ncgovote.org
Open in
urlscan Pro
2606:4700:3031::ac43:9b36
Public Scan
Submitted URL: http://ncgovote.org/
Effective URL: https://ncgovote.org/
Submission: On March 09 via manual from CA — Scanned from CA
Effective URL: https://ncgovote.org/
Submission: On March 09 via manual from CA — Scanned from CA
Summary
This website contacted 13 IPs
in 6 countries
across 23 domains to perform 67 HTTP transactions.
The main IP is 2606:4700:3031::ac43:9b36, located in
United States and
belongs to CLOUDFLARENET, US.
The main domain is ncgovote.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 15th 2021. Valid for: a year.
This is the only time ncgovote.org was scanned on urlscan.io!
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 15th 2021. Valid for: a year.
This is the only time ncgovote.org was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
20
104.19.134.78
(None, )
ASN13335 (CLOUDFLARENET, US)
ASN13335 (CLOUDFLARENET, US)
| jsc.mgid.com | |
| c.mgid.com | |
| cdn.mgid.com | |
| servicer.mgid.com | |
| cm.mgid.com |
2
35.212.212.222
(The Dalles, United States)
ASN15169 (GOOGLE, US)
PTR: 222.212.212.35.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 222.212.212.35.bc.googleusercontent.com
| rtb-usw.mfadsrvr.com |
2
109.206.161.21
(Netherlands)
ASN50245 (SERVEREL-AS, NL)
PTR: 109.206.161.21.serverel.net
ASN50245 (SERVEREL-AS, NL)
PTR: 109.206.161.21.serverel.net
| sync.e-volution.ai |
2
13.225.221.55
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-13-225-221-55.jfk51.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-13-225-221-55.jfk51.r.cloudfront.net
| api.intentiq.com |
2
35.71.131.137
(United States)
ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
| match.adsrvr.org |
2
82.145.213.8
(Norway)
ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
| t.adx.opera.com |
2
35.71.139.29
(United States)
ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
| eb2.3lift.com |
6
35.211.178.172
(North Charleston, United States)
ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
| x.bidswitch.net |
4
142.251.40.226
(United States)
ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f2.1e100.net
ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f2.1e100.net
| cm.g.doubleclick.net |
1
178.162.133.149
(Rijswijk, Netherlands)
ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
| sync.go.sonobi.com |
2
34.238.200.25
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-238-200-25.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-238-200-25.compute-1.amazonaws.com
| ad.360yield.com |
2
185.184.8.65
(Amsterdam, Netherlands)
ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
| creativecdn.com |
1
52.23.124.50
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-23-124-50.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-23-124-50.compute-1.amazonaws.com
| sonata-notifications.taptapnetworks.com |
1
13.225.221.93
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-13-225-221-93.jfk51.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-13-225-221-93.jfk51.r.cloudfront.net
| sync.intentiq.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 30 |
ncgovote.org
1 redirects
ncgovote.org |
283 KB |
| 22 |
mgid.com
jsc.mgid.com — Cisco Umbrella Rank: 8333 c.mgid.com — Cisco Umbrella Rank: 6428 cdn.mgid.com — Cisco Umbrella Rank: 10514 servicer.mgid.com — Cisco Umbrella Rank: 8449 s-img.mgid.com — Cisco Umbrella Rank: 7801 cm.mgid.com — Cisco Umbrella Rank: 2218 |
128 KB |
| 6 |
bidswitch.net
6 redirects
x.bidswitch.net — Cisco Umbrella Rank: 257 |
3 KB |
| 6 |
yandex.ru
1 redirects
mc.yandex.ru — Cisco Umbrella Rank: 2926 |
70 KB |
| 4 |
doubleclick.net
4 redirects
cm.g.doubleclick.net — Cisco Umbrella Rank: 176 |
737 B |
| 3 |
intentiq.com
api.intentiq.com — Cisco Umbrella Rank: 1702 sync.intentiq.com — Cisco Umbrella Rank: 1323 |
2 KB |
| 2 |
creativecdn.com
2 redirects
creativecdn.com — Cisco Umbrella Rank: 614 |
687 B |
| 2 |
360yield.com
2 redirects
ad.360yield.com — Cisco Umbrella Rank: 630 |
613 B |
| 2 |
aralego.com
2 redirects
sync.aralego.com — Cisco Umbrella Rank: 1878 |
792 B |
| 2 |
3lift.com
2 redirects
eb2.3lift.com — Cisco Umbrella Rank: 346 |
732 B |
| 2 |
opera.com
2 redirects
t.adx.opera.com — Cisco Umbrella Rank: 4149 |
2 KB |
| 2 |
adsrvr.org
2 redirects
match.adsrvr.org — Cisco Umbrella Rank: 293 |
907 B |
| 2 |
e-volution.ai
2 redirects
sync.e-volution.ai — Cisco Umbrella Rank: 2431 |
918 B |
| 2 |
mfadsrvr.com
2 redirects
rtb-usw.mfadsrvr.com — Cisco Umbrella Rank: 8950 |
757 B |
| 2 |
rubiconproject.com
1 redirects
pixel.rubiconproject.com — Cisco Umbrella Rank: 289 |
1 KB |
| 2 |
gstatic.com
fonts.gstatic.com |
31 KB |
| 1 |
taptapnetworks.com
1 redirects
sonata-notifications.taptapnetworks.com — Cisco Umbrella Rank: 5109 |
321 B |
| 1 |
sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 843 |
513 B |
| 1 |
aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 3041 |
733 B |
| 1 |
smartadserver.com
1 redirects
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1266 |
345 B |
| 1 |
idealmedia.io
cm.idealmedia.io — Cisco Umbrella Rank: 11609 |
412 B |
| 1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35 |
1 KB |
| 0 |
mathtag.com
Failed
sync.mathtag.com Failed |
|
| 67 | 23 |
| Domain | Requested by | |
|---|---|---|
| 30 | ncgovote.org |
1 redirects
ncgovote.org
|
| 9 | cm.mgid.com |
jsc.mgid.com
|
| 7 | cdn.mgid.com |
ncgovote.org
jsc.mgid.com |
| 6 | x.bidswitch.net | 6 redirects |
| 6 | mc.yandex.ru |
1 redirects
ncgovote.org
mc.yandex.ru |
| 4 | cm.g.doubleclick.net | 4 redirects |
| 2 | creativecdn.com | 2 redirects |
| 2 | ad.360yield.com | 2 redirects |
| 2 | sync.aralego.com | 2 redirects |
| 2 | eb2.3lift.com | 2 redirects |
| 2 | t.adx.opera.com | 2 redirects |
| 2 | match.adsrvr.org | 2 redirects |
| 2 | api.intentiq.com |
cdn.mgid.com
|
| 2 | sync.e-volution.ai | 2 redirects |
| 2 | rtb-usw.mfadsrvr.com | 2 redirects |
| 2 | pixel.rubiconproject.com | 1 redirects |
| 2 | s-img.mgid.com | |
| 2 | fonts.gstatic.com |
fonts.googleapis.com
|
| 2 | jsc.mgid.com |
ncgovote.org
jsc.mgid.com |
| 1 | sync.intentiq.com | |
| 1 | sonata-notifications.taptapnetworks.com | 1 redirects |
| 1 | sync.go.sonobi.com | |
| 1 | cdn.aralego.net | |
| 1 | ssbsync.smartadserver.com | 1 redirects |
| 1 | cm.idealmedia.io | |
| 1 | servicer.mgid.com |
jsc.mgid.com
|
| 1 | c.mgid.com |
jsc.mgid.com
|
| 1 | fonts.googleapis.com |
ncgovote.org
|
| 0 | sync.mathtag.com Failed | |
| 67 | 29 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| widgets.mgid.com |
| www.mgid.com |
| wordpress.org |
| az-theme.net |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-04-15 - 2022-04-14 |
a year | crt.sh |
| upload.video.google.com GTS CA 1C3 |
2022-02-17 - 2022-05-12 |
3 months | crt.sh |
| *.gstatic.com GTS CA 1C3 |
2022-02-17 - 2022-05-12 |
3 months | crt.sh |
| mc.yandex.ru Yandex CA |
2021-12-22 - 2022-06-03 |
5 months | crt.sh |
| *.intentiq.com Amazon |
2021-04-04 - 2022-05-03 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://ncgovote.org/
Frame ID: 6BDA3B0E9E4953FB6031FCFFAC2F1334
Requests: 66 HTTP requests in this frame
Frame:
https://cm.mgid.com/i-noref.js?cbuster=1646851353647541796658
Frame ID: A0914EC71E11D3386FAB4C06C5399D88
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
NCGo | BlogPage URL History Show full URLs
-
http://ncgovote.org/
HTTP 301
https://ncgovote.org/ Page URL
Detected technologies
WordPress
(CMS)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
- /wp-(?:content|includes)/
- wp-embed\.min\.js\?ver=([\d.]+)
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Font API
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Lightbox
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- lightbox(?:-plus-jquery)?.{0,32}\.js
Lodash
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- lodash.*\.js
OWL Carousel
(Widgets)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css
- owl\.carousel.*\.js
Rubicon Project
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- https?://[^/]*\.rubiconproject\.com
Underscore.js
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- underscore.*\.js(?:\?ver=([\d.]+))?
Yandex.Metrika
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- mc\.yandex\.ru/metrika/(?:tag|watch)\.js
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery Migrate
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Page Statistics
6 Outgoing links
These are links going to different origins than the main page.
URL: https://widgets.mgid.com/?utm_source=ncgovote.org&utm_medium=referral&utm_campaign=widgets&utm_content=1237139
Search URL Search Domain Scan URL
URL: https://www.mgid.com/services/privacy-policy
Search URL Search Domain Scan URL
URL: https://www.mgid.com/ghits/11533292/i/57570015/0/pp/1/1?h=T2dmELwXj_ii8S6GgCboVBI72PG4tKHnT9Tqtqk_WY4o22zwYFs-R623lqWhqacO&rid=aec2ece7-9fd8-11ec-961c-78ac440ce74a&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=0&st=-300
Search URL Search Domain Scan URL
URL: https://www.mgid.com/ghits/11533487/i/57570015/0/pp/2/1?h=T2dmELwXj_ii8S6GgCboVJgfwlSKI6qzrCa4PQ1HS0femSisbm5tDhLkhGrAbBjP&rid=aec2ece7-9fd8-11ec-961c-78ac440ce74a&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=0&st=-300
Search URL Search Domain Scan URL
URL: https://wordpress.org/
Title: Proudly powered by WordPress
Title: Proudly powered by WordPress
Search URL Search Domain Scan URL
URL: http://az-theme.net/
Title: AZ-Theme
Title: AZ-Theme
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://ncgovote.org/
HTTP 301
https://ncgovote.org/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 34- https://mc.yandex.ru/watch/85704392?wmode=7&page-url=https%3A%2F%2Fncgovote.org%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvhnrnrlctj3z%3Afp%3A459%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A195608786183%3Ahid%3A799706113%3Az%3A0%3Ai%3A20220309184233%3Aet%3A1646851353%3Ac%3A1%3Arn%3A44708694%3Arqn%3A1%3Au%3A1646851353400316534%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1646851352108%3Ads%3A0%2C35%2C216%2C97%2C56%2C0%2C%2C117%2C10%2C%2C%2C%2C522%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1646851353%3At%3ANCGo%20%7C%20Blog&t=gdpr(14)aw(1)ti(2) HTTP 302
- https://mc.yandex.ru/watch/85704392/1?wmode=7&page-url=https%3A%2F%2Fncgovote.org%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvhnrnrlctj3z%3Afp%3A459%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A195608786183%3Ahid%3A799706113%3Az%3A0%3Ai%3A20220309184233%3Aet%3A1646851353%3Ac%3A1%3Arn%3A44708694%3Arqn%3A1%3Au%3A1646851353400316534%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1646851352108%3Ads%3A0%2C35%2C216%2C97%2C56%2C0%2C%2C117%2C10%2C%2C%2C%2C522%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1646851353%3At%3ANCGo%20%7C%20Blog&t=gdpr%2814%29aw%281%29ti%282%29
- https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1931007764&pcid=m29xpQVJuiGa HTTP 302
- https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1931007764&pcid=m29xpQVJuiGa&ckls=true&ci=h1wD0jB5PN&nc=false&trid=338375012 HTTP 302
- https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D1931007764%26rnd%3D835934070%26pcid%3D%23PMUID HTTP 302
- https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D1931007764%26rnd%3D835934070%26pcid%3D%23PMUID&rdf=1 HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OEM0NkQ3OEItM0U0QS00MDIxLTgxQ0UtOUE0QTRBODRDQTM0&gdpr=0&gdpr_consent= HTTP 302
- https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
- https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
- https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1402230080&mi=10&csh=1931007764&rnd=835934070&pcid=8C46D78B-3E4A-4021-81CE-9A4A4A84CA34 HTTP 302
- https://ib.adnxs.com/getuid?https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D1931007764%3B1402230080%26rnd%3D977753455&pcid=$UID HTTP 307
- https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync1.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526dpi%253D1709765917%2526mi%253D10%2526csh%253D1931007764%253B1402230080%2526rnd%253D977753455%26pcid%3D%24UID HTTP 302
- https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=1931007764;1402230080&rnd=977753455&pcid=9156842844979058135 HTTP 302
- https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1486637409%26mi%3D10%26csh%3D1931007764%3B1402230080%3B1709765917%26rnd%3D1670292754%26pcid%3D HTTP 302
- https://u.openx.net/w/1.0/cm?cc=1&id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1486637409%26mi%3D10%26csh%3D1931007764%3B1402230080%3B1709765917%26rnd%3D1670292754%26pcid%3D HTTP 302
- https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1486637409&mi=10&csh=1931007764;1402230080;1709765917&rnd=1670292754&pcid=349d64c4-1839-4fa3-bdc3-298b46e8fdc5 HTTP 302
- https://ce.lijit.com/merge?pid=8101&3pid=h1wD0jB5PN&location=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D396218182%26mi%3D10%26csh%3D1931007764%3B1402230080%3B1709765917%3B1486637409%26rnd%3D-2144172008%26pcid%3D%5BSOVRNID%5D HTTP 302
- https://ce.lijit.com/merge?pid=8101&3pid=h1wD0jB5PN&location=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D396218182%26mi%3D10%26csh%3D1931007764%3B1402230080%3B1709765917%3B1486637409%26rnd%3D-2144172008%26pcid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
- https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=396218182&mi=10&csh=1931007764;1402230080;1709765917;1486637409&rnd=-2144172008&pcid=f1f3bdd9308aeddcdbbed652 HTTP 302
- https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1072441116%26mi%3D10%26csh%3D1931007764%3B1402230080%3B1709765917%3B1486637409%3B396218182%26rnd%3D-648288372%26pcid%3D%24SPOTX_USER_ID HTTP 302
- https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1072441116%26mi%3D10%26csh%3D1931007764%3B1402230080%3B1709765917%3B1486637409%3B396218182%26rnd%3D-648288372%26pcid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=af920ecc-9fd8-11ec-9406-1d7b310e0403 HTTP 302
- https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1072441116&mi=10&csh=1931007764;1402230080;1709765917;1486637409;396218182&rnd=-648288372&pcid=af920e77-9fd8-11ec-9406-1d7b310e0403 HTTP 302
- https://sync.mathtag.com/sync/img?mt_exid=10019&redir=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1678944572%26mi%3D10%26csh%3D1931007764%3B1402230080%3B1709765917%3B1486637409%3B396218182%3B1072441116%26rnd%3D-2130244487%26pcid=[MM_UUID]
- https://pixel.rubiconproject.com/exchange/sync.php?p=mgid HTTP 302
- https://cm.mgid.com/m?cdsp=43070&c=L0JWRX66-1I-16XZ
- https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
- https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
- https://cm.mgid.com/m?cdsp=287839&c=0643b74d-98e0-4920-9200-c419c1967f91
- https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=m29xpQVJuiGa HTTP 302
- https://ssbsync.smartadserver.com/api/sync?callerId=24&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
- https://sync.e-volution.ai/a02d62607dea0c97e41ff36ebd422945.gif?puid=214711368246174218&gdpr=0&gdpr_consent= HTTP 302
- https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
- https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
- https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
- https://cm.mgid.com/m?cdsp=371158&c=e047a872-a489-472e-807a-9780ed074a53&ttl=1649443353
- https://t.adx.opera.com/pub/sync?pubid=pub6103523253312 HTTP 302
- https://eb2.3lift.com/getuid?redir=https%3A%2F%2Ft.adx.opera.com%2Fsync%3Fvendor%3D60124%26uid%3D$UID HTTP 302
- https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Ft.adx.opera.com%2Fsync%3Fvendor%3D60124%26uid%3D%24UID HTTP 302
- https://t.adx.opera.com/sync?vendor=60124&uid=3281145217875124533727 HTTP 302
- https://sync.aralego.com/idSync?ucf_nid=par-627D96DE43D94E241EAD99688E72B636&ucf_user_id=4fb3a350fc65fe85&redirect=https%3A%2F%2Ft.adx.opera.com%2Fsync%3Fuid%3DUCFUID%26vendor%3D60114 HTTP 302
- https://x.bidswitch.net/sync?ssp=ucfunnel&user_id=38ea6998-47a2-3985-9d77-4e5a211f8abf&gdpr=0&gdpr_consent= HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=ucfunnel&bsw_param=c25f0cf2-399a-45b2-8d3d-bd28f6a83f90&google_hm=YzI1ZjBjZjItMzk5YS00NWIyLThkM2QtYmQyOGY2YTgzZjkw HTTP 302
- https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESECWK4YvwzksBAyd90-zh1LA&google_cver=1&ssp=ucfunnel&bsw_param=c25f0cf2-399a-45b2-8d3d-bd28f6a83f90 HTTP 302
- https://sync.aralego.com/idSync?redirect=&ucf_nid=dsp-6AABDA2D3AA6EAD1E94E9442DE6444A&ucf_user_id=c25f0cf2-399a-45b2-8d3d-bd28f6a83f90 HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=ucfunnel&google_hm=MzhlYTY5OTgtNDdhMi0zOTg1LTlkNzctNGU1YTIxMWY4YWJm&google_redir=https%3A%2F%2Fcdn.aralego.net%2Fimg%2F1x1.png HTTP 302
- https://cdn.aralego.net/img/1x1.png
- https://x.bidswitch.net/sync?dsp_id=303&user_id=m29xpQVJuiGa HTTP 302
- https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=m29xpQVJuiGa HTTP 302
- https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=c25f0cf2-399a-45b2-8d3d-bd28f6a83f90
- https://ad.360yield.com/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
- https://ad.360yield.com/ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
- https://cm.mgid.com/m?cdsp=665953&c=b560aad4-622a-4508-b8e0-e1f37257e351
- https://creativecdn.com/cm-notify?pi=mgid HTTP 302
- https://creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
- https://cm.mgid.com/m?cdsp=501037&c=dxWbBHMpnynhdrgAK09W&pi=mgid&tc=1
- https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bTI5eHBRVkp1aUdh&muidn=m29xpQVJuiGa HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bTI5eHBRVkp1aUdh&muidn=m29xpQVJuiGa&google_tc= HTTP 302
- https://cm.mgid.com/google?muidn=m29xpQVJuiGa&google_ula={guid},5&google_gid=CAESELOmv6uIe_zA84Y4zk3hWYg&google_cver=1
- https://x.bidswitch.net/sync?ssp=mgid HTTP 302
- https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=mgid&bsw_custom_parameter=c25f0cf2-399a-45b2-8d3d-bd28f6a83f90&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
- https://x.bidswitch.net/sync?dsp_id=413&ssp=mgid&user_id=csonata_63645f40-fe45-4514-8d40-014566bdf1c6&bsw_param=c25f0cf2-399a-45b2-8d3d-bd28f6a83f90&expires=10 HTTP 302
- https://cm.mgid.com/m?cdsp=433145&c=c25f0cf2-399a-45b2-8d3d-bd28f6a83f90&gdpr=&gdpr_consent=&us_privacy=
67 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
ncgovote.org/ Redirect Chain
|
29 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
style.min.css
ncgovote.org/wp-includes/css/dist/block-library/ |
57 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
styles.css
ncgovote.org/wp-content/plugins/contact-form-7/includes/css/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
swipebox.min.css
ncgovote.org/wp-content/plugins/responsive-lightbox/assets/swipebox/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.min.css
ncgovote.org/wp-content/themes/monza/libs/bootstrap/css/ |
141 KB 22 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
font-awesome.min.css
ncgovote.org/wp-content/themes/monza/libs/font-awesome/css/ |
26 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
owl.carousel.css
ncgovote.org/wp-content/themes/monza/libs/owl/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
style.css
ncgovote.org/wp-content/themes/monza/ |
29 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.js
ncgovote.org/wp-includes/js/jquery/ |
87 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-migrate.min.js
ncgovote.org/wp-includes/js/jquery/ |
11 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.swipebox.min.js
ncgovote.org/wp-content/plugins/responsive-lightbox/assets/swipebox/ |
13 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
underscore.min.js
ncgovote.org/wp-includes/js/ |
16 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
infinite-scroll.pkgd.min.js
ncgovote.org/wp-content/plugins/responsive-lightbox/assets/infinitescroll/ |
25 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
front.js
ncgovote.org/wp-content/plugins/responsive-lightbox/js/ |
25 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
wp-emoji-release.min.js
ncgovote.org/wp-includes/js/ |
14 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ncgovote.org.1237139.js
jsc.mgid.com/n/c/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
wp-polyfill.min.js
ncgovote.org/wp-includes/js/dist/vendor/ |
97 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
hooks.min.js
ncgovote.org/wp-includes/js/dist/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
i18n.min.js
ncgovote.org/wp-includes/js/dist/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
lodash.min.js
ncgovote.org/wp-includes/js/dist/vendor/ |
71 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
url.min.js
ncgovote.org/wp-includes/js/dist/ |
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
api-fetch.min.js
ncgovote.org/wp-includes/js/dist/ |
12 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
index.js
ncgovote.org/wp-content/plugins/contact-form-7/includes/js/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
navigation.js
ncgovote.org/wp-content/themes/monza/js/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
skip-link-focus-fix.js
ncgovote.org/wp-content/themes/monza/js/ |
685 B 949 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
owl.carousel.min.js
ncgovote.org/wp-content/themes/monza/libs/owl/ |
39 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
monza-script.js
ncgovote.org/wp-content/themes/monza/js/ |
391 B 762 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
q2w3-fixed-widget.min.js
ncgovote.org/wp-content/plugins/q2w3-fixed-widget/js/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
wp-embed.min.js
ncgovote.org/wp-includes/js/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
fontawesome-webfont.woff2
ncgovote.org/wp-content/themes/monza/libs/font-awesome/fonts/ |
63 KB 64 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tag.js
mc.yandex.ru/metrika/ |
199 KB 68 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
ncgovote.org.1237139.es6.js
jsc.mgid.com/n/c/ |
243 KB 72 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1
mc.yandex.ru/watch/85704392/ Redirect Chain
|
338 B 420 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
advert.gif
mc.yandex.ru/metrika/ |
43 B 136 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
c.mgid.com/pv/ |
0 303 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
mgid-logo-ua.svg
cdn.mgid.com/images/logos/ |
1 KB 840 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Adchoices.svg
cdn.mgid.com/images/logos/ |
836 B 813 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1
servicer.mgid.com/1237139/ |
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
mgid-logo-ua.svg
cdn.mgid.com/images/logos/ |
1 KB 1016 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
Adchoices.svg
cdn.mgid.com/images/logos/ |
836 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNTY5LHlfNTkwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTExLzEwMTkyNC84NDVjY...
s-img.mgid.com/g/11533292/492x277/-/ |
20 KB 20 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMy8xMDE5MjQvMDBmOGU3ZGI5NmRiMTlkY...
s-img.mgid.com/g/11533487/492x277/-/ |
18 KB 19 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
i.js
cm.mgid.com/ |
2 KB 805 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
i-noref.js
cm.mgid.com/ Frame A091 |
0 38 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
img
sync.mathtag.com/sync/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
m
cm.mgid.com/ Redirect Chain
|
43 B 476 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
cm.idealmedia.io/setmuidn/ |
0 412 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
m
cm.mgid.com/ Redirect Chain
|
43 B 510 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sync.php
pixel.rubiconproject.com/exchange/ Redirect Chain
|
42 B 709 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ProfilesEngineServlet
api.intentiq.com/profiles_engine/ |
0 648 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
m
cm.mgid.com/ Redirect Chain
|
43 B 477 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1x1.png
cdn.aralego.net/img/ Redirect Chain
|
68 B 733 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
us.gif
sync.go.sonobi.com/ Redirect Chain
|
49 B 513 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
m
cm.mgid.com/ Redirect Chain
|
43 B 494 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
m
cm.mgid.com/ Redirect Chain
|
43 B 526 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
google
cm.mgid.com/ Redirect Chain
|
0 338 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
m
cm.mgid.com/ Redirect Chain
|
43 B 510 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
IIQUniversalID.js
cdn.mgid.com/js/ |
13 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ProfilesEngineServlet
api.intentiq.com/profiles_engine/ |
40 B 849 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ |
43 B 539 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
mgid-logo-ua.svg
cdn.mgid.com/images/logos/ |
1 KB 1016 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
Adchoices.svg
cdn.mgid.com/images/logos/ |
836 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
85704392
mc.yandex.ru/webvisor/ |
43 B 145 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
85704392
mc.yandex.ru/webvisor/ |
43 B 73 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- sync.mathtag.com
- URL
- https://sync.mathtag.com/sync/img?mt_exid=10019&redir=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1678944572%26mi%3D10%26csh%3D1931007764%3B1402230080%3B1709765917%3B1486637409%3B396218182%3B1072441116%26rnd%3D-2130244487%26pcid=[MM_UUID]
Verdicts & Comments Add Verdict or Comment
69 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| structuredClone object| oncontextlost object| oncontextrestored object| _wpemojiSettings object| twemoji object| wp undefined| $ function| jQuery function| _ function| jQueryBridget function| EvEmitter function| matchesSelector object| fizzyUIUtils function| InfiniteScroll function| imagesLoaded object| rlArgs object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| sprintf function| vsprintf function| lodash object| wpcf7 object| q2w3_sidebar_options function| q2w3_sidebar_init function| q2w3_exclude_mutations_array function| q2w3_sidebar function| ym object| widget_obj boolean| q2w3Refresh function| rl_view_image function| rl_hide_image object| _mgIntExchangeNews object| MarketGidInfC1237139 function| MarketGidCContextBlock1237139 function| MarketGidCMainBlock1237139 function| MarketGidCInternalExchangeBlock1237139 function| MarketGidCRejectBlock1237139 function| MarketGidCInternalExchangeLoggerBlock1237139 function| MarketGidCObserverBlock1237139 function| MarketGidCSendDimensionsBlock1237139 function| MarketGidCRtbBlock1237139 function| MarketGidCIframeSizeChangerBlock1237139 function| MarketGidCContentPreviewBlock1237139 function| MarketGidCResponsiveBlock1237139 boolean| mg_loaded_767213_1237139 object| Ya object| yaCounter85704392 object| onClickExcludes function| mgReject1237139 function| mgLoadAds1237139_03703 function| MarketGidCReject1237139 function| MarketGidLoadGoods1237139_03703 object| _mgq function| _mgqp number| _mgqt number| _mgqi string| _mgCanonicalUri boolean| _mgPageViewEndPoint767213 string| _mgPvid boolean| _mgPageView767213 boolean| i.js.loaded boolean| i-noref.js.loaded function| _typeof function| IntentIqObject64 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .mgid.com/ | Name: __cf_bm Value: 6QIbC6UK219nmEebNATZKTyykJrTX7Gz8fj8h5VNcLA-1646851352-0-AQGiLI40ki/TbTVS/UyCIautvaTMEC55Hwd8Ijye+6dDukm3t7hFKcJUxb9VVHawvEUXOhIgsiamkIDmx86Tvi8= |
|
| .ncgovote.org/ | Name: _ym_uid Value: 1646851353400316534 |
|
| .ncgovote.org/ | Name: _ym_d Value: 1646851353 |
|
| .yandex.ru/ | Name: yandexuid Value: 6839948751646851353 |
|
| .yandex.ru/ | Name: yuidss Value: 6839948751646851353 |
|
| mc.yandex.ru/ | Name: yabs-sid Value: 339311691646851353 |
|
| .yandex.ru/ | Name: i Value: wLe9/XlUE8P8zSqMO+FZ+Irm1R+Ai4CYpn+/u+bf9wP3gsbkSsLgstoWQwIWswJsfS+v08VSZmeKPMbkvURWb2r/VGs= |
|
| .yandex.ru/ | Name: ymex Value: 1962211353.yrts.1646851353#1962211353.yrtsi.1646851353 |
|
| .ncgovote.org/ | Name: _ym_isad Value: 2 |
|
| servicer.mgid.com/ | Name: __mglb Value: de28b2ed7b5c6b554b08c6aa2c90d254 |
|
| .mgid.com/ | Name: muidn Value: m29xpQVJuiGa |
|
| ncgovote.org/ | Name: MarketGidStorage Value: %7B%220%22%3A%7B%7D%2C%22C1237139%22%3A%7B%22page%22%3A1%2C%22time%22%3A1646851353580%7D%7D |
|
| .ncgovote.org/ | Name: _ym_visorc Value: w |
|
| .adsrvr.org/ | Name: TDID Value: e047a872-a489-472e-807a-9780ed074a53 |
|
| .intentiq.com/ | Name: IQver Value: 1.9 |
|
| .intentiq.com/ | Name: intentIQ Value: h1wD0jB5PN |
|
| .rubiconproject.com/ | Name: khaos Value: L0JWRX66-1I-16XZ |
|
| .adsrvr.org/ | Name: TDCPM Value: CAEYBSABKAIyCwiQzYrj6YHBOhAFOAE. |
|
| .idealmedia.io/ | Name: muidn Value: m29xpQVJuiGa |
|
| .bidswitch.net/ | Name: tuuid Value: c25f0cf2-399a-45b2-8d3d-bd28f6a83f90 |
|
| .bidswitch.net/ | Name: c Value: 1646851353 |
|
| .bidswitch.net/ | Name: tuuid_lu Value: 1646851353 |
|
| .360yield.com/ | Name: tuuid Value: b560aad4-622a-4508-b8e0-e1f37257e351 |
|
| .360yield.com/ | Name: tuuid_lu Value: 1646851353 |
|
| .mfadsrvr.com/ | Name: tuuid Value: 0643b74d-98e0-4920-9200-c419c1967f91 |
|
| .mfadsrvr.com/ | Name: c Value: 1646851353 |
|
| .intentiq.com/ | Name: intentIQCDate Value: 1646851353936 |
|
| .intentiq.com/ | Name: IIQMgidCookieSync Value: 1646851353940 |
|
| .intentiq.com/ | Name: ASDT Value: 0 |
|
| .e-volution.ai/ | Name: v_usr Value: 03912e53-2692-4aac-90ce-d6f3bce3094e |
|
| .adx.opera.com/ | Name: UID Value: 491ad1e11e0747578bee5f338011af6c |
|
| .adx.opera.com/ | Name: oads_scb Value: aHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9NTI4MTYzJmM9NDkxYWQxZTExZTA3NDc1NzhiZWU1ZjMzODAxMWFmNmM%3D |
|
| .doubleclick.net/ | Name: IDE Value: AHWqTUk_NeGJ4aWLK-fDISARVF-KGNyOEDiMnzF4U2FTO2C8FYN-idJc5bN6rq216ns |
|
| .mfadsrvr.com/ | Name: tuuid_lu Value: 1646851354 |
|
| .mfadsrvr.com/ | Name: ssh Value: !mgid,1646851354 |
|
| .taptapnetworks.com/ | Name: SONATA_ID Value: csonata_63645f40-fe45-4514-8d40-014566bdf1c6 |
|
| .3lift.com/ | Name: tluid Value: 3281145217875124533727 |
|
| .pubmatic.com/ | Name: KTPCACOOKIE Value: YES |
|
| .creativecdn.com/ | Name: u Value: dxWbBHMpnynhdrgAK09W |
|
| .creativecdn.com/ | Name: ts Value: 1646851354 |
|
| .pubmatic.com/ | Name: SyncRTB3 Value: 1647993600%3A220 |
|
| .pubmatic.com/ | Name: KADUSERCOOKIE Value: 8C46D78B-3E4A-4021-81CE-9A4A4A84CA34 |
|
| .smartadserver.com/ | Name: pid Value: 214711368246174218 |
|
| .adx.opera.com/ | Name: oads_usp Value: WyJodHRwczovL2NyZWF0aXZlY2RuLmNvbS9jbS1ub3RpZnk_cGk9b3BlcmEiLCJodHRwczovL3Vwcy5hbmFseXRpY3MueWFob28uY29tL3Vwcy81ODQ4NC9vY2MiLCJodHRwOi8vaWIuYWRueHMuY29tL2dldHVpZD9odHRwcyUzQSUyRiUyRnQuYWR4Lm9wZXJhLmNvbSUyRnN5bmMlM0Z2ZW5kb3IlM0Q2MDE0MSUyNnVpZCUzRCUyNFVJRCIsImh0dHBzOi8vYW4ueWFuZGV4LnJ1L21hcHVpZC9vcGVyYWNvbS8iXQ%3D%3D |
|
| .pubmatic.com/ | Name: PUBMDCID Value: 2 |
|
| .rubiconproject.com/ | Name: audit Value: 1|ncyfItcJ+hlDF7gNkeWhnUjLsdwdKKgmubtluxeVp/oeECEUBMheinpH0keumj/dTsfu68cRYGEkEa5N2k7U1SEEFoCDRlfY6OCC7Xlt7kwBXXriGKTjhcEuNPWQhMos |
|
| .pubmatic.com/ | Name: pi Value: 156872:3 |
|
| .pubmatic.com/ | Name: chkChromeAb67Sec Value: 2 |
|
| cm.mgid.com/ | Name: mg_sync Value: {"12":1646851353,"3":1646851353,"371158":1646851353,"433145":1646851354,"5":1646851353,"501037":1646851354,"665953":1646851354,"9":1646851353} |
|
| .aralego.com/ | Name: sspid Value: 38ea6998-47a2-3985-9d77-4e5a211f8abf |
|
| .intentiq.com/ | Name: IQPubmaticCookieSync Value: 1646851354385 |
|
| .adnxs.com/ | Name: uuid2 Value: 9156842844979058135 |
|
| .intentiq.com/ | Name: IQAppnexusCookieSync Value: 1646851354514 |
|
| .openx.net/ | Name: i Value: 1094bd2d-fdf8-48a7-a370-7740ce878d2d|1646851354 |
|
| .intentiq.com/ | Name: IQOpenxPrimisCookieSync Value: 1646851354639 |
|
| .lijit.com/ | Name: ljt_reader Value: f1f3bdd9308aeddcdbbed652 |
|
| .lijit.com/ | Name: _ljtrtb_8101 Value: h1wD0jB5PN |
|
| .intentiq.com/ | Name: IQSovernCookieSync Value: 1646851354793 |
|
| .intentiq.com/ | Name: IQadv Value: 1646851354793 |
|
| .spotxchange.com/ | Name: audience Value: af920e77-9fd8-11ec-9406-1d7b310e0403 |
|
| .intentiq.com/ | Name: IQSpotXPrimisCookieSync Value: 1646851354965 |
|
| .intentiq.com/ | Name: CSDT Value: UEQ6MTUxMjBfMCZTemJ3U0NTIzIzXzAmU3pid1M5aCMyNF8wJlN6YndTMzcjMTAyMzRfMCZTemJ3UnZ3IzEwMTM5XzAmU3pid1M1QyMxNTExNV8wJlN6YndTN0Q |
|
| .intentiq.com/ | Name: IQPData Value: 2503514553#1646851354964#0#1646851353935 |
|
| .mathtag.com/ | Name: uuid Value: 29416228-f51b-4700-96ae-a2f3849a1fee |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ad.360yield.com
api.intentiq.com
c.mgid.com
cdn.aralego.net
cdn.mgid.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.mgid.com
creativecdn.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
jsc.mgid.com
match.adsrvr.org
mc.yandex.ru
ncgovote.org
pixel.rubiconproject.com
rtb-usw.mfadsrvr.com
s-img.mgid.com
servicer.mgid.com
sonata-notifications.taptapnetworks.com
ssbsync.smartadserver.com
sync.aralego.com
sync.e-volution.ai
sync.go.sonobi.com
sync.intentiq.com
sync.mathtag.com
t.adx.opera.com
x.bidswitch.net
sync.mathtag.com
104.16.199.73
104.19.133.78
104.19.134.78
109.206.161.21
13.225.221.55
13.225.221.93
142.251.40.226
178.162.133.149
185.184.8.65
192.96.200.41
199.187.193.179
2606:4700:20::681a:467
2606:4700:3031::ac43:9b36
2607:f8b0:4006:80d::200a
2607:f8b0:4006:816::2003
2a02:6b8::1:119
34.238.200.25
35.211.178.172
35.212.212.222
35.71.131.137
35.71.139.29
52.23.124.50
69.173.151.100
82.145.213.8
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
12f58a6c985f4b7e06e433fa7bdb7574d12ed5365eed4a09a11f357ad5009745
14af47320898bd93f367026f7833c9956f14e24856976e4f9e10be31155cdcf2
1f5f85c03b32c29914eb1d136fcfea793078788bce67c236dbdcf57f997e6b70
1fef7a46a32609d5704fa770e930a73ecefd399e367bf8a2d0b6e18292126bef
21a9753c3327bf6348a1e76b45a2a620694f77283564c6728068467cf1b3868b
26f87df80e0735b6d6b169750f0ee403336c537cbc7a51888cb9d449434cb4b8
29778a6252b89c79ad8a313692c3f4b8ff5e300c463858732f28da488dd2cc05
2bc62aebc064a2d24c9c50af2f85de93973592b120c9e1338f4fe298dfbe8759
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
314dc4f8e6bb8c083ba8f83aae6ca6d4179bb2b7dbc72da93b94cb4618022984
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
41c82b05d1d49502bb36ef4a13eecf58d5acefbd8306393bdb91b7c92bd20263
524160e936b37ca64801d1925674fa3482f398ee0a03af068ac4ad330167b15c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5f9b1ff62c52034a7a4b898bb7266d021792ce34b9f7567728f7802790be1b98
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
76f754050e2c29ed1ee0e170536af6dfb5b48721068bc9fe786633289b024272
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7b56f1d4b6f399e4623ec71f37458db77fe4970271423bfef6af4db8c226062b
824abe8ccb9461f6aea71d2cc78e9b492c94cd51d2ecbee33e32422a865f2b92
8348fe66b515449f719cb7b8278e1c84009bdaa96e18981641bc1e77d9e4cf1a
83553d22ccd56e5576d544f6ba93475c712b3c02d312893eea2acc16de5fcf91
8a24084ac1fcc4e9208164d9e873058152b500311363d1e0da43a8dc8e7725c6
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
926d1ab3abf48cf01377caf6adbed8c8a5e9dd1726e174c945af41137661404d
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
988266210d0f78295cba457cf53a9d9b47c8197967b58d6b4ad00612adbf32b7
9a7d00291b90b8045d042a9a713a9cceba928a35c18c99d1eeea2ca14c09614d
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
bec20adaf53a0573ead4dd69e2360e7a78341073cceb950949a64d60ef0a67e1
bf21c724b364a68ffa3299baa6f6014254ae6c51441f24dc2f0b818d6ad25d6f
c1c31f7d4353ff4d56fb959ef2d806df8710fa27a4b085a4675a3c60047e946c
c2a74bed0a7101fa4538a22c2fd1d674f29609c86c0a081d1648e40b9938d70c
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccff49c86ee1937dd371734a05307e1abc057b3c255587ed918e47b1cf728d93
cfd827cefb683f31d3f80a74d6c79a9b131297b855a5be4b629aca982b71c410
d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3
d9ff36d920672b4076a5d58283d7a4332d094bbfcb2a8c146bc9311150e5c43c
dd7b97c7ad9d7b3eb79bdc728bcbc6a7ab8e3d5db0421fb0dd16d34f3dc88277
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef50566433d77b03788e0712aae7c261ec83ad89529e81e89934e8b013a0f50f
f3bb8b08d88d8c2aecdcc22d44304bb5011631ed25f7b92ef36e834392cd227b
f918adfae4672ad3160e57cc94881753f1c4ee02c9f7e3f569c17b4c8109594a
fbc199bf7f97061c41664b040e84616a0cb54441a2efc5801d5d401d3a049f3c