secure.harrelsonscbd.com
Open in
urlscan Pro
54.90.27.86
Public Scan
Submitted URL: http://harrelsonscbd.com/
Effective URL: https://secure.harrelsonscbd.com/
Submission: On March 03 via manual from US — Scanned from DE
Effective URL: https://secure.harrelsonscbd.com/
Submission: On March 03 via manual from US — Scanned from DE
Summary
This website contacted 21 IPs
in 4 countries
across 16 domains to perform 62 HTTP transactions.
The main IP is 54.90.27.86, located in
Ashburn, United States and
belongs to AMAZON-AES, US.
The main domain is secure.harrelsonscbd.com.
TLS certificate: Issued by GoGetSSL RSA DV CA on September 20th 2022. Valid for: a year.
This is the only time secure.harrelsonscbd.com was scanned on urlscan.io!
TLS certificate: Issued by GoGetSSL RSA DV CA on September 20th 2022. Valid for: a year.
This is the only time secure.harrelsonscbd.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
1
52.44.126.30
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-126-30.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-126-30.compute-1.amazonaws.com
| harrelsonscbd.com |
31
54.90.27.86
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-90-27-86.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-90-27-86.compute-1.amazonaws.com
| secure.harrelsonscbd.com |
1
13.225.78.54
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-54.fra2.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-54.fra2.r.cloudfront.net
| ihrlwowx.harrelsonsown.com |
1
2a00:1450:4001:82a::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
3
3.228.163.199
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-163-199.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-163-199.compute-1.amazonaws.com
| rdcdn.com |
3
13.225.84.88
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-88.fra2.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-88.fra2.r.cloudfront.net
| d1ivessx0501rh.cloudfront.net |
2
2a03:2880:f01c:8012:face:b00c:0:3
(Frankfurt am Main, Germany)
ASN32934 (FACEBOOK, US)
ASN32934 (FACEBOOK, US)
| connect.facebook.net |
5
35.227.244.1
(Kansas City, United States)
ASN15169 (GOOGLE, US)
PTR: 1.244.227.35.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 1.244.227.35.bc.googleusercontent.com
| shop.pe | |
| app.shop.pe |
3
52.222.139.82
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-82.ams50.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-82.ams50.r.cloudfront.net
| d3rr3d0n31t48m.cloudfront.net |
1
52.222.139.33
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-33.ams50.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-33.ams50.r.cloudfront.net
| pix.pub |
2
2a03:2880:f177:83:face:b00c:0:25de
(Frankfurt am Main, Germany)
ASN32934 (FACEBOOK, US)
ASN32934 (FACEBOOK, US)
| www.facebook.com |
1
52.216.106.244
(Ashburn, United States)
ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
| addshoppers.s3.amazonaws.com |
1
35.190.54.17
(Kansas City, United States)
ASN15169 (GOOGLE, US)
PTR: 17.54.190.35.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 17.54.190.35.bc.googleusercontent.com
| shopper.shop.pe |
1
99.83.128.14
(United States)
ASN16509 (AMAZON-02, US)
PTR: a954c1fc80b8251dc.awsglobalaccelerator.com
ASN16509 (AMAZON-02, US)
PTR: a954c1fc80b8251dc.awsglobalaccelerator.com
| nytrng.com |
1
64.185.227.155
(United States)
ASN18450 (WEBNX, US)
PTR: 64-185-227-155.static.webnx.com
ASN18450 (WEBNX, US)
PTR: 64-185-227-155.static.webnx.com
| api.ipify.org |
1
52.222.139.71
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-71.ams50.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-71.ams50.r.cloudfront.net
| cdn.nytrng.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 32 |
harrelsonscbd.com
1 redirects
harrelsonscbd.com secure.harrelsonscbd.com |
1 MB |
| 6 |
shop.pe
1 redirects
shop.pe — Cisco Umbrella Rank: 10514 shopper.shop.pe — Cisco Umbrella Rank: 12746 app.shop.pe — Cisco Umbrella Rank: 12860 |
11 KB |
| 6 |
cloudfront.net
d1ivessx0501rh.cloudfront.net d3rr3d0n31t48m.cloudfront.net |
268 KB |
| 4 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 105 graph.facebook.com |
611 B |
| 3 |
rdcdn.com
2 redirects
rdcdn.com — Cisco Umbrella Rank: 47380 |
772 B |
| 2 |
nytrng.com
nytrng.com — Cisco Umbrella Rank: 7010 cdn.nytrng.com — Cisco Umbrella Rank: 23496 |
845 B |
| 2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 151 |
136 KB |
| 2 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30 |
20 KB |
| 2 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 36 ajax.googleapis.com — Cisco Umbrella Rank: 306 |
34 KB |
| 1 |
ipify.org
api.ipify.org — Cisco Umbrella Rank: 2682 |
116 B |
| 1 |
amazonaws.com
addshoppers.s3.amazonaws.com — Cisco Umbrella Rank: 15556 |
973 B |
| 1 |
pix.pub
pix.pub — Cisco Umbrella Rank: 3719 |
411 B |
| 1 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 77 |
352 B |
| 1 |
gstatic.com
fonts.gstatic.com |
8 KB |
| 1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 44 |
44 KB |
| 1 |
harrelsonsown.com
ihrlwowx.harrelsonsown.com |
228 B |
| 62 | 16 |
| Domain | Requested by | |
|---|---|---|
| 31 | secure.harrelsonscbd.com |
secure.harrelsonscbd.com
|
| 4 | shop.pe |
1 redirects
d3rr3d0n31t48m.cloudfront.net
shopper.shop.pe |
| 3 | d3rr3d0n31t48m.cloudfront.net |
shop.pe
|
| 3 | d1ivessx0501rh.cloudfront.net |
secure.harrelsonscbd.com
|
| 3 | rdcdn.com |
2 redirects
secure.harrelsonscbd.com
|
| 2 | graph.facebook.com |
secure.harrelsonscbd.com
|
| 2 | www.facebook.com | |
| 2 | connect.facebook.net |
secure.harrelsonscbd.com
connect.facebook.net |
| 2 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
| 1 | cdn.nytrng.com |
nytrng.com
|
| 1 | api.ipify.org |
secure.harrelsonscbd.com
|
| 1 | nytrng.com |
d3rr3d0n31t48m.cloudfront.net
|
| 1 | app.shop.pe |
d3rr3d0n31t48m.cloudfront.net
|
| 1 | shopper.shop.pe |
shop.pe
|
| 1 | addshoppers.s3.amazonaws.com |
d3rr3d0n31t48m.cloudfront.net
|
| 1 | pix.pub | |
| 1 | stats.g.doubleclick.net |
www.google-analytics.com
|
| 1 | fonts.gstatic.com |
fonts.googleapis.com
|
| 1 | ajax.googleapis.com |
secure.harrelsonscbd.com
|
| 1 | www.googletagmanager.com |
secure.harrelsonscbd.com
|
| 1 | ihrlwowx.harrelsonsown.com |
secure.harrelsonscbd.com
|
| 1 | fonts.googleapis.com |
secure.harrelsonscbd.com
|
| 1 | harrelsonscbd.com | 1 redirects |
| 62 | 23 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.google.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| harrelsonscbd.com GoGetSSL RSA DV CA |
2022-09-20 - 2023-08-23 |
a year | crt.sh |
| upload.video.google.com GTS CA 1C3 |
2023-02-08 - 2023-05-03 |
3 months | crt.sh |
| ihrlwowx.harrelsonsown.com R3 |
2022-12-22 - 2023-03-22 |
3 months | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2023-02-08 - 2023-05-03 |
3 months | crt.sh |
| *.gstatic.com GTS CA 1C3 |
2023-02-08 - 2023-05-03 |
3 months | crt.sh |
| *.cloudfront.net Amazon RSA 2048 M01 |
2022-12-08 - 2023-12-07 |
a year | crt.sh |
| *.g.doubleclick.net GTS CA 1C3 |
2023-02-08 - 2023-05-03 |
3 months | crt.sh |
| *.facebook.com DigiCert SHA2 High Assurance Server CA |
2023-01-10 - 2023-03-11 |
2 months | crt.sh |
| pix.pub Amazon RSA 2048 M01 |
2023-02-21 - 2024-01-09 |
a year | crt.sh |
| *.shop.pe RapidSSL Global TLS RSA4096 SHA256 2022 CA1 |
2022-08-10 - 2023-08-10 |
a year | crt.sh |
| *.s3.amazonaws.com Amazon |
2022-09-21 - 2023-08-26 |
a year | crt.sh |
| nytrng.com Amazon RSA 2048 M01 |
2023-02-07 - 2023-05-23 |
3 months | crt.sh |
| *.ipify.org Sectigo RSA Domain Validation Secure Server CA |
2023-02-07 - 2024-02-18 |
a year | crt.sh |
| *.nytrng.com Amazon RSA 2048 M01 |
2023-02-22 - 2023-10-13 |
8 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://secure.harrelsonscbd.com/
Frame ID: 777825719A9F23DD9128783774657A96
Requests: 58 HTTP requests in this frame
Frame:
https://secure.harrelsonscbd.com/krtrk/click_2018_px.php?u=y%3D%3DAVMVVQGVER9IXZ2JWYmsmc0J3a9gGdhB3bm8SbvNmLkJ2Yz52bzxWZyJXYo5SZyV3YlN3LvE0MlMHc0RHa9U3dmIzMul2VDdTJul2Z1xGctw2Yh5WLsFmbyVGdul2Q3USahpGall2ZmV2bo9mZvp2blFGciJmamN2Zk1mYmpGatN0NlIXZ3VWa21iZkBXLsFmbyVGdul2Q3UCMwITMDdTJwAjMxM0NlADM2EzQ3UCNyM0NlYzMuczM18SayFmZhNHMyUyN3EjLxgDN14CMuATMx8SZt9mcoNGMyUSOyUybrNWZnBjMlU2apxGMyUyQyUCbtRHarhjMlAjMlYzMuczM18CdptmYldXZsBHchBjMlkjMlQjN4BjMlI0MlQjNul2dwITJCNTJw4CMxAjMlQnbwITJzd3bk5Wa3hjMlAjMlAjL18SYsxWa69Wb9MHcmZCM9YHcmZiJ9A3Y
Frame ID: 43DBC28D2A61E60FD63C443E81DA719C
Requests: 1 HTTP requests in this frame
Frame:
https://nytrng.com/iframe?vcp=4dd5h0np&as_id=45a5d777a30a4022a1aa50f53bf9506e
Frame ID: 23A714F00CCFB686188D71FF3A08869C
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
Harrelson's Own | Pain-Relieving Roll-OnPage URL History Show full URLs
-
http://harrelsonscbd.com/
HTTP 302
https://secure.harrelsonscbd.com/ Page URL
Detected technologies
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Facebook
(Widgets)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Font API
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagmanager\.com/gtag/js
Modernizr
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
URL: http://www.google.com/privacy_ads.html
Title: Google advertising opt-out page
Title: Google advertising opt-out page
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://harrelsonscbd.com/
HTTP 302
https://secure.harrelsonscbd.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 35- https://rdcdn.com/rt?aid=19332&e=1&img=1 HTTP 302
- https://rdcdn.com/eow HTTP 302
- https://rdcdn.com/images/blank.gif
- https://shop.pe/widget/widget_async.js HTTP 301
- https://d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
62 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
secure.harrelsonscbd.com/ Redirect Chain
|
43 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
base.css
secure.harrelsonscbd.com/css/ |
37 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
layout.css
secure.harrelsonscbd.com/css/ |
9 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.min.css
secure.harrelsonscbd.com/css/ |
16 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fonts.css
secure.harrelsonscbd.com/css/ |
9 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
main_fam.css
secure.harrelsonscbd.com/css/ |
64 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
1 KB 851 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
script.js
ihrlwowx.harrelsonsown.com/ |
0 228 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
modernizr.js
secure.harrelsonscbd.com/js/ |
47 KB 48 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
112 KB 44 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
hdr_brett_wo_bottle.png
secure.harrelsonscbd.com/images/ |
358 KB 359 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
logo_hdr_cbd_lrg.png
secure.harrelsonscbd.com/images/ |
28 KB 28 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
meet_brett_nobottle.jpg
secure.harrelsonscbd.com/images/ |
44 KB 44 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rollon_500x500.jpg
secure.harrelsonscbd.com/images/ |
10 KB 11 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
eurofins_building_n_logo_full.jpg
secure.harrelsonscbd.com/images/ |
43 KB 44 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
eurofins_building_n_logo.jpg
secure.harrelsonscbd.com/images/ |
34 KB 35 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
thirdparty_lab.jpg
secure.harrelsonscbd.com/images/ |
34 KB 34 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
eurofins_play.png
secure.harrelsonscbd.com/images/ |
12 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
guarantee_seal.jpg
secure.harrelsonscbd.com/images/ |
35 KB 36 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ |
90 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.min.js
secure.harrelsonscbd.com/js/ |
8 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.flexnav-min.js
secure.harrelsonscbd.com/js/ |
1014 B 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
plugins.js
secure.harrelsonscbd.com/js/ |
990 B 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
script.js
secure.harrelsonscbd.com/js/ |
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
helper.js
secure.harrelsonscbd.com/js/ |
9 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
MAPharrelsons_v3.0.js
secure.harrelsonscbd.com/eScripts/ |
35 KB 35 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
videoSpeedTest.php
secure.harrelsonscbd.com/eScripts/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
735440fb-3c21-44c6-a8fc-d881eb1f0ee0.woff2
secure.harrelsonscbd.com/fonts/ |
18 KB 18 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
6f1146c0-9c0b-4949-866d-9affc396531f.woff2
secure.harrelsonscbd.com/fonts/ |
18 KB 19 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
4cadb55f-822a-4a35-8918-becfc5a866a3.woff2
secure.harrelsonscbd.com/fonts/ |
19 KB 20 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pxiByp8kv8JHgFVrLFj_Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
abe9daef-72eb-45cc-a93a-7d6285130117.woff2
secure.harrelsonscbd.com/fonts/ |
17 KB 18 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
kentucky_bg.jpg
secure.harrelsonscbd.com/images/ |
169 KB 170 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
e2726b32-fedc-4803-806a-a029c705ad22.woff2
secure.harrelsonscbd.com/fonts/ |
18 KB 19 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
click_2018_js.php
secure.harrelsonscbd.com/krtrk/ |
6 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
blank.gif
rdcdn.com/images/ Redirect Chain
|
42 B 198 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
speedtest72K_1.jpg
d1ivessx0501rh.cloudfront.net/ |
71 KB 72 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
www.google-analytics.com/j/ |
2 B 213 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
click_2018_px.php
secure.harrelsonscbd.com/krtrk/ Frame 43DB |
233 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 352 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
speedtest72K_2.jpg
d1ivessx0501rh.cloudfront.net/ |
70 KB 71 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
speedtest72K_3.jpg
d1ivessx0501rh.cloudfront.net/ |
72 KB 72 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
107 KB 28 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
widget_async.js
d3rr3d0n31t48m.cloudfront.net/widget/ Redirect Chain
|
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
t.png
pix.pub/ |
68 B 411 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1578621982520393
connect.facebook.net/signals/config/ |
377 KB 108 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
triggerRunner.js
d3rr3d0n31t48m.cloudfront.net/widget/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.facebook.com/tr/ |
0 185 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
widget.js
d3rr3d0n31t48m.cloudfront.net/widget/ |
185 KB 48 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
params
shop.pe/widget/main/init/ |
260 B 759 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
params
shop.pe/widget/main/init/ |
1019 B 619 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ec166aa183594d3f847a834dece15750.js
addshoppers.s3.amazonaws.com/customize/62bdee336d4ae704d38cf770/ |
865 B 973 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
input.js
shopper.shop.pe/ |
26 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
status
app.shop.pe/app/datapartners/ |
34 B 509 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
HEAD H3 |
consent
shop.pe/query/datareg/ |
0 25 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
iframe
nytrng.com/ Frame 23A7 |
423 B 515 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
api.ipify.org/ |
21 B 116 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pl.2.2.min.js
cdn.nytrng.com/ Frame 23A7 |
0 330 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.facebook.com/tr/ |
0 54 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
events
graph.facebook.com/v13.0/1578621982520393/ |
101 B 372 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H2 |
events
graph.facebook.com/v13.0/1578621982520393/ Frame |
0 0 |
Preflight
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
173 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 boolean| credentialless object| html5 object| Modernizr function| gtag object| dataLayer function| $ function| jQuery function| log object| jQuery191026421918041934367 object| MBP object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| W3T function| refMatchCp function| debug_RefMatch string| AFFILIATE_IF_BLANK boolean| NEW_AFFILIATE_OVERWRITES number| days2expire string| disabledCodes string| disabledpage number| index1 string| banner object| idnum string| pid object| tmp object| xm1 object| coupon_code string| testing function| getArgsWithMatchingKeys function| getAllUrlParams function| is_object function| actionTrack function| Get_Parm function| SetCookieV5 function| SetCookie function| SimpleCookie function| GetCookie function| DeleteCookie function| SimplePopUnder function| varIsDefined function| affiliate2form function| Get_Parm_Normal function| bestReferer boolean| didMapPixel function| MAP_pixel function| mdalert function| bestCampaignId function| _bestSubid function| _bestCP function| getParamV6 function| currentAndNewCampaignId function| valueOrBlank function| defaultCpByReferrer function| trackLead function| topLevelCookie function| cookieOverwrittenMyafId function| addClickPathDatum function| do_facebook_sitetraffic function| do_facebook_conversionApi function| do_broadbeam_sitetraffic function| do_iheartmedia_sitetraffic function| do_leadPost_sitetraffic function| do_addShopper_sitetraffic function| do_tvScientific_sitetraffic number| offset string| SCH number| end string| speedTest_image number| speedTest_size number| speedTest_byte_overhead number| speedTest_connection_overhead function| SpeedTest string| _st_cname function| _parrotMyIp function| doSpeedTest function| recursiveSpeedTest function| stdSpeedTestFinish function| debuglog function| std_goLow function| _setSpeedTestCookie function| updateVideosServed function| lowspeed_video_url string| MY_IP string| b number| mgt number| gwc function| checkCookie function| playVidsMain function| ingScrollWidth function| closevid function| vidsPause function| guaranteeMove function| fimMove function| findWide function| widthPlusOffsetLeft number| lastSpeedtestNum object| gaplugins object| gaGlobal object| gaData string| g string| h function| _fp1 function| _fp2 function| _fp3 function| _fp4 function| _fp5 function| _fp6 function| _fp7 function| _fp8 function| _fp9 function| _fp10 function| _fp11 function| _fp12 function| _fp13 function| fps function| nC function| fpe function| fpv object| _mm boolean| _debugOn string| d number| startedMS function| _dbtxt function| doTracking function| isObject function| setvar function| trackAfterW3ca string| MNM_pixel string| _my_args string| ua boolean| opera boolean| ie boolean| iemac number| moz string| os object| w3ca boolean| w3cl string| t string| a boolean| isFirst object| plugin string| c number| calcedSpeed function| fbq function| _fbq object| AddShoppersWidgetOptions object| AddShoppersLoader function| AddShoppersTriggerRunner function| as_cleanse_field function| as_detect_cc function| as_gaPageView function| as_gaSocial function| as_gaEvent function| as_gaSet function| as_logMessage function| DataPartnerStatusGeo function| as_logError object| _mag object| AddShoppersWidget function| AddShoppersWidget_plus_one object| SchemaParser object| _add number| ieVer object| obj number| AddShoppersWidgetLoaded object| AddShoppersWidgetLang object| result boolean| is_mocked object| fbBody19 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .harrelsonscbd.com/ | Name: _nuab Value: 1 |
|
| .harrelsonscbd.com/ | Name: abver Value: DEFAULT |
|
| .harrelsonscbd.com/ | Name: _mvl Value: 1 |
|
| .harrelsonscbd.com/ | Name: _mvs Value: 1 |
|
| secure.harrelsonscbd.com/ | Name: mainVid Value: hdr_vid |
|
| .harrelsonscbd.com/ | Name: _ga Value: GA1.2.180902150.1677868382 |
|
| .harrelsonscbd.com/ | Name: _gid Value: GA1.2.52420090.1677868382 |
|
| .harrelsonscbd.com/ | Name: _gat_gtag_UA_155867869_1 Value: 1 |
|
| secure.harrelsonscbd.com/ | Name: AWSALB Value: wzG+nIUSRJ7EDKX74Hkat5ibqD+mmSSGGKOemcH6LFaCv7fFAWaZfV+jgEPp8dlysSM9m2anM7FEIQw6aPHaNH4JKoGb7pBOi7yGfNJcUsD68TQ9a4PixgzA4kY2 |
|
| secure.harrelsonscbd.com/ | Name: AWSALBCORS Value: wzG+nIUSRJ7EDKX74Hkat5ibqD+mmSSGGKOemcH6LFaCv7fFAWaZfV+jgEPp8dlysSM9m2anM7FEIQw6aPHaNH4JKoGb7pBOi7yGfNJcUsD68TQ9a4PixgzA4kY2 |
|
| .harrelsonscbd.com/ | Name: ME_CLICKID Value: 202303-11583 |
|
| .harrelsonscbd.com/ | Name: ME_CAMPAIGN Value: 99%40MNM |
|
| rdcdn.com/ | Name: aid Value: 19332 |
|
| rdcdn.com/ | Name: ref Value: https://secure.harrelsonscbd.com/ |
|
| rdcdn.com/ | Name: img Value: http://rdcdn.com/rt?aid=19332&e=1&img=1 |
|
| secure.harrelsonscbd.com/ | Name: _w3c_spip Value: 172.31.8.7%203925.386 |
|
| .harrelsonscbd.com/ | Name: _fbp Value: fb.1.1677868383290.1027278111 |
|
| shop.pe/ | Name: addshoppers Value: "2|1:0|10:1677868383|11:addshoppers|44:NDVhNWQ3NzdhMzBhNDAyMmExYWE1MGY1M2JmOTUwNmU=|c1182e6725758d779b853b821dc57a1fc889d0541f3f84f9fbe2ad5a9bce2f3b" |
|
| secure.harrelsonscbd.com/ | Name: addshoppers.com Value: 2%7C1%3A0%7C10%3A1677868383%7C15%3Aaddshoppers.com%7C44%3ANDVhNWQ3NzdhMzBhNDAyMmExYWE1MGY1M2JmOTUwNmU%3D%7Cabc4998da97d97a9debe80df967e977115639cb72d881df05ff14872b303cd51 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
addshoppers.s3.amazonaws.com
ajax.googleapis.com
api.ipify.org
app.shop.pe
cdn.nytrng.com
connect.facebook.net
d1ivessx0501rh.cloudfront.net
d3rr3d0n31t48m.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
graph.facebook.com
harrelsonscbd.com
ihrlwowx.harrelsonsown.com
nytrng.com
pix.pub
rdcdn.com
secure.harrelsonscbd.com
shop.pe
shopper.shop.pe
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
13.225.78.54
13.225.84.88
2a00:1450:4001:82a::2008
2a00:1450:400d:802::200a
2a00:1450:400d:802::200e
2a00:1450:400d:808::2003
2a00:1450:400d:80a::200a
2a00:1450:4025:401::9c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f083:10e:face:b00c:0:2
2a03:2880:f177:83:face:b00c:0:25de
3.228.163.199
35.190.54.17
35.227.244.1
52.216.106.244
52.222.139.33
52.222.139.71
52.222.139.82
52.44.126.30
54.90.27.86
64.185.227.155
99.83.128.14
0ad8c7c2dcca9c517495ec6eff54fa32b3fbf39cc27e65807936d8b87f8d98ba
0fca0294cfaf24a4db0852415eee7bcdea7b9766d59e443fb2d5f0c77eb23363
131ee8e0200b48174dce191e3feff6619c0a77e624d734239344b0bc83d6dae0
1f230e188381cfe797c766fdee42d9f703a8622a5c68f1a89fa1e0eca4bee3b4
21dbd90119d3def6c42da4da8db80672b7cd791ff63633bcfd9a476a092e6f67
2a95a825ebe5efa89880987ff36651b2337eec8c91a8f4b87a04d8388b673a6c
2d4f1d91ec0df779cbfba31a7a112008d8fd05c49631b940ba11e8de56a1f1ea
347e69da87a0888294d78bf35ef8b01b34bc3d1db27c721b14505f556bba2ca5
3f4f5f1848bc4c8e64dfd3732c6698a36d268d50bf0a603a8a68a741e7646775
4117d86fa65dac3ea5ecf21fd4576a51577ecd297c03646b6a8005f27d6247f6
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4f3b5a231c6a3fcbe7f4480270b45a7706cc354aebbad3e0d93559833d63b805
5260ec9a9c128eb081dc9d85fd8d42e9c1eb06e367716869701dfd0a0ab33f48
528a83433a4ea2b2bb83560dd1f5fc9b5d584bf7d6eb642d5488a4e0540e3d45
5466763d0e91922664bc2a5bf4a0c3ffa426ffb867dd389b741f21099c77ede9
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a0c56ba6d92328b80ab774c76db3d47cf6742e28afcd73d810997c0c6c6235f
5cf5942617b084a4420112890bdae543703def19dfe14fbf4ab5ccffbf6d9732
62b68f3ac148dfa65c5817b1318eb074c5b1b391646e893e132cc6327e191cbe
634fa5142c6576b0632e03430d07f17f0604ead812aa8c42d75932de0697a80c
6a71bb992c1b1557f9d43b14961820a63b84290d2c101b88272dc474309bcdbc
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c1852f53fa9e860940d03841eba9beeb199fd5c4006704014444fea5889dc9d
6f0c572590421075878908e0b380c5a6d404f72aa7d6d125385943be658f8399
707d97fb1a7b246c676bc882e41da46a35d540bdb7a5c2c238c99d7920d77b6c
7252a79ab9b6f1516ecd737ce450457c11dd8ec501681daefa476b46c6a0d070
7b0968a41270dafbe4c5cd498ba40dbe992638297679a862332007eef6a7d08e
7c2e59cb5eac0c8dfba77606c2a15e56c7f3f76295a2703fc4acb6e9ea60130e
7c33b67c429e9aa10298b3b8427de3599face997cfdb979de19e72d744695fb3
7ee2de6e1475e917f7b082d394afdcb2f1ba69bdfd3a2c1ff9996377a5079c98
86fd05369d4d7e07a7020e87cdb45eba06ffc270024b831b1696004707f87aac
8970068c0ba0df2ba2996a0f33ae87f66c2c938b57d33bab4fcc1509b0112f0b
89dc55b7f763433b24e0b6f17eb3109eaef4e539d13264fa56cf5f482618232f
8aca58d6eac903e55a194b00a6cfcbfe26be8592b9a80dd523f7bc9e015ac45e
8c022065a8ad6c029f7791de9ea76cbabfb6406f0a1235b26ced193ecdad90b0
8e2481bc8542c34d2f07800a6afb57dcda4cd065799aad97d7b383e94858a6a5
949dc245425e18ba4c937ddc172abce52fbaf1c512e3aa564a17ffe4ead91f4f
94b41932fed0763dda98c95f42d268760494a1a4bb29657157eb9369101cc1f0
a6db907a7ac399d7e920de4ac4b4a92808542039ba32dc6758637bffb413d56d
a7b680c5d776d2587e7f44c60c5c81b6b709342ff02c6b1ea92d5c16a4bb304e
aa19ce2ab330f611f5c84fde2b7f92cba271b0f22234f82ad24b5f4f5e447991
b2fa03041b1dae4d65071dc1c17ec8e764b56538a02ba1caa8b1bf70a755ff0b
b36a1b1b6ea154385a8aab65ba7abee1f3608720c26f6bfdf2546c06e89a939b
b4435b5ac2f1916ed1135fb1738a1cef87cb666f4356a6678fb1c77e1273f9e1
b674e6357766bc17f8e81d66cbada186d75eb2413b24b8b613a3b9c62e8f6c39
bc1f719ad8a9fb36c5f164463ae53ad79a27e84143b027da42c6ee08021ff399
be46811e1b8d57c9de0c9c8423d55e230e1ad40f7c2dd36b11942f6fb4c4256c
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c8087805cf92e1befa92850ad88446d9f8fc3edf059c6aed2c4d175a034b1621
c8569d70e399e53a5390312dc85f31c52866df7209e3bc1415b3166395358b6f
d3b2fb1710626ef41cc00a18b874d694bf96a57661ac754a38892012dc443714
d6953ddaa99ce129bed64124ac90fa0ea3f023093af188f1711401971e444849
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea6e88d6c59dc58891d452e5f6143c9a79661d4c47101713afe425d8722b10da
f9c4d1aa8cda6e90c0dcb65ecfdc56da67a53a667de5d29931028fbe80d31cef
fec3d7462f3ef3676bb4ca67db7a65a3fed57774cc50ca4c23c4b2a7cc4a2104