0 29 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
activeview
pagead2.googlesyndication.com/pcs/ Frame 04F6 |
42 B 64 B |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
90 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 function| gtag object| dataLayer function| WPO_Intersection_Observer object| WPO_LazyLoad object| starter_templates_zip_preview object| ct_localizations object| _wpUtilSettings object| wpformsElementorVars function| loadCSS function| Vue undefined| $ function| jQuery object| runtime object| regeneratorRuntime object| wp object| blocksyJsonP object| ctEvents object| blocksyResponsiveMenuCache object| ctFrontend object| webpackChunkelementor object| elementorModules function| Waypoint object| elementorFrontendConfig object| WPFormsElementorFrontend object| elementorFrontend function| _ object| google_tag_manager object| google_tag_data object| googletag function| onYouTubeIframeAPIReady object| gaGlobal object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| googlefc boolean| adsbygoogle_ama_fc_has_run object| GoogleGcLKhOms object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| YzIxMjY5YTU4ZmM4MjU0NWxvYWRlcl9qcw== string| YzIxMjY5YTU4ZmM4MjU0NWNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager boolean| __uspapiPostMessageReady object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady boolean| cd150034-c814-4eca-80b9-7e194befb5b5 object| google_image_requests9 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.rustygriswold.ca/ | Name: _ga Value: GA1.1.1525237716.1707939577 |
|
.rustygriswold.ca/ | Name: __gads Value: ID=9101b830fe414696:T=1707939578:RT=1707939578:S=ALNI_Mbp-3App2hvhF-lQH_xceB8pRZugA |
|
.rustygriswold.ca/ | Name: __gpi Value: UID=00000dc9ec5f8eba:T=1707939578:RT=1707939578:S=ALNI_Mal83avacN_1LiwxVmeObuI_OvFgA |
|
.rustygriswold.ca/ | Name: __eoi Value: ID=cf1437c1ba059500:T=1707939578:RT=1707939578:S=AA-Afjbhi1TQOOIoj-m_0BR3_KXo |
|
.rustygriswold.ca/ | Name: _ga_7TKVW5VVYW Value: GS1.1.1707939577.1.0.1707939579.58.0.0 |
|
.doubleclick.net/ | Name: DSID Value: NO_DATA |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUmyVjo7yWxFY5TYgnsbd1jXcDjx5uWject96NMaPeutGzDEWtKVuEsq8FFkhZg |
|
.googleadservices.com/ | Name: ar_debug Value: 1 |
|
.rustygriswold.ca/ | Name: FCNEC Value: %5B%5B%22AKsRol_yJXO8jYtatvrpzjIzR7VffUE0rAx_aFz6ez0qHidziT1e7xq16rFdvFZlT7R5e3oqehProJNAnfoFhoftK1DfVwrpRehRtpCYtQ5EXGVcxVpwPG5qu0i6NkTqBt3RDmPu5YOEfaVrh_nlVrF3zgAB4I8vWQ%3D%3D%22%5D%5D |
9 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
analytics.google.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
rustygriswold.ca
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
104.18.153.16
142.250.31.155
142.250.31.94
142.251.16.157
142.251.163.155
142.251.167.97
172.253.122.132
172.253.63.113
172.253.63.147
172.253.63.155
216.239.38.181
0263ae4f7e587123e23dd226393d624068f51722610bf0cb53c56c7e1e680ede
035b2f51c29af59094a68c9698c122c6d2b154a1fa556eb03f8a45ff1ae7a743
0c7260fac65e4f7ac5cf524f8ca96efd419cbb5a9b18a3e06e44c448581e9093
0d3d5dbea6d737f16120edf8964a395afb13f842a56824dd74dcd80d5fbdf403
11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94
12c9c9e4d1859f24294c39641290bd6e72c29798d3f9015c1c223e5e7d08379f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1cb51fa1405fab99ec51f01f228d000c32f4e72f8b388602117c4aa9ac05af8f
1cd6b08ca4ab8f8edc5d0a8995df2b62795048b31809efa131a85d73a3801321
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
21c2520c2ebee220cc82ad04fdd8ece4595830c58b7d9843b6b36762caf39e5d
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
303efc9d7500b36a55af45e4823729f358f2482445036c56b0cb295ee4f6384f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31da668930af787f650484394c91d67b20900bf693c82af75bc9f83a2b95ba72
37298501a40517c37a2051b35f80acf6396a1c900a84d0076658e566cc16775b
473f98fc0967c2c122456fc402d7db00d57d3fe3b46a12d075d10eb26a55dd5b
497207545e4aaa14add0c59adb6fc64a61a3375a525c9eb96527dd326a6d62aa
4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007
50cae3ae850bbe7f3bc70f73fc4328a8ad5780e8428f3dc11afd8e0a61d677cf
5509ed240c1136c2ece2ad1d631395ceaba6c9f6c8dda9cce560f8e4ecce0dbd
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57a9165ca527ff75cbecc812e4f0fe82774c84325295a173eb40547778ac09ce
594450ad1fa2b042976a3a4505e00926d5130cbce6122e33776fa3a15ec2d925
5b72585a41bf7da4db40c14a5b8405d32391c20125f04377009208313972d3b0
5bb4ad65a984323e2099126271672ef91746d429da08f37cf53a44c4764ce06a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
69311ab2d89a9b8df1d52beb3e99b436cc9f54019f21ddf983babf271f00bbea
69fc5e4973bc1c1df90643f8a8ac051a3b3e9021e09343112dd11795fd329cd8
6de0fe8da77b5630c572c51956f872097dda5f1c658078cbf07e7b8d7c6e9218
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
8675a06a1093ba0769100e8375d07b9c47dd85cdd31f8c5fe656d53f70316e6f
8d21e89e40d82dd3dc08ef36fbc31de9b46957f1d3c707cc36a5ecf946527773
94d865bf9b1e6bea034ec74c542d446fd35b24a3cf7b29a72b2ea8bd2679323d
96cbfe92e249edd7ee4220baf58d767efa56c274a1a6f4c313dc2ac823174ee7
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9f0f803759f3c08a5fdcbd8a15addc355796008b3a42edb2c327ad90fb5d9ef0
b315da8034899a1ebb58ec1846f65fe6d26d48f5df6290da8cdc6e654ef18719
b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
cbea9d610679963f170f28ab4b98775df5c480b792302e51be494dc8d0d25860
cd2ba52d6a69a91ed5c31a1d3e772fc29b802959066d34d40f6cadf1c71cf924
d468726090822cb68a8c3879fbd1acddfec1ebcfeb9e0db97234884c04a18278
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
e27bbd0196e326686d24579da0b9aeabf8ea0603ff3c84ae6a6b2dc95008d3fc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6467c281169a441f394dfda90beee6c7ad1afca3721ed7b13f2e255fac84216
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efaeeb7ba4f43ca1f7820f3c7b7551969d42123584943a6b749bd85d3609bb7c
fc44cf6f19e21d15c539570bf3959ca346ec974593d6822dcf8ba2ef30fe5dc2