![](/screenshots/60991d30-fe82-457d-9ea0-8c973187b365.png)
weshield.us
Open in
urlscan Pro
45.33.94.74
Public Scan
Effective URL: https://weshield.us/universities/?utm_medium=email&_hsmi=213661852&_hsenc=p2ANqtz-_26zXLhazPyi0zFWpXfWSB8bFmxbR8N9pL...
Submission: On May 19 via api from US — Scanned from US
Summary
TLS certificate: Issued by R3 on March 21st 2022. Valid for: 3 months.
This is the only time weshield.us was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
order.weshield.us |
ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1077-74.members.linode.com
weshield.us |
ASN15169 (GOOGLE, US)
fonts.googleapis.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16625 (AKAMAI-AS, US)
PTR: a23-59-105-202.deploy.static.akamaitechnologies.com
j.6sc.co | |
c.6sc.co | |
b.6sc.co |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN29990 (ASN-APPNEX, US)
PTR: 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com |
ASN32934 (FACEBOOK, US)
www.facebook.com |
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com | |
www.linkedin.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-214-150.compute-1.amazonaws.com
d.adroll.com |
ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net |
ASN29990 (ASN-APPNEX, US)
PTR: 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com |
ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com |
ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com |
ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f2.1e100.net
cm.g.doubleclick.net |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-55-148.compute-1.amazonaws.com
usermatch.krxd.net |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-99-248.compute-1.amazonaws.com
beacon.krxd.net |
ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
34 |
weshield.us
1 redirects
order.weshield.us weshield.us — Cisco Umbrella Rank: 762440 |
1 MB |
17 |
adroll.com
9 redirects
s.adroll.com — Cisco Umbrella Rank: 2620 d.adroll.com — Cisco Umbrella Rank: 1559 |
30 KB |
13 |
6sc.co
j.6sc.co — Cisco Umbrella Rank: 7782 c.6sc.co — Cisco Umbrella Rank: 11738 ipv6.6sc.co — Cisco Umbrella Rank: 15956 b.6sc.co — Cisco Umbrella Rank: 5389 |
18 KB |
6 |
gstatic.com
www.gstatic.com fonts.gstatic.com |
343 KB |
5 |
linkedin.com
5 redirects
px.ads.linkedin.com — Cisco Umbrella Rank: 511 www.linkedin.com — Cisco Umbrella Rank: 616 px4.ads.linkedin.com — Cisco Umbrella Rank: 4745 |
5 KB |
4 |
doubleclick.net
3 redirects
stats.g.doubleclick.net — Cisco Umbrella Rank: 92 cm.g.doubleclick.net — Cisco Umbrella Rank: 212 |
1 KB |
4 |
adnxs.com
1 redirects
secure.adnxs.com — Cisco Umbrella Rank: 424 ib.adnxs.com — Cisco Umbrella Rank: 240 |
3 KB |
4 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 146 |
221 KB |
4 |
google.com
www.google.com — Cisco Umbrella Rank: 7 |
40 KB |
3 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 102 |
516 B |
3 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37 |
20 KB |
2 |
openx.net
1 redirects
us-u.openx.net — Cisco Umbrella Rank: 399 |
406 B |
2 |
krxd.net
1 redirects
usermatch.krxd.net — Cisco Umbrella Rank: 1256 beacon.krxd.net — Cisco Umbrella Rank: 472 |
507 B |
2 |
pippio.com
2 redirects
pippio.com — Cisco Umbrella Rank: 765 |
718 B |
2 |
rlcdn.com
2 redirects
idsync.rlcdn.com — Cisco Umbrella Rank: 330 |
506 B |
2 |
bidswitch.net
1 redirects
x.bidswitch.net — Cisco Umbrella Rank: 287 |
1 KB |
2 |
adsymptotic.com
1 redirects
p.adsymptotic.com — Cisco Umbrella Rank: 551 |
563 B |
2 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46 |
3 KB |
1 |
yahoo.com
ads.yahoo.com — Cisco Umbrella Rank: 1156 |
194 B |
1 |
licdn.com
snap.licdn.com — Cisco Umbrella Rank: 939 |
3 KB |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 71 |
67 KB |
87 | 21 |
Domain | Requested by | |
---|---|---|
32 | weshield.us |
order.weshield.us
weshield.us |
9 | d.adroll.com |
7 redirects
s.adroll.com
weshield.us |
8 | b.6sc.co |
weshield.us
|
8 | s.adroll.com |
2 redirects
www.googletagmanager.com
weshield.us s.adroll.com d.adroll.com |
4 | www.gstatic.com |
www.google.com
www.gstatic.com |
4 | connect.facebook.net |
weshield.us
connect.facebook.net |
4 | www.google.com |
weshield.us
www.gstatic.com www.google.com |
3 | cm.g.doubleclick.net | 3 redirects |
3 | px.ads.linkedin.com | 3 redirects |
3 | www.facebook.com |
weshield.us
|
3 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com weshield.us |
2 | us-u.openx.net |
1 redirects
weshield.us
|
2 | pippio.com | 2 redirects |
2 | idsync.rlcdn.com | 2 redirects |
2 | ib.adnxs.com |
1 redirects
weshield.us
|
2 | x.bidswitch.net |
1 redirects
weshield.us
|
2 | fonts.gstatic.com |
www.google.com
|
2 | p.adsymptotic.com |
1 redirects
weshield.us
|
2 | ipv6.6sc.co |
j.6sc.co
|
2 | c.6sc.co |
j.6sc.co
|
2 | secure.adnxs.com |
j.6sc.co
|
2 | fonts.googleapis.com |
weshield.us
|
2 | order.weshield.us | 1 redirects |
1 | beacon.krxd.net |
weshield.us
|
1 | usermatch.krxd.net | 1 redirects |
1 | ads.yahoo.com |
weshield.us
|
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | px4.ads.linkedin.com | 1 redirects |
1 | www.linkedin.com | 1 redirects |
1 | snap.licdn.com |
order.weshield.us
|
1 | j.6sc.co |
weshield.us
|
1 | www.googletagmanager.com |
weshield.us
|
87 | 32 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
order.weshield.us Cloudflare Inc ECC CA-3 |
2022-01-18 - 2023-01-18 |
a year | crt.sh |
weshield.us R3 |
2022-03-21 - 2022-06-19 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-05-04 - 2022-07-27 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2022-05-04 - 2022-07-27 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-04-25 - 2022-07-18 |
3 months | crt.sh |
*.6sc.co DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-03-08 - 2023-03-11 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2022-02-26 - 2022-05-27 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-04-25 - 2022-07-18 |
3 months | crt.sh |
snap.licdn.com DigiCert SHA2 Secure Server CA |
2022-03-01 - 2023-03-01 |
a year | crt.sh |
s.adroll.com Amazon |
2021-08-02 - 2022-08-31 |
a year | crt.sh |
*.adnxs.com GeoTrust ECC CA 2018 |
2022-02-11 - 2023-03-14 |
a year | crt.sh |
*.google.com GTS CA 1C3 |
2022-05-04 - 2022-07-27 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2022-05-04 - 2022-07-27 |
3 months | crt.sh |
adroll.mgr.consensu.org Amazon |
2021-09-10 - 2022-10-09 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://weshield.us/universities/?utm_medium=email&_hsmi=213661852&_hsenc=p2ANqtz-_26zXLhazPyi0zFWpXfWSB8bFmxbR8N9pLYl-BOuAi9TaLcuxLgRB8Oinueoh4lvHI89TJzKYQOpZ2bH1AY6eNVqZfzSgopmFwP754bWhfd0IhmNI&utm_content=213661852&utm_source=hs_automation
Frame ID: D8B668860FCED000714F7A756B69E327
Requests: 83 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjN6MZAAAAAHhSWxPa_NR800c-MW6tyACV9qjd&co=aHR0cHM6Ly93ZXNoaWVsZC51czo0NDM.&hl=en&v=M-QqaF9xk6BpjLH22uHZRhXt&size=invisible&cb=q8rixj1ob7nc
Frame ID: 2C4E3DEA79EF24C27FB1324BC1D7EA83
Requests: 8 HTTP requests in this frame
Frame:
https://www.facebook.com/tr/
Frame ID: 8EFFC9793C03C7A75B1B7BCEE5D1AF11
Requests: 1 HTTP requests in this frame
Screenshot
![](/screenshots/60991d30-fe82-457d-9ea0-8c973187b365.png)
Page Title
Universities - We ShieldPage URL History Show full URLs
- https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VWKNTD3Mg4TqW3FBQhT3M5F0bW63xJzN4KfRL5N7nzPvt3lLB3V1-... Page URL
-
https://order.weshield.us/events/public/v1/encoded/track/tc/RI+113/cZZj304/VWKNTD3Mg4TqW3FBQhT3M5F0bW6...
HTTP 307
https://weshield.us/universities/?utm_medium=email&_hsmi=213661852&_hsenc=p2ANqtz-_26zXLhazPyi0z... Page URL
Detected technologies
Detected patterns
- <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
- /wp-(?:content|includes)/
![](/vendor/wappa/icons/Elementor.png)
Detected patterns
- <div class=(?:"|')[^"']*elementor
- <section class=(?:"|')[^"']*elementor
Detected patterns
- (?:a|s)\.adroll\.com
Detected patterns
- adnxs\.(?:net|com)
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
![](/vendor/wappa/icons/Font Awesome.png)
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
![](/vendor/wappa/icons/Google Font API.png)
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
![](/vendor/wappa/icons/Google Tag Manager.png)
Detected patterns
- googletagmanager\.com/ns\.html[^>]+></iframe>
- googletagmanager\.com/gtm\.js
Detected patterns
- snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
![](/vendor/wappa/icons/OpenX.png)
Detected patterns
- https?://[^/]*\.openx\.net
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
![](/vendor/wappa/icons/reCAPTCHA.png)
Detected patterns
- /recaptcha/api\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VWKNTD3Mg4TqW3FBQhT3M5F0bW63xJzN4KfRL5N7nzPvt3lLB3V1-WJV7CgJf6W7pXGk-6g-SdwW8GZ1YN7wnzm6V4GYkW71qxF4W5Dq-3p8j8p0yW8qTXW71dsdVdW2KS7vl3bV26zW691fCB3zvKjyW5jW7Hs68Xh1cW2HpfTg6X8PrbW6-y93x87fy-SVh4Zqj3BPsM_W73KDbS7Mx7s5W1ZhvkT3QV1YnW3Ff_3C65Jj6mW6-5PpM4-8TZcW2Q3B0G7prNrYVgHskC1TDtCKW97zbBP6806hkW3T6gfB5D6YgbN4ZdyFm8_l3g38nr1 Page URL
-
https://order.weshield.us/events/public/v1/encoded/track/tc/RI+113/cZZj304/VWKNTD3Mg4TqW3FBQhT3M5F0bW63xJzN4KfRL5N7nzPvt3lLB3V1-WJV7CgJf6W7pXGk-6g-SdwW8GZ1YN7wnzm6V4GYkW71qxF4W5Dq-3p8j8p0yW8qTXW71dsdVdW2KS7vl3bV26zW691fCB3zvKjyW5jW7Hs68Xh1cW2HpfTg6X8PrbW6-y93x87fy-SVh4Zqj3BPsM_W73KDbS7Mx7s5W1ZhvkT3QV1YnW3Ff_3C65Jj6mW6-5PpM4-8TZcW2Q3B0G7prNrYVgHskC1TDtCKW97zbBP6806hkW3T6gfB5D6YgbN4ZdyFm8_l3g38nr1?_ud=ce465fa3-a809-41de-9e09-496b7690c6e5&_ch=p&_pr2=p&_pl=3&_lg=en-US,en&_dr=p&_ts=p
HTTP 307
https://weshield.us/universities/?utm_medium=email&_hsmi=213661852&_hsenc=p2ANqtz-_26zXLhazPyi0zFWpXfWSB8bFmxbR8N9pLYl-BOuAi9TaLcuxLgRB8Oinueoh4lvHI89TJzKYQOpZ2bH1AY6eNVqZfzSgopmFwP754bWhfd0IhmNI&utm_content=213661852&utm_source=hs_automation Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 55- https://s.adroll.com/j/exp/QMNMPUQDDBBSXKRLZCC4BD/index.js HTTP 302
- https://s.adroll.com/j/exp/index.js
- https://s.adroll.com/j/pre/QMNMPUQDDBBSXKRLZCC4BD/7TC6CKEMDVALVLH4DEAOGO/fpconsent.js HTTP 302
- https://s.adroll.com/j/pre/index.js
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3060457&time=1652993923430&url=https%3A%2F%2Fweshield.us%2Funiversities%2F%3F_hsenc%3Dp2ANqtz-_26zXLhazPyi0zFWpXfWSB8bFmxbR8N9pLYl-BOuAi9TaLcuxLgRB8Oinueoh4lvHI89TJzKYQOpZ2bH1AY6eNVqZfzSgopmFwP754bWhfd0IhmNI%26utm_source%3Dhs_automation%26utm_content%3D213661852%26utm_medium%3Demail%26_hsmi%3D213661852 HTTP 302
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3060457&time=1652993923430&url=https%3A%2F%2Fweshield.us%2Funiversities%2F%3F_hsenc%3Dp2ANqtz-_26zXLhazPyi0zFWpXfWSB8bFmxbR8N9pLYl-BOuAi9TaLcuxLgRB8Oinueoh4lvHI89TJzKYQOpZ2bH1AY6eNVqZfzSgopmFwP754bWhfd0IhmNI%26utm_source%3Dhs_automation%26utm_content%3D213661852%26utm_medium%3Demail%26_hsmi%3D213661852&cookiesTest=true HTTP 302
- https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3060457%26time%3D1652993923430%26url%3Dhttps%253A%252F%252Fweshield.us%252Funiversities%252F%253F_hsenc%253Dp2ANqtz-_26zXLhazPyi0zFWpXfWSB8bFmxbR8N9pLYl-BOuAi9TaLcuxLgRB8Oinueoh4lvHI89TJzKYQOpZ2bH1AY6eNVqZfzSgopmFwP754bWhfd0IhmNI%2526utm_source%253Dhs_automation%2526utm_content%253D213661852%2526utm_medium%253Demail%2526_hsmi%253D213661852%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3060457&time=1652993923430&url=https%3A%2F%2Fweshield.us%2Funiversities%2F%3F_hsenc%3Dp2ANqtz-_26zXLhazPyi0zFWpXfWSB8bFmxbR8N9pLYl-BOuAi9TaLcuxLgRB8Oinueoh4lvHI89TJzKYQOpZ2bH1AY6eNVqZfzSgopmFwP754bWhfd0IhmNI%26utm_source%3Dhs_automation%26utm_content%3D213661852%26utm_medium%3Demail%26_hsmi%3D213661852&cookiesTest=true&liSync=true HTTP 302
- https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3060457&time=1652993923430&url=https%3A%2F%2Fweshield.us%2Funiversities%2F%3F_hsenc%3Dp2ANqtz-_26zXLhazPyi0zFWpXfWSB8bFmxbR8N9pLYl-BOuAi9TaLcuxLgRB8Oinueoh4lvHI89TJzKYQOpZ2bH1AY6eNVqZfzSgopmFwP754bWhfd0IhmNI%26utm_source%3Dhs_automation%26utm_content%3D213661852%26utm_medium%3Demail%26_hsmi%3D213661852&cookiesTest=true&liSync=true&e_ipv6=AQILM7xgbDQPLQAAAYDeHZra6prlDEEoSTy4oAz1UUJoqiWFkstJQMuwiF9u8iqj9eaOAgwwpjAnmqFKmB8vtDrRwpybFZc HTTP 302
- https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=d2c33096-a359-4516-8b6f-00729c69f6c5 HTTP 302
- https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=d2c33096-a359-4516-8b6f-00729c69f6c5&_expected_cookie=373f2964d3d9063bf3207a7141d981b1
- https://d.adroll.com/pixel/QMNMPUQDDBBSXKRLZCC4BD/7TC6CKEMDVALVLH4DEAOGO?adroll_fpc=e7cccb59617ecb09914b8f2b17509398-1652993923643&arrfrr=https%3A%2F%2Fweshield.us%2Funiversities%2F%3Futm_medium%3Demail%26_hsmi%3D213661852%26_hsenc%3Dp2ANqtz-_26zXLhazPyi0zFWpXfWSB8bFmxbR8N9pLYl-BOuAi9TaLcuxLgRB8Oinueoh4lvHI89TJzKYQOpZ2bH1AY6eNVqZfzSgopmFwP754bWhfd0IhmNI%26utm_content%3D213661852%26utm_source%3Dhs_automation&pv=68749420333.90384&cookie=&adroll_s_ref=&keyw= HTTP 302
- https://s.adroll.com/pixel/QMNMPUQDDBBSXKRLZCC4BD/7TC6CKEMDVALVLH4DEAOGO/YT2TK2Y7FVEA7AEPWNFCEQ.js
- https://d.adroll.com/cm/r/out?adroll_fpc=e7cccb59617ecb09914b8f2b17509398-1652993923643&arrfrr=https%3A%2F%2Fweshield.us%2Funiversities%2F%3Futm_medium%3Demail%26_hsmi%3D213661852%26_hsenc%3Dp2ANqtz-_26zXLhazPyi0zFWpXfWSB8bFmxbR8N9pLYl-BOuAi9TaLcuxLgRB8Oinueoh4lvHI89TJzKYQOpZ2bH1AY6eNVqZfzSgopmFwP754bWhfd0IhmNI%26utm_content%3D213661852%26utm_source%3Dhs_automation&advertisable=QMNMPUQDDBBSXKRLZCC4BD HTTP 302
- https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
- https://d.adroll.com/cm/b/out?adroll_fpc=e7cccb59617ecb09914b8f2b17509398-1652993923643&arrfrr=https%3A%2F%2Fweshield.us%2Funiversities%2F%3Futm_medium%3Demail%26_hsmi%3D213661852%26_hsenc%3Dp2ANqtz-_26zXLhazPyi0zFWpXfWSB8bFmxbR8N9pLYl-BOuAi9TaLcuxLgRB8Oinueoh4lvHI89TJzKYQOpZ2bH1AY6eNVqZfzSgopmFwP754bWhfd0IhmNI%26utm_content%3D213661852%26utm_source%3Dhs_automation&advertisable=QMNMPUQDDBBSXKRLZCC4BD HTTP 302
- https://x.bidswitch.net/sync?dsp_id=44&user_id=YjA1YTdmMDBjZDJkMWFlYmQzNTllMTUyNTJlNGJjZDM HTTP 302
- https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=YjA1YTdmMDBjZDJkMWFlYmQzNTllMTUyNTJlNGJjZDM
- https://d.adroll.com/cm/x/out?adroll_fpc=e7cccb59617ecb09914b8f2b17509398-1652993923643&arrfrr=https%3A%2F%2Fweshield.us%2Funiversities%2F%3Futm_medium%3Demail%26_hsmi%3D213661852%26_hsenc%3Dp2ANqtz-_26zXLhazPyi0zFWpXfWSB8bFmxbR8N9pLYl-BOuAi9TaLcuxLgRB8Oinueoh4lvHI89TJzKYQOpZ2bH1AY6eNVqZfzSgopmFwP754bWhfd0IhmNI%26utm_content%3D213661852%26utm_source%3Dhs_automation&advertisable=QMNMPUQDDBBSXKRLZCC4BD HTTP 302
- https://ib.adnxs.com/setuid?entity=172&code=YjA1YTdmMDBjZDJkMWFlYmQzNTllMTUyNTJlNGJjZDM HTTP 307
- https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DYjA1YTdmMDBjZDJkMWFlYmQzNTllMTUyNTJlNGJjZDM
- https://d.adroll.com/cm/l/out?adroll_fpc=e7cccb59617ecb09914b8f2b17509398-1652993923643&arrfrr=https%3A%2F%2Fweshield.us%2Funiversities%2F%3Futm_medium%3Demail%26_hsmi%3D213661852%26_hsenc%3Dp2ANqtz-_26zXLhazPyi0zFWpXfWSB8bFmxbR8N9pLYl-BOuAi9TaLcuxLgRB8Oinueoh4lvHI89TJzKYQOpZ2bH1AY6eNVqZfzSgopmFwP754bWhfd0IhmNI%26utm_content%3D213661852%26utm_source%3Dhs_automation&advertisable=QMNMPUQDDBBSXKRLZCC4BD HTTP 302
- https://idsync.rlcdn.com/377928.gif?partner_uid=b05a7f00cd2d1aebd359e15252e4bcd3 HTTP 307
- https://idsync.rlcdn.com/1000.gif?memo=CMiIFxIrCicIARDqIhogYjA1YTdmMDBjZDJkMWFlYmQzNTllMTUyNTJlNGJjZDMQABoNCIPfmpQGEgUI6AcQAEIASgA HTTP 307
- https://pippio.com/api/sync?pid=5324&it=1&iv=57c800d098f519a96c8dced3bbc6d56f89eb245d1838120a228be7e2753e2631791426b5417dce21&_=2 HTTP 307
- https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA1N2M4MDBkMDk4ZjUxOWE5NmM4ZGNlZDNiYmM2ZDU2Zjg5ZWIyNDVkMTgzODEyMGEyMjhiZTdlMjc1M2UyNjMxNzkxNDI2YjU0MTdkY2UyMRAAGgwIg9-alAYSBAgCEABCAEoA HTTP 302
- https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA1N2M4MDBkMDk4ZjUxOWE5NmM4ZGNlZDNiYmM2ZDU2Zjg5ZWIyNDVkMTgzODEyMGEyMjhiZTdlMjc1M2UyNjMxNzkxNDI2YjU0MTdkY2UyMRAAGgwIg9-alAYSBAgCEABCAEoA&google_gid=CAESEILjMy61GeXD042teE_Ry94&google_cver=1 HTTP 307
- https://usermatch.krxd.net/um/v2?partner=liveramp_identity HTTP 302
- https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=liveramp_identity
- https://d.adroll.com/cm/o/out?adroll_fpc=e7cccb59617ecb09914b8f2b17509398-1652993923643&arrfrr=https%3A%2F%2Fweshield.us%2Funiversities%2F%3Futm_medium%3Demail%26_hsmi%3D213661852%26_hsenc%3Dp2ANqtz-_26zXLhazPyi0zFWpXfWSB8bFmxbR8N9pLYl-BOuAi9TaLcuxLgRB8Oinueoh4lvHI89TJzKYQOpZ2bH1AY6eNVqZfzSgopmFwP754bWhfd0IhmNI%26utm_content%3D213661852%26utm_source%3Dhs_automation&advertisable=QMNMPUQDDBBSXKRLZCC4BD HTTP 302
- https://us-u.openx.net/w/1.0/sd?id=537103138&val=b05a7f00cd2d1aebd359e15252e4bcd3&gdpr=0&gdpr_consent= HTTP 302
- https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=b05a7f00cd2d1aebd359e15252e4bcd3&gdpr=0&gdpr_consent=
- https://d.adroll.com/cm/g/out?adroll_fpc=e7cccb59617ecb09914b8f2b17509398-1652993923643&arrfrr=https%3A%2F%2Fweshield.us%2Funiversities%2F%3Futm_medium%3Demail%26_hsmi%3D213661852%26_hsenc%3Dp2ANqtz-_26zXLhazPyi0zFWpXfWSB8bFmxbR8N9pLYl-BOuAi9TaLcuxLgRB8Oinueoh4lvHI89TJzKYQOpZ2bH1AY6eNVqZfzSgopmFwP754bWhfd0IhmNI%26utm_content%3D213661852%26utm_source%3Dhs_automation&advertisable=QMNMPUQDDBBSXKRLZCC4BD&google_nid=adroll5 HTTP 302
- https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=sFp_AM0tGuvTWeFSUuS80w HTTP 302
- https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=sFp_AM0tGuvTWeFSUuS80w&google_tc= HTTP 302
- https://d.adroll.com/cm/g/in
87 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
VWKNTD3Mg4TqW3FBQhT3M5F0bW63xJzN4KfRL5N7nzPvt3lLB3V1-WJV7CgJf6W7pXGk-6g-SdwW8GZ1YN7wnzm6V4GYkW71qxF4W5Dq-3p8j8p0yW8qTXW71dsdVdW2KS7vl3bV26zW691fCB3zvKjyW5jW7Hs68Xh1cW2HpfTg6X8PrbW6-y93x87fy-SVh4Zqj...
order.weshield.us/e3t/Ctc/RI+113/cZZj304/ |
9 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
weshield.us/universities/ Redirect Chain
|
80 KB 17 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
autoptimize_043fa11ccc93c73506439e33b99af7a8.css
weshield.us/wp-content/cache/autoptimize/css/ |
829 KB 126 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
f853d1b98.min.css
weshield.us/wp-content/uploads/essential-addons-elementor/ |
17 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
10 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
autoptimize_single_15cb9193bd3a02cfabcfffcb2d7effa2.css
weshield.us/wp-content/cache/autoptimize/css/ |
1 KB 507 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
autoptimize_single_987bae69ac570cb7e139869b093bf69c.css
weshield.us/wp-content/cache/autoptimize/css/ |
15 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
autoptimize_single_baa8261f9a33ef122e8e40f81d697c3c.css
weshield.us/wp-content/cache/autoptimize/css/ |
28 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
autoptimize_single_bf6425db778289c0c50764c864c7a7d8.css
weshield.us/wp-content/cache/autoptimize/css/ |
21 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
42 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
weshield.us/wp-includes/js/jquery/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lazysizes.min.js
weshield.us/wp-content/plugins/autoptimize/classes/external/js/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dashicons.min.css
weshield.us/wp-includes/css/ |
58 KB 35 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
regenerator-runtime.min.js
weshield.us/wp-includes/js/dist/vendor/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wp-polyfill.min.js
weshield.us/wp-includes/js/dist/vendor/ |
16 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
www.google.com/recaptcha/ |
884 B 997 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
autoptimize_90d4fcc2289c8935f6f15ce1fa00f8a5.js
weshield.us/wp-content/cache/autoptimize/js/ |
1019 KB 265 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wp-emoji-release.min.js
weshield.us/wp-includes/js/ |
18 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
187 KB 67 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
6si.min.js
j.6sc.co/ |
31 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
99 KB 27 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
67 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
68 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
universities-hero-bg.jpg
weshield.us/wp-content/uploads/2021/04/ |
233 KB 233 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
HKGrotesk-Bold.woff2
weshield.us/wp-content/uploads/2021/04/ |
34 KB 34 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
HKGrotesk-Medium.woff2
weshield.us/wp-content/uploads/2021/04/ |
35 KB 35 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
68 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
68 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
universities-section-bg.jpg
weshield.us/wp-content/uploads/2021/04/ |
27 KB 27 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fa-solid-900.woff2
weshield.us/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ |
76 KB 77 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
67 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/ |
362 KB 143 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Bottom-Right-side-logo.png
weshield.us/wp-content/uploads/2021/04/ |
13 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Logo.png
weshield.us/wp-content/uploads/2021/04/ |
15 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Top-quality-products.png
weshield.us/wp-content/uploads/2021/04/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Ultra-Fast-Delivery.png
weshield.us/wp-content/uploads/2021/04/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Exceptional-customer-service.png
weshield.us/wp-content/uploads/2021/04/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
universities-shield-img.png
weshield.us/wp-content/uploads/2021/04/ |
211 KB 212 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
identity.js
connect.facebook.net/signals/plugins/ |
64 KB 21 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1136347163494612
connect.facebook.net/signals/config/ |
305 KB 87 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
weshield.us/wp-json/wp/v2/ |
116 KB 7 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
insight.min.js
snap.licdn.com/li.lms-analytics/ |
8 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
roundtrip.js
s.adroll.com/j/ |
49 KB 16 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
getuidj
secure.adnxs.com/ |
11 B 699 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
c.6sc.co/ |
47 B 367 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
ipv6.6sc.co/ |
37 B 281 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
getuidj
secure.adnxs.com/ |
11 B 699 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
c.6sc.co/ |
47 B 367 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
ipv6.6sc.co/ |
37 B 281 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
anchor
www.google.com/recaptcha/api2/ Frame 2C4E |
41 KB 21 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
HKGrotesk-SemiBold.woff2
weshield.us/wp-content/uploads/2021/04/ |
34 KB 35 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img.gif
b.6sc.co/v1/beacon/ |
43 B 774 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img.gif
b.6sc.co/v1/beacon/ |
43 B 774 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
styles__ltr.css
www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/ Frame 2C4E |
51 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/ Frame 2C4E |
362 KB 143 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.js
s.adroll.com/j/exp/ Redirect Chain
|
28 B 762 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.js
s.adroll.com/j/pre/ Redirect Chain
|
0 733 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.js
s.adroll.com/j/pre/QMNMPUQDDBBSXKRLZCC4BD/7TC6CKEMDVALVLH4DEAOGO/ |
0 785 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 410 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
p.adsymptotic.com/d/px/ Redirect Chain
|
43 B 165 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/j/ |
2 B 22 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
collect
www.google-analytics.com/ |
35 B 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 436 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 2C4E |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2C4E |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2C4E |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
webworker.js
www.google.com/recaptcha/api2/ Frame 2C4E |
102 B 134 B |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
QMNMPUQDDBBSXKRLZCC4BD
d.adroll.com/consent/check/ |
451 B 920 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
YT2TK2Y7FVEA7AEPWNFCEQ.js
s.adroll.com/pixel/QMNMPUQDDBBSXKRLZCC4BD/7TC6CKEMDVALVLH4DEAOGO/ Redirect Chain
|
4 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
reload
www.google.com/recaptcha/api2/ Frame 2C4E |
31 KB 18 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sendrolling.js
s.adroll.com/j/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
579817992146685
connect.facebook.net/signals/config/ |
305 KB 87 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v1
ads.yahoo.com/cms/ Redirect Chain
|
0 194 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sync
x.bidswitch.net/ul_cb/ Redirect Chain
|
43 B 510 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bounce
ib.adnxs.com/ Redirect Chain
|
43 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
usermatch.gif
beacon.krxd.net/ Redirect Chain
|
0 338 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sd
us-u.openx.net/w/1.0/ Redirect Chain
|
43 B 61 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
in
d.adroll.com/cm/g/ Redirect Chain
|
42 B 537 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.facebook.com/tr/ |
44 B 91 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
/
www.facebook.com/tr/ Frame 8EFF |
0 15 B |
Document
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img.gif
b.6sc.co/v1/beacon/ |
43 B 774 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2.1-with-hoverd.png
weshield.us/wp-content/uploads/2021/04/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4.1-With-hovered.png
weshield.us/wp-content/uploads/2021/04/ |
17 KB 17 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3.1.-With-hoverd.png
weshield.us/wp-content/uploads/2021/04/ |
14 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5.2-without-hoverd.png
weshield.us/wp-content/uploads/2021/04/ |
23 KB 24 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1.2-Hovred.png
weshield.us/wp-content/uploads/2021/04/ |
19 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img.gif
b.6sc.co/v1/beacon/ |
43 B 774 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img.gif
b.6sc.co/v1/beacon/ |
43 B 774 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img.gif
b.6sc.co/v1/beacon/ |
43 B 774 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img.gif
b.6sc.co/v1/beacon/ |
43 B 774 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img.gif
b.6sc.co/v1/beacon/ |
43 B 774 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
118 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails object| _wpemojiSettings undefined| $ function| jQuery object| zozothemes_obj object| dataLayer object| _6si function| fbq function| _fbq number| formDisplay object| nfForms object| form object| lazySizesConfig object| runtime object| regeneratorRuntime function| setImmediate function| clearImmediate object| wpcf7 object| wpcf7r object| localize object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| wpcf7_recaptcha object| HappyLocalize object| fifuImageVars object| nfi18n object| nfFrontEnd object| nfRepeater object| wpApiSettings object| nfSaveProgress object| nfMPSettings object| ElementorProFrontendConfig object| elementorFrontendConfig object| lazySizes object| twemoji object| wp object| google_tag_manager function| a object| wpcf7_redirect function| disableClick function| disableLink function| fifu_fix_gallery_height object| nfRadio function| nfRecaptcha function| nfRenderRecaptcha object| nfCookieMonster function| nfSaveProgressActiveController function| nfSaveProgressPassiveController function| nfSaveProgressSaveButtonController function| SaveModel function| SavesCollection function| SaveItemView function| SaveEmptyView function| SavesLoadingView function| SavesCollectionView function| NF_SaveProgress object| ___FONT_AWESOME___ object| fontawesome-free-shims boolean| isEditMode object| ea function| _ object| Backbone object| Mn object| Marionette function| mexp function| moment object| webpackChunkelementor_pro object| webpackChunkelementor object| elementorModules function| Sticky object| core object| elementorProFrontend function| Waypoint function| Swiper function| ShareLink object| DialogsManager object| elementorFrontend object| google_tag_data string| GoogleAnalyticsObject function| ga string| _linkedin_partner_id object| _linkedin_data_partner_ids string| adroll_adv_id string| adroll_pix_id boolean| __adroll_loaded object| recaptcha object| closure_lm_718429 function| formContentView string| adroll_sid object| __adroll boolean| adroll_optout object| adroll_ext_network object| adroll_callbacks undefined| adroll_tpc_callback function| lintrk boolean| _already_called_lintrk object| gaplugins object| gaGlobal object| gaData object| adroll_exp_list object| __adroll_consent_data boolean| __adroll_consent boolean| __adroll_consent_is_gdpr string| __adroll_consent_user_country string| __adroll_consent_adv_country object| adroll_currency object| adroll_conversion_value object| adroll_conversion_value_in_dollars string| adroll_seg_eid object| adroll_form_fields string| adroll_rule_type40 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.google.com/recaptcha | Name: _GRECAPTCHA Value: 09ACqW7wKnzAai_fmJ_0JjSWHAbLmOLN6EVQ5Yn2g0YaYAOt1IcHIzWiMMXh0OWs20UQjvFQKuhHYkV-iD7StV1lM |
|
.order.weshield.us/ | Name: __cfruid Value: b071690b64799c86be5af61ab7494b87800bd78c-1652993915 |
|
.6sc.co/ | Name: 6suuid Value: 5e5dda176562000082af866299030000f4960500 |
|
.weshield.us/ | Name: _gcl_au Value: 1.1.1706914082.1652993923 |
|
weshield.us/ | Name: _an_uid Value: 0 |
|
weshield.us/ | Name: _gd_visitor Value: a3e3bccf-4fb1-43da-8b3f-11230a71f236 |
|
weshield.us/ | Name: _gd_session Value: 9cb62950-af79-4291-8ab6-0a81288a9b1a |
|
weshield.us/ | Name: _gd_svisitor Value: 5e5dda176562000082af866299030000f4960500 |
|
.weshield.us/ | Name: _fbp Value: fb.1.1652993923419.308182447 |
|
.weshield.us/ | Name: _ga Value: GA1.2.3701813.1652993923 |
|
.weshield.us/ | Name: _gid Value: GA1.2.1855656901.1652993923 |
|
.weshield.us/ | Name: _gat_UA-169184952-1 Value: 1 |
|
.facebook.com/ | Name: fr Value: 0FpKsH3q0yAvhIPoL..Bihq-D...1.0.Bihq-D. |
|
.linkedin.com/ | Name: li_sugr Value: d2c33096-a359-4516-8b6f-00729c69f6c5 |
|
.ads.linkedin.com/ | Name: lang Value: v=2&lang=en-us |
|
.linkedin.com/ | Name: bcookie Value: "v=2&35376a74-e357-4757-80ad-383c7a4c7257" |
|
.linkedin.com/ | Name: lidc Value: "b=TGST08:s=T:r=T:a=T:p=T:g=2312:u=1:x=1:i=1652993923:t=1653080323:v=2:sig=AQE8taOKeQ253409RHItRiu775SOBy7R" |
|
.weshield.us/ | Name: __adroll_fpc Value: e7cccb59617ecb09914b8f2b17509398-1652993923643 |
|
.linkedin.com/ | Name: UserMatchHistory Value: AQIrsYy9hIuFFAAAAYDeHZpCPaBuYXEdkxixLk8jOGvD53q6Y2GhI18qXmH86dnTs3hC9rlqX6NvXw |
|
.linkedin.com/ | Name: AnalyticsSyncHistory Value: AQITwdBPttwQ4AAAAYDeHZpCNBCaFPbGr50uW_lFMCvDUdhVdjQGZQ7v_aNYr0xGJvqqcHrP9MFdmXKIqR5gtA |
|
.weshield.us/ | Name: __ar_v4 Value: %7CQMNMPUQDDBBSXKRLZCC4BD%3A20220518%3A1%7C7TC6CKEMDVALVLH4DEAOGO%3A20220518%3A1%7CYT2TK2Y7FVEA7AEPWNFCEQ%3A20220518%3A1 |
|
.adnxs.com/ | Name: uuid2 Value: 4534289878687393639 |
|
.adnxs.com/ | Name: anj Value: dTM7k!M4/rD>6NRF']wIg2Hb=HxMeS!@wnfH1Ya.O4]7Q=37tTi7iA%01lgk17eU`2+-$@2PR?7^kaYI0ha1p`-lZK2)$zq%Vp3li!YBt)O0<T!2>h9/+0J2!:lCVM2o9M |
|
.linkedin.com/ | Name: lang Value: v=2&lang=en-us |
|
.www.linkedin.com/ | Name: bscookie Value: "v=1&20220519205843292f30ac-8ad4-4138-82e2-14b78615ce06AQHyW5FrwRfsBV84-ZXeHtyBSTdNwy_H" |
|
.rlcdn.com/ | Name: rlas3 Value: CUTdc2vJ5oSN12zwIURxGvX7jr7qIP+xMbxNgHKyz9c= |
|
.bidswitch.net/ | Name: tuuid Value: 35cf5374-b0b2-4bd0-9085-36ad0e863b11 |
|
.bidswitch.net/ | Name: c Value: 1652993923 |
|
.bidswitch.net/ | Name: tuuid_lu Value: 1652993923 |
|
.openx.net/ | Name: i Value: d195d738-61ef-4a21-82c6-e5092baf6820|1652993923 |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUn8P5EcUlh98ajEZ4zZL_isSp3BjB513n8wdzqlXpOx2LGniAFbsjGpSKe96_g |
|
.rlcdn.com/ | Name: pxrc Value: CIPfmpQGEgUI6AcQABIFCOhHEAA= |
|
d.adroll.com/ | Name: __adroll Value: b05a7f00cd2d1aebd359e15252e4bcd3-g_1652993923-a_1652993923 |
|
.adroll.com/ | Name: __adroll_shared Value: b05a7f00cd2d1aebd359e15252e4bcd3-g_1652993923-a_1652993923 |
|
.pippio.com/ | Name: did Value: 0j0ynVsZeajlN5Tr |
|
.pippio.com/ | Name: didts Value: 1652993923 |
|
.pippio.com/ | Name: nnls Value: |
|
.pippio.com/ | Name: pxrc Value: CIPfmpQGEgQIAhAAEgYI3awrEAA= |
|
.adsymptotic.com/ | Name: U Value: 373f2964d3d9063bf3207a7141d981b1 |
|
.krxd.net/ | Name: _kuid_ Value: O2OzFpUJ |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ads.yahoo.com
b.6sc.co
beacon.krxd.net
c.6sc.co
cm.g.doubleclick.net
connect.facebook.net
d.adroll.com
fonts.googleapis.com
fonts.gstatic.com
ib.adnxs.com
idsync.rlcdn.com
ipv6.6sc.co
j.6sc.co
order.weshield.us
p.adsymptotic.com
pippio.com
px.ads.linkedin.com
px4.ads.linkedin.com
s.adroll.com
secure.adnxs.com
snap.licdn.com
stats.g.doubleclick.net
us-u.openx.net
usermatch.krxd.net
weshield.us
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
x.bidswitch.net
104.18.99.194
107.178.254.65
13.107.42.14
142.250.80.66
2001:4998:1c:800::1001
23.59.105.202
2600:1400:d:5af::1c91
2600:141b:13::17d7:82d9
2600:9000:21da:fc00:6:9280:1080:93a1
2606:2c40::c73c:67e4
2607:f8b0:4004:c06::9a
2607:f8b0:4006:80a::200a
2607:f8b0:4006:80b::2008
2607:f8b0:4006:80c::2003
2607:f8b0:4006:80d::2003
2607:f8b0:4006:820::2004
2607:f8b0:4006:824::200e
2620:1ec:21::14
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
3.216.55.148
34.193.99.248
35.190.60.146
35.211.178.172
35.244.159.8
45.33.94.74
54.243.214.150
68.67.160.114
68.67.179.164
032a60d974c80b58c4add2309c6b3b81ebd6aa50f0700cb9c6e4470d32ff666b
03a81d602cb1745ccf0c7c2543c67eb0d9b371190b233bf37364d09e017877cd
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c9969b946c2944eba949da4052ab2a771201859636953b88b9f47b47659dd1d
27d61501b3ae970159f1b2cefdef28ce0cf7167bea1439fdc12272c44f1b3bbf
293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
399cb3ef5b9071bfb7aac85b0f04563d05043c1cd3ead24d842e490004673e0b
3ba47632ae14ffc74ec6fa0638f8b39497dcebbd2793c1c4d7332d521169da91
3c98a52dcd43b4b943fd4631ab6c3e23f4807e5507de44f3a571f7baa5e0c415
3d74aa15684dbebfdd8d4cd6813e443406c3e7de42d2f5bc12a79e60af627b22
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40be1017b33f8898ff50ce95e9ba60381f659e9bbe166205ff70da8ef56b3524
41c1fc0f2b33335cd0d968b633c7de03082e7a0efbfffde7612557656ebdd4b1
482d9917f42ab2f1894cc4c95ba9c26348c24cf0a1154e391b4315eeeb7c3a1f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b8f5fc91ef74fc7fb025159f0be4dcebde2687b9b876562bd10f42c32ea0133
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e925e4ed3c47dfd734e6fbd2fa4743b459a896c7260d6b129106f0423e69282
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
552fa81262b92217471f26d2d6d541e85ca7995d5f2c8da662d98c6b9b762dce
55460c812a87729c82a947685f1fd8503657b109d316c297589ed153b43b2c3a
5825a682d41932f76e0cb9afa5967e2b7f236a2f9439587bc6d937bc76edf005
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5d5963aaf95d1ce0775a27ce9602c7bb68ea7ae37233b693b3c3270b1bcae8f3
5f68209356839610d4b9bbf5a522130858fb1c1172a4f72fa76406f4ecb2f650
674be0fe8f50a04cb9765f1545da654310c1b99bf619ccc3e854117f2d78ffd6
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8acd72187aee119766a812bc04e1707747798d019f2454a44de10a1825576fc0
8b4fb78c5e5599a29f86d20a29d4f69e3ed0654547b1a595cf038ee0553b58d2
8e038b564510a45dc11799f74da367733f3db7f9c0a0434f1e90c44ec5168278
925489c01f7923b45f2444739824156aedeb670e7431ecc78fe019ccb4af9667
95260f9cae401a3c2ad871e83ed815ccfc37bd5d1b1025789125ad0a04fe6fc4
a02d15340e1f061e33aa24e28d3169668ea1ea230e8b9fa1092093a8681f5977
a032484668d7579488d1120c0ae6421c4448e26f37c29d324d5309bd5fa82eac
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2dd5b8d62b7cf729e7ab8d960a60053efbe771a8008f86f1e5cbebc8bf8942f
a591051dd33707663672135793c541464458538c00854c739a3d3d8612811ee3
a7ae4f4e313e150000175511c29ca19ae2948eb663987253d19a9372cc20e3fe
ac2ac8371d375d3509054999aa1285f3a7c255de80b4d714b9942322ef8ab1cd
acbe6770b0fc8b621a9d4f7068b241fb403fe999ea33270931ee59ec4cfdf3f1
b1fe775636e7e7cb87f04311c9cd1e52b61a1586c085a9f78e1928ec8fa969ca
b569e4d8f959524a2106b7c9668d8107ada80c9ad80414b5fa17cc2dec39986d
bd4c5e91ce754d0a26f463f6c55ce538f2eb39888535611a64f569d3c9f8c140
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c0c801dba101fd68909389cc6e9995efbff381ae06737fe133513209a719ce5a
c183ecd4b92bfcac8f9ae40c9a027e78eac59d155448050634cd158b6d8053c7
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1
c6ccafed4e1fa9159bbba9044d386ab217455f3290a9910127bba4ea9aff2ae9
c8f5bfe74720fe9c15a40fddfc0378349c4547ba22d83f9e3417367fa15da2af
ca69306b0e8a13f4c2c54bcb81890ed50d98d2c5646615c8d7fb9f419c34ac66
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
d7a9cec0afbbd9293ca992332458af5cc4c8f43db7e42a189dcd07c092e117c7
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd36ce2b6de12898e6292f9a81294ae54f005916ea97e56edd5080d98444ebd5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e383c4108285cc0876f022fb201ee98a37243634dbb2ec87219cc22fcbef122c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a05935de6dbaeb815bfc793d95b1e1612a0c264924961e1408a2232c225554
e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7
ed8a952fbbf130f3418cecfd1d62160f3a3a4cd9aa797d232abda06f9f4c8057
ee20d8533467f4dbd7f56d8b7b5e1d0263beaa7d00a91b7db45f58165c905a2b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd0c5d34e459e8199af5d95b25051222bff7c890303ae723653447aaedc07ea
f0b69d6b3294629ba2529162064fece4475247d1033de742abcc6706a91c0b2d
f118d68b51648258c126ac73a68fc56c5f5f8b61a477957c22bd7c5088eafc14
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
fcae54547632fa4fe3481f2878793292e0725cafad3956484ae1e30f724b2c75