news.1st.com
Open in
urlscan Pro
13.115.182.240
Public Scan
Effective URL: https://news.1st.com/
Submission: On October 14 via api from US — Scanned from DE
Summary
TLS certificate: Issued by R3 on September 2nd 2022. Valid for: 3 months.
This is the only time news.1st.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN16509 (AMAZON-02, US)
PTR: ec2-13-115-182-240.ap-northeast-1.compute.amazonaws.com
news.1st.com |
ASN16509 (AMAZON-02, US)
assets.website-files.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16509 (AMAZON-02, US)
PTR: server-52-222-232-39.fra56.r.cloudfront.net
d3e54v103j8qbb.cloudfront.net |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com | |
c.bing.com |
ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f6.1e100.net
10688233.fls.doubleclick.net |
ASN16625 (AKAMAI-AS, US)
PTR: a96-16-144-106.deploy.static.akamaitechnologies.com
us.connextra.com |
ASN32934 (FACEBOOK, US)
www.facebook.com |
ASN54312 (ROCKETFUEL, US)
20829737p.rfihub.com | |
a.rfihub.com | |
p.rfihub.com |
ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
cm.g.doubleclick.net |
ASN29990 (ASN-APPNEX, US)
PTR: 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com |
ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-60-98.eu-west-1.compute.amazonaws.com
dpm.demdex.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com
ps.eyeota.net |
ASN16625 (AKAMAI-AS, US)
PTR: a23-36-156-23.deploy.static.akamaitechnologies.com
contextual.media.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-102-147.eu-central-1.compute.amazonaws.com
bs.serving-sys.com |
ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-14.fra56.r.cloudfront.net
live.rezync.com |
ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-72-99.compute-1.amazonaws.com
bpi.rtactivate.com |
ASN16625 (AKAMAI-AS, US)
PTR: a104-76-200-221.deploy.static.akamaitechnologies.com
x.dlx.addthis.com |
ASN14618 (AMAZON-AES, US)
partners.tremorhub.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-110-18.eu-west-1.compute.amazonaws.com
aa.agkn.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-33-235.eu-west-1.compute.amazonaws.com
beacon.krxd.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-18-160.eu-central-1.compute.amazonaws.com
x.bidswitch.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
35 |
website-files.com
assets.website-files.com — Cisco Umbrella Rank: 11585 |
9 MB |
7 |
clarity.ms
1 redirects
www.clarity.ms — Cisco Umbrella Rank: 565 b.clarity.ms — Cisco Umbrella Rank: 5269 c.clarity.ms — Cisco Umbrella Rank: 1062 |
26 KB |
6 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 107 |
282 B |
6 |
gstatic.com
fonts.gstatic.com |
214 KB |
5 |
rfihub.com
2 redirects
20829737p.rfihub.com a.rfihub.com — Cisco Umbrella Rank: 3032 p.rfihub.com — Cisco Umbrella Rank: 740 |
7 KB |
4 |
doubleclick.net
2 redirects
10688233.fls.doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 84 cm.g.doubleclick.net — Cisco Umbrella Rank: 215 |
2 KB |
4 |
bing.com
1 redirects
bat.bing.com — Cisco Umbrella Rank: 379 c.bing.com — Cisco Umbrella Rank: 236 |
12 KB |
3 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 151 |
192 KB |
2 |
everesttech.net
2 redirects
sync-tm.everesttech.net — Cisco Umbrella Rank: 578 |
607 B |
2 |
bidswitch.net
1 redirects
x.bidswitch.net — Cisco Umbrella Rank: 303 |
1 KB |
2 |
spotxchange.com
1 redirects
sync.search.spotxchange.com — Cisco Umbrella Rank: 572 |
1 KB |
2 |
casalemedia.com
1 redirects
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 542 |
2 KB |
2 |
rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 344 |
107 B |
2 |
demdex.net
1 redirects
dpm.demdex.net — Cisco Umbrella Rank: 214 |
2 KB |
2 |
adnxs.com
1 redirects
ib.adnxs.com — Cisco Umbrella Rank: 232 |
2 KB |
2 |
google.de
www.google.de — Cisco Umbrella Rank: 6045 adservice.google.de — Cisco Umbrella Rank: 8724 |
1 KB |
2 |
google.com
adservice.google.com — Cisco Umbrella Rank: 78 www.google.com — Cisco Umbrella Rank: 2 |
1 KB |
2 |
twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 547 |
610 B |
2 |
t.co
t.co — Cisco Umbrella Rank: 483 |
581 B |
2 |
connextra.com
us.connextra.com — Cisco Umbrella Rank: 30254 |
|
2 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32 |
20 KB |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 61 |
132 KB |
2 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 306 fonts.googleapis.com — Cisco Umbrella Rank: 44 |
8 KB |
2 |
1st.com
1 redirects
news.1st.com |
11 KB |
1 |
krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 528 |
338 B |
1 |
agkn.com
aa.agkn.com — Cisco Umbrella Rank: 474 |
377 B |
1 |
tremorhub.com
partners.tremorhub.com — Cisco Umbrella Rank: 1115 |
183 B |
1 |
addthis.com
x.dlx.addthis.com — Cisco Umbrella Rank: 1189 |
191 B |
1 |
rtactivate.com
bpi.rtactivate.com — Cisco Umbrella Rank: 2003 |
109 B |
1 |
rezync.com
1 redirects
live.rezync.com — Cisco Umbrella Rank: 1751 |
779 B |
1 |
serving-sys.com
bs.serving-sys.com — Cisco Umbrella Rank: 1148 |
105 B |
1 |
media.net
contextual.media.net — Cisco Umbrella Rank: 570 |
616 B |
1 |
eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1010 |
344 B |
1 |
rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 347 |
239 B |
1 |
rfihub.net
c1.rfihub.net — Cisco Umbrella Rank: 5384 |
6 KB |
1 |
ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 624 |
15 KB |
1 |
cloudfront.net
d3e54v103j8qbb.cloudfront.net |
31 KB |
100 | 37 |
Domain | Requested by | |
---|---|---|
35 | assets.website-files.com |
news.1st.com
assets.website-files.com |
6 | www.facebook.com |
news.1st.com
|
6 | fonts.gstatic.com |
fonts.googleapis.com
|
3 | p.rfihub.com |
2 redirects
news.1st.com
|
3 | b.clarity.ms |
www.clarity.ms
|
3 | bat.bing.com |
www.googletagmanager.com
bat.bing.com news.1st.com |
3 | connect.facebook.net |
news.1st.com
connect.facebook.net |
2 | c.clarity.ms | 1 redirects |
2 | sync-tm.everesttech.net | 2 redirects |
2 | x.bidswitch.net |
1 redirects
news.1st.com
|
2 | sync.search.spotxchange.com |
1 redirects
news.1st.com
|
2 | dsum-sec.casalemedia.com |
1 redirects
news.1st.com
|
2 | idsync.rlcdn.com |
news.1st.com
|
2 | dpm.demdex.net |
1 redirects
news.1st.com
|
2 | ib.adnxs.com |
1 redirects
news.1st.com
|
2 | analytics.twitter.com |
news.1st.com
|
2 | t.co |
news.1st.com
|
2 | us.connextra.com |
www.googletagmanager.com
|
2 | 10688233.fls.doubleclick.net |
1 redirects
www.googletagmanager.com
|
2 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
2 | www.clarity.ms |
news.1st.com
www.clarity.ms |
2 | www.googletagmanager.com |
news.1st.com
|
2 | news.1st.com | 1 redirects |
1 | c.bing.com | 1 redirects |
1 | adservice.google.de |
adservice.google.com
|
1 | beacon.krxd.net |
news.1st.com
|
1 | aa.agkn.com |
news.1st.com
|
1 | partners.tremorhub.com |
news.1st.com
|
1 | x.dlx.addthis.com |
news.1st.com
|
1 | bpi.rtactivate.com |
news.1st.com
|
1 | live.rezync.com | 1 redirects |
1 | bs.serving-sys.com |
news.1st.com
|
1 | contextual.media.net |
news.1st.com
|
1 | ps.eyeota.net |
news.1st.com
|
1 | pixel.rubiconproject.com |
news.1st.com
|
1 | a.rfihub.com |
news.1st.com
|
1 | cm.g.doubleclick.net | 1 redirects |
1 | www.google.de |
news.1st.com
|
1 | www.google.com |
news.1st.com
|
1 | adservice.google.com |
10688233.fls.doubleclick.net
|
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | 20829737p.rfihub.com |
c1.rfihub.net
|
1 | c1.rfihub.net |
news.1st.com
|
1 | static.ads-twitter.com |
www.googletagmanager.com
|
1 | fonts.googleapis.com |
ajax.googleapis.com
|
1 | d3e54v103j8qbb.cloudfront.net |
news.1st.com
|
1 | ajax.googleapis.com |
news.1st.com
|
100 | 47 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.pegasusworldcup.com |
1st.com |
www.1st.com |
apps.apple.com |
1stbet.com |
auth.1st.com |
app.1st.com |
www.facebook.com |
www.instagram.com |
twitter.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
news.1st.com R3 |
2022-09-02 - 2022-12-01 |
3 months | crt.sh |
*.website-files.com Amazon |
2022-10-12 - 2023-11-09 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-09-12 - 2022-12-05 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-09-12 - 2022-12-05 |
3 months | crt.sh |
*.cloudfront.net Amazon |
2022-02-01 - 2023-01-31 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2022-07-24 - 2022-10-22 |
3 months | crt.sh |
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1 |
2022-02-27 - 2023-02-27 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-09-12 - 2022-12-05 |
3 months | crt.sh |
www.bing.com Microsoft RSA TLS CA 02 |
2022-09-03 - 2023-03-03 |
6 months | crt.sh |
*.doubleclick.net GTS CA 1C3 |
2022-09-12 - 2022-12-05 |
3 months | crt.sh |
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-07-22 - 2023-08-22 |
a year | crt.sh |
*.rfihub.net Amazon |
2021-12-29 - 2023-01-27 |
a year | crt.sh |
*.connextra.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-05-26 - 2023-05-26 |
a year | crt.sh |
*.rfihub.com Sectigo RSA Domain Validation Secure Server CA |
2022-05-24 - 2023-05-24 |
a year | crt.sh |
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-03-07 - 2023-03-06 |
a year | crt.sh |
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-03-07 - 2023-03-06 |
a year | crt.sh |
a.clarity.ms Microsoft Azure TLS Issuing CA 02 |
2022-06-07 - 2023-06-02 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2022-09-12 - 2022-12-05 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2022-09-12 - 2022-12-05 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2022-09-12 - 2022-12-05 |
3 months | crt.sh |
www.google.de GTS CA 1C3 |
2022-09-12 - 2022-12-05 |
3 months | crt.sh |
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-03-08 - 2023-04-04 |
a year | crt.sh |
*.media.net DigiCert SHA2 Secure Server CA |
2022-02-20 - 2023-02-22 |
a year | crt.sh |
bs.serving-sys.com Amazon |
2022-04-10 - 2023-05-09 |
a year | crt.sh |
rtactivate.com Amazon |
2022-04-13 - 2023-05-12 |
a year | crt.sh |
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA |
2022-02-03 - 2023-02-25 |
a year | crt.sh |
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA |
2022-02-26 - 2023-03-01 |
a year | crt.sh |
*.tremorhub.com Amazon |
2022-03-24 - 2023-04-22 |
a year | crt.sh |
*.agkn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1 |
2022-09-06 - 2023-09-21 |
a year | crt.sh |
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1 |
2021-11-03 - 2022-11-02 |
a year | crt.sh |
*.google.de GTS CA 1C3 |
2022-09-12 - 2022-12-05 |
3 months | crt.sh |
This page contains 7 frames:
Primary Page:
https://news.1st.com/
Frame ID: 26BC7329FEFDB90B92D6753715066E79
Requests: 76 HTTP requests in this frame
Frame:
https://10688233.fls.doubleclick.net/activityi;dc_pre=COba_J3I4PoCFcZtGwodD4oIwg;src=10688233;type=vivfe0;cat=vivst0;ord=1;num=8836050431456;gtm=2wgaa0;auiddc=2007051498.1665779506;~oref=https%3A%2F%2Fnews.1st.com%2F
Frame ID: EF3CE3CC19FADED64771F70509062094
Requests: 1 HTTP requests in this frame
Frame:
https://20829737p.rfihub.com/ca.html?ver=9&rb=43518&ca=20829737&_o=43518&_t=20829737&pe=https%3A%2F%2Fnews.1st.com%2F&pf=&ra=5300633418460599
Frame ID: F84907DDCBBD721D72FD330642218FE6
Requests: 19 HTTP requests in this frame
Frame:
https://adservice.google.com/ddm/fls/i/dc_pre=COba_J3I4PoCFcZtGwodD4oIwg;src=10688233;type=vivfe0;cat=vivst0;ord=1;num=8836050431456;gtm=2wgaa0;auiddc=2007051498.1665779506;~oref=https%3A%2F%2Fnews.1st.com%2F
Frame ID: BCE2F9BB7F78ABBA6732A9FF80B477E5
Requests: 1 HTTP requests in this frame
Frame:
https://adservice.google.de/ddm/fls/i/dc_pre=COba_J3I4PoCFcZtGwodD4oIwg;src=10688233;type=vivfe0;cat=vivst0;ord=1;num=8836050431456;gtm=2wgaa0;auiddc=2007051498.1665779506;~oref=https%3A%2F%2Fnews.1st.com%2F
Frame ID: FDFDCDB9A8F3283893A0294C759EF99F
Requests: 1 HTTP requests in this frame
Frame:
https://www.facebook.com/tr/
Frame ID: 9491FD737D68C13B2AF662A364BAFD0E
Requests: 1 HTTP requests in this frame
Frame:
https://www.facebook.com/tr/
Frame ID: 77B6AFFA597BE461359900C441BADA69
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Daily Horse Racing Picks & News by 1/ST BETLooking for free Daily Horse Racing News & Horse Racing Picks? We’ve got you covered. Our experts (including Eddie Olczyk, Jeff Siegel and Johnny D) analyze horse racings biggest races to bring you their expert analysis & insights every day.Page URL History Show full URLs
-
http://news.1st.com/
HTTP 301
https://news.1st.com/ Page URL
Detected technologies
AppNexus (Advertising Networks) ExpandDetected patterns
- adnxs\.(?:net|com)
Facebook (Widgets) Expand
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
- googleapis\.com/.+webfont
Google Tag Manager (Tag Managers) Expand
Detected patterns
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Rubicon Project (Advertising Networks) Expand
Detected patterns
- https?://[^/]*\.rubiconproject\.com
Sizmek (Advertising Networks) Expand
Detected patterns
- serving-sys\.com/
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
18 Outgoing links
These are links going to different origins than the main page.
Title: OFFICIAL APP OF
Search URL Search Domain Scan URL
Title: PROMOTIONS
Search URL Search Domain Scan URL
Title: HOW TO
Search URL Search Domain Scan URL
Title: FACTORS
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Download
Search URL Search Domain Scan URL
Title: 1stbet.com
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: SIGN UP
Search URL Search Domain Scan URL
Title: LOG IN
Search URL Search Domain Scan URL
Title: CURRENT OFFERS
Search URL Search Domain Scan URL
Title: Terms and Conditions
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Problem Gambling
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://news.1st.com/
HTTP 301
https://news.1st.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 46- https://10688233.fls.doubleclick.net/activityi;src=10688233;type=vivfe0;cat=vivst0;ord=1;num=8836050431456;gtm=2wgaa0;auiddc=2007051498.1665779506;~oref=https%3A%2F%2Fnews.1st.com%2F HTTP 302
- https://10688233.fls.doubleclick.net/activityi;dc_pre=COba_J3I4PoCFcZtGwodD4oIwg;src=10688233;type=vivfe0;cat=vivst0;ord=1;num=8836050431456;gtm=2wgaa0;auiddc=2007051498.1665779506;~oref=https%3A%2F%2Fnews.1st.com%2F
- https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEzMTA3NzcyMjg2NDUwODA2NQ==&forward= HTTP 302
- https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEC4t3am9xiqmXoLxACz4JhQ&google_cver=1
- https://ib.adnxs.com/setuid?entity=18&code=5131077722864508065 HTTP 307
- https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5131077722864508065
- https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5131077722864508065&redir= HTTP 302
- https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5131077722864508065&redir=
- https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
- https://ps.eyeota.net/match?uid=5131077722864508065&bid=omt9pi0
- https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5131077722864508065&referrer=https%3A%2F%2Fnews.1st.com%2F HTTP 302
- https://p.rfihub.com/cm?pub=39342&in=0&userid=d38f27e5-7c38-4eb2-9e43-1ff2665049c4%3A1665779506.6388278&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dd38f27e5-7c38-4eb2-9e43-1ff2665049c4%253A1665779506.6388278 HTTP 302
- https://idsync.rlcdn.com/501709.gif?partner_uid=d38f27e5-7c38-4eb2-9e43-1ff2665049c4%3A1665779506.6388278
- https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5131077722864508065&forward= HTTP 302
- https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5131077722864508065&forward=&C=1
- https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5131077722864508065&img=1 HTTP 302
- https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5131077722864508065&img=1&__user_check__=1&sync_id=392fe485-4bff-11ed-a47d-194044dd0306
- https://x.bidswitch.net/sync?dsp_id=119&user_id=5131077722864508065&expires=30 HTTP 302
- https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5131077722864508065&expires=30
- https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
- https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=Y0nHMgAAAOvSFQAW HTTP 302
- https://p.rfihub.com/cm?in=1&pub=21653&userid=Y0nHMgAAAOvSFQAW&_test=Y0nHMgAAAOvSFQAW
- https://c.clarity.ms/c.gif HTTP 302
- https://c.bing.com/c.gif?CtsSyncId=E2EFE3219E904212899AD35019AA2199&RedC=c.clarity.ms&MXFR=1F92877F12C66950292F954216C667CC HTTP 302
- https://c.clarity.ms/c.gif?CtsSyncId=E2EFE3219E904212899AD35019AA2199&MUID=2A7C2D41AE14686C25F13F7CAF656964
100 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
news.1st.com/ Redirect Chain
|
46 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cms-1stbet.caf649661.min.css
assets.website-files.com/5f49632a2373348fd8d5703f/css/ |
2 MB 206 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ |
13 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
106 KB 42 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5f6e63ef808ba200ad9ff48b_1ST_Bet_Icon.svg
assets.website-files.com/5d8134a2d081e347ce0c05a3/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5f6e63ef808ba268359ff48c_icon-menu.svg
assets.website-files.com/5d8134a2d081e347ce0c05a3/ |
408 B 838 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5f6e63ef808ba264479ff48e_icon-x.svg
assets.website-files.com/5d8134a2d081e347ce0c05a3/ |
311 B 741 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5f49632bc0bd610c8e231662_icon-chevron-up.svg
assets.website-files.com/5f49632a2373348fd8d5703f/ |
211 B 642 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5f4d0a3754485a4c5ab5ac15_1ST_Bet_Icon.svg
assets.website-files.com/5f49632a2373348fd8d5703f/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5f49632bc0bd6164c4231649_icon-menu.svg
assets.website-files.com/5f49632a2373348fd8d5703f/ |
408 B 838 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5f49632bc0bd610cab231650_icon-x.svg
assets.website-files.com/5f49632a2373348fd8d5703f/ |
311 B 740 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5f6e5e0e9d7ea8206ef0667b_home-24px.png
assets.website-files.com/5f49632a2373348fd8d5703f/ |
685 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5f76a41efb7ba14881871b61_menu-white-18dp.svg
assets.website-files.com/5f49632a2373348fd8d5703f/ |
202 B 632 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.5.1.min.dc5e7f18c8.js
d3e54v103j8qbb.cloudfront.net/js/ |
87 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cms-1stbet.8fd9ca6be.js
assets.website-files.com/5f49632a2373348fd8d5703f/js/ |
633 KB 91 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
31 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
103 KB 22 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
46vpn1o8jw
www.clarity.ms/tag/ |
1 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
302 KB 90 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6345b46f1a28dade4184d4ec_bc-classic-hero-img21.jpg
assets.website-files.com/5f49632a2373348fd8d5703f/ |
146 KB 147 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5f4d0e502a017c93f41e7ced_SuisseIntl-Regular.otf
assets.website-files.com/5f49632a2373348fd8d5703f/ |
155 KB 156 KB |
Font
application/x-font-otf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5f4d0e4fdfc0dad8cf651be4_SuisseIntl-Medium.otf
assets.website-files.com/5f49632a2373348fd8d5703f/ |
155 KB 155 KB |
Font
application/x-font-otf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5f4d0e4fa554e55aa93a9608_SuisseIntl-Light.otf
assets.website-files.com/5f49632a2373348fd8d5703f/ |
156 KB 156 KB |
Font
application/x-font-otf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5f6e63ef808ba28a179ff48a_appleiconblack.svg
assets.website-files.com/5d8134a2d081e347ce0c05a3/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5f76a32e793e0fb26d5443ac_adb-24px%20(1).svg
assets.website-files.com/5f49632a2373348fd8d5703f/ |
446 B 874 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
63499166cbcae54e7bfe5969_z211105_Carolyn%20Simancik_eclipsesportswire_8517.jpg
assets.website-files.com/5f49632bc0bd61851523160b/ |
510 KB 511 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
634977e0da5c367916874bdb_aussie.jpg
assets.website-files.com/5f49632bc0bd61851523160b/ |
131 KB 132 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
63231ff3e7fe133c12c78bfc_aqueductlogopic.png
assets.website-files.com/5f49632bc0bd61851523160b/ |
995 KB 997 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5f4e8cf9c1739ed01ba30e07_XBnews-img-Cimaglia.jpg
assets.website-files.com/5f49632bc0bd61851523160b/ |
42 KB 43 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6337969130484c5ed645b343_a100161022_SGS_eclipsesportswire_00395.JPG
assets.website-files.com/5f49632bc0bd61851523160b/ |
598 KB 599 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
63482399f6f2673b3a3e4e22_10-26-12%20Keeneland%20Morning%20Workouts12.jpg
assets.website-files.com/5f49632bc0bd61851523160b/ |
798 KB 800 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6300f4622e6fcd23f9ff907d_x210828_eclipsesportswire_scott%20serio_04934.jpg
assets.website-files.com/5f49632bc0bd61851523160b/ |
2 MB 2 MB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
616091656a29d76d4bad926e_breeders-cup-2020-hero.jpg
assets.website-files.com/5f49632bc0bd61851523160b/ |
2 MB 2 MB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6080da77b53a41535a58c040_pwc_trees_2020_1.jpg
assets.website-files.com/5f49632bc0bd61851523160b/ |
44 KB 45 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
62507ab688f867fc2f75e1cc_derby_justify.jpg
assets.website-files.com/5f49632bc0bd61851523160b/ |
422 KB 423 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6080d818a8c0642b0dbb847a_preakness_2020_winner.jpg
assets.website-files.com/5f49632bc0bd61851523160b/ |
146 KB 147 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
602d70c292cff564e1d2c4a5_belmont-5-p-1080.jpeg
assets.website-files.com/5f49632bc0bd61851523160b/ |
67 KB 68 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5f6e5e0e9d7ea8d0baf0667e_social-1_round-facebook.svg
assets.website-files.com/5f49632a2373348fd8d5703f/ |
876 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5f6e5e0e9d7ea81a2ef0667f_social-1_round-instagram.svg
assets.website-files.com/5f49632a2373348fd8d5703f/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5f6e5e0e9d7ea86010f0667d_social-1_round-twitter.svg
assets.website-files.com/5f49632a2373348fd8d5703f/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5f4d0e504cc4d2a7beb307df_SuisseIntl-Thin.otf
assets.website-files.com/5f49632a2373348fd8d5703f/ |
155 KB 155 KB |
Font
application/x-font-otf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5f4d0e4f873b08666436fee2_SuisseIntl-Bold.otf
assets.website-files.com/5f49632a2373348fd8d5703f/ |
156 KB 157 KB |
Font
application/x-font-otf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5fd8e7cbc69db4643c83b68b_Stroke%201%20Copy.svg
assets.website-files.com/5f49632a2373348fd8d5703f/ |
857 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
796779614507599
connect.facebook.net/signals/config/ |
355 KB 85 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ |
44 KB 44 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bat.js
bat.bing.com/ |
38 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
activityi;dc_pre=COba_J3I4PoCFcZtGwodD4oIwg;src=10688233;type=vivfe0;cat=vivst0;ord=1;num=8836050431456;gtm=2wgaa0;auiddc=2007051498.1665779506;~oref=https%3A%2F%2Fnews.1st.com%2F
10688233.fls.doubleclick.net/ Frame EF3C Redirect Chain
|
484 B 411 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uwt.js
static.ads-twitter.com/ |
56 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tc.min.js
c1.rfihub.net/js/ |
19 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1stbet_homepage
us.connextra.com/dcs/tagController/tag/fd48dd5f44b3/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1stbet_landingpage
us.connextra.com/dcs/tagController/tag/fd48dd5f44b3/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v34/ |
47 KB 47 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v17/ |
32 KB 32 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
EJRTQgYoZZY2vCFuvAFT_r21cg.woff2
fonts.gstatic.com/s/ptserif/v17/ |
34 KB 34 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
fonts.gstatic.com/s/ptserif/v17/ |
29 KB 29 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
EJRQQgYoZZY2vCFuvAFT9gaQZynfoA.woff2
fonts.gstatic.com/s/ptserif/v17/ |
28 KB 28 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clarity.js
www.clarity.ms/eus2/s/0.6.42/ |
53 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
792916808037334
connect.facebook.net/signals/config/ |
355 KB 85 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 204 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ca.html
20829737p.rfihub.com/ Frame F849 |
3 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
t.co/i/ |
43 B 378 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
analytics.twitter.com/i/ |
43 B 216 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
t.co/i/ |
43 B 203 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
analytics.twitter.com/i/ |
43 B 394 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
56305986.js
bat.bing.com/p/action/ |
0 118 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0
bat.bing.com/action/ |
0 174 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/j/ |
2 B 22 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.facebook.com/tr/ |
0 15 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.facebook.com/tr/ |
0 18 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.facebook.com/tr/ |
0 15 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
b.clarity.ms/ |
0 155 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 439 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dc_pre=COba_J3I4PoCFcZtGwodD4oIwg;src=10688233;type=vivfe0;cat=vivst0;ord=1;num=8836050431456;gtm=2wgaa0;auiddc=2007051498.1665779506;~oref=https%3A%2F%2Fnews.1st.com%2F
adservice.google.com/ddm/fls/i/ Frame BCE2 |
483 B 854 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 501 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 501 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cm
a.rfihub.com/ Frame F849 Redirect Chain
|
42 B 1004 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bounce
ib.adnxs.com/ Frame F849 Redirect Chain
|
43 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tap.php
pixel.rubiconproject.com/ Frame F849 |
0 239 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
demconf.jpg
dpm.demdex.net/ Frame F849 Redirect Chain
|
42 B 942 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
match
ps.eyeota.net/ Frame F849 Redirect Chain
|
0 344 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cksync.php
contextual.media.net/ Frame F849 |
45 B 616 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
serving
bs.serving-sys.com/ Frame F849 |
0 105 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
501709.gif
idsync.rlcdn.com/ Frame F849 Redirect Chain
|
0 9 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
bpi.rtactivate.com/tag/ Frame F849 |
43 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rum
dsum-sec.casalemedia.com/ Frame F849 Redirect Chain
|
43 B 766 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
360947.gif
idsync.rlcdn.com/ Frame F849 |
0 98 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rocketfuel_sync
x.dlx.addthis.com/e/ Frame F849 |
43 B 191 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
partner
sync.search.spotxchange.com/ Frame F849 Redirect Chain
|
43 B 549 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync
partners.tremorhub.com/ Frame F849 |
43 B 183 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
g.pixel
aa.agkn.com/adscores/ Frame F849 |
43 B 377 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
usermatch.gif
beacon.krxd.net/ Frame F849 |
0 338 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sync
x.bidswitch.net/ul_cb/ Frame F849 Redirect Chain
|
43 B 495 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cm
p.rfihub.com/ Frame F849 Redirect Chain
|
42 B 1021 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dc_pre=COba_J3I4PoCFcZtGwodD4oIwg;src=10688233;type=vivfe0;cat=vivst0;ord=1;num=8836050431456;gtm=2wgaa0;auiddc=2007051498.1665779506;~oref=https%3A%2F%2Fnews.1st.com%2F
adservice.google.de/ddm/fls/i/ Frame FDFD |
194 B 870 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
/
www.facebook.com/tr/ Frame 9491 |
0 15 B |
Document
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
/
www.facebook.com/tr/ Frame 77B6 |
0 15 B |
Document
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c.gif
c.clarity.ms/ Redirect Chain
|
42 B 369 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
b.clarity.ms/ |
0 48 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
b.clarity.ms/ |
0 48 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
46 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| WebFont function| gtag object| dataLayer function| fbq function| _fbq function| clarity object| google_tag_manager object| Webflow function| $ function| jQuery function| objectFitPolyfill function| tram object| google_tag_data string| GoogleAnalyticsObject function| ga function| twq function| _rfi function| setCookie function| getCookie function| onYouTubeIframeAPIReady function| UET function| UET_init function| UET_push function| extend function| RocketfuelBCPInclude function| RocketfuelBCPClass function| RocketfuelUtils object| RocketfuelBCP object| regeneratorRuntime object| twttr object| ueto_2ca694c05d object| uetq object| gaplugins object| gaGlobal object| gaData41 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.clarity.ms/ | Name: CLID Value: c217204407ed4ccdafa68a278a89f868.20221014.20231014 |
|
.1st.com/ | Name: _gcl_au Value: 1.1.2007051498.1665779506 |
|
.news.1st.com/ | Name: pageviewCount Value: 1 |
|
.1st.com/ | Name: _fbp Value: fb.1.1665779506186.789301149 |
|
.bing.com/ | Name: MUID Value: 2A7C2D41AE14686C25F13F7CAF656964 |
|
.1st.com/ | Name: _uetsid Value: 38f41e404bff11ed860f116a794ffcc5 |
|
.1st.com/ | Name: _uetvid Value: 38f445804bff11ed9d00ad9aeeba704b |
|
.1st.com/ | Name: _ga Value: GA1.2.1738127013.1665779506 |
|
.1st.com/ | Name: _gid Value: GA1.2.1767580598.1665779506 |
|
.1st.com/ | Name: _gat_UA-167213651-1 Value: 1 |
|
.1st.com/ | Name: _clck Value: 15dss4t|1|f5p|0 |
|
.t.co/ | Name: muc_ads Value: f97570ab-dd64-448c-a2ab-36ca10dea530 |
|
.rfihub.com/ | Name: ruds Value: H4sIAAAAAAAA_-MSNjU0NjQwNzc3MrIwMzE1sDAwMxXiM9TNMDI0S0kJyMwI8HEGAERxvPUlAAAA |
|
.rfihub.com/ | Name: rud Value: H4sIAAAAAAAA_-MSNjU0NjQwNzc3MrIwMzE1sDAwMxXiM9TNMDI0S0kJyMwI8HEGAERxvPUlAAAA |
|
.casalemedia.com/ | Name: CMID Value: Y0nHMogRuRfU48wTsdZx1AAA |
|
.casalemedia.com/ | Name: CMPS Value: 3351 |
|
.casalemedia.com/ | Name: CMPRO Value: 3351 |
|
.adnxs.com/ | Name: uuid2 Value: 4468942785355496925 |
|
.media.net/ | Name: visitor-id Value: 3087811068397043000V10 |
|
.media.net/ | Name: data-rk Value: 5131077722864508065~~3 |
|
.adnxs.com/ | Name: anj Value: dTM7k!M4/YErk#WF']wIg2IlahJKQm!]tbPl1MNu::wpAk`W>$i*sKqlwVVVgk($LdWJEuCwTyVAdsb_!AXTO:4=sB!(JCb@[I.# |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUmal4IGQX3GjgcHhwCX-gX3ChmLpPv1xxORX5spzKNgjkJKHjSENc04mo0j2U0 |
|
.spotxchange.com/ | Name: audience Value: 392fe431-4bff-11ed-a47d-194044dd0306 |
|
.demdex.net/ | Name: demdex Value: 49780602228431449802296203394153981681 |
|
.dpm.demdex.net/ | Name: dpm Value: 49780602228431449802296203394153981681 |
|
.krxd.net/ | Name: _kuid_ Value: PI1jGZhe |
|
.eyeota.net/ | Name: SERVERID Value: 23242~DM |
|
.bidswitch.net/ | Name: tuuid Value: 455fe788-ca7c-4d26-8d7b-15a50a589025 |
|
.bidswitch.net/ | Name: c Value: 1665779506 |
|
.bidswitch.net/ | Name: tuuid_lu Value: 1665779506 |
|
.everesttech.net/ | Name: everest_g_v2 Value: g_surferid~Y0nHMgAAAOvSFQAW |
|
.rezync.com/ | Name: zync-uuid Value: d38f27e5-7c38-4eb2-9e43-1ff2665049c4:1665779506.6388278 |
|
live.rezync.com/ | Name: sd-session-id Value: .eJwNykEOwiAQQNG7zLoYGGBmymUapUNCtGhK3dj07rL7L_knLB_dt3vTdkA69q9OkF91qEM6odffpk9IEJ13lpkRhUK0YinCNUHX3uu7LXUdz-qlIGs0nL2YoA80swZvXClIFG2Yc0huFPMcLd3IiyALXH-ppiVh.Y0nHMg.91xrY8BpILju6UmJO5X0ONfBtQI |
|
.rfihub.com/ | Name: euds Value: H4sIAAAAAAAA_-OSMXR2dA12dTYpMU7MtazILMyNyPepcHSuMvHKCFzFKBBpkOfhm-7o6OhfFuwW6BgOAEI-UW0xAAAA |
|
.rfihub.com/ | Name: eud Value: H4sIAAAAAAAA_5vFyGtoZmZqbm5pamBmYmmyCo1_Co3_Co3_C40_iQmVPwuNvwiNvwqNvwmNvwtdPQsq_xYy39zYchGrQKRBnodvuqOjo39ZsFugY_gqViQlFmZGm1jRrOBG8xIaf5EwKv8RGh8AWJM8GkMBAAA |
|
.1st.com/ | Name: _clsk Value: prhimx|1665779506933|1|1|b.clarity.ms/collect |
|
.twitter.com/ | Name: personalization_id Value: "v1_KlwlVjYRBfjjJ8HvKLxMQA==" |
|
.c.bing.com/ | Name: SRM_B Value: 2A7C2D41AE14686C25F13F7CAF656964 |
|
.c.clarity.ms/ | Name: SM Value: C |
|
.clarity.ms/ | Name: MUID Value: 2A7C2D41AE14686C25F13F7CAF656964 |
|
.c.clarity.ms/ | Name: ANONCHK Value: 0 |
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | frame-ancestors 'self' |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
10688233.fls.doubleclick.net
20829737p.rfihub.com
a.rfihub.com
aa.agkn.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
analytics.twitter.com
assets.website-files.com
b.clarity.ms
bat.bing.com
beacon.krxd.net
bpi.rtactivate.com
bs.serving-sys.com
c.bing.com
c.clarity.ms
c1.rfihub.net
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
d3e54v103j8qbb.cloudfront.net
dpm.demdex.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
ib.adnxs.com
idsync.rlcdn.com
live.rezync.com
news.1st.com
p.rfihub.com
partners.tremorhub.com
pixel.rubiconproject.com
ps.eyeota.net
static.ads-twitter.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.search.spotxchange.com
t.co
us.connextra.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
x.bidswitch.net
x.dlx.addthis.com
104.244.42.133
104.244.42.3
104.76.200.221
108.138.17.14
13.115.182.240
142.250.185.102
142.250.186.130
151.101.2.49
18.156.102.147
185.80.39.216
185.89.210.101
185.94.180.125
193.0.160.128
199.232.188.157
20.234.93.27
20.75.32.255
23.36.156.23
2600:1f18:612b:4264:54e8:ad4c:a4b8:acf6
2600:9000:2182:2e00:11:3b84:d200:93a1
2600:9000:223c:e00:1:76cf:fe80:93a1
2620:1ec:bdf::45
2620:1ec:c11::200
2a00:1450:4001:806::200a
2a00:1450:4001:808::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::2004
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:4001:831::2008
2a00:1450:400c:c07::9d
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
3.124.210.90
35.156.18.160
35.244.174.68
52.212.110.18
52.222.232.39
52.30.33.235
52.55.72.99
54.76.60.98
69.173.144.165
96.16.144.106
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
0cb8664edce38d0cb7c747a765628f210d07360b7301102d384acfbecc9e028d
13561ecb60314b35f437dce22b4a96f6abc872f8c992f8c77e80ec3fd69b9c1e
142b2ea0873ac373f6579f120251c58f610e463530e5242cfdbb869a4bdae3a4
21bec19e3d1451b29eff8fb3a274c8710e0c564b764bd40192fe9f162d7964af
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
38fc3a8a1f3d2f512f93b87844cc108edd48571dff49c49e27af4e8aa6a1e931
3cce8192d8954dae3a106037f97fedc573c980cf9698b8fc7d72206cf6800721
3fa3713ed40739c378d9af33d853a5c00eb9ae4ed9cc6e85a72865c86fb80125
41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d
458c5870baccdc4a4cbd3ba91a1429af19e85e9ddf77180aee77d8144869fad3
45df1ff5ff5b84f321238e8168295098d922184ad294eac0a1f14eb2f38158db
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4887432b1a4d9da8b936f1c85deedeca55091445247a470d366c73a5d0eaf43b
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c317b1820157f888a90a89f67cbc7038bca59a9f2890a7d083dec4d68a8b36f
534cce3cf2effc081de0b1e92c7af74d3dcb58a3ac49dbd7f6f59ae7227a0253
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56be3ae00370b96f3b9f9873f556645db8e690e69b1398514f4a47d72cb98c71
5c8d19e6e1de20e77730dbba0c047fae3042e79582d56890d11dc87b4a4e1b1c
5e7946fdf03c705a1bfdf9f4d4c27e94eaf251b5aad5acc07fb390ca31833e9a
6c07107795e9db7d88ee19cae3c3f79c7a916e3849d0d99781f8bbc35b8b733b
72b4ac718b8ae81dc012d2bae19a91d62d1b3492c435c50540b370903ec297a0
757c3b77f427fd37950e116ec7b3e98bd8a29fab2438f9ed68429a3cd3755d8e
792329cf37bea33adf5798dc9f9a5c2de5dc9bc75334a724aa6762bfdcc74948
7a2d10e4759fb209db7cfd3b856a8fab265b89780cd2462943966bfb8bcc2b02
7a2f9dfc09b259c3753ea0e4f4225d453339f60d715e40a91ce822be008373d6
7a9783b9fb1cbac6fe1b7b3f92e7727974927394cf77f3d2ef8bb2608725b288
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
7f9694a5641741d04e1c98eb1011059826aa5feb34e47d2b2f95bdb47cb0c2f5
8087acaf5299f107641158f0da114060479a7a76986d39e14e18de86f4220290
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
824098fe6e570d75660cb558dd2cf6bd0bd1398142129b51d06b9dae24631b7a
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
83b7e5572b72a4720653285d47451bfa78b69f1b665fec3d8334ae3274406b1b
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8a5be4b8540f9f60b925a6a605fb798e4768d5885193d94e25fc10471f81468c
8b7a8f9f22ca95c5c182a538ec7fbe4c2213193df3750f88da3958b78f6422ab
8f99a2ffacdb0d349039b25746abed63fa92ffc73cc12d35a5da4632ee2a73d3
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0abf778f423fcad314e2f7e6c835d70956ca499f47d5fdaa98b709a7145be08
a28c85cdb83b8ee0748948dbd95879c86f5ad1ed3adb505a0768e95780113e51
a8b4c3fed174cde914ce1d74e3e97a4c7d17a9d615ba13065e8dc58531a84046
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
adf7349508b541778aa4e19bf552a2e2f3abfe19f5c344087fbbdaf868e049b3
ae5f7a3e07d9f72b32180419c4cedf04e75bba25b824beab5824e71d2c28d227
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
bda722d3eb0e0dffc4fdb32ff02da96130795ff2d1a41ad6c99ab5ed25d90fc1
c6ef32eeaeab2f603ec95b8c6ac6f423ff1bde4b26e3fddaa935c8d630499743
cad7513b47cdadc2358a3be570fbb44f642150d632ee0fe5a4b95f9b62472243
cc85d8daab71257fb650ec9b151dfbe658a8ca1bb6497955ce5eb4910c79656b
cd2e795af68f53a6f2a92c2f8e13621fb5e5da2f577b190a6b622f34c83d5b75
d355afb9705c3f8651f6a1f813b4670b758d59a17783830f534e7a8839c5b666
d8919a5a218fb212d5aff4277b8ecb1e2c90be57b3c0dd96694c905bf0b5a448
d97ca913935c9897ac4e255d17e14c8a3f0d8513681fe5b6736c4921fc5dd078
d9e33d57f4c6118ff345124752c7bacd6f75bd13d8613e254ddf03ba67ee3b83
dd6661b8cd544cf84130afd811d872ce216a1f069eef967566a300a7dfb8506e
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e07dfdff938cc4b0c84f3fff03b42014183a8b0bed3c80f8407af2517e441f2a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e58250935c3d8f8b4bdd1248f631feaaaead7878b9b955cbded377bbdd5f7e72
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ee868d337c2fe9ac037a183c24811731766457082363f3e0e5184e919405fd6c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f055a0681fdfe0de0d9e14e4118565e978d94c9d2b89910cca1b26f761509f63
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d